On Fri, Jun 28, 2019 at 11:03:27AM +0100, Phillip Wood wrote: > > I considered that, too, but I think it is safe. stdio has its own > > locking, so every individual call is atomic. The potentially problematic > > case would be where we switch back from line buffering to no-buffering, > > and somebody else has written some content into our stack-based buffer > > (that is about to go out of scope!). But I'd assume that as part of the > > switch to no-buffering that any stdio implementation would flush out the > > buffer that it's detaching from (while under lock). Nothing else makes > > sense. > > The C standard section 7.19.5.6 says that > The setvbuf function may be used only after the stream pointed to by > a stream has been associated with an open file and before any other > operation (other than an unsuccessful call to setvbuf) is performed > on the stream. > > The is a note about the buffer that says > The buffer has to have a lifetime at least as great as the open > stream, so the stream should be closed before a buffer that has > automatic storage duration is deallocated upon block exit. > > So changing the buffer in the way that has been proposed is undefined > behavior on two counts I think. Oof, thanks for the reference. That is much less safe than I had imagined. We used to do this kind of setvbuf() munging in vreportf. Interestingly, it was in released versions for about 2 years, but I don't recall anybody complaining (we eventually reverted it to have more flexibility in sanitizing the results before writing them out). Anyway, I think we're all agreed that's the wrong approach here. -Peff
