1.2 Standards and Portability

1.2.2 POSIX (The Portable Operating System Interface)

1.2.2.1 POSIX Safety Concepts

NOTE:

总结得非常好，这些是非常重要的概念

This manual documents various safety properties of GNU C Library functions, in lines that follow their prototypes and look like:

Preliminary: | MT-Safe | AS-Safe | AC-Safe |

The properties are assessed according to the criteria set forth(规定) in the POSIX standard for such safety contexts as Thread-, Async-Signal- and Async-Cancel- -Safety. Intuitive definitions of these properties, attempting to capture the meaning of the standard definitions, follow.

NOTE:

1、MT-Safe即Thread-Safety

2、Async-Signal-Safety即AS-Safe

3、AC-Safe即Async-Cancel-Safety

MT-Safe

MT-Safe or Thread-Safe functions are safe to call in the presence of other threads. MT, in MT-Safe, stands for Multi Thread.

AS-Safe

AS-Safe or Async-Signal-Safe functions are safe to call from asynchronous signal handlers. AS, in AS-Safe, stands for Asynchronous Signal.

Many functions that are AS-Safe may set errno(此errorno是全局的), or modify the floating-point environment, because their doing so does not make them unsuitable for use in signal handlers. However, programs could misbehave should asynchronous signal handlers modify this thread-local state, and the signal handling machinery cannot be counted on to preserve it. Therefore, signal handlers that call functions that may set errno or modify the floating-point environment must save their original values, and restore them before returning.

NOTE:

一、如果asynchronous signal handlers修改此 thread-local state，则程序可能会出错，并且无法依赖signal handling machinery(信号处理机制)来保留它；此处的thread-local state即指前面所指出的errno；最后一段话指出了如何做来处理这种情况；

二、上述给出了编写signal handler的原则: "save and restore-thread-local state"

AC-Safe

AC-Safe or Async-Cancel-Safe functions are safe to call when asynchronous cancellation is enabled. AC in AC-Safe stands for Asynchronous Cancellation.

The POSIX standard defines only three functions to be AC-Safe, namely pthread_cancel, pthread_setcancelstate, and pthread_setcanceltype. At present the GNU C Library provides no guarantees beyond these three functions, but does document which functions are presently AC-Safe. This documentation is provided for use by the GNU C Library developers.

Just like signal handlers, cancellation cleanup routines must configure the floating point environment they require. The routines cannot assume a floating point environment, particularly when asynchronous cancellation is enabled. If the configuration of the floating point environment cannot be performed atomically then it is also possible that the environment encountered is internally inconsistent.

MT-Unsafe, AS-Unsafe, AC-Unsafe

MT-Unsafe, AS-Unsafe, AC-Unsafe functions are not safe to call within the safety contexts described above. Calling them within such contexts invokes undefined behavior.

Functions not explicitly documented as safe in a safety context should be regarded as Unsafe.