On 2025-09-23 12:19, Dag-Erling Smørgrav wrote:
Paul Eggert via tz <tz@iana.org> writes:
(By the way, offtime_r is not documented in FreeBSD, so is it present only as a compatibility hack there?)
I held off on documenting it after you rejected the patch.
Might not hurt to keep holding off until we finish this chat....
FreeBSD's current behavior seems more useful to me than what the C standard mandates. I realize it's easier said than done, but I would prefer at least trying to get the standard changed instead.
Changed to what, though? FreeBSD gmtime and localtime return pointers to malloc'ed storage that might be freed before their callers use the pointers, leading to undefined behavior. (This cannot happen on platforms that conform to ISO C and POSIX.) If a change is proposed to ISO C and POSIX, this issue should be mentioned and taken into account in the wording. To see the issue I'm talking about, compile and run the attached stress test. Since it has undefined behavior on FreeBSD due to accessing freed memory, I compiled it on a CheriBSD (FreeBSD 15) platform with "cc -march=morello -mabi=purecap gmt3.c -lpthread". The stress test failed with "In-address space security exception (core dumped)"; gdb reports that the failure occurs in eqtm because its first pointer A is invalid. The stress test trivially succeeds on GNU/Linux, which conforms to ISO C and POSIX and which therefore does not attempt to free struct tm objects dynamically (indeed, eqtm's two arguments are always the same pointer). Regardless of whether ISO C and POSIX are changed, the current FreeBSD behavior (assuming it's still wanted) should be covered in its man pages so that FreeBSD's conflict with the current standards is documented.
An earlier version of this patch was posted here and rejected in 2021: https://mm.icann.org/pipermail/tz/2021-September/030335.html
Thanks, I'll take a further look at that.