Why does time_get::do_get require a valid pointer when none of the others do?
Marshall Clow

Created on 2019-09-09.00:00:00 last changed 9 months ago


Date: 2019-10-07.02:21:30

Proposed resolution:

This wording is relative to N4830.

  1. Modify [locale.time.get.virtuals] as indicated:

    iter_type do_get(iter_type s, iter_type end, ios_base& f,
                     ios_base::iostate& err, tm* t, char format, char modifier) const;

    -11- Requires: t shall point to an object.

    -12- Effects: […]

Date: 2019-10-07.02:21:30

[ 2019-10 Priority set to 3 after reflector discussion ]

Date: 2019-09-15.14:55:39

According to [locale.time.get.virtuals] p11:

Requires: t shall point to an object

[Note: In my "Mandates" paper, I changed this to "Expects: t points to an object"]

Nevertheless, it's odd, and inconsistent. time_get::get does not have any such stated requirement, and it calls do_get. None of the other "time" calls in time_get have such a (stated) requirement.

I believe that this requirement is redundant, that it is implied by the wording in P12 and P14.

P12: "or until it has extracted and assigned those struct tm members"

P14: "It is unspecified whether multiple calls to do_get() with the address of the same struct tm object will update the current contents of the object or simply overwrite its members."

If the pointer is invalid (null, or points to unmapped memory, say), you've got UB anyway.

All the other calls in [locale.time.get.virtuals] were from C++98. do_get_time was added in C++11, and p11 originally said "t shall be dereferenceable".

This was changed to "t shall point to an object" as part of the resolution of CWG issue 342

Date User Action Args
2019-10-07 02:21:30adminsetmessages: + msg10680
2019-09-15 11:52:14adminsetmessages: + msg10621
2019-09-09 00:00:00admincreate