Dave Butenhof wrote:
What was important, and relevant, was to make the cleanup handlers (and TSD destructors) reliable by specifying the state of cancellation. The original INTENT of the working group had been that cancellation was disabled implicitly by delivery, and most code is written presuming that state. Making all cleanup handlers and destructors that don't explicitly disable cancel suddenly "non-conforming" wouldn't have been a particularly useful amendment.
Nobody's arguing against that. The point is that the clarification made it mandatory to implement these semantics via the equivalent of issuing a pthread_setcancelstate call at the cancellation point.
Before that, an implementation that used a separate "cleanup mode" flag (which has the advantage of not interfering with the client's cancelstate calls) was conforming. This was good, because - in my current opinion - this model makes more sense if the cleanup is allowed to not complete, as is the case in C++.
It's certainly questionable whether a cleanup handler (TSD destructor) that explicitly enables cancellation and calls a cancellation point should re-cancel itself... and if it does, whether it should re-invoke itself, so it might be argued that this clarification introduced a new problem instead of fixing the old.