Austin Group Defect Tracker

Aardvark Mark III


Viewing Issue Simple Details Jump to Notes ] Issue History ] Print ]
ID Category Severity Type Date Submitted Last Update
0000368 [1003.1(2008)/Issue 7] System Interfaces Objection Omission 2011-01-09 08:18 2011-01-13 16:55
Reporter Don Cragun View Status public  
Assigned To ajosey
Priority normal Resolution Accepted  
Status Resolved  
Name Don Cragun
Organization Self
User Reference Use of hidden file descriptors
Section 0
Page Number 0
Line Number 0
Interp Status ---
Final Accepted Text
Summary 0000368: Hidden file descriptors should be required to have the FD_CLOEXEC flag set and be closed when no longer needed.
Description The description of catopen() notes that systems may use a file
descriptor to implement message catalog descriptors and on P639,
L21694-21695 it explicitly states:
        If a file descriptor is used to implement message catalog
        descriptors, the FD_CLOEXEC flag shall be set; see <fcntl.h>.

Similarly, the catclose() description on P636, L21601-21602 explicitly
states:
        If a file descriptor is used to implement the type nl_catd,
        that file descriptor shall be closed.


There should be a similar requirement for all other "hidden" file
descriptors created by other library routines unless their descriptions
explicitly state that something else happens.

Note that this does not apply to STDIO streams; the fileno() function
keeps the underlying file descriptor created by fopen() and similar
functions from being "hidden".

The rationale for opendir() says that the FD_CLOEEC flag will be
set if a file descriptor is used by opendir(), but the normative
text does not state that requirement. The changes suggested below
make the normative text match the rationale.

The DESCRIPTION of <semaphore.h> says a file descriptor may be used
to implement a semaphore and the sem_open() function ERRORS section
lists an EMFILE (but not an ENFILE) error if too many file descriptors
are in use. Other than that, none of the sem_*() function descriptions
mention file descriptors (although sem_close() mentions that all
system resources allocated are freed and the exec family of functions
description says that sem_close() is called for all open named
semaphores). The changes proposed below also make it clear in
normative text that a semaphore may be implemented using a file
descriptor.
Desired Action
_Exit() and _exit():
        Add to the end of the bullet on P546, L18963-18964:
                All open unnamed semaphores in the calling process 
                shall be destroyed as if by appropriate calls to
                sem_destroy().

openlog() and syslog() as described in the closelog() description:
        Add at the end of the paragraph on P683, L23120:
                If a file descriptor is allocated, the FD_CLOEXEC
                flag shall be set; see <fcntl.h>.

        Change:
                No error are defined.
        in the ERRORS section on P684, L23134 to:
                The openlog() and syslog() functions may fail if:
                [EMFILE]        All file descriptors available to
                                the process are currently open.

                [ENFILE]        The maximum allowable number of
                                files is currently open in the
                                system.

        Change:
                XBD <syslog.h>
        in the SEE ALSO section on P684, L23170 to:
                XBD <fcntl.h>, <syslog.h>

gethostent() and sethostent() as described in the endhostent()
description:
        Add at the end of paragraph on P749, L25111:
                If a file descriptor is opened, the FD_CLOEXEC flag
                shall be set; see <fcntl.h>.

        Change:
                No errors are defined for endhostent(), gethostent(),
                and sethostent().
        in the ERRORS section on P748, L25123 to:
                The gethostent() and sethostent() functions may
                fail if:
                [EMFILE]        All file descriptors available to
                                the process are currently open.

                [ENFILE]        The maximum allowable number of
                                files is currently open in the
                                system.

        Change:
                XBD <netdb.h>
        in the SEE ALSO section on P749, L25135 to:
                XBD <fcntl.h>, <netdb.h>


getnetbyaddr(), getnetbyname(), getnetent(), and setnetent() as
described in the endnetent() description:
        Add at the end of the paragraph on P751, L25156:
                If a file descriptor is used, the FD_CLOEXEC flag
                shall be set; see <fcntl.h>.

        Change:
                No errors are defined.
        in the ERRORS section on P751, L25177 to:
                The getnetbyaddr(), getnetbyname(), getnetent(),
                and setnetent() functions may fail if:
                [EMFILE]        All file descriptors available to
                                the process are currently open.

                [ENFILE]        The maximum allowable number of
                                files is currently open in the
                                system.

        Change:
                XBD <netdb.h>
        in the SEE ALSO section on P752, L25188 to:
                XBD <fcntl.h>, <netdb.h>

getprotobyname(), getprotobynumber(), getprotoent() and setprotoent()
as described in the endprotoent() description:
        Add at the end of the paragraph on P753, L25211:
                If a file descriptor is used, the FD_CLOEXEC flag
                shall be set; see <fcntl.h>.

        Change:
                No errors are defined.
        in the ERRORS section on P753, L25232 to:
                The getprotobyname(), getprotobynumber(), getprotoent()
                and setprotoent() functions may fail if:
                [EMFILE]        All file descriptors available to
                                the process are currently open.

                [ENFILE]        The maximum allowable number of
                                files is currently open in the
                                system.
        Change:
                XBD <netdb.h>
        in the SEE ALSO section on P754, L25243 to:
                XBD <fcntl.h>, <netdb.h>


getservbyname(), getservbyport(), getservent(), and setservent()
as described in the endservent() description:
        Add at the end of the paragraph on P758, L25341:
                If a file descriptor is used, the FD_CLOEXEC flag
                shall be set; see <fcntl.h>.

        Change:
                No errors are defined.
        in the ERRORS section on P758, L25364 to:
                The getservbyname(), getservbyport(), getservent(),
                and setservent() functions mail fail if:
                [EMFILE]        All file descriptors available to
                                the process are currently open.

                [ENFILE]        The maximum allowable number of
                                files is currently open in the
                                system.

        Change:
                XBD <netdf.h>
        in the SEE ALSO section on P759, L25378 to:
                XBD <fcntl.h>, <netdf.h>

exec:
        Add to the end of the paragraph on P774 L25793-25794 in the
        DESCRIPTION of the exec family of functions:
                Any unnamed semaphores open in the calling process
                shall be destroyed as if by calls to sem_destroy().


opendir():
        Add new paragraph after P823, L27477 in the DESCRIPTION on
        the fdopendir() page:
                If the type DIR is implemented using a file descriptor
                and a directory stream is opened by a successful
                call to opendir(), the FD_CLOEXEC flag shall be set
                on the file descriptor; see <fcntl.h>.

        Change:
                it behaves as if
        on P825, L27570 in the RATIONALE to:
                opendir() behaves as if

        Add to the end of the paragraph on P825, L27571:
                If fdopendir() is used to create a directory stream,
                it is unspecified whether the FD_CLOEXEC flag on
                the file descriptor specified by the <italic>fd</italic>
                argument is set or left unchanged.

        Change:
                <XBD <dirent.h>, <sys/types.h>
        on P826, L27591 in the SEE ALSO list to:
                <XBD <dirent.h>, <fcntl.h>, <sys/types.h>


ftw():
        Note that ftw() is currently marked OB.  These changes are
        needed only if the obsolescent ftw() function is not removed
        in the next revision.

        Add a new sentence in the middle of the paragraph on P964,
        L32276 before "When ftw() returns...":
                The FD_CLOEXEC flag (see <fcntl.h>) shall be set
                on any file descriptor <italic>ftw</italic>() uses
                not counting any opened by the user-supplied
                <italic>fn</italic> function.

        Add a new error to the mail fail ERRORS section after P965,
        L32305:
                [EMFILE]        All file descriptors available to
                                the process are currently open.

        Add a new error to the may fail ERRORS section after P965,
        L32309:
                [ENFILE]        The maximum allowable number of
                                files is currently open in the
                                system.

        Change:
                XBD <ftw.h>, <sys/stat.h>
        on P966, L32335 in the SEE ALSO section to:
                XBD <fcntl.h>, <ftw.h>, <sys/stat.h>

mq_close():
        Add new paragraph in the DESCRIPTION of mq_close() after
        P1321, L43438:
                If a message queue descriptor is implemented using
                a file descriptor, mq_close() shall close the file
                descriptor.

mq_open():
        Note that FD_CLOEXEC need not be specified for open files
        here because the description of the exec family of functions
        says that open message queues are closed as though mq_close()
        had been called.

        Change:
                message queues
        in the description of the ENFILE error in the ERRORS section
        on P1328, L43703 to:
                message queue descriptors or file descriptors


nftw():
        Add to the end of the paragraph in the DESCRIPTION of nftw()
        on P1370, L44926:
                The FD_CLOEXEC flag shall be set on any file
                descriptor opened by nftw() (see <fcntl.h>) not
                including those opened by the user-supplied
                <italic>fn</italic> function.  Every file descriptor
                opened by nftw() not including those opened by the
                user-supplied <italic>fn</italic> function shall
                be closed before nftw() returns.

        Change:
                XBD <ftw.h>
        in the SEE ALSO section on P1372, L45008 to:
                XBD <fcntl.h>, <ftw.h>

sem_close():
        Add:
                If the semaphore indicated by sem is implemented
                using a file descriptor, the file descriptor shall
                be closed.
        after the sentence ending with "by this process for this
        semaphore." in the sem_close() DESCRIPTION on P1812, L57894.

sem_destroy():
        Add a new sentence after the first sentence in the first
        paragraph of the DESCRIPTION of sem_destroy():
                If an unnamed semaphore is implemented using a file
                descriptor, the file descriptor shall be closed.

sem_init():
        Add a new sentence to the end of the paragraph on P1818,
        L58025:
                An unnamed semaphore may be implemented using a
                file descriptor.

        Add to the ERRORS section after P1818, L58045:
                The sem_init() function may fail if:

                [EMFILE]        All file descriptors available to
                                the process are currently open.

                [ENFILE]        The maximum allowable number of
                                files is currently open in the
                                system.

sem_open():
        Add a new sentence after the first sentence in the first
        paragraph of the DESCRIPTION of sem_open() on P1820, L58077:
                A named semaphore may be implemented using a file
                descriptor.

        Move the sem_open() EMFILE error from the "shall fail"
        ERRORS section on P1821, L58138-58139 to the "may fail"
        ERRORS section before P1821, L58147.

        Change sem_open() ERRORS:
                [ENFILE]        Too many semaphores are...
        on P1821, L58140 to:
                [ENFILE]        Too many semaphore descriptors or file
                                descriptors are...
        and move the changed definition from the "shall fail" ERRORS
        section to the "may fail" ERRORS section after P1821, L58152.
Tags issue8
Attached Files

- Relationships
related to 0000149Closedajosey Add fdwalk system interface 
related to 0000411Resolvedajosey adding atomic FD_CLOEXEC support 

-  Notes
(0000647)
Don Cragun (manager)
2011-01-09 08:32

Desired Action was edited in place to add missing change to _Exit() DESCRIPTION.

- Issue History
Date Modified Username Field Change
2011-01-09 08:18 Don Cragun New Issue
2011-01-09 08:18 Don Cragun Status New => Under Review
2011-01-09 08:18 Don Cragun Assigned To => ajosey
2011-01-09 08:18 Don Cragun Name => Don Cragun
2011-01-09 08:18 Don Cragun Organization => Self
2011-01-09 08:18 Don Cragun User Reference => Use of hidden file descriptors
2011-01-09 08:18 Don Cragun Section => 0
2011-01-09 08:18 Don Cragun Page Number => 0
2011-01-09 08:18 Don Cragun Line Number => 0
2011-01-09 08:18 Don Cragun Interp Status => ---
2011-01-09 08:32 Don Cragun Note Added: 0000647
2011-01-09 08:32 Don Cragun Desired Action Updated
2011-01-09 08:33 Don Cragun Desired Action Updated
2011-01-13 16:47 msbrown Relationship added related to 0000149
2011-01-13 16:54 msbrown Status Under Review => Resolved
2011-01-13 16:54 msbrown Resolution Open => Accepted
2011-01-13 16:54 msbrown Tag Attached: issue8
2011-01-13 16:55 Don Cragun Desired Action Updated
2011-01-13 20:22 tahonermann Issue Monitored: tahonermann
2011-04-20 17:03 eblake Relationship added related to 0000411


Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker