Austin Group Defect Tracker

Aardvark Mark III


Viewing Issue Simple Details Jump to Notes ] Issue History ] Print ]
ID Category Severity Type Date Submitted Last Update
0000835 [1003.1(2013)/Issue7+TC1] System Interfaces Objection Clarification Requested 2014-04-24 11:50 2014-04-24 15:24
Reporter geoffclare View Status public  
Assigned To
Priority normal Resolution Accepted  
Status Resolved  
Name Geoff Clare
Organization The Open Group
User Reference
Section pipe
Page Number 1413
Line Number 46643
Interp Status ---
Final Accepted Text
Summary 0000835: file descriptor allocation by pipe() unclear
Description As discussed in the teleconference of 10th April 2014, it is unclear
whether the statement, "Their integer values shall be the two lowest
available at the time of the pipe() call" in the description of pipe()
implies that both file descriptors must be allocated in a single
atomic operation. The consensus was that this is not intended; each fd
allocation is atomic, but the two allocations performed by pipe()
could be performed before and after another allocation (or closure) in
a different thread or a signal handler.

A more general problem is that the usual "lowest available" text
used in the descriptions of several functions could be interpreted as
meaning that two calls made at precisely the same time from different
threads both allocate the same file descriptor, since it was the lowest
available at the time when the two calls were made.
Desired Action Add a new section 2.13 on page 546:
2.13 File Descriptor Allocation

All functions that open one or more file descriptors shall, unless specified otherwise, atomically allocate the lowest numbered available (that is, not already open in the calling process) file descriptor at the time of each allocation. Where a single function allocates two file descriptors (for example pipe() or socketpair()), the allocations may be independent and therefore applications should not expect them to have adjacent values or depend on which has the higher value.

At page 563 line 19500 section accept after:
... and allocate a new file descriptor for that socket.

add:
The file descriptor shall be allocated as described in [xref to new section 2.13].

At page 813 line 27229 section fcntl change:
Return a new file descriptor which shall be the lowest numbered available (that is, not already open) file descriptor greater than or equal to the third argument, arg, taken as an integer of type int.

to:
Return a new file descriptor which shall be allocated as described in [xref to new section 2.13] except that it shall be the lowest numbered available file descriptor greater than or equal to the third argument, arg, taken as an integer of type int.

At page 1391 line 45951 section open change:
... return a file descriptor for the named file that is the lowest file descriptor not currently open for that process.

to:
... return a file descriptor for the named file, allocated as described in [xref to new section 2.13].

At page 1394 line 46084 section open change:
representing the lowest numbered unused file descriptor

to:
representing the file descriptor

At page 1413 line 46643 section pipe change:
Their integer values shall be the two lowest available at the time of the pipe() call.

to:
The file descriptors shall be allocated as described in [xref to new section 2.13].

At page 1413 line 46657 section pipe change:
... otherwise, -1 shall be returned and errno set to indicate the error.

to:
... otherwise, -1 shall be returned and errno set to indicate the error, and no file descriptors shall be allocated.

At page 1433 line 47270 section posix_openpt change:
The file descriptor is used by other I/O functions that refer to that pseudo-terminal.

to:
The file descriptor shall be allocated as described in [xref to new section 2.13] and can be used by other I/O functions that refer to that pseudo-terminal.

At page 1433 line 47281 section posix_openpt change:
... shall open a master pseudo-terminal device and return a non-negative integer representing the lowest numbered unused file descriptor.

to:
... shall open a file descriptor for a master pseudo-terminal device and return a non-negative integer representing the file descriptor.

At page 1528 line 49729 section posix_typed_mem_open change:
The file descriptor is used by other functions to refer to that typed memory object.

to:
The file descriptor shall be allocated as described in [xref to new section 2.13] and can be used by other functions to refer to that typed memory object.

At page 1529 line 49773 section posix_typed_mem_open change:
... return a file descriptor for the typed memory object that is the lowest numbered file descriptor not currently open for that process.

to:
... return a file descriptor for the typed memory object.

At page 1529 line 49788 section posix_typed_mem_open change:
... return a non-negative integer representing the lowest numbered unused file descriptor.

to:
... return a non-negative integer representing the file descriptor.

At page 1913 line 61308 section shm_open change:
The file descriptor is used by other functions to refer to that shared memory object.

to:
The file descriptor shall be allocated as described in [xref to new section 2.13] and can be used by other functions to refer to that shared memory object.

At page 1913 line 61319 section shm_open change:
... return a file descriptor for the shared memory object that is the lowest numbered file descriptor not currently open for that process.

to:
... return a file descriptor for the shared memory object.

At page 1914 line 61358 section shm_open change:
... return a non-negative integer representing the lowest numbered unused file descriptor.

to:
... return a non-negative integer representing the file descriptor.

At page 1983 line 63518 section socket after:
... return a file descriptor that can be used in later function calls that operate on sockets.

add:
The file descriptor shall be allocated as described in [xref to new section 2.13].

At page 1985 line 63592 section socketpair after:
The file descriptors used in referencing the created sockets shall be returned in socket_vector[0] and socket_vector[1].

add:
The file descriptors shall be allocated as described in [xref to new section 2.13].

At page 1985 line 63619 section socketpair change:
... otherwise, -1 shall be returned and errno set to indicate the error.

to:
... otherwise, -1 shall be returned and errno set to indicate the error, and no file descriptors shall be allocated.

Cross-volume change to XRAT...
Add a new section B.2.13 on page 3649:
Functions such as pipe() and socketpair() which allocate two file descriptors are permitted to perform the two allocations independently. This means that other threads or signal handlers may perform operations on file descriptors in between the two allocations and this can result in the two file descriptors not having adjacent values or in the second allocation producing a lower value than the first.
Tags tc2-2008
Attached Files

- Relationships
related to 0000837Resolved renumber section 2.13 to be 2.6 in Issue 8 

-  Notes
(0002232)
eblake (manager)
2014-04-24 15:13

Use of SCM_RIGHTS with recvmsg() is another instance of allocating file descriptors; but the standard is currently woefully silent on proper use of SCM_RIGHTS, so it's probably worth a separate bug for enhancing the documentation of requirements of fd passing over SOL_SOCKET connections.

- Issue History
Date Modified Username Field Change
2014-04-24 11:50 geoffclare New Issue
2014-04-24 11:50 geoffclare Name => Geoff Clare
2014-04-24 11:50 geoffclare Organization => The Open Group
2014-04-24 11:50 geoffclare Section => pipe
2014-04-24 11:50 geoffclare Page Number => 1413
2014-04-24 11:50 geoffclare Line Number => 46643
2014-04-24 11:50 geoffclare Interp Status => ---
2014-04-24 15:13 eblake Note Added: 0002232
2014-04-24 15:23 eblake Tag Attached: tc2-2008
2014-04-24 15:24 Don Cragun Status New => Resolved
2014-04-24 15:24 Don Cragun Resolution Open => Accepted
2014-04-25 08:28 geoffclare Relationship added related to 0000837


Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker