From: Rich Felker <dalias@aerifal.cx>
To: musl@lists.openwall.com
Subject: Re: close(2) failure cases (was: some fixes to musl)
Date: Sun, 24 Jul 2011 18:29:26 -0400 [thread overview]
Message-ID: <20110724222926.GN132@brightrain.aerifal.cx> (raw)
In-Reply-To: <20110724174901.GA3219@albatros>
On Sun, Jul 24, 2011 at 09:49:03PM +0400, Vasiliy Kulikov wrote:
> Rich,
>
> On Sun, Jul 24, 2011 at 08:24 -0400, Rich Felker wrote:
> > > Even if close() fails, the fd is freed. So fd leakage is impossible.
> >
> > Is this true even in the case of EINTR?
>
> For all types of fd the fd is deleted from fd table, then
> FS-specific function is called. Any error would be returned to the
> program, but fd would be already deregistered.
Good to know. I may need to investigate and verify that this behaves
as expected in conjunction with thread cancellation while blocked at
close(), and if not, work on a work-around...
Do you know any reliable way to setup the kernel to block/sleep for a
measurable length of time on close() so that I could test this?
> I agree with POSIX in part that close() should somehow signal about
> failed IO (e.g. no free disk space) and error return code is good
> enough. However, I feel it was wrong to leave undefined behaviour of fd in
> case of error. If the file is so important that the error must be
> handled by the program, it really should do *sync() and react on its
> error. IMO close() should unconditionally close fd. (The same for
> fclose(3), etc.)
Note that the way POSIX leaves the state of the fd indeterminate if
close fails makes it impossible to write robust portable
multi-threaded programs that use files in any non-trivial way. You
can't retry closing a file descriptor you already passed to close,
because it might get assigned to a new file opened in another thread,
in which case you would close the other thread's newly-opened file. I
consider this a major flaw in the standard (one of the many oversights
of not considering the interaction of certain behaviors with threads)
and hope to raise the issue as a defect report and push for the next
version of the standard to define the behavior that the fd always be
freed.
Rich
next prev parent reply other threads:[~2011-07-24 22:29 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-21 17:02 some fixes to musl Vasiliy Kulikov
2011-07-21 18:21 ` Rich Felker
2011-07-21 19:00 ` Solar Designer
2011-07-22 8:19 ` Vasiliy Kulikov
2011-07-22 13:30 ` Rich Felker
2011-07-21 19:17 ` Vasiliy Kulikov
2011-07-22 2:08 ` Rich Felker
2011-07-24 9:39 ` Vasiliy Kulikov
2011-07-24 12:56 ` Rich Felker
2011-07-24 18:38 ` Vasiliy Kulikov
2011-07-24 9:19 ` close(2) failure cases (was: some fixes to musl) Vasiliy Kulikov
2011-07-24 12:24 ` Rich Felker
2011-07-24 17:49 ` Vasiliy Kulikov
2011-07-24 22:29 ` Rich Felker [this message]
2011-07-25 17:36 ` Vasiliy Kulikov
2011-07-22 1:57 ` some fixes to musl Rich Felker
2011-07-22 4:30 ` Rich Felker
2011-07-22 8:26 ` Vasiliy Kulikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110724222926.GN132@brightrain.aerifal.cx \
--to=dalias@aerifal.cx \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).