|
Description
|
The posix_spawn() interface has a problem with MT-safeness,
complained about on comp.unix.programmer and other places:
One thread of a multithreaded process may want to create
a child process/program using posix_spawn() and it wants
to supply a list of file descriptors to be closed before
the new program begins execution (by one or more calls
to posix_spawn_file_actions_addclose() prior to the call
to posix_spawn().
However, between the call to posix_spawn_file_actions_addclose()
and the call to posix_spawn(), some other thread in the process
may close the specified file descriptor.
The call to posix_spawn() will then fail with EBADF because the
file-to-be-closed is not currently open in the parent process.
This is neither useful nor rational. The file is already
closed, so another close() (returning EBADF) should be
considered to be a no-operation.
The POSIX SUSv3 specification states:
if posix_spawn() or posix_spawnp() fails for any
of the reasons that would cause close(), ... to fail,
an error value shall be returned as described by close() ...
It doesn't say that posix_spawn() *must* fail if it is
asked to close a file descriptor that is not open.
It says that *if* it fails due to a failing close(), it will
return the error value as described for close().
The implementation can legally choose for posix_spawn()
*not* to fail in this case.
In addition, many if not most programs expect to be started
with only file descriptors 0, 1, and 2 open (STDIN, STDOUT,
STDERR).
It would be useful to provide a posix_spawn() file action
interface that provides the utility of the Solaris interface:
void closefrom(int lowfd);
that closes all open file descriptors greater than or equal
to lowfd. This is the purpose of the new interface:
int posix_spawn_file_actions_addclosefrom_np(
posix_spawn_file_actions_t *file_actions,
int lowfiledes);
|
