manual: fopen with the x flag does not follow ISO C11
Commit Message
ISO C11 requires that the new file is created locked, something
that our implementation does not do. Changing that would impact
backwards compatibility, particularly if the C11 requirement of
“exclusive (also known as non-shared) access to the extent that
the underlying system supports exclusive access” is read to imply
mandatory locking.
-----
manual/stdio.texi | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
Comments
On 12/9/19 11:16 AM, Florian Weimer wrote:
> -The @samp{x} modifier is part of @w{ISO C11}.
> +@strong{Portability Note:} Some standards describe the @samp{x}
> +specifier with different semantics, requiring that exclusive,
> +mandatory file locking is enabled for the new file. The
> +implementation in @theglibc{} follows existing practice and only
> +passes the @code{O_EXCL} flag to the kernel.
As far as I can see, the intent of C11 is that 'fopen' with "x" simply
maps to POSIX 'open' with O_EXCL. There's no requirement in C11 that the
program must have exclusive use of the file during the entire period
that the file is open. Instead, the exclusion can be during the original
access, during the opening of the file so that we know we created the file.
Also, the word "mandatory" doesn't seem right here. C11 says that
'fopen' with "x" gets you exclusive access "to the extent that the
underlying system supports exclusive access", which doesn't sound like
"mandatory". POSIX declined to standardize mandatory locking, and C11
doesn't standardize it either.
* Paul Eggert:
> On 12/9/19 11:16 AM, Florian Weimer wrote:
>
>> -The @samp{x} modifier is part of @w{ISO C11}.
>> +@strong{Portability Note:} Some standards describe the @samp{x}
>> +specifier with different semantics, requiring that exclusive,
>> +mandatory file locking is enabled for the new file. The
>> +implementation in @theglibc{} follows existing practice and only
>> +passes the @code{O_EXCL} flag to the kernel.
>
> As far as I can see, the intent of C11 is that 'fopen' with "x" simply
> maps to POSIX 'open' with O_EXCL. There's no requirement in C11 that
> the program must have exclusive use of the file during the entire
> period that the file is open. Instead, the exclusion can be during the
> original access, during the opening of the file so that we know we
> created the file.
>
> Also, the word "mandatory" doesn't seem right here. C11 says that
> 'fopen' with "x" gets you exclusive access "to the extent that the
> underlying system supports exclusive access", which doesn't sound like
> "mandatory". POSIX declined to standardize mandatory locking, and C11
> doesn't standardize it either.
To be honest, I'm not really interested in what the C standard says.
However, it seems that people think that glibc implements the x
specifier, and that the standard requires various additional things that
glibc does not implement, ranging from locking to special file modes
(similar to mkstemp).
I think it is worth clarifying that glibc's x specifier only results in
O_EXCL and nothing else.
Thanks,
Florian
@@ -216,7 +216,11 @@ exists, @code{fopen} fails rather than opening it. If you use
file. This is equivalent to the @code{O_EXCL} option to the
@code{open} function (@pxref{Opening and Closing Files}).
-The @samp{x} modifier is part of @w{ISO C11}.
+@strong{Portability Note:} Some standards describe the @samp{x}
+specifier with different semantics, requiring that exclusive,
+mandatory file locking is enabled for the new file. The
+implementation in @theglibc{} follows existing practice and only
+passes the @code{O_EXCL} flag to the kernel.
@end table
The character @samp{b} in @var{opentype} has a standard meaning; it