From b6b40efcac5577df9906fdc130debbec9a4a66ae Mon Sep 17 00:00:00 2001
From: Ralf Jung <post@ralfj.de>
Date: Fri, 22 Nov 2024 08:35:32 +0100
Subject: [PATCH] library: update comment around close()

---
 std/src/os/fd/owned.rs | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)

diff --git a/std/src/os/fd/owned.rs b/std/src/os/fd/owned.rs
index 2d087c03b04b4..388b8a88a1a48 100644
--- a/std/src/os/fd/owned.rs
+++ b/std/src/os/fd/owned.rs
@@ -173,16 +173,17 @@ impl Drop for OwnedFd {
     #[inline]
     fn drop(&mut self) {
         unsafe {
-            // Note that errors are ignored when closing a file descriptor. The
-            // reason for this is that if an error occurs we don't actually know if
-            // the file descriptor was closed or not, and if we retried (for
-            // something like EINTR), we might close another valid file descriptor
-            // opened after we closed ours.
-            // However, this is usually justified, as some of the major Unices
-            // do make sure to always close the FD, even when `close()` is interrupted,
-            // and the scenario is rare to begin with.
-            // Helpful link to an epic discussion by POSIX workgroup:
-            // http://austingroupbugs.net/view.php?id=529
+            // Note that errors are ignored when closing a file descriptor. According to POSIX 2024,
+            // we can and indeed should retry `close` on `EINTR`
+            // (https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/close.html),
+            // but it is not clear yet how well widely-used implementations are conforming with this
+            // mandate since older versions of POSIX left the state of the FD after an `EINTR`
+            // unspecified. Ignoring errors is "fine" because some of the major Unices (in
+            // particular, Linux) do make sure to always close the FD, even when `close()` is
+            // interrupted, and the scenario is rare to begin with. If we retried on a
+            // not-POSIX-compliant implementation, the consequences could be really bad since we may
+            // close the wrong FD. Helpful link to an epic discussion by POSIX workgroup that led to
+            // the latest POSIX wording: http://austingroupbugs.net/view.php?id=529
             #[cfg(not(target_os = "hermit"))]
             {
                 #[cfg(unix)]