From: Markus Wichmann <nullplan@gmx.net>
To: musl@lists.openwall.com
Subject: Re: Conformance problem in system()
Date: Sun, 31 Dec 2017 00:23:42 +0100 [thread overview]
Message-ID: <20171230232342.7lc32yfg67skwzkd@voyager> (raw)
In-Reply-To: <20171230222204.GF1627@brightrain.aerifal.cx>
On Sat, Dec 30, 2017 at 05:22:04PM -0500, Rich Felker wrote:
> I think you're right that there's a problem here, but I don't think
> the patch correctly or fully fixes it. A simpler version of what
> you're doing would be to just initialize status to -1 instead of
> 0x7f00, since your patch is returning -1 in all cases where waitpid
> did not complete successfully. But that ignores the POSIX requirement
> to behave as if the interpreter exited with status 127 when it was
> possibel to make the child process but the command interpreter could
> not be executed.
>
Actually, I noticed another problem: waitpid() returns the PID of the
changed child process on success, so the
if (wr) status = wr;
should be
if (wr < 0) status = wr;
The initialization of status would only change something if the kernel
did not write to status on waitpid() failure. Is that guarenteed ABI, or
does this just happen to be the case on current kernels?
> musl's posix_spawn does not succeed when exec fails in the child;
> instead the exec error is returned. This behavior is permitted but not
> required by POSIX. I think it would actually be preferable to system
> to return -1 and set errno in this case too, but POSIX doesn't seem to
> allow that.
Actually, the requirement to return exit status 127 on exec failure
sounds mighty specific to me. As if someone wanted to codify behavior
they needed in their utility. Which means there may be software out
there that depends on this behavior.
There is the possibility of not considering a posix_spawn()ed child
process as "created" unless posix_spawn() itself did return success,
though. But that might run counter to what the POSIX was going for,
here.
> So I think we actually need to break down error cases for
> posix_spawn and simulate the exit(127) result if the error returned is
> anything other than an error that could be returned by fork (EAGAIN or
> ENOMEM).
>
> Does that sound right?
Sounds correct, but I don't like it. Not least because any syscall may
fail with any errno in addition to the ones documented. But all the
solutions I can think of are even worse. In the end, it looks like POSIX
was codifying the use of fork(), exec(), and exit(127) in the child
here. Any implementation that does something different now has to work
around the mess they've made.
>
> Rich
Ciao,
Markus
next prev parent reply other threads:[~2017-12-30 23:23 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-29 9:48 Markus Wichmann
2017-12-30 22:22 ` Rich Felker
2017-12-30 23:23 ` Markus Wichmann [this message]
2018-01-09 18:03 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171230232342.7lc32yfg67skwzkd@voyager \
--to=nullplan@gmx.net \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).