cd is broken, too.

ksh -c 'rmdir a1 >/dev/null; mkdir a1 ; chmod a-r a1 ; cd a1 ; :'
/home/ced/bin/ksh: cd: a1: [Permission denied]

The problem is that ksh93 stopped to pass O_PATH or O_SEARCH to
openat(), despite use of a -DO_SEARCH=O_PATH.

I really wish AST would stop the #undef-#define-#redefine massacre -
it renders the code unmaintainable from outside AT&T. Another side
effect is that it's no longer possible to build 3rd-party applications
which do their own restart handling by just putting -I/usr/include/ast
-last in the configure options. perl and some other stuff is broken
thanks to this change.

Ced

On Sat, Jun 29, 2013 at 12:37 AM, Cedric Blancher
Well, I hope this is a one time experiment which is better not going
to be repeated. The whole concept of the intercepts is utterly broken
by design and can't even work in real life. I still having hiccups
from this code:
#define RESTART(r,f) \
do { \
uint32_t serial; \
do \
{ \
serial = asoget32(&GLOBAL(restart)); \
} while ((r = f) == -1 && errno == EINTR && (serial ==
AST_SERIAL_always || serial != asoget32(&GLOBAL(restart)))); \
} while (0)

Why? This is mixing process and thread semantics with signal restart
functionality even for syscalls which never return EINTR. The code is
prone to integer overflows, too.

Another two 'gems':
int
ast_eaccess(const char* path, int mode)
{
int r;

RESTART(r, faccessat(LOCAL(pwd), path, mode, AT_EACCESS));
return r;
}
int
ast_faccessat(int cwd, const char* path, mode_t mode, int flags)
{
int r;

RESTART(r, faccessat(cwd, path, mode, flags));
return r;
}

The first form (ast_eaccess) is redundant since faccessat() has become
available and should be mapped via a macro to ast_faccessat().
Otherwise you're producing code bloat.

Finally, cd(1) is broken for error cases and returns garbage.

Irek

thanks for the feedback

unfortunately we don't have acces to bsd machines anymore
bsd *never* did headers right
e.g., if posix says
#include <foo.h>
bsd takes it on itself to demand
#include <sys/hack.h>
#include <sys/hackier.h>
#include <foo.h>
so I'm not surprised that we hit macro clashes
send me offlist the files named by
bin/package results path
and if you did more than one build
bin/package results path old

we knew the intercepts would be controversial, especially the varargs ioctl()
but this is the best way we could think of to flesh out EINTR problems
that arose from the recent signal/queue storm tests
as far as we can tell few system calls in all ast libraries and commands are
immune from EINTR error returns, including surprising ones like close() and stat()

there is no way we could do the edit to wrap syscalls with restart logic,
possibly just for debugging purposes, in a timely manner
so we did it by default for all ast code via macro black magic
knowing that we may run afoul of others doing similar black magic
as the problems arise we'll address them
for now the default is to always intercept
but there is a way to build with intercepts disabled
-D_AST_INTERCEPT=0
*but don't do this for ast code*
in the future the default could change

the intercept approach addresses many issues
* adding restart logic, macros or not, to every piece of ast code would be fugly
and I would not like editing, debugging or maintaining that code on a daily basis
so please don't submit patches to restartify ast code
* whos to say some other issues like EINTR won't arise tomorrow -- with intercepts
we may have a much easier pathway to address those issues
* any user code that expects to be used in ksh builtins or ast plugins must
do the restart logic -- its much easier to instruct builtin developers to
"#include <ast.h>" than to "wrap each syscall with foomacro() barmacro()"
and the latter would have to be bullet proof -- not that easy to say months later
"oops, we should have said foomacro(special arg) barmacro(another special arg)";
if the user code doesn't do syscall macro intercepts it should go smoothly,
otherwise the users will have to "-D_AST_INTERCEPT=0" and examine the user
or 3rd party code for EINTR restartedness
* although syscall restart on interrupt is part of posix, no 2 unix implementations
apply restart in the same way on the same set of syscalls -- e.g., the intesection
between the ast intercepts and any unix implementation != ast intercepts
* intercepts can now portably handle O_* and F_* extensions like O_SEARCH and
F_DUPFD_CLOEXEC using standard macro names (with the help of iffe) and emulate those
features not supported in any particular implementation
* we now have a mechanism to trace and track down all EINTR probs and address them
as the signals are handled, including the possibility of adding interrupt handler
logic that can determine if a particular call should be restarted or is really hung

the crystal ball shows that roland will submit patches to handle some of the
build issues, so hopefully this will be a non-issue and the alpha debugging and testing
can proceed

I have to say that I was surprised at how hard it is to get non-threaded code to work
correctly in the face of signal storms, especially code like vmalloc that maintains
complex internal state -- in many cases its much more difficult to make signal-safe code
than thread-safe code

shcomp test runs are broken for all tests:
test arith(shcomp) begins at 2013-06-29+23:23:19
./src/cmd/ksh93/tests/arith.sh: I/O error [Bad file number]
test arith(shcomp) failed to compile at 2013-06-29+23:23:19 with exit
code 1 [ 1 test 1 error ]

Irek