From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id sPD4EJzy8F5ZSQAA0tVLHw (envelope-from ) for ; Mon, 22 Jun 2020 18:04:12 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id OEPIDJzy8F7SGgAAB5/wlQ (envelope-from ) for ; Mon, 22 Jun 2020 18:04:12 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 7E4AF940653 for ; Mon, 22 Jun 2020 18:04:11 +0000 (UTC) Received: from localhost ([::1]:55746 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jnQnh-0000tF-53 for larch@yhetil.org; Mon, 22 Jun 2020 14:04:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37238) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jnQna-0000t7-C6 for guix-patches@gnu.org; Mon, 22 Jun 2020 14:04:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:51168) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jnQna-0003cL-2i for guix-patches@gnu.org; Mon, 22 Jun 2020 14:04:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jnQnZ-0006B6-T9 for guix-patches@gnu.org; Mon, 22 Jun 2020 14:04:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#41797] [PATCH] replace with-temporary-store-file Resent-From: Caleb Ristvedt Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 22 Jun 2020 18:04:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 41797 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 41797@debbugs.gnu.org Received: via spool by 41797-submit@debbugs.gnu.org id=B41797.159284901623713 (code B ref 41797); Mon, 22 Jun 2020 18:04:01 +0000 Received: (at 41797) by debbugs.gnu.org; 22 Jun 2020 18:03:36 +0000 Received: from localhost ([127.0.0.1]:34481 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jnQn9-0006AP-T8 for submit@debbugs.gnu.org; Mon, 22 Jun 2020 14:03:36 -0400 Received: from mail-io1-f67.google.com ([209.85.166.67]:39673) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jnQn6-0006A9-3B for 41797@debbugs.gnu.org; Mon, 22 Jun 2020 14:03:34 -0400 Received: by mail-io1-f67.google.com with SMTP id f23so15234916iof.6 for <41797@debbugs.gnu.org>; Mon, 22 Jun 2020 11:03:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cune-org.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=7qjhI9T9CmkCGl4VatFW+pWr447AAF4dSkNQEgKfMyA=; b=xwufMRMfvVZ+lqiLqBS3dUdszLP+gMiWZ/u2LAYGrjzdceGpvK4XV9QIFTm3v3GBOK d1ZDxLKUC8l8I3ppE/gFjUFkIoaLqDrMBbOnZDa7p/xckAFw6TDC0vDkRUCmf+8q9pEC MglKup/gO0V2bdy9gKdRUn5jO0YKqMIre0I/OrBHWh4D295QAahOq1xSZQ+qYBxXOF2b Wj/RQmsUqIjCu3vgMP322OrHeDJjpVEV4D4tJn+IoBs84UdHwMMuttASpovy+2Ywwcm8 BtWl6tSo2BVtJrQshZUaZXjJPS+m6ZdF6JrUrDdXgwKP8p5KK3rNqGiP4KuRxNkltS2T I5tA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=7qjhI9T9CmkCGl4VatFW+pWr447AAF4dSkNQEgKfMyA=; b=F6X7up6DFvr0xjkklpi/vfxiiCuu4/ocy59IIWtkyhMLTIaFOrpqZRhJEJ2Vbuuwz0 t24ZCyH5fIz8fnLOOEzdlIqlDfTnAWXnB2vxhbY4NvmVOdRq/Mqte5Ao+WOuEQbLA6mk fxmh1nRKmLhKm9xKDjJP8TLZRYJ+5VYsv1WEFiEJt1RvrJykgWP1gIX1apFldU7ngxZG SsWr8/PeMB9aBwhR298Po01IlmdZXvLE8NVUJ9MF1IfsnljLGgoscAxSC22z0gUnEUwU p/QmNgYduk2Rie6lwJSIijl+0JKnLJgVyXpHrqTlUh2ZA5SHmW4P0LuHAZSvSU2GZFoO eQJw== X-Gm-Message-State: AOAM533SsUSfCNwZ5F6HdAF7hp7M9FHTGbPAAkr39TPtpAxPsSFdDURO hfBBUfHi9219Q7tNpzJAwxXduWe9vSgyaA== X-Google-Smtp-Source: ABdhPJwemxmcR+S/WL5QDUfUAXlTSib0yjrsHGoVlVewGV5bRk3t6PuodcxLfKyzw7xDEtfYI6NNvA== X-Received: by 2002:a02:694c:: with SMTP id e73mr12591049jac.17.1592849006078; Mon, 22 Jun 2020 11:03:26 -0700 (PDT) Received: from GuixPotato ([208.89.170.24]) by smtp.gmail.com with ESMTPSA id y13sm8612128iob.51.2020.06.22.11.03.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2020 11:03:25 -0700 (PDT) From: Caleb Ristvedt References: <87k10e5io6.fsf@cune.org> <877dwdbkkf.fsf@gnu.org> Date: Mon, 22 Jun 2020 13:03:12 -0500 In-Reply-To: <877dwdbkkf.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Thu, 11 Jun 2020 19:04:32 +0200") Message-ID: <874kr35673.fsf@cune.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=cune-org.20150623.gappssmtp.com header.s=20150623 header.b=xwufMRMf; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: -2.11 X-TUID: /OiYvI0bwXzB --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Apologies for the delay on this. Ludovic Court=C3=A8s writes: > Hi, > > Caleb Ristvedt skribis: > >> with-temporary-store-file has a fundamental flaw: it assumes that if a >> temporary store file exists, is then added as a temporary root, and still >> exists, then it uniquely belongs to the current process. This is not al= ways >> the case, because the only criteria used for choosing temporary file nam= es is >> that they not be currently used and fit a certain template. This means = it's >> entirely possible for another process to choose the same temporary file = name >> if it doesn't exist at the time it chooses. > > Then what about simply adding the PID to the file name template? AFAIK that would work currently, though for the daemon we'd have to also include a fiber identifier. What concerns me is that I can't find any restrictions about the characters that mkstemp is allowed to use, so we'd have to enforce a consistent tempfile naming scheme. Admittedly, I spent 10 minutes trying to think of realistic ways in which collisions could still occur and couldn't come up with anything - the fact that the randomized portion is always the same length and at the end makes it quite difficult. It's worth noting that adding the PID (and fiber ID) to the template will only make it thread-safe, not reentrant. So with-temporary-store-file uses couldn't be nested - indeed, no temporary store files that use the same template could be safely created within the extent of with-temporary-store-file. We could add a parameter to track all the "reserved" filenames for the current dynamic state, but it seems like a lot of hassle, and there's still the risk that other temp-file-creating code could simply ignore it. I'd still prefer restore-to-temp-store-file for the stronger guarantees it gives. =2D reepca --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEdNapMPRLm4SepVYGwWaqSV9/GJwFAl7w8mEACgkQwWaqSV9/ GJwvbwf+MCNm6d+ymsOi0/bbDvbCUv5IjeUsur34e4RnGg4Sy0MvY7zLcRPD1Y1C aY5ucOYEwfkmWkkv7pk9Zk4ZFnxPutza5d/13CQKFTkoSjPM8UOcr8AiISmBiALM rMmdCRCZ+qYX8NB56ylA0JEk6xL7tagM5FAyKSgDrkLlgJ46bTO9fQPRRM15sbAp fjCdP8VmOHwj6BxLHItXCjkLxz7iNZ70C/JqwSzlU0UWmBRYF/+pZb60OR46MoBE FSDsYGo0YAbMdoZsgxFDYx87pFbAVcAC9NOCyiWL2fahqHzNwjRK9DcQ6QtaWz6X VJYBd5Ck5uvqHe4QAs5Wuq9ItLdZsQ== =RZqc -----END PGP SIGNATURE----- --=-=-=--