From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-return-93979-listarch-libc-alpha=sources.redhat.com@sourceware.org>
Received: (qmail 47141 invoked by alias); 4 Jul 2018 20:47:29 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Received: (qmail 47128 invoked by uid 89); 4 Jul 2018 20:47:28 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.3.2 spammy=
X-HELO: zimbra.cs.ucla.edu
Subject: Re: [PATCH] Add renameat2 function [BZ #17662]
To: Carlos O'Donell <carlos@redhat.com>, Andreas Schwab <schwab@suse.de>,
 Florian Weimer <fweimer@redhat.com>
Cc: libc-alpha@sourceware.org, Gnulib bugs <bug-gnulib@gnu.org>
References: <20180630121447.E4C8643994575@oldenburg.str.redhat.com>
 <4a9cb334-48f4-139f-d917-457ce8ece57a@cs.ucla.edu>
 <eb0ebdfa-e55d-3d51-f03a-fa2e03d8741d@redhat.com>
 <a5b252a1-bd6e-96d6-20e2-3475fb6dda60@cs.ucla.edu> <mvmy3er8j8z.fsf@suse.de>
 <c814b9b6-f7c0-7fec-804b-13e68d340462@redhat.com>
 <d32bffa1-290f-98be-5d78-cd0854d944cf@cs.ucla.edu>
 <59d43024-6c94-9444-929d-03868b092b57@redhat.com>
From: Paul Eggert <eggert@cs.ucla.edu>
Openpgp: preference=signencrypt
Message-ID: <8e3c86c9-7f2b-a23c-c077-8df7b49833b5@cs.ucla.edu>
Date: Wed, 04 Jul 2018 20:47:00 -0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <59d43024-6c94-9444-929d-03868b092b57@redhat.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-SW-Source: 2018-07/txt/msg00094.txt.bz2

Carlos O'Donell wrote:
> On 07/04/2018 03:35 PM, Paul Eggert wrote:

> You position Gnulib's implementation as having no drawbacks

That certainly was not my intent. The Gnulib implementation has known race=
=20
conditions on platforms whose kernels don't promise atomicity. It's just th=
at=20
Gnulib-using applications prefer this drawback to implementing racy subsiti=
tutes=20
themselves.

Not every racy API is a bug. (If it were, we'd have to abolish stdio. :-)

> I have no objection to a racy API with another name.

Yes, that is direction we're heading.

>> we still haven't
>> run into a GNU app that actually *requires* atomicity.
>=20
> coreutils *requires* it to solve the race

Sure, but Coreutils doesn't *require* atomicity to build and run just as we=
ll=20
has it has run for decades. All Coreutils *requires* is the Gnulib API, whi=
ch=20
says "we'll try to avoid the race if we can". So far, GNU applications need=
ing=20
renameat2-like functionality have all fallen into the Coreutils camp.

> I would like *coretuils* itself to make the decision
> in their sources, with full disclosure,

Coreutils already does that. Coreutils uses Gnulib, which is a source-code=
=20
library. Coreutils tarballs contain a copy of the source code that embody t=
his=20
decision and fully disclose it. And if Glibc added an API that supported=20
Coreutils-like functionality here, programs using this new API would also b=
e=20
making the decision with full disclosure. So we should be OK here.