So it avoids file existence test in pre-condition, not in post-condition... I swear I had seen other changes about passing failure status back to image for avoiding post-condition tests, but maybe it was not in this batch of changes.
Ah, it seems I'm senile since I can't remember it's me who integrated those changes,
but not completely senile since at least I remember that I saw such changes ;)
There must be a way to check if failure is due to existence of file (implemented via PrimErrInappropriate). If we would test existence afterward, the file could have been deleted in interim leading to another race condition.
This VMMaker change requires a coordinated platform source change (adding a 4th parameter to sqFileOpenNew).
Forget about all I wrote before, the changes definitely deserve a proper review.
Maybe check what happens in case someone did not update the VM properly before applying the image changes...
> On 28-08-2017, at 11:47 AM, Nicolas Cellier <[hidden email]> wrote:
> Main request was to avoid case of race condition that can happen when separating the action (like opening a file) from the query in case of failure (like was file unwritable?), because another concurrent program might have changed the file system status in between (think of concurrent squeak images creating concurrent /tmp/foobar.baz for example).
Oh, *that* problem. I hate that. It’s such a stupid bit of (mis)design. I think I’ve been complaining about that for around 30 years…
> I have already integrated the necessary VM changes, but it remains to integrate image side changes.
> Last time I checked there were unecessary changes mixed that I'd preferred to see discussed here, and the fallback code might not work in older VM, then I came short of spare time...
> But in any cases, there are too many .mcz roting in inbox, so I'm glad another pair of eyes analyze the changes.
It’s all very well Torvalds declaring that all bugs are shallow with enough pairs of eyes, *if* you have enough pairs of eyes. We need more.