Blame SOURCES/coreutils-8.22-mv-hardlinksrace.patch

f180de
diff -urNp coreutils-8.22-orig/src/copy.c coreutils-8.22/src/copy.c
f180de
--- coreutils-8.22-orig/src/copy.c	2015-07-03 14:42:56.829772551 +0200
f180de
+++ coreutils-8.22/src/copy.c	2015-07-03 14:51:05.371383675 +0200
f180de
@@ -1292,20 +1292,12 @@ close_src_desc:
f180de
    copy a regular file onto a symlink that points to it.
f180de
    Try to minimize the cost of this function in the common case.
f180de
    Set *RETURN_NOW if we've determined that the caller has no more
f180de
-   work to do and should return successfully, right away.
f180de
-
f180de
-   Set *UNLINK_SRC if we've determined that the caller wants to do
f180de
-   'rename (a, b)' where 'a' and 'b' are distinct hard links to the same
f180de
-   file. In that case, the caller should try to unlink 'a' and then return
f180de
-   successfully.  Ideally, we wouldn't have to do that, and we'd be
f180de
-   able to rely on rename to remove the source file.  However, POSIX
f180de
-   mistakenly requires that such a rename call do *nothing* and return
f180de
-   successfully.  */
f180de
+   work to do and should return successfully, right away.  */
f180de
 
f180de
 static bool
f180de
 same_file_ok (char const *src_name, struct stat const *src_sb,
f180de
               char const *dst_name, struct stat const *dst_sb,
f180de
-              const struct cp_options *x, bool *return_now, bool *unlink_src)
f180de
+              const struct cp_options *x, bool *return_now)
f180de
 {
f180de
   const struct stat *src_sb_link;
f180de
   const struct stat *dst_sb_link;
f180de
@@ -1316,7 +1308,6 @@ same_file_ok (char const *src_name, stru
f180de
   bool same = SAME_INODE (*src_sb, *dst_sb);
f180de
 
f180de
   *return_now = false;
f180de
-  *unlink_src = false;
f180de
 
f180de
   /* FIXME: this should (at the very least) be moved into the following
f180de
      if-block.  More likely, it should be removed, because it inhibits
f180de
@@ -1348,14 +1339,11 @@ same_file_ok (char const *src_name, stru
f180de
               /* Here we have two symlinks that are hard-linked together,
f180de
                  and we're not making backups.  In this unusual case, simply
f180de
                  returning true would lead to mv calling "rename(A,B)",
f180de
-                 which would do nothing and return 0.  I.e., A would
f180de
-                 not be removed.  Hence, the solution is to tell the
f180de
-                 caller that all it must do is unlink A and return.  */
f180de
+                 which would do nothing and return 0.  */
f180de
               if (same_link)
f180de
                 {
f180de
-                  *unlink_src = true;
f180de
                   *return_now = true;
f180de
-                  return true;
f180de
+                  return ! x->move_mode;
f180de
                 }
f180de
             }
f180de
 
f180de
@@ -1443,26 +1431,22 @@ same_file_ok (char const *src_name, stru
f180de
     return true;
f180de
 #endif
f180de
 
f180de
-  /* They may refer to the same file if we're in move mode and the
f180de
-     target is a symlink.  That is ok, since we remove any existing
f180de
-     destination file before opening it -- via 'rename' if they're on
f180de
-     the same file system, via 'unlink (DST_NAME)' otherwise.
f180de
-     It's also ok if they're distinct hard links to the same file.  */
f180de
   if (x->move_mode || x->unlink_dest_before_opening)
f180de
     {
f180de
+     /* They may refer to the same file if we're in move mode and the
f180de
+        target is a symlink.  That is ok, since we remove any existing
f180de
+        destination file before opening it -- via 'rename' if they're on
f180de
+        the same file system, via 'unlink (DST_NAME)' otherwise.  */
f180de
       if (S_ISLNK (dst_sb_link->st_mode))
f180de
         return true;
f180de
 
f180de
+      /* It's not ok if they're distinct hard links to the same file as
f180de
+         this causes a race condition and we may lose data in this case.  */
f180de
       if (same_link
f180de
           && 1 < dst_sb_link->st_nlink
f180de
           && ! same_name (src_name, dst_name))
f180de
         {
f180de
-          if (x->move_mode)
f180de
-            {
f180de
-              *unlink_src = true;
f180de
-              *return_now = true;
f180de
-            }
f180de
-          return true;
f180de
+          return ! x->move_mode;
f180de
         }
f180de
     }
f180de
 
f180de
@@ -1820,11 +1804,10 @@ copy_internal (char const *src_name, cha
f180de
         { /* Here, we know that dst_name exists, at least to the point
f180de
              that it is stat'able or lstat'able.  */
f180de
           bool return_now;
f180de
-          bool unlink_src;
f180de
 
f180de
           have_dst_lstat = !use_stat;
f180de
           if (! same_file_ok (src_name, &src_sb, dst_name, &dst_sb,
f180de
-                              x, &return_now, &unlink_src))
f180de
+                              x, &return_now))
f180de
             {
f180de
               error (0, 0, _("%s and %s are the same file"),
f180de
                      quote_n (0, src_name), quote_n (1, dst_name));
f180de
@@ -1883,22 +1866,14 @@ copy_internal (char const *src_name, cha
f180de
              cp and mv treat -i and -f differently.  */
f180de
           if (x->move_mode)
f180de
             {
f180de
-              if (abandon_move (x, dst_name, &dst_sb)
f180de
-                  || (unlink_src && unlink (src_name) == 0))
f180de
+              if (abandon_move (x, dst_name, &dst_sb))
f180de
                 {
f180de
                   /* Pretend the rename succeeded, so the caller (mv)
f180de
                      doesn't end up removing the source file.  */
f180de
                   if (rename_succeeded)
f180de
                     *rename_succeeded = true;
f180de
-                  if (unlink_src && x->verbose)
f180de
-                    printf (_("removed %s\n"), quote (src_name));
f180de
                   return true;
f180de
                 }
f180de
-              if (unlink_src)
f180de
-                {
f180de
-                  error (0, errno, _("cannot remove %s"), quote (src_name));
f180de
-                  return false;
f180de
-                }
f180de
             }
f180de
           else
f180de
             {
f180de
diff -urNp coreutils-8.22-orig/tests/cp/same-file.sh coreutils-8.22/tests/cp/same-file.sh
f180de
--- coreutils-8.22-orig/tests/cp/same-file.sh	2013-12-04 15:48:30.000000000 +0100
f180de
+++ coreutils-8.22/tests/cp/same-file.sh	2015-07-03 14:54:12.539772880 +0200
f180de
@@ -36,7 +36,7 @@ ln dangling-slink hard-link > /dev/null 2>&1 \
f180de
 rm -f no-such dangling-slink hard-link
f180de
 
f180de
 test $hard_link_to_symlink_does_the_deref = yes \
f180de
-    && remove_these_sed='/^0 -[bf]*l .*sl1 ->/d' \
f180de
+    && remove_these_sed='/^0 -[bf]*l .*sl1 ->/d; /hlsl/d' \
f180de
     || remove_these_sed='/^ELIDE NO TEST OUTPUT/d'
f180de
 
f180de
 exec 3>&1 1> actual
f180de
@@ -44,7 +44,8 @@ exec 3>&1 1> actual
f180de
 # FIXME: This should be bigger: like more than 8k
f180de
 contents=XYZ
f180de
 
f180de
-for args in 'foo symlink' 'symlink foo' 'foo foo' 'sl1 sl2' 'foo hardlink'; do
f180de
+for args in 'foo symlink' 'symlink foo' 'foo foo' 'sl1 sl2' \
f180de
+  'foo hardlink' 'hlsl sl2'; do
f180de
   for options in '' -d -f -df --rem -b -bd -bf -bdf \
f180de
                  -l -dl -fl -dfl -bl -bdl -bfl -bdfl; do
f180de
     case $args$options in
f180de
@@ -76,6 +77,8 @@ for args in 'foo symlink' 'symlink foo'
f180de
         continue ;;
f180de
       'yes:sl1 sl2:-bfl')
f180de
         continue ;;
f180de
+      yes:hlsl*)
f180de
+        continue ;;
f180de
     esac
f180de
 
f180de
     rm -rf dir
f180de
@@ -86,6 +87,7 @@ for args in 'foo symlink' 'symlink foo'
f180de
     case "$args" in *hardlink*) ln foo hardlink ;; esac
f180de
     case "$args" in *sl1*) ln -s foo sl1;; esac
f180de
     case "$args" in *sl2*) ln -s foo sl2;; esac
f180de
+    case "$args" in *hlsl*) ln sl2 hlsl;;esac
f180de
     (
f180de
       (
f180de
         # echo 1>&2 cp $options $args
f180de
@@ -211,6 +213,24 @@ cat <<\EOF | sed "$remove_these_sed" > e
f180de
 0 -bfl (foo hardlink)
f180de
 0 -bdfl (foo hardlink)
f180de
 
f180de
+1 [cp: 'hlsl' and 'sl2' are the same file] (foo hlsl -> foo sl2 -> foo)
f180de
+0 -d (foo hlsl -> foo sl2 -> foo)
f180de
+1 -f [cp: 'hlsl' and 'sl2' are the same file] (foo hlsl -> foo sl2 -> foo)
f180de
+0 -df (foo hlsl -> foo sl2 -> foo)
f180de
+0 --rem (foo hlsl -> foo sl2)
f180de
+0 -b (foo hlsl -> foo sl2 sl2.~1~ -> foo)
f180de
+0 -bd (foo hlsl -> foo sl2 -> foo sl2.~1~ -> foo)
f180de
+0 -bf (foo hlsl -> foo sl2 sl2.~1~ -> foo)
f180de
+0 -bdf (foo hlsl -> foo sl2 -> foo sl2.~1~ -> foo)
f180de
+1 -l [cp: cannot create hard link 'sl2' to 'hlsl'] (foo hlsl -> foo sl2 -> foo)
f180de
+0 -dl (foo hlsl -> foo sl2 -> foo)
f180de
+0 -fl (foo hlsl -> foo sl2)
f180de
+0 -dfl (foo hlsl -> foo sl2 -> foo)
f180de
+0 -bl (foo hlsl -> foo sl2 sl2.~1~ -> foo)
f180de
+0 -bdl (foo hlsl -> foo sl2 -> foo)
f180de
+0 -bfl (foo hlsl -> foo sl2 sl2.~1~ -> foo)
f180de
+0 -bdfl (foo hlsl -> foo sl2 -> foo)
f180de
+
f180de
 EOF
f180de
 
f180de
 exec 1>&3 3>&-
f180de
diff -urNp coreutils-8.22-orig/tests/local.mk coreutils-8.22/tests/local.mk
f180de
--- coreutils-8.22-orig/tests/local.mk	2015-07-03 14:42:56.820772485 +0200
f180de
+++ coreutils-8.22/tests/local.mk	2015-07-03 14:55:07.060176869 +0200
f180de
@@ -591,7 +591,6 @@ all_tests =					\
f180de
   tests/mv/hard-3.sh				\
f180de
   tests/mv/hard-4.sh				\
f180de
   tests/mv/hard-link-1.sh			\
f180de
-  tests/mv/hard-verbose.sh			\
f180de
   tests/mv/i-1.pl				\
f180de
   tests/mv/i-2.sh				\
f180de
   tests/mv/i-3.sh				\
f180de
diff -urNp coreutils-8.22-orig/tests/mv/force.sh coreutils-8.22/tests/mv/force.sh
f180de
--- coreutils-8.22-orig/tests/mv/force.sh	2013-12-04 15:48:30.000000000 +0100
f180de
+++ coreutils-8.22/tests/mv/force.sh	2015-07-03 14:56:42.840885931 +0200
f180de
@@ -25,18 +25,19 @@ ff2=mvforce2
f180de
 echo force-contents > $ff || framework_failure_
f180de
 ln $ff $ff2 || framework_failure_
f180de
 
f180de
-# This mv command should exit nonzero.
f180de
-mv $ff $ff > out 2>&1 && fail=1
f180de
+# mv should fail for the same name, or separate hardlinks as in
f180de
+# both cases rename() will do nothing and return success.
f180de
+# One could unlink(src) in the hardlink case, but that would
f180de
+# introduce races with overlapping mv instances removing both hardlinks.
f180de
 
f180de
-cat > exp <
f180de
-mv: '$ff' and '$ff' are the same file
f180de
-EOF
f180de
+for dest in $ff $ff2; do
f180de
+  # This mv command should exit nonzero.
f180de
+  mv $ff $dest > out 2>&1 && fail=1
f180de
 
f180de
-compare exp out || fail=1
f180de
-test $(cat $ff) = force-contents || fail=1
f180de
+  printf "mv: '$ff' and '$dest' are the same file\n" > exp
f180de
+  compare exp out || fail=1
f180de
 
f180de
-# This should succeed, even though the source and destination
f180de
-# device and inodes are the same.
f180de
-mv $ff $ff2 || fail=1
f180de
+  test $(cat $ff) = force-contents || fail=1
f180de
+done
f180de
 
f180de
 Exit $fail
f180de
diff -urNp coreutils-8.22-orig/tests/mv/hard-4.sh coreutils-8.22/tests/mv/hard-4.sh
f180de
--- coreutils-8.22-orig/tests/mv/hard-4.sh	2013-12-04 15:48:30.000000000 +0100
f180de
+++ coreutils-8.22/tests/mv/hard-4.sh	2015-07-03 14:58:31.179687188 +0200
f180de
@@ -1,5 +1,5 @@
f180de
 #!/bin/sh
f180de
-# ensure that mv removes a in this case: touch a; ln a b; mv a b
f180de
+# ensure that mv maintains a in this case: touch a; ln a b; mv a b
f180de
 
f180de
 # Copyright (C) 2003-2013 Free Software Foundation, Inc.
f180de
 
f180de
@@ -21,15 +21,19 @@ print_ver_ mv
f180de
 touch a || framework_failure_
f180de
 ln a b || framework_failure_
f180de
 
f180de
+# Between coreutils-5.0 and coreutils-8.24, 'a' would be removed.
f180de
+# Before coreutils-5.0.1 the issue would not have been diagnosed.
f180de
+# We don't emulate the rename(a,b) with unlink(a) as that would
f180de
+# introduce races with overlapping mv instances removing both links.
f180de
+mv a b 2>err && fail=1
f180de
+printf "mv: 'a' and 'b' are the same file\n" > exp
f180de
+compare exp err || fail=1
f180de
 
f180de
-mv a b || fail=1
f180de
 
f180de
-# In coreutils-5.0 and earlier, a would not be removed.
f180de
-test -r a && fail=1
f180de
+test -r a || fail=1
f180de
 test -r b || fail=1
f180de
 
f180de
-# Make sure it works also with --backup.
f180de
-ln b a
f180de
+# Make sure it works with --backup.
f180de
 mv --backup=simple a b || fail=1
f180de
 test -r a && fail=1
f180de
 test -r b || fail=1
f180de
diff -urNp coreutils-8.22-orig/tests/mv/i-4.sh coreutils-8.22/tests/mv/i-4.sh
f180de
--- coreutils-8.22-orig/tests/mv/i-4.sh	2013-12-04 15:48:30.000000000 +0100
f180de
+++ coreutils-8.22/tests/mv/i-4.sh	2015-07-03 15:00:39.533718254 +0200
f180de
@@ -23,6 +23,7 @@ for i in a b; do
f180de
   echo $i > $i || framework_failure_
f180de
 done
f180de
 echo y > y || framework_failure_
f180de
+echo n > n || framework_failure_
f180de
 
f180de
 mv -i a b < y >/dev/null 2>&1 || fail=1
f180de
 
f180de
@@ -32,18 +33,15 @@ case "$(cat b)" in
f180de
   *) fail=1 ;;
f180de
 esac
f180de
 
f180de
-# Ensure that mv -i a b works properly with 'n' and 'y'
f180de
-# responses, even when a and b are hard links to the same file.
f180de
-# This 'n' test would fail (no prompt) for coreutils-5.0.1 through 5.3.0.
f180de
-echo n > n
f180de
+# Ensure that mv -i a b works properly with 'n' and 'y' responses,
f180de
+# when a and b are hard links to the same file.
f180de
 rm -f a b
f180de
 echo a > a
f180de
 ln a b
f180de
-mv -i a b < n >/dev/null 2>&1 || fail=1
f180de
+mv -i a b < y 2>err && fail=1
f180de
 test -r a || fail=1
f180de
 test -r b || fail=1
f180de
-mv -i a b < y >/dev/null 2>&1 || fail=1
f180de
-test -r a && fail=1
f180de
-test -r b || fail=1
f180de
+printf "mv: 'a' and 'b' are the same file\n" > exp
f180de
+compare exp err || fail=1
f180de
 
f180de
 Exit $fail
f180de
diff -urNp coreutils-8.22-orig/tests/mv/symlink-onto-hardlink-to-self.sh coreutils-8.22/tests/mv/symlink-onto-hardlink-to-self.sh
f180de
--- coreutils-8.22-orig/tests/mv/symlink-onto-hardlink-to-self.sh	2013-12-04 15:48:30.000000000 +0100
f180de
+++ coreutils-8.22/tests/mv/symlink-onto-hardlink-to-self.sh	2015-07-03 15:01:39.209190741 +0200
f180de
@@ -1,10 +1,10 @@
f180de
 #!/bin/sh
f180de
-# Demonstrate that when moving a symlink onto a hardlink-to-that-symlink, the
f180de
-# source symlink is removed.  Depending on your kernel (e.g., Linux, Solaris,
f180de
+# Demonstrate that when moving a symlink onto a hardlink-to-that-symlink,
f180de
+# an error is presented.  Depending on your kernel (e.g., Linux, Solaris,
f180de
 # but not NetBSD), prior to coreutils-8.16, the mv would successfully perform
f180de
 # a no-op.  I.e., surprisingly, mv s1 s2 would succeed, yet fail to remove s1.
f180de
 
f180de
-# Copyright (C) 2012-2013 Free Software Foundation, Inc.
f180de
+# Copyright (C) 2012-2014 Free Software Foundation, Inc.
f180de
 
f180de
 # This program is free software: you can redistribute it and/or modify
f180de
 # it under the terms of the GNU General Public License as published by
f180de
@@ -26,27 +26,34 @@ print_ver_ mv
f180de
 touch f || framework_failure_
f180de
 ln -s f s2 || framework_failure_
f180de
 
f180de
-for opt in '' --backup; do
f180de
+# Attempt to create a hard link to that symlink.
f180de
+# On some systems, it's not possible: they create a hard link to the referent.
f180de
+ln s2 s1 || framework_failure_
f180de
+
f180de
+# If s1 is not a symlink, skip this test.
f180de
+test -h s1 \
f180de
+  || skip_ your kernel or file system cannot create a hard link to a symlink
f180de
 
f180de
-  # Attempt to create a hard link to that symlink.
f180de
-  # On some systems, it's not possible: they create a hard link to the referent.
f180de
-  ln s2 s1 || framework_failure_
f180de
-
f180de
-  # If s1 is not a symlink, skip this test.
f180de
-  test -h s1 \
f180de
-    || skip_ your kernel or file system cannot create a hard link to a symlink
f180de
+for opt in '' --backup; do
f180de
 
f180de
-  mv $opt s1 s2 > out 2>&1 || fail=1
f180de
-  compare /dev/null out || fail=1
f180de
+  if test "$opt" = --backup; then
f180de
+    mv $opt s1 s2 > out 2>&1 || fail=1
f180de
+    compare /dev/null out || fail=1
f180de
 
f180de
-  # Ensure that s1 is gone.
f180de
-  test -e s1 && fail=1
f180de
+    # Ensure that s1 is gone.
f180de
+    test -e s1 && fail=1
f180de
 
f180de
-  if test "$opt" = --backup; then
f180de
     # With --backup, ensure that the backup file was created.
f180de
     ref=$(readlink s2~) || fail=1
f180de
     test "$ref" = f || fail=1
f180de
   else
f180de
+    echo "mv: 's1' and 's2' are the same file" > exp
f180de
+    mv $opt s1 s2 2>err && fail=1
f180de
+    compare exp err || fail=1
f180de
+
f180de
+    # Ensure that s1 is still present.
f180de
+    test -e s1 || fail=1
f180de
+
f180de
     # Without --backup, ensure there is no backup file.
f180de
     test -e s2~ && fail=1
f180de
   fi