Re: 'sort' race condition with atexit cleanup and signals

[Jim Meyering]

Paul Eggert <address@hidden> wrote:
> Here's a patch to fix a race condition that Dan Hipschman and I
> thought of while walking across the courtyard to Boelter Hall at UCLA.
> The problem is that a signal can come in while cleanup is running
> during a premature exit (e.g., due to an I/O error), causing 'sort' to
> unlink a file that has already been unlinked.  This might in theory
> cause 'sort' to unlink some other process's temp file.
>
> Dan wrote the initial version of the patch and I tweaked it a bit.  I
> thought it a bit cleaner to have a single cleanup function than
> multiple calls to atexit, since we should not invoke some of this
> stuff until the signal mask is known.
>
> 2007-01-19  Dan Hipschman  <address@hidden>
>       and Paul Eggert  <address@hidden>
>
>       * src/sort.c (cleanup): Clear temphead at the end.
>       (exit_cleanup): New function.
>       (main): Don't invoke atexit until we're ready.
>       Invoke it with exit_cleanup, not with cleanup and close_stdout,
>       to avoid a race condition with cleanup and signal handling.

Come on guys...  Where's the test case?  :-) 1/2
With a delay-inducing unlink wrapper, I'll bet it's feasible.