On 2021-07-23 14:19, Kaz Kylheku (gmake) wrote:
Secondly, build tools which open a file more than once should not specify O_CREAT for the second and subsequent times. The second and subsequent opens should expect the file to exist, and fail otherwise.
Unfortunately, this is too naive, I apologize for writing in haste. A legitimate strategy for a tool is to write output to a temporary file which is then renamed to the destination as a last step. Make, upon processing the interrupt signal, sees that there is no file at all, nothing to delete. Meanwhile, the tool reacts to the signal later, or not at all, and executes through the rename system call which creates the file. There is also a race condition between make and the very first open of the file, like this script #!/bin/sh sleep 5 echo "hello" > $1 If this keeps executing while make processes the interrupt, then we have the problem, even though there is just a single open and write. The correct behavior is to defer temporary file cleanup of files until after no part of the job is running. Or, perhaps to to it twice: once upon receipt of the interrupt signal (because that might be the last chance: make could be forcibly terminated after that; it's kind of a "best effort"). Then, check those files again and re-delete any that have re-appeared after the child jobs have been reaped.
