fix(run): exec target/ninja directly, scope LD_LIBRARY_PATH to child (#133)

* fix(run): exec target/ninja directly, scope LD_LIBRARY_PATH to child

mcpp run/test/build injected the bundled-glibc LD_LIBRARY_PATH into mcpp's
own process (setenv) before std::system/capture, so the host /bin/sh it
spawned inherited it. On newer-glibc distros sh then loaded the bundled
(older) libc, which could not satisfy host libtinfo's GLIBC_2.42 symbols,
and aborted before the target ran (reported as a 'sh:' version error).

Add platform::process::run_exec/capture_exec (no shell; child-scoped env)
and route the run, test, fast-path-ninja, and full-build-ninja launches
through them. The produced binary is already self-contained (bundled
--dynamic-linker + RUNPATH via gcc-specs/clang-cfg patch), so the loader
env was redundant for normal binaries anyway.

- store BuildResult::ninjaProgram raw (execvp needs argv, not a shell
  string); quote only at the remaining shell site; defensive unquote for
  legacy caches.
- tests/unit/test_process_run_exec.cpp: proves parent env is never mutated.
- tests/e2e/74: hostile LD_LIBRARY_PATH + bundled-interp guard.
- ci-fresh-install: linux-distro-matrix across fedora/arch/tumbleweed/
  debian-testing (+ old-glibc ubuntu-2004/debian-11).

* fix(process): use posix_spawn (parent-built envp); fix Windows/macOS

CI surfaced two cross-platform bugs in the first cut:
- macOS: fork()+setenv()-in-child mutated the test's parent-env expectation
  (post-fork setenv is async-signal-unsafe on macOS). Switch POSIX run_exec/
  capture_exec to posix_spawnp with an envp built in the PARENT — the child
  env never touches the parent, and there is no post-fork setenv.
- Windows: capture_exec force-quoted argv[0], so popen's cmd.exe /c "..."
  stripped the outer quotes and mangled the ninja path ('filename syntax
  incorrect'). Keep argv[0] raw (per platform.shell guidance) and quote only
  later args.

Unit tests gated to POSIX (they reference /bin/*); Windows path is covered by
the integration build that launches ninja via capture_exec.

Verified on Linux: unit 19/19, e2e 74, fast-path rebuild.

* fix(process): shell env-prefix launcher (no spawn) — fixes Windows/macOS

Both spawn-based attempts regressed non-Linux: posix_spawn returned an error
on the macOS runner (run_exec rc!=0), and _spawnvpe segfaulted mcpp run on
Windows (0xC0000005). The leak is Linux-only (macOS injects no runtime env;
Windows has no glibc symbol versioning), so changing the launch primitive on
every platform was the wrong call.

Reimplement run_exec/capture_exec on top of the existing shell helpers:
- run_exec: std::system with the env as a  prefix via
  build_env_prefix (POSIX) / _putenv_s (Windows). The shell std::system
  spawns starts clean, so a bundled-glibc LD_LIBRARY_PATH reaches only the
  target child, never /bin/sh — which fixes the original crash.
- capture_exec: command_from_argv + ' 2>&1' through the existing
  capture_with_env (same prefix semantics).

No spawn primitives, no per-platform exec code. Linux: unit 19/19, e2e 74,
hostile-LD_LIBRARY_PATH run, and fast-path rebuild all green.

* test(process): use /bin/sh not /bin/true (absent on macOS)

The macOS CI failures across every launcher attempt were this test, not the
implementation: /bin/true lives at /usr/bin/true on macOS, so run_exec returned
127 and the rc==0 assertion failed. Use /bin/sh -c 'exit 0' (present on Linux
and macOS).

* refactor(process): hybrid launcher — Linux posix_spawn, macOS/Windows shell

Per review: use a direct exec (posix_spawn) on Linux, where the leak actually
lives and where it can be iterated locally, and keep the proven std::system
shell path on macOS/Windows (which inject no runtime env / have no glibc symbol
versioning). This gives Linux the clean child-only env isolation with no shell
quoting/signal/injection surface, while not risking the platforms that can't be
reproduced here. A TODO(launcher-unify) marks unifying onto spawn later if
macOS/Windows ever need the same isolation.

Linux verified: unit 19/19, e2e 74, hostile-LD_LIBRARY_PATH run, fast-path,
passthrough args.

Author: Sunrisepeak

.agents/docs/2026-06-19-runtime-launch-and-multi-distro-plan.md

@@ -120,6 +120,83 @@ jobs:
           mcpp clean
           mcpp run
 
+  # ──────────────────────────────────────────────────────────────────
+  # Newer/rolling-glibc distros — reproduction surface for the
+  # bundled-glibc-vs-host-libtinfo `sh:` crash (host glibc > bundled).
+  # Plus older-glibc legs (the safe reverse direction) proving the
+  # musl-static mcpp + self-contained toolchain run end-to-end on old
+  # hosts. Runs the released mcpp inside distro containers.
+  # ──────────────────────────────────────────────────────────────────
+  linux-distro-matrix:
+    name: Linux distro (${{ matrix.distro }})
+    runs-on: ubuntu-24.04
+    container:
+      image: ${{ matrix.image }}
+    timeout-minutes: 45
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - distro: fedora-latest
+            image: fedora:latest
+            setup: dnf -y install curl bash tar gzip xz git findutils binutils file glibc-langpack-en
+          - distro: arch
+            image: archlinux:latest
+            setup: pacman -Sy --noconfirm curl bash tar gzip xz git binutils file
+          - distro: tumbleweed
+            image: opensuse/tumbleweed:latest
+            setup: zypper -n install curl bash tar gzip xz git binutils file
+          - distro: debian-testing
+            image: debian:testing
+            setup: apt-get update && apt-get -y install curl bash tar gzip xz-utils git ca-certificates binutils findutils file
+          - distro: ubuntu-2004
+            image: ubuntu:20.04
+            setup: apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y install curl bash tar gzip xz-utils git ca-certificates binutils findutils file
+          - distro: debian-11
+            image: debian:11
+            setup: apt-get update && apt-get -y install curl bash tar gzip xz-utils git ca-certificates binutils findutils file
+    env:
+      XLINGS_NON_INTERACTIVE: '1'
+      HOME: /root
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install prerequisites (${{ matrix.distro }})
+        run: ${{ matrix.setup }}
+
+      - name: Install xlings + mcpp
+        run: |
+          curl -fsSL https://raw.githubusercontent.com/openxlings/xlings/main/tools/other/quick_install.sh | bash -s v0.4.38
+          echo "$HOME/.xlings/subos/current/bin" >> "$GITHUB_PATH"
+
+      - name: Configure mcpp
+        run: |
+          export PATH="$HOME/.xlings/subos/current/bin:$PATH"
+          xlings update
+          xlings install mcpp -y -g
+          mcpp --version
+          mcpp self config --mirror GLOBAL
+
+      - name: "Regression: new → run (loader env must not crash /bin/sh)"
+        run: |
+          export PATH="$HOME/.xlings/subos/current/bin:$PATH"
+          cd "$(mktemp -d)"
+          mcpp new hello_distro
+          cd hello_distro
+          mcpp run
+
+      - name: "Self-containment: produced binary uses bundled loader"
+        run: |
+          export PATH="$HOME/.xlings/subos/current/bin:$PATH"
+          cd "$(mktemp -d)" && mcpp new hc && cd hc && mcpp build
+          bin="$(find target -type f -name hc | head -1)"
+          interp="$(file "$bin" | grep -o 'interpreter [^,]*' | awk '{print $2}')"
+          echo "interp=$interp"
+          case "$interp" in
+            */.mcpp/*|*/registry/*|*xpkgs*) echo "OK bundled loader" ;;
+            *) echo "FAIL host loader: $interp"; exit 1 ;;
+          esac
+
   # ──────────────────────────────────────────────────────────────────
   # macOS: llvm@20.1.7
   # ──────────────────────────────────────────────────────────────────

.github/workflows/ci-fresh-install.yml

@@ -274,6 +274,10 @@ export std::optional<int> try_fast_build(const std::filesystem::path& projectRoo
 
     auto outputDirStr = match->outputDir;
     auto ninjaProgram = match->ninjaProgram;
+    // Legacy caches stored a shell-quoted path; execvp needs the raw path.
+    if (ninjaProgram.size() >= 2 && ninjaProgram.front() == '\''
+                                 && ninjaProgram.back() == '\'')
+        ninjaProgram = ninjaProgram.substr(1, ninjaProgram.size() - 2);
     auto cachedFingerprint = match->fingerprint;
     auto runtimeEnvKey = match->runtimeEnvKey;
     auto runtimeEnvValue = match->runtimeEnvValue;
@@ -317,19 +321,21 @@ export std::optional<int> try_fast_build(const std::filesystem::path& projectRoo
     }
 
     // All inputs are older than build.ninja → fast-path: just run ninja.
-    std::string cmd = ninjaProgram;
-    if (!verbose) cmd += " --quiet";
-    cmd += std::format(" -C {}", mcpp::platform::shell::quote(outputDir.string()));
-    if (verbose) cmd += " -v";
-    cmd += " 2>&1";
+    std::vector<std::string> argv{ninjaProgram};
+    if (!verbose) argv.push_back("--quiet");
+    argv.push_back("-C");
+    argv.push_back(outputDir.string());
+    if (verbose) argv.push_back("-v");
 
-    auto t0 = std::chrono::steady_clock::now();
-    std::string out;
-    std::optional<mcpp::platform::env::ScopedEnv> scopedEnv;
+    std::vector<std::pair<std::string, std::string>> childEnv;
     if (runtimeEnvKey != "-" && !runtimeEnvValue.empty())
-        scopedEnv.emplace(runtimeEnvKey, runtimeEnvValue);
-    auto r = mcpp::platform::process::capture(cmd);
-    out = r.output;
+        childEnv.emplace_back(runtimeEnvKey, runtimeEnvValue);
+
+    auto t0 = std::chrono::steady_clock::now();
+    // capture_exec merges stderr into the captured output (replacing `2>&1`),
+    // so is_stale_ninja_failure / filter_ninja_output still see ninja errors.
+    auto r = mcpp::platform::process::capture_exec(argv, childEnv);
+    std::string out = r.output;
     int status = r.exit_code;
     bool ok = (status == 0);
     if (!ok) {
@@ -386,19 +392,21 @@ export int build_run_target(const std::optional<std::string>& targetName,
         std::format("`{}`", mcpp::ui::shorten_path(exe, pathCtx)));
     std::println("");
     std::fflush(stdout);
-    std::string cmd = mcpp::platform::shell::quote(exe.string());
-    for (auto& a : passthrough) cmd += " " + mcpp::platform::shell::quote(a);
+    std::vector<std::string> argv;
+    argv.push_back(exe.string());
+    for (auto& a : passthrough) argv.push_back(a);
 
-    std::optional<mcpp::platform::env::ScopedEnv> runtimeEnv;
+    std::vector<std::pair<std::string, std::string>> childEnv;
     auto runtimeEnvKey = mcpp::platform::env::runtime_library_path_key();
     auto runtimeEnvValue = mcpp::platform::env::prepend_path_list(
         runtimeEnvKey, ctx->plan.runtimeLibraryDirs);
-    if (!runtimeEnvKey.empty() && !runtimeEnvValue.empty()) {
-        runtimeEnv.emplace(runtimeEnvKey, runtimeEnvValue);
-    }
+    if (!runtimeEnvKey.empty() && !runtimeEnvValue.empty())
+        childEnv.emplace_back(runtimeEnvKey, runtimeEnvValue);
 
-    int rc = std::system(cmd.c_str());
-    return mcpp::platform::process::extract_exit_code(rc) == 0 ? 0 : 1;
+    // Direct exec (no /bin/sh): the loader env reaches ONLY the target child,
+    // never mcpp or a host shell. Fixes the bundled-glibc-vs-host-libtinfo
+    // crash on newer-glibc distros.
+    return mcpp::platform::process::run_exec(argv, childEnv) == 0 ? 0 : 1;
 }
 
 // `mcpp test` driver: discover tests/**/*.cpp, synthesize targets, build
@@ -505,38 +513,40 @@ export int run_tests(std::span<const std::string> passthrough,
     int failed = 0;
     std::vector<std::string> failures;
 
-    std::optional<mcpp::platform::env::ScopedEnv> runtimeEnv;
     auto runtimeEnvKey = mcpp::platform::env::runtime_library_path_key();
     auto runtimeEnvValue = mcpp::platform::env::prepend_path_list(
         runtimeEnvKey, ctx->plan.runtimeLibraryDirs);
-    if (!runtimeEnvKey.empty() && !runtimeEnvValue.empty()) {
-        runtimeEnv.emplace(runtimeEnvKey, runtimeEnvValue);
-    }
 
     for (auto& lu : ctx->plan.linkUnits) {
         if (lu.kind != mcpp::build::LinkUnit::TestBinary) continue;
         auto exe = ctx->outputDir / lu.output;
         mcpp::ui::status("Running", std::format("bin/{}", lu.targetName));
 
-        // Prepend the sandbox's subos/default/bin to PATH so tools
-        // bootstrapped during sandbox init (patchelf, ninja, etc.) are
-        // visible to test binaries that shell out to them. The
-        // toolchain binary's path encodes the registry root — derive it.
-        std::string pathPrefix;
+        std::vector<std::string> argv;
+        argv.push_back(exe.string());
+        for (auto& a : passthrough) argv.push_back(a);
+
+        std::vector<std::pair<std::string, std::string>> childEnv;
+        if (!runtimeEnvKey.empty() && !runtimeEnvValue.empty())
+            childEnv.emplace_back(runtimeEnvKey, runtimeEnvValue);
+
+        // Prepend the sandbox's subos/default/bin to the CHILD PATH so test
+        // binaries that shell out to bootstrapped tools (patchelf, ninja) find
+        // them — applied to the child only, not via a leaky shell prefix.
         if constexpr (!mcpp::platform::is_windows) {
             if (auto xpkgs = mcpp::xlings::paths::xpkgs_from_compiler(ctx->tc.binaryPath)) {
                 // xpkgs is <registry>/data/xpkgs → registry = xpkgs/../..
                 auto registryDir = xpkgs->parent_path().parent_path();
                 auto sandboxBin  = registryDir / "subos" / "default" / "bin";
-                if (std::filesystem::exists(sandboxBin))
-                    pathPrefix = std::format("PATH={}:\"$PATH\" ",
-                                             mcpp::platform::shell::quote(sandboxBin.string()));
+                if (std::filesystem::exists(sandboxBin)) {
+                    std::array<std::filesystem::path, 1> extra{sandboxBin};
+                    auto pathVal = mcpp::platform::env::prepend_path_list("PATH", extra);
+                    if (!pathVal.empty()) childEnv.emplace_back("PATH", pathVal);
+                }
             }
         }
 
-        std::string cmd = pathPrefix + mcpp::platform::shell::quote(exe.string());
-        for (auto& a : passthrough) cmd += " " + mcpp::platform::shell::quote(a);
-        int exitCode = mcpp::platform::process::extract_exit_code(std::system(cmd.c_str()));
+        int exitCode = mcpp::platform::process::run_exec(argv, childEnv);
 
         if (exitCode == 0) {
             std::println("{} ... ok", lu.targetName);

src/build/execute.cppm

@@ -714,15 +714,11 @@ std::expected<BuildResult, BuildError> NinjaBackend::build(const BuildPlan& plan
         ninjaBin = *nb;
     }
 
-    std::string ninjaProgram;
-    if (!ninjaBin.empty()) {
-        if constexpr (mcpp::platform::is_windows)
-            ninjaProgram = ninjaBin.string();
-        else
-            ninjaProgram = mcpp::platform::shell::quote(ninjaBin.string());
-    } else {
-        ninjaProgram = "ninja";
-    }
+    // Raw program path (no shell quoting): recorded in the fast-path cache and
+    // exec'd directly via capture_exec/execvp, which take argv (not a shell
+    // string). Shell-using call sites must quote it locally.
+    std::string ninjaProgram = ninjaBin.empty() ? std::string("ninja")
+                                                 : ninjaBin.string();
 
     // Record ninja binary for P0 fast-path cache.
     BuildResult r;
@@ -734,21 +730,27 @@ std::expected<BuildResult, BuildError> NinjaBackend::build(const BuildPlan& plan
         r.runtimeEnvKey = "-";
     }
 
-    std::string cmd = ninjaProgram;
+    // Direct exec (no /bin/sh): argv, not a shell string. capture_exec merges
+    // stderr into the captured output (replacing the old `2>&1`), and applies
+    // the runtime env to the child ONLY — so a bundled-glibc LD_LIBRARY_PATH
+    // can never poison the host shell (the newer-glibc `sh:` crash class).
+    std::vector<std::string> nargv{ninjaProgram};
     if (!opts.verbose)
-        cmd += " --quiet";
-    cmd += std::format(" -C {}", mcpp::xlings::shq(plan.outputDir.string()));
+        nargv.push_back("--quiet");
+    nargv.push_back("-C");
+    nargv.push_back(plan.outputDir.string());
     if (opts.verbose)
-        cmd += " -v";
+        nargv.push_back("-v");
     if (opts.parallelJobs)
-        cmd += std::format(" -j{}", opts.parallelJobs);
-    cmd += " 2>&1";
+        nargv.push_back(std::format("-j{}", opts.parallelJobs));
 
-    std::string out;
-    std::optional<mcpp::platform::env::ScopedEnv> scopedEnv;
+    std::vector<std::pair<std::string, std::string>> nenv;
     if (r.runtimeEnvKey != "-" && !r.runtimeEnvValue.empty())
-        scopedEnv.emplace(r.runtimeEnvKey, r.runtimeEnvValue);
-    bool ok = run(cmd, out, /*capture=*/true);
+        nenv.emplace_back(r.runtimeEnvKey, r.runtimeEnvValue);
+
+    auto cap = mcpp::platform::process::capture_exec(nargv, nenv);
+    std::string out = cap.output;
+    bool ok = (cap.exit_code == 0);
 
     r.exitCode = ok ? 0 : 1;
     r.elapsed = std::chrono::duration_cast<std::chrono::milliseconds>(