-
Notifications
You must be signed in to change notification settings - Fork 13k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Only use clone3
when needed for pidfd
#89930
Conversation
r? @joshtriplett for the master version of this -- I saw some followup discussion and you seem like a potentially better reviewer for the long(er)-term fix. |
In contexts where you call clone3() only to get at a pidfd and you want to avoid calling both clone() and clone3() you can simply call: pid_t pid = fork();
if (pid)
int pidfd = pidfd_open(pid, 0); which let's you circumvent all of the problems that @joshtriplett is currently discussing in another thread (Not saying that this shouldn't be fixed in the relevant libcs! :)). |
That is not race free. The forked process may have been killed in between. I think in the cases where pidfd should be used, it is very important that it is race free to acquire the pidfd. |
The zombie will remain unless you've otherwise consumed or ignored |
Right, but Rust internals cant' know if that's the case.
👍 |
I think it should be possible to make this race-free? Rust must be in control of the actual fork() call? |
Yes, but we don't know the disposition of |
@joshtriplett ping? We'll need to backport this for 1.57 too. |
In rust-lang#89522 we learned that `clone3` is interacting poorly with Gentoo's `sandbox` tool. We only need that for the unstable pidfd extensions, so otherwise avoid that and use a normal `fork`.
Co-authored-by: Josh Triplett <josh@joshtriplett.org>
This reverts commit 12fbabd. It was only needed because of using raw `clone3` instead of `fork`, but we only do that now when a pidfd is requested.
@bors r+ |
📌 Commit e96a0a8 has been approved by |
…askrgr Rollup of 3 pull requests Successful merges: - rust-lang#89930 (Only use `clone3` when needed for pidfd) - rust-lang#90736 (adjust documented inline-asm register constraints) - rust-lang#90783 (Update Miri) Failed merges: r? `@ghost` `@rustbot` modify labels: rollup
[beta] backports - Fix assertion failures in OwnedHandle with windows_subsystem. rust-lang#88798 - Ensure that pushing empty path works as before on verbatim paths rust-lang#89665 - Feature gate + make must_not_suspend allow-by-default rust-lang#89826 - Only use clone3 when needed for pidfd rust-lang#89930 - Fix documentation header sizes rust-lang#90186 - Fixes incorrect handling of ADT's drop requirements rust-lang#90218 - Fix ICE when forgetting to Box a parameter to a Self::func call rust-lang#90221 - Prevent duplicate caller bounds candidates by exposing default substs in Unevaluated rust-lang#90266 - Update odht crate to 0.3.1 (big-endian bugfix) rust-lang#90403 - rustdoc: Go back to loading all external crates unconditionally rust-lang#90489 - Split doc_cfg and doc_auto_cfg features rust-lang#90502 - Apply adjustments for field expression even if inaccessible rust-lang#90508 - Warn for variables that are no longer captured rust-lang#90597 - Properly register text_direction_codepoint_in_comment lint. rust-lang#90626 - CI: Use ubuntu image to download openssl, curl sources, cacert.pem for x86 dist builds rust-lang#90457 - Android is not GNU rust-lang#90834 - Update llvm submodule rust-lang#90954 Additionally, this bumps the stage 0 compiler from beta to stable 1.56.1. r? `@Mark-Simulacrum`
In #89522 we learned that
clone3
is interacting poorly with Gentoo'ssandbox
tool. We only need that for the unstable pidfd extensions, sootherwise avoid that and use a normal
fork
.This is a re-application of beta #89924, now that we're aware that we need
more than just a temporary release fix. I also reverted 12fbabd, as
that was just fallout from using
clone3
instead offork
.r? @Mark-Simulacrum
cc @joshtriplett