Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
gmain: fix race with waitpid() and child watcher sources
GChildWatchSource uses waitpid(), among pidfd and GetExitCodeProcess(). It thus only works for child processes which the user must ensure to exist and not being reaped yet. Also, the user must not kill() the PID after the child process is reaped and must not race kill() against waitpid(). Also, the user must not call waitpid()/kill() after the child process is reaped. Previously, GChildWatchSource would call waitpid() already when adding the source (g_child_watch_source_new()) and from the worker thread (dispatch_unix_signals_unlocked()). That is racy: - if a child watcher is attached and did not yet fire, you cannot call kill() on the PID without racing against the PID being reaped on the worker thread. That would then lead to ESRCH or even worse, killing the wrong process. - if you g_source_destroy() the source that didn't fire yet, the user doesn't know whether the PID was reaped in the background. Any subsequent kill()/waitpid() may fail with ESRCH/ECHILD or even address the wrong process. The race is most visible on Unix without pidfd support, because then the process gets reaped on the worker thread or during g_child_watch_source_new(). But it's also with Windows and pidfd, because we would have waited for the process in g_child_watch_check(), where other callbacks could fire between reaping the process status and emitting the source's callback. Fix all that by calling waitpid() right before dispatching the callback.
- Loading branch information
Showing
2 changed files
with
125 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters