X-Recipient: archive-cygwin@delorie.com DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0D2763857357 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1682020853; bh=bMztWflaWWOItE4ufienPyikqr0qckbddw3eDIxP4M8=; h=Date:To:Cc:Subject:References:In-Reply-To:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=UmbdqMDShRCau6vpP2Zt1o4gZTQZ1NPnx/TeYBI8fLp/vewUiL0bZP1FZ0KLT1ISB ZXWtKc7mWkn9SXLQiBD8Uk3Bxgt3DOXbb/1TFFwdHGbkHD7o+me7ia+UUC8HGGgD1o UPybYNO4kJGYQ9+MDYwyac7GjDoTySXbZENkSWoc= X-Original-To: cygwin@cygwin.com Delivered-To: cygwin@cygwin.com DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 14FAE3857714 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-Spam-Language: en X-Spam-Relay-Country: X-Spam-DCC: B=MGTINTERNET; R=smtp1.atof.net 1170; Body=1 Fuz1=1 Fuz2=1 X-Spam-RBL: X-Spam-PYZOR: Reported 0 times. Date: Thu, 20 Apr 2023 16:00:07 -0400 To: Bruno Haible Cc: cygwin@cygwin.com Subject: Re: posix_spawn facility Message-ID: References: <1752276.7aRn1RRit1@nimes> <4892432.0VBMTVartN@nimes> <2162092.C4sosBPzcN@nimes> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <2162092.C4sosBPzcN@nimes> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-BeenThere: cygwin@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: "gs-cygwin.com--- via Cygwin" Reply-To: gs-cygwin.com@gluelogic.com Content-Type: text/plain; charset="iso-8859-1" Errors-To: cygwin-bounces+archive-cygwin=delorie.com@cygwin.com Sender: "Cygwin" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id 33KK1G6L022148 On Thu, Apr 20, 2023 at 09:31:38PM +0200, Bruno Haible wrote: > Glenn wrote: > > > > https://learn.microsoft.com/en-us/windows/win32/api/winbase/ns-winbase-startupinfoexa > > > > > > > > and the PROC_THREAD_ATTRIBUTE_HANDLE_LIST argument described in > > > > > > > > https://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute > > > ... > > Excellent (very technical) article on the subject: > > > > Programmatically controlling which handles are inherited by new processes in Win32 > > https://devblogs.microsoft.com/oldnewthing/20111216-00/?p=8873 > > It's nice to see an example for PROC_THREAD_ATTRIBUTE_HANDLE_LIST. > > But the article exaggerates a problem: > "But all this inheritability fiddling still had a fatal flaw: What > if two threads within the same process both call Create­Process but > disagree on which handles they want to be inherited?" > The answer, overlooked in the article, is to use DuplicateHandle > and set the inheritability of the duplicate to true. Concurrently > running posix_spawn invocations in other threads will not see the > duplicates, since they only see HANDLEs that are assigned to file > descriptors, not HANDLEs that merely reside in some data structure > in memory. It might not be an issue if everything -- and I mean everything -- goes through posix_spawn() to create processes. The article is from 2011 and about Windows. If a third-party dll running in another thread calls CreateProcess() and does not explicitly restrict the inherited handles using the techiques in the article, then there is still that race that might leak additional handles into the other process. In the case of cygwin, the cygwin layer could/should be able to centralize and control process creation, avoiding the race. Even if there were any steps that need to be protected, wrapping in a CriticalSection (or mutex) would probably be sufficient. Cheers, Glenn -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple