Revert "macos: use posix_spawn instead of fork"#3107
Conversation
vtjnash
left a comment
vtjnash
left a comment
There was a problem hiding this comment.
Unfortunate that jpcanepa is on vacation now, but I expect he'll dig into the findings soon after he's back. And better to get the release done. Sorry it delayed it so much without effect!
This reverts commit 39968db. This commit caused a number of failures in the Node.js test suite while attempting to release libuv 1.41.0. Refs: libuv#3086 Refs: libuv#3064 PR-URL: libuv#3107 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Jameson Nash <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]>
|
Some day I'm hoping we could install |
|
If you open an issue in https://github.com/nodejs/build they should be able to help (assuming they think it's a good idea). cc: @richardlau |
|
Assuming that it is https://github.com/rr-debugger/rr that looks to be Linux only and the issue with this one was a broken macOS CI? Feel free to open an issue in build if you feel If it's Linux another option would be GitHub actions. |
|
@cjihrig just catching up on this, can you point out which tests in Node.js suite were failing ? Electron backported the |
|
Here are the failures: https://ci.nodejs.org/job/node-test-commit-osx/38851/. Please note that the CI results are not persisted permanently, so I don't know how much longer that link will be valid. For posterity, the failures are:
|
|
Looked into the failing tests there were 3 different types, summarizing what I have found so far.
I tried to match the previous behavior for these cases and it seems to fix the above tests diff --git a/deps/uv/src/unix/process.c b/deps/uv/src/unix/process.c
index b4e44b049f..abc83e24c9 100644
--- a/deps/uv/src/unix/process.c
+++ b/deps/uv/src/unix/process.c
@@ -970,7 +970,12 @@ int uv_spawn(uv_loop_t* loop,
/* Spawn the child */
err = uv__spawn_and_init_child(options, stdio_count, pipes, signal_pipe[1], &pid);
- if (err != 0) {
+ if (err != 0 &&
+ !(err == UV_EACCES ||
+ err == UV_EAGAIN ||
+ err == UV_EMFILE ||
+ err == UV_ENFILE ||
+ err == UV_ENOENT)) {
uv_rwlock_wrunlock(&loop->cloexec_lock);
uv__close(signal_pipe[0]);
uv__close(signal_pipe[1]);
@@ -982,7 +987,7 @@ int uv_spawn(uv_loop_t* loop,
uv__close(signal_pipe[1]);
process->status = 0;
- exec_errorno = 0;
+ exec_errorno = err;
do
r = read(signal_pipe[0], &exec_errorno, sizeof(exec_errorno));
while (r == -1 && errno == EINTR);
diff --git a/deps/uv/src/unix/process.c b/deps/uv/src/unix/process.c
index b4e44b049f..241272a806 100644
--- a/deps/uv/src/unix/process.c
+++ b/deps/uv/src/unix/process.c
@@ -772,7 +772,11 @@ int uv__spawn_resolve_and_spawn(const uv_process_options_t* options,
/* Try to spawn the new process file. If it fails with ENOENT, the
* new process file is not in this PATH entry, continue with the next
* PATH entry. */
- err = posix_spawn(pid, b, actions, attrs, options->args, env);
+ int max_retries = 4;
+ int retries = 0;
+ do
+ err = posix_spawn(pid, b, actions, attrs, options->args, env);
+ while (err == EINTR && ++retries < max_retries);
//https://github.com/apple/darwin-xnu/blob/8f02f2a044b9bb1ad951987ef5bab20ec9486310/bsd/kern/kern_exec.c#L3231
if (!kauth_cred_issuser(kauth_cred_get())) {
error = EPERM;
goto bad;
}and // https://github.com/apple/darwin-xnu/blob/8f02f2a044b9bb1ad951987ef5bab20ec9486310/bsd/kern/kern_credential.c#L3500
/*
* kauth_cred_issuser
*
* Description: Fast replacement for issuser()
*
* Parameters: cred Credential to check for super
* user privileges
*
* Returns: 0 Not super user
* !0 Is super user
*
* Notes: This function uses a magic number which is not a manifest
* constant; this is bad practice.
*/Does this mean a super user needs to call the process triggering |
|
Yes, setuid / setgid should require being root, uid, or euid already, or fail with EPERM. |
|
|
|
Yeah, In libuv, there are still some frequent linux failures which keep it from being consistently green, though I'd fixed many of them this past year, so it is sometimes green. Unfortunately using |
The test here https://github.com/nodejs/node/blob/master/test/parallel/test-child-process-spawnsync-validation-errors.js#L60 is trying to set uid of parent process, should that fail with
Yup that seems to be the case as the relevant test cases https://github.com/nodejs/node/blob/master/test/parallel/test-child-process-stdio.js in Node.js involve the |
I'm back. I see @vtjnash has done a pretty good rundown already, but I'll try look on my end too. |
|
For EINTR, I notice that is observed elsewhere also (https://reviews.llvm.org/D61096), though it potentially also should go away with #3251 (which blocks signals) |
This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: libuv#3107 (comment)
This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: libuv#3107 (comment)
This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: libuv#3107 (comment)
This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: libuv#3107 (comment)
Fixes: #3050 Refs: #3086 Refs: #3064 Refs: #3107 Refs: #3064 This reverts commit 217fdf4, then fixes several issues with it: * remove error fast-cleanup code that triggers a nodejs bug Refs: #3107 (comment) * protect posix_spawn from EINTR This is not a documented valid error, but seems to have been observed. * ignore setuid/setgid syscall This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: #3107 (comment) * improve posix_spawn path search Ports the improvements in musl back to this function * fix some additional problems and formatting issues We previously might fail to start a watcher, in rare failure cases, resulting in a zombie that we would fail to kill. Also avoid creating the signal-pipe unless required (addresses a review comment from Apple) * fix fd->fd mapping reuse There was a chance that when duplicating the fd's into stdio_count+fd we might be closing a currently opened fd with that value.
several issues with it: * remove error fast-cleanup code that triggers a nodejs bug Refs: libuv#3107 (comment) * protect posix_spawn from EINTR This is not a documented valid error, but seems to have been observed. * ignore setuid/setgid syscall This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: libuv#3107 (comment) * improve posix_spawn path search Ports the improvements in musl back to this function * fix some additional problems and formatting issues We previously might fail to start a watcher, in rare failure cases, resulting in a zombie that we would fail to kill. Also avoid creating the signal-pipe unless required (addresses a review comment from Apple) * fix fd->fd mapping reuse
This reverts commit 39968db. This commit caused a number of failures in the Node.js test suite while attempting to release libuv 1.41.0. Refs: libuv#3086 Refs: libuv#3064 PR-URL: libuv#3107 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Jameson Nash <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]>
Fixes: libuv#3050 Refs: libuv#3086 Refs: libuv#3064 Refs: libuv#3107 Refs: libuv#3064 This reverts commit 217fdf4, then fixes several issues with it: * remove error fast-cleanup code that triggers a nodejs bug Refs: libuv#3107 (comment) * protect posix_spawn from EINTR This is not a documented valid error, but seems to have been observed. * ignore setuid/setgid syscall This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: libuv#3107 (comment) * improve posix_spawn path search Ports the improvements in musl back to this function * fix some additional problems and formatting issues We previously might fail to start a watcher, in rare failure cases, resulting in a zombie that we would fail to kill. Also avoid creating the signal-pipe unless required (addresses a review comment from Apple) * fix fd->fd mapping reuse There was a chance that when duplicating the fd's into stdio_count+fd we might be closing a currently opened fd with that value.
This reverts commit 39968db. This commit caused a number of failures in the Node.js test suite while attempting to release libuv 1.41.0. Refs: libuv/libuv#3086 Refs: libuv/libuv#3064 PR-URL: libuv/libuv#3107 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Jameson Nash <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]>
Fixes: libuv/libuv#3050 Refs: libuv/libuv#3086 Refs: libuv/libuv#3064 Refs: libuv/libuv#3107 Refs: libuv/libuv#3064 This reverts commit 217fdf4, then fixes several issues with it: * remove error fast-cleanup code that triggers a nodejs bug Refs: libuv/libuv#3107 (comment) * protect posix_spawn from EINTR This is not a documented valid error, but seems to have been observed. * ignore setuid/setgid syscall This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: libuv/libuv#3107 (comment) * improve posix_spawn path search Ports the improvements in musl back to this function * fix some additional problems and formatting issues We previously might fail to start a watcher, in rare failure cases, resulting in a zombie that we would fail to kill. Also avoid creating the signal-pipe unless required (addresses a review comment from Apple) * fix fd->fd mapping reuse There was a chance that when duplicating the fd's into stdio_count+fd we might be closing a currently opened fd with that value.
This reverts commit 39968db. This commit caused a number of failures in the Node.js test suite while attempting to release libuv 1.41.0. Refs: libuv/libuv#3086 Refs: libuv/libuv#3064 PR-URL: libuv/libuv#3107 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Jameson Nash <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]>
Fixes: libuv/libuv#3050 Refs: libuv/libuv#3086 Refs: libuv/libuv#3064 Refs: libuv/libuv#3107 Refs: libuv/libuv#3064 This reverts commit 217fdf4, then fixes several issues with it: * remove error fast-cleanup code that triggers a nodejs bug Refs: libuv/libuv#3107 (comment) * protect posix_spawn from EINTR This is not a documented valid error, but seems to have been observed. * ignore setuid/setgid syscall This kernel function is not permitted unless the process is setuid root, so disable this syscall. Falling back to fork/exec should be okay for the rare cases that the user decides they need to do setuid(getuid()) or setuid(geteuid()) for the child. Refs: libuv/libuv#3107 (comment) * improve posix_spawn path search Ports the improvements in musl back to this function * fix some additional problems and formatting issues We previously might fail to start a watcher, in rare failure cases, resulting in a zombie that we would fail to kill. Also avoid creating the signal-pipe unless required (addresses a review comment from Apple) * fix fd->fd mapping reuse There was a chance that when duplicating the fd's into stdio_count+fd we might be closing a currently opened fd with that value.
7 participants
This reverts commit 39968db.
This commit caused a number of failures in the Node.js test suite
while attempting to release libuv 1.41.0.
Node.js integration CI: https://ci.nodejs.org/view/libuv/job/libuv-in-node/175/. The previously observed macOS failures seem to be fixed by this revert.