Use pidfd_spawn for faster process spawning when a PidFd is requested

[the8472]

glibc 2.39 added pidfd_spawnp and pidfd_getpid which makes it possible to get pidfds while staying on the CLONE_VFORK path.

verified that vfork gets used with strace:

$ strace -ff -e pidfd_open,clone3,openat,execve,waitid,close ./x test std --no-doc -- pidfd [...] [pid 2820532] clone3({flags=CLONE_VM|CLONE_PIDFD|CLONE_VFORK|CLONE_CLEAR_SIGHAND, pidfd=0x7b7f885fec6c, exit_signal=SIGCHLD, stack=0x7b7f88aff000, stack_size=0x9000}strace: Process 2820533 attached <unfinished ...> [pid 2820533] execve("/home/the8472/bin/sleep", ["sleep", "1000"], 0x7ffdd0e268d8 /* 107 vars */) = -1 ENOENT (No such file or directory) [pid 2820533] execve("/home/the8472/.cargo/bin/sleep", ["sleep", "1000"], 0x7ffdd0e268d8 /* 107 vars */) = -1 ENOENT (No such file or directory) [pid 2820533] execve("/usr/local/bin/sleep", ["sleep", "1000"], 0x7ffdd0e268d8 /* 107 vars */) = -1 ENOENT (No such file or directory) [pid 2820533] execve("/usr/bin/sleep", ["sleep", "1000"], 0x7ffdd0e268d8 /* 107 vars */ <unfinished ...> [pid 2820532] <... clone3 resumed> => {pidfd=[3]}, 88) = 2820533 [pid 2820533] <... execve resumed>) = 0 [pid 2820532] openat(AT_FDCWD, "/proc/self/fdinfo/3", O_RDONLY|O_CLOEXEC) = 4 [pid 2820532] close(4) = 0 

Tracking issue: #82971

[rustbot]

r? @workingjubilee

rustbot has assigned @workingjubilee.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

[the8472]

In their unfathomable wisdom the glibc developers have not designed pidfd_spawnp to return the pid and pidfd at the same time even though clone3 does support it, which means we can get into this awkward halfway state.

I'm not sure if this is the best solution for the edge-case. An alternative is to change it to Process { pid: Option<NonZero<pid_t>> } and delay the error reporting by only panicking if someone tries to call Child.id() if the when a pid couldn't be obtained.

[workingjubilee]

lmao.

[workingjubilee]

I think for right now this is best because I think assuming calling .id() won't panic is pretty reasonable and this will let us find out if we do in fact have to make that change. At a glance, it seems like a bit of a "it almost-never really happens and there's no reasonable response" scenario, in which case failing fast is better?

[workingjubilee]

Hmm. This currently returns false for all other platforms?

[the8472]

yes, pidfd is a linux feature

[workingjubilee]

Is it possible to outline this code into a support function and just check for and propagate the Ok(None) return?

[the8472]

The weak symbols are needed later in the same function

[the8472]

I'll try moving things into a module

[workingjubilee]

Oh hm.

[the8472]

Tried moving it to a module but weak! makes it really unergonomic since it generates lets. Turning things into items requires repeating the function signature several times.

[workingjubilee]

ugh, annoying.

[workingjubilee]

This looks fine to me.

[workingjubilee]

I think for right now this is best because I think assuming calling .id() won't panic is pretty reasonable and this will let us find out if we do in fact have to make that change. At a glance, it seems like a bit of a "it almost-never really happens and there's no reasonable response" scenario, in which case failing fast is better?

[workingjubilee]

Ah, I see why they didn't add another argument to pidfd_spawnp: this way it is "exactly the same" arg/ret as posix_spawnp instead of adding another one. They are 1:1 except for "you get a pidfd, not a pid", right?

[workingjubilee]

Relaxed store because we don't care if we accidentally probe twice in a hypothetical "multiple threads spawn processes with similar Commands" cases, right?

[workingjubilee]

@bors r+

[bors]

📌 Commit ec0c755 has been approved by workingjubilee

It is now in the queue for this repository.