From 2b296c93d49d65303a4ce291225c8755eeab1ff8 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Fri, 6 Jan 2017 20:16:24 -0500 Subject: execv_dashed_external: use child_process struct When we run a dashed external, we use the one-liner run_command_v_opt() to do so. Let's switch to using a child_process struct, which has two advantages: 1. We can drop all of the allocation and cleanup code for building our custom argv array, and just rely on the builtin argv_array (at the minor cost of doing a few extra mallocs). 2. We have access to the complete range of child_process options, not just the ones that the "_opt()" form can forward. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano diff --git a/git.c b/git.c index dce529f..d0e04d5 100644 --- a/git.c +++ b/git.c @@ -575,8 +575,7 @@ static void handle_builtin(int argc, const char **argv) static void execv_dashed_external(const char **argv) { - struct strbuf cmd = STRBUF_INIT; - const char *tmp; + struct child_process cmd = CHILD_PROCESS_INIT; int status; if (get_super_prefix()) @@ -586,30 +585,20 @@ static void execv_dashed_external(const char **argv) use_pager = check_pager_config(argv[0]); commit_pager_choice(); - strbuf_addf(&cmd, "git-%s", argv[0]); + argv_array_pushf(&cmd.args, "git-%s", argv[0]); + argv_array_pushv(&cmd.args, argv + 1); + cmd.clean_on_exit = 1; + cmd.silent_exec_failure = 1; - /* - * argv[0] must be the git command, but the argv array - * belongs to the caller, and may be reused in - * subsequent loop iterations. Save argv[0] and - * restore it on error. - */ - tmp = argv[0]; - argv[0] = cmd.buf; - - trace_argv_printf(argv, "trace: exec:"); + trace_argv_printf(cmd.args.argv, "trace: exec:"); /* * if we fail because the command is not found, it is * OK to return. Otherwise, we just pass along the status code. */ - status = run_command_v_opt(argv, RUN_SILENT_EXEC_FAILURE | RUN_CLEAN_ON_EXIT); + status = run_command(&cmd); if (status >= 0 || errno != ENOENT) exit(status); - - argv[0] = tmp; - - strbuf_release(&cmd); } static int run_argv(int *argcp, const char ***argv) -- cgit v0.10.2-6-g49f6 From 246f0edec0b789ccfeebcf7fef85417b7cb04425 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Fri, 6 Jan 2017 20:17:48 -0500 Subject: execv_dashed_external: stop exiting with negative code When we try to exec a git sub-command, we pass along the status code from run_command(). But that may return -1 if we ran into an error with pipe() or execve(). This tends to work (and end up as 255 due to twos-complement wraparound and truncation), but in general it's probably a good idea to avoid negative exit codes for portability. We can easily translate to the normal generic "128" code we get when syscalls cause us to die. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano diff --git a/git.c b/git.c index d0e04d5..bc2f2a7 100644 --- a/git.c +++ b/git.c @@ -593,12 +593,16 @@ static void execv_dashed_external(const char **argv) trace_argv_printf(cmd.args.argv, "trace: exec:"); /* - * if we fail because the command is not found, it is - * OK to return. Otherwise, we just pass along the status code. + * If we fail because the command is not found, it is + * OK to return. Otherwise, we just pass along the status code, + * or our usual generic code if we were not even able to exec + * the program. */ status = run_command(&cmd); - if (status >= 0 || errno != ENOENT) + if (status >= 0) exit(status); + else if (errno != ENOENT) + exit(128); } static int run_argv(int *argcp, const char ***argv) -- cgit v0.10.2-6-g49f6 From 46df6906f3aaf74dafe2026b028c8c5c1a0d5f58 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Fri, 6 Jan 2017 20:22:23 -0500 Subject: execv_dashed_external: wait for child on signal death When you hit ^C to interrupt a git command going to a pager, this usually leaves the pager running. But when a dashed external is in use, the pager ends up in a funny state and quits (but only after eating one more character from the terminal!). This fixes it. Explaining the reason will require a little background. When git runs a pager, it's important for the git process to hang around and wait for the pager to finish, even though it has no more data to feed it. This is because git spawns the pager as a child, and thus the git process is the session leader on the terminal. After it dies, the pager will finish its current read from the terminal (eating the one character), and then get EIO trying to read again. When you hit ^C, that sends SIGINT to git and to the pager, and it's a similar situation. The pager ignores it, but the git process needs to hang around until the pager is done. We addressed that long ago in a3da882120 (pager: do wait_for_pager on signal death, 2009-01-22). But when you have a dashed external (or an alias pointing to a builtin, which will re-exec git for the builtin), there's an extra process in the mix. For instance, running: $ git -c alias.l=log l will end up with a process tree like: git (parent) \ git-log (child) \ less (pager) If you hit ^C, SIGINT goes to all of them. The pager ignores it, and the child git process will end up in wait_for_pager(). But the parent git process will die, and the usual EIO trouble happens. So we really want the parent git process to wait_for_pager(), but of course it doesn't know anything about the pager at all, since it was started by the child. However, we can have it wait on the git-log child, which in turn is waiting on the pager. And that's what this patch does. There are a few design decisions here worth explaining: 1. The new feature is attached to run-command's clean_on_exit feature. Partly this is convenience, since that feature already has a signal handler that deals with child cleanup. But it's also a meaningful connection. The main reason that dashed externals use clean_on_exit is to bind the two processes together. If somebody kills the parent with a signal, we propagate that to the child (in this instance with SIGINT, we do propagate but it doesn't matter because the original signal went to the whole process group). Likewise, we do not want the parent to go away until the child has done so. In a traditional Unix world, we'd probably accomplish this binding by just having the parent execve() the child directly. But since that doesn't work on Windows, everything goes through run_command's more spawn-like interface. 2. We do _not_ automatically waitpid() on any clean_on_exit children. For dashed externals this makes sense; we know that the parent is doing nothing but waiting for the child to exit anyway. But with other children, it's possible that the child, after getting the signal, could be waiting on the parent to do something (like closing a descriptor). If we were to wait on such a child, we'd end up in a deadlock. So this errs on the side of caution, and lets callers enable the feature explicitly. 3. When we send children the cleanup signal, we send all the signals first, before waiting on any children. This is to avoid the case where one child might be waiting on another one to exit, causing a deadlock. We inform all of them that it's time to die before reaping any. In practice, there is only ever one dashed external run from a given process, so this doesn't matter much now. But it future-proofs us if other callers start using the wait_after_clean mechanism. There's no automated test here, because it would end up racy and unportable. But it's easy to reproduce the situation by running the log command given above and hitting ^C. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano diff --git a/git.c b/git.c index bc2f2a7..c8fe663 100644 --- a/git.c +++ b/git.c @@ -588,6 +588,7 @@ static void execv_dashed_external(const char **argv) argv_array_pushf(&cmd.args, "git-%s", argv[0]); argv_array_pushv(&cmd.args, argv + 1); cmd.clean_on_exit = 1; + cmd.wait_after_clean = 1; cmd.silent_exec_failure = 1; trace_argv_printf(cmd.args.argv, "trace: exec:"); diff --git a/run-command.c b/run-command.c index ca905a9..73bfba7 100644 --- a/run-command.c +++ b/run-command.c @@ -29,6 +29,8 @@ static int installed_child_cleanup_handler; static void cleanup_children(int sig, int in_signal) { + struct child_to_clean *children_to_wait_for = NULL; + while (children_to_clean) { struct child_to_clean *p = children_to_clean; children_to_clean = p->next; @@ -45,6 +47,23 @@ static void cleanup_children(int sig, int in_signal) } kill(p->pid, sig); + + if (p->process->wait_after_clean) { + p->next = children_to_wait_for; + children_to_wait_for = p; + } else { + if (!in_signal) + free(p); + } + } + + while (children_to_wait_for) { + struct child_to_clean *p = children_to_wait_for; + children_to_wait_for = p->next; + + while (waitpid(p->pid, NULL, 0) < 0 && errno == EINTR) + ; /* spin waiting for process exit or error */ + if (!in_signal) free(p); } diff --git a/run-command.h b/run-command.h index dd1c78c..4fa8f65 100644 --- a/run-command.h +++ b/run-command.h @@ -43,6 +43,7 @@ struct child_process { unsigned stdout_to_stderr:1; unsigned use_shell:1; unsigned clean_on_exit:1; + unsigned wait_after_clean:1; void (*clean_on_exit_handler)(struct child_process *process); void *clean_on_exit_handler_cbdata; }; -- cgit v0.10.2-6-g49f6