fix: Prefer os.Process.Signal to syscall.Kill

F1bonacc1 / process-compose

Process Compose is a simple and flexible scheduler and orchestrator to manage non-containerized applications.

https://f1bonacc1.github.io/process-compose/

Apache License 2.0

1.33k stars 52 forks source link

fix: Prefer os.Process.Signal to syscall.Kill #228

Closed anrddh closed 3 months ago

anrddh commented 3 months ago

This protects us from a potential (but rare) race condition where

the process we are trying to signal terminates of its own accord
its PID gets reaped in the os.Process.Wait call
a new process with the same PID gets spawned

before our signal actually gets sent.

This is achieved by using the higher-level os.Process API directly, which has some synchronization to prevent os.Process.Wait and os.Process.Signal from racing.

sonarcloud[bot] commented 3 months ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

anrddh commented 3 months ago

I've encountered lots of subtle bugs around fork, exec, kill, wait and friends before, so I usually read code that uses them very carefully :)

It's fairly hard to use those syscalls correctly. I've even found discussion for this sort of thing in the Go standard library: https://github.com/golang/go/commit/cea29c4a358004d84d8711a07628c2f856b381e8 https://github.com/golang/go/issues/9382 https://github.com/golang/go/issues/13987