This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients vstinner
Date 2019-10-29.11:18:26
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1572347906.82.0.50492662575.issue38630@roundup.psfhosted.org>
In-reply-to
Content 
subprocess.Popen.send_signal() doesn't check if the process exited since the poll() method has been called for the last time. If the process exit just before os.kill() is called, the signal can be sent to the wrong process if the process identified is recycled.

Attached PR simply calls poll() once to reduce the time window when this race condition can occur, but it doesn't fully kill the race condition.

--

See also the new "pidfd" API which only landed very recently in the Linux kernel to prevent this issue:

* https://lwn.net/Articles/773459/
  "Toward race-free process signaling" (this articles describes this issue)
* https://lwn.net/Articles/789023/ 
  "New system calls: pidfd_open() and close_range()"
* https://kernel-recipes.org/en/2019/talks/pidfds-process-file-descriptors-on-linux/
  "pidfds: Process file descriptors on Linux" by Chrisitan Brauner

Illumos, OpenBSD, NetBSD and FreeBSD have similar concepts.

I don't propose to use pidfd here, but it's just to highlight that it's a real issue and that kernels are evolving to provide more reliable solutions against the kill(pid, sig) race condition ;-)
History
Date User Action Args
2019-10-29 11:18:26vstinnersetrecipients: + vstinner
2019-10-29 11:18:26vstinnersetmessageid: <1572347906.82.0.50492662575.issue38630@roundup.psfhosted.org>
2019-10-29 11:18:26vstinnerlinkissue38630 messages
2019-10-29 11:18:26vstinnercreate