fix(3p/nix): do not call vfork
The use of vfork() in Nix is entirely illegal. Quote: If the process created by vfork() returns from the function in which vfork() was called, or calls any other function before successfully calling _exit() or one of the exec*() family of functions, the behavior is undefined. -- Linux man-pages, release 5.05 Add a TODO to use the higher-performance variants of clone() on Linux when it is available. Change-Id: I42370e1568ad6e2d00d70d0b66c8aded8f1288bb Reviewed-on: https://cl.tvl.fyi/c/depot/+/1418 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: Alyssa Ross <hi@alyssa.is>
This commit is contained in:
Kane York
kanepyork
parent
388b5f1abe
commit
bd77090703
4 changed files with 12 additions and 21 deletions
3
third_party/nix/src/libstore/build.cc
vendored
3
third_party/nix/src/libstore/build.cc
vendored
|
|
@ -2342,8 +2342,6 @@ void DerivationGoal::startBuilder() {
|
|||
|
||||
userNamespaceSync.create();
|
||||
|
||||
options.allowVfork = false;
|
||||
|
||||
Pid helper = startProcess(
|
||||
[&]() {
|
||||
/* Drop additional groups here because we can't do it
|
||||
|
|
@ -2443,7 +2441,6 @@ void DerivationGoal::startBuilder() {
|
|||
#endif
|
||||
{
|
||||
fallback:
|
||||
options.allowVfork = !buildUser && !drv->isBuiltin();
|
||||
pid = startProcess([&]() { runChild(); }, options);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue