Hi, AFAIU, Cygwin has a working posix_spawn[p] implementation since 2020 (commit 3fbfcd11fb09d5f47af3043ee47ec5c7d863d872, 2020-08-03, Cygwin 3.1.7).
Additionally, Gnulib has a posix_spawn[p] implementation since 2022, that works on all platforms, including native Windows. Based on it, I recommend posix_spawn[p] over fork+exec, see https://savannah.gnu.org/news/?id=10219 . It allows to have a single application code for spawning subprocesses. The GNU groff maintainer asks about the performance of posix_spawn[p] on Cygwin. And here's the problem: While Cygwin has an implementation that avoids the slow fork(), by calling child_info_spawn::worker more or less directly, Gnulib prefers its own implementation over the Cygwin one, and the Gnulib implementation uses slow fork()+exec(). The reason is that we consider posix_spawn[p] unsecure if it will readily execute plain text files without a #! marker as if they were shell scripts, usually leading to plenty of syntax errors, but also exhibiting undefined behaviour. This reasoning follows what was done in GNU libc: https://sourceware.org/bugzilla/show_bug.cgi?id=13134 https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=d96de9634a334af16c0ac711074c15ac1762b23c https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=13adfa34aff03fd9f1c1612b537a0d736ddb6c2b These are the two configure tests that Gnulib uses: ======================= test secure posix_spawn ========================== Preparation: echo ':' > conftest.scr chmod a+x conftest.scr C program: #include <errno.h> #include <spawn.h> #include <stddef.h> #include <sys/types.h> #include <sys/wait.h> int main () { const char *prog_path = "./conftest.scr"; const char *prog_argv[2] = { prog_path, NULL }; const char *environment[2] = { "PATH=.", NULL }; pid_t child; int status; int err = posix_spawn (&child, prog_path, NULL, NULL, (char **) prog_argv, (char **) environment); if (err == ENOEXEC) return 0; if (err != 0) return 1; status = 0; while (waitpid (child, &status, 0) != child) ; if (!WIFEXITED (status)) return 2; if (WEXITSTATUS (status) != 127) return 3; return 0; } ======================= test secure posix_spawnp ========================= Preparation: echo ':' > conftest.scr chmod a+x conftest.scr C program: #include <errno.h> #include <spawn.h> #include <stddef.h> #include <sys/types.h> #include <sys/wait.h> int main () { const char *prog_path = "./conftest.scr"; const char *prog_argv[2] = { prog_path, NULL }; const char *environment[2] = { "PATH=.", NULL }; pid_t child; int status; int err = posix_spawnp (&child, prog_path, NULL, NULL, (char **) prog_argv, (char **) environment); if (err == ENOEXEC) return 0; if (err != 0) return 1; status = 0; while (waitpid (child, &status, 0) != child) ; if (!WIFEXITED (status)) return 2; if (WEXITSTATUS (status) != 127) return 3; return 0; } ========================================================================== In Cygwin, the "test secure posix_spawn" recipe succeeds, whereas the "test secure posix_spawnp" fails; the latter is the obstacle that prevents Gnulib from using Cygwin's implementation. Would it be possible to change Cygwin's posix_spawnp implementation, so that both tests succeed? Disclaimer: I have done my tests with Cygwin 2.9.0; so, if things have improved since then, the better! Bruno -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
