procutil: avoid using os.fork() to implement runbgcommand We ran into the following deadlock: - some command creates an ssh peer, then raises without explicitly closing the peer (hg id + extension in our case) - dispatch catches the exception, calls ui.log('commandfinish', ..) (the sshpeer is still not closed), which calls logtoprocess, which calls procutil.runbgcommand. - in the child of runbgcommand's fork(), between the fork and the exec, the opening of file descriptors triggers a gc which runs the destructor for sshpeer, which waits on ssh's stderr being closed, which never happens since ssh's stderr is held open by the parent of the fork where said destructor hasn't run Remotefilelog appears to have a hack around this deadlock as well. I don't know if there's more subtlety to it, because even though the problem is determistic, it is very fragile, so I didn't manage to reduce it. I can imagine three ways of tackling this problem: 1. don't run any python between fork and exec in runbgcommand 2. make the finalizer harmless after the fork 3. close the peer without relying on gc behavior This commit goes with 1, as forking without exec'ing is tricky in general in a language with gc finalizers. And maybe it's better in the presence of rust threads. A future commit will try 2 or 3. Performance wise: at low memory usage, it's an improvement. At higher memory usage, it's about 2x faster than before when ensurestart=True, but 2x slower when ensurestart=False. Not sure if that matters. The reason for that last bit is that the subprocess.Popen always waits for the execve to finish, and at high memory usage, execve is slow because it deallocates the large page table. Numbers and script: before after mem=1.0GB, ensurestart=True 52.1ms 26.0ms mem=1.0GB, ensurestart=False 14.7ms 26.0ms mem=0.5GB, ensurestart=True 23.2ms 11.2ms mem=0.5GB, ensurestart=False 6.2ms 11.3ms mem=0.2GB, ensurestart=True 15.7ms 7.4ms mem=0.2GB, ensurestart=False 4.3ms 8.1ms mem=0.0GB, ensurestart=True 2.3ms 0.7ms mem=0.0GB, ensurestart=False 0.8ms 0.8ms import time for memsize in [1_000_000_000, 500_000_000, 250_000_000, 0]: mem = 'a' * memsize for ensurestart in [True, False]: now = time.time() n = 100 for i in range(n): procutil.runbgcommand([b'true'], {}, ensurestart=ensurestart) after = time.time() ms = (after - now) / float(n) * 1000 print(f'mem={memsize / 1e9:.1f}GB, ensurestart={ensurestart} -> {ms:.1f}ms') Differential Revision: https://phab.mercurial-scm.org/D9019

     1

How to add fuzzers (partially cribbed from oss-fuzz[0]):

     2

     3

  1) git clone https://github.com/google/oss-fuzz

     4

  2) cd oss-fuzz

     5

  3) python infra/helper.py build_image mercurial

     6

  4) docker run --cap-add=SYS_PTRACE -it -v $HG_REPO_PATH:/hg-new \

     7

         gcr.io/oss-fuzz/mercurial bash

     8

  5) cd /src

     9

  6) rm -r mercurial

    10

  7) ln -s /hg-new mercurial

    11

  8) cd mercurial

    12

  9) compile

    13

  10) ls $OUT

    14

    15

Step 9 is literally running the command "compile", which is part of

    16

the docker container. Once you have that working, you can build the

    17

fuzzers like this (in the oss-fuzz repo):

    18

    19

python infra/helper.py build_fuzzers --sanitizer address mercurial $HG_REPO_PATH

    20

    21

(you can also say "memory", "undefined" or "coverage" for

    22

sanitizer). Then run the built fuzzers like this:

    23

    24

python infra/helper.py run_fuzzer mercurial -- $FUZZER

    25

    26

0: https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md