{"id":103538,"date":"2020-03-06T07:00:00","date_gmt":"2020-03-06T15:00:00","guid":{"rendered":"http:\/\/devblogs.microsoft.com\/oldnewthing\/?p=103538"},"modified":"2020-03-05T20:59:59","modified_gmt":"2020-03-06T04:59:59","slug":"20200306-00","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20200306-00\/?p=103538","title":{"rendered":"Why do people take a lock around CreateProcess<\/CODE> calls?"},"content":{"rendered":"

If you look around<\/a>, you often see people take a lock around their calls to the Create\u00adProcess<\/code> function<\/a>. Why do they do that? Isn’t the Create\u00adProcess<\/code> function thread safe?<\/p>\n

Yes, the Create\u00adProcess<\/code> function is thread safe. But thinking about thread safety is the right thing.<\/p>\n

The issue is with inheritable handles.<\/p>\n

When you ask for handles to be inherited, the Create\u00adProcess<\/code> inherits all<\/i> the handles in the process that are marked as inheritable. If you have multiple threads creating processes, you run into trouble if each thread wants a different set of handles to be inherited. The two threads each create their respective inheritable handles, and as a result, the handles get inherited into both<\/i> processes.<\/p>\n

Prior to Windows Vista, the standard workaround was to use a mutex so that only one thread at a time can go through the steps of<\/p>\n

    \n
  1. Creating inheritable handles.<\/li>\n
  2. Calling Create\u00adProcess<\/code> with bInheritHandles = true<\/code>.<\/li>\n
  3. Closing the inheritable handles created in step 1.<\/li>\n<\/ol>\n

    Windows Vista introduced the PROC_<\/code>THREAD_<\/code>ATTRIBUTE_<\/code>LIST<\/code>, which I discussed some time ago<\/a>. This addresses the concurrency problem by allowing each call to Create\u00adProcess<\/code> to specify a custom list of handles to be inherited. That way, you can have two threads calling Create\u00adProcess<\/code> at the same time without interfering with each other’s inherited handles. You don’t need a mutex any more.<\/p>\n

    There’s still a problem with this, though: It requires everybody to be playing the same game.<\/p>\n

    In order for a handle to be inherited, you not only have to put it in the PROC_<\/code>THREAD_<\/code>ATTRIBUTE_<\/code>LIST<\/code>, but you also must make the handle inheritable. This means that if another thread is not on board with the PROC_<\/code>THREAD_<\/code>ATTRIBUTE_<\/code>LIST<\/code> trick and does a straight Create\u00adProcess<\/code> with bInheritHandles = true<\/code>, it will inadvertently inherit your handles.<\/p>\n

    A colleague of mine came up with a sneaky trick for addressing this new problem: Create a dummy parent process and put the inheritable handles in there.<\/p>\n

    Here’s the basic idea:<\/p>\n

    Preparation<\/b><\/p>\n