cmd/tailscaled, net/dns, wgengine/router: start Windows child processes with DETACHED_PROCESS when I/O is being piped

When we're starting child processes on Windows that are CLI programs that don't need to output to a console, we should pass in DETACHED_PROCESS as a CreationFlag on SysProcAttr. This prevents the OS from even creating a console for the child (and paying the associated time/space penalty for new conhost processes). This is more efficient than letting the OS create the console window and then subsequently trying to hide it, which we were doing at a few callsites. Fixes #12270 Signed-off-by: Aaron Klotz <aaron@tailscale.com>
2025-12-06 04:42:42 +00:00 · 2024-06-05 14:57:08 -06:00
parent 4cdc4ed7db
commit 3511d1f8a2
5 changed files with 25 additions and 6 deletions
--- a/net/dns/flush_windows.go
+++ b/net/dns/flush_windows.go
@@ -6,10 +6,17 @@ package dns
 import (
 	"fmt"
 	"os/exec"
+	"syscall"
+
+	"golang.org/x/sys/windows"
 )

 func flushCaches() error {
-	out, err := exec.Command("ipconfig", "/flushdns").CombinedOutput()
+	cmd := exec.Command("ipconfig", "/flushdns")
+	cmd.SysProcAttr = &syscall.SysProcAttr{
+		CreationFlags: windows.DETACHED_PROCESS,
+	}
+	out, err := cmd.CombinedOutput()
 	if err != nil {
 		return fmt.Errorf("%v (output: %s)", err, out)
 	}