From owner-freebsd-current  Tue Dec 18 16:20:12 2001
Delivered-To: freebsd-current@freebsd.org
Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88])
	by hub.freebsd.org (Postfix) with ESMTP id B084E37B416
	for <current@freebsd.org>; Tue, 18 Dec 2001 16:20:07 -0800 (PST)
Received: from InterJet.elischer.org ([12.232.206.8])
          by rwcrmhc52.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20011219002007.UKND6450.rwcrmhc52.attbi.com@InterJet.elischer.org>
          for <current@freebsd.org>; Wed, 19 Dec 2001 00:20:07 +0000
Received: from localhost (localhost.elischer.org [127.0.0.1])
	by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA41814
	for <current@freebsd.org>; Tue, 18 Dec 2001 16:01:45 -0800 (PST)
Date: Tue, 18 Dec 2001 16:01:44 -0800 (PST)
From: Julian Elischer <julian@elischer.org>
To: current@freebsd.org
Subject: Is this a bug in the fork() code?
Message-ID: <Pine.BSF.4.21.0112181553140.36281-100000@InterJet.elischer.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

Near the end of fork1():
	/*
         * If RFSTOPPED not requested, make child runnable and add to
         * run queue.
         */
        microtime(&(p2->p_stats->p_start));
        p2->p_acflag = AFORK;
        if ((flags & RFSTOPPED) == 0) {
                mtx_lock_spin(&sched_lock);
                p2->p_stat = SRUN; /* XXXKSE */
                setrunqueue(td2);
                mtx_unlock_spin(&sched_lock);
        }



note that it may have made itself only a child of init.....


later at the very end of fork1():

        /*
         * Return child proc pointer to parent.
         */
        *procp = p2;
        return (0);
}



now, what is to say that the process has not exitted by this stage, and
been reeped by init (on SMP)
particularly since between the two is:

        /*
         * Preserve synchronization semantics of vfork.  If waiting for
         * child to exec or exit, set P_PPWAIT on child, and sleep on our
         * proc (in case of exit).
         */
        PROC_LOCK(p2);
        while (p2->p_flag & P_PPWAIT)
                msleep(p1, &p2->p_mtx, PWAIT, "ppwait", 0);
        PROC_UNLOCK(p2);

It may be that due to some semantics of teh fork calls
you cannot have P_PPWAIT and a process queued to run on the other
processor while reparented to init(1) but I can't see it..
the result would be that the return value MIGHT be teh pid
of a totally different process if the proc structure had been re-used.

Alternatively I could have some good weed here...



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message