Date: Sun, 27 Jun 2004 11:53:21 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: Tim Robbins <tjr@freebsd.org> Cc: Pawel Jakub Dawidek <pjd@freebsd.org> Subject: Re: Confusion about process states and invariants Message-ID: <Pine.NEB.3.96L.1040627115107.66958K-100000@fledge.watson.org> In-Reply-To: <20040627133421.GA15812@cat.robbins.dropbear.id.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 27 Jun 2004, Tim Robbins wrote: > > Couldn't we move crhold() for p_ucred before it is placed on allproc > > list? > > p_ucred is just the tip of the iceberg -- a lot of code assumes that > processes on allproc are fully set up. We should either delay putting > the process onto allproc until it's correctly initialized (taking care > to avoid races in PID allocation), or not drop the allproc sx until > initialization is done. Yeah, it seems there are only two reasonable strategies: (1) Guard all accesses to proc references to make sure they are aware of the process state machine and when they can expect certain fields to be valid or usable. This might include causing pfind() not to return improper processes. (2) Don't expose processes in "poor" states to the various consumers of processes, allowing the invariants expected by those consumers to be stronger. Some magic would be required here in ways you and I have discussed previously, such as managing to avoid collisions on pids, etc. I prefer (2) since it avoids putting "Hmm, is it real" logic all over the kernel, but am unwilling to make the change without a proper understanding of what should be going on. I also don't have time to make the change immediately, so was trolling for someone willing to work on it :-). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Principal Research Scientist, McAfee Research
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1040627115107.66958K-100000>