Re: Confusion about process states and invariants

From: Robert Watson (rwatson_at_freebsd.org)
Date: 06/27/04

Next message: Scott Long: "Re: RFC: bsdtar in 5.3"

Previous message: Simon L. Nielsen: "Re: RFC: bsdtar in 5.3"
In reply to: Tim Robbins: "Re: Confusion about process states and invariants"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sun, 27 Jun 2004 11:53:21 -0400 (EDT)
To: Tim Robbins <tjr@freebsd.org>

On Sun, 27 Jun 2004, Tim Robbins wrote:

> > Couldn't we move crhold() for p_ucred before it is placed on allproc
> > list?
>
> p_ucred is just the tip of the iceberg -- a lot of code assumes that
> processes on allproc are fully set up. We should either delay putting
> the process onto allproc until it's correctly initialized (taking care
> to avoid races in PID allocation), or not drop the allproc sx until
> initialization is done.

Yeah, it seems there are only two reasonable strategies:

(1) Guard all accesses to proc references to make sure they are aware of
    the process state machine and when they can expect certain fields to
    be valid or usable. This might include causing pfind() not to return
    improper processes.

(2) Don't expose processes in "poor" states to the various consumers of
    processes, allowing the invariants expected by those consumers to be
    stronger. Some magic would be required here in ways you and I have
    discussed previously, such as managing to avoid collisions on pids,
    etc.

I prefer (2) since it avoids putting "Hmm, is it real" logic all over the
kernel, but am unwilling to make the change without a proper understanding
of what should be going on. I also don't have time to make the change
immediately, so was trolling for someone willing to work on it :-).

Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org Principal Research Scientist, McAfee Research

_______________________________________________
freebsd-arch@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-arch
To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"

Next message: Scott Long: "Re: RFC: bsdtar in 5.3"

Previous message: Simon L. Nielsen: "Re: RFC: bsdtar in 5.3"
In reply to: Tim Robbins: "Re: Confusion about process states and invariants"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]