Confusion about process states and invariants
Robert Watson
rwatson at freebsd.org
Sun Jun 27 15:53:34 GMT 2004
On Sun, 27 Jun 2004, Tim Robbins wrote:
> > Couldn't we move crhold() for p_ucred before it is placed on allproc
> > list?
>
> p_ucred is just the tip of the iceberg -- a lot of code assumes that
> processes on allproc are fully set up. We should either delay putting
> the process onto allproc until it's correctly initialized (taking care
> to avoid races in PID allocation), or not drop the allproc sx until
> initialization is done.
Yeah, it seems there are only two reasonable strategies:
(1) Guard all accesses to proc references to make sure they are aware of
the process state machine and when they can expect certain fields to
be valid or usable. This might include causing pfind() not to return
improper processes.
(2) Don't expose processes in "poor" states to the various consumers of
processes, allowing the invariants expected by those consumers to be
stronger. Some magic would be required here in ways you and I have
discussed previously, such as managing to avoid collisions on pids,
etc.
I prefer (2) since it avoids putting "Hmm, is it real" logic all over the
kernel, but am unwilling to make the change without a proper understanding
of what should be going on. I also don't have time to make the change
immediately, so was trolling for someone willing to work on it :-).
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Principal Research Scientist, McAfee Research
More information about the freebsd-arch
mailing list