From 0fb9f29baeabbbd2058fdcb4f5e4f754cc916c58 Mon Sep 17 00:00:00 2001 From: "Bjoern A. Zeeb" Date: Thu, 5 Jul 2018 16:16:28 +0000 Subject: [PATCH] With the introduction of reapers and reaplists in r275800, proc0 and init are setup as a circular dependency. create_init() calls fork1() which calls do_fork(). There the newproc (initproc) is setup with a reaper of proc0 who's reaper points to itself. The newproc (initproc) is then put on its reaper's (proc0) p_reaplist (initproc is a descendants of proc0 for proc0 to reap). Upon return to create_init(), proc0 is added to initproc's p_reaplist (which would mean proc0 is a descendant of init, for init to reap). This creates a circular dependency which eventually leads to LIST corruptions when trying to kill init and a proc0. For the base system we never really hit this case during reboot. The problem only became visible after adding more virtual process spaces which could go away cleanly (work existing in an experimental branch). Reviewed by: kib Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D15924 --- sys/kern/init_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c index 351e8595d787..79a625b7900f 100644 --- a/sys/kern/init_main.c +++ b/sys/kern/init_main.c @@ -514,6 +514,7 @@ proc0_init(void *dummy __unused) p->p_peers = 0; p->p_leader = p; p->p_reaper = p; + p->p_treeflag |= P_TREE_REAPER; LIST_INIT(&p->p_reaplist); strncpy(p->p_comm, "kernel", sizeof (p->p_comm)); @@ -851,7 +852,6 @@ create_init(const void *udata __unused) PROC_LOCK(initproc); initproc->p_flag |= P_SYSTEM | P_INMEM; initproc->p_treeflag |= P_TREE_REAPER; - LIST_INSERT_HEAD(&initproc->p_reaplist, &proc0, p_reapsibling); oldcred = initproc->p_ucred; crcopy(newcred, oldcred); #ifdef MAC