Mark processes that are stopped because of a ptrace trap as PS_TRAPPED.

Use this flag instead of ps_single in dowait6() to decide if a process
was stopped because of a ptrace event.
OK mpi@

Indicate that a process has stopped by setting PS_STOPPED flag

The checks in dowait6 and orphanpg using ps_mainproc are flawed and
fail if the mainproc called pthread_exit before the other threads.

Indicate that a process has stopped by setting PS_STOPPED flag

The checks in dowait6 and orphanpg using ps_mainproc are flawed and
fail if the mainproc called pthread_exit before the other threads.
Adding the flag in proc_stop_sweep is racy but the best we have right now.
This fixes regress/sys/kern/signal/sig-stop3.

OK mpi@

show more ...

Use pr instead of p->p_p like everywhere else in exit1.

Replace ps_oppid (old parent pid) with ps_opptr (a pointer to the old parent process struct).

This simplifies some code and removes the no need to call prfind in
process_untrace().
OK mpi@

Move common code to update the proc runtime into tuagg_add_runtime().

OK mpi@ kn@

Adjust lock requirements for ps_pptr, ps_ppid and ps_oppid.

ps_pptr, ps_ppid and ps_oppid require the KERNEL_LOCK and the process mutex
to be modified. At the same time either KERNEL_LOCK or process

Adjust lock requirements for ps_pptr, ps_ppid and ps_oppid.

ps_pptr, ps_ppid and ps_oppid require the KERNEL_LOCK and the process mutex
to be modified. At the same time either KERNEL_LOCK or process mutex needs
to be taken to read the values.

This is needed to further unlock ptsignal().
OK kettenis@, mvs@

show more ...

Use ps_ppid instead of ps_pptr->ps_pid in all places.
OK mpi@

Remove incorrect increment of the context switch counter.

From Christian Ludwig.

ok claudio@

Atomically modify `nthreads' and move proc_free() out of KERNEL_LOCK().

ok jca@

Make exit1() wait sysctl(2) `allprocess' loops.

Regardless on wired userland memory, KERN_FILE_BYPID and KERN_FILE_BYUID
`allprocess' loops have netlock provided sleep points, so concurrent
process

Make exit1() wait sysctl(2) `allprocess' loops.

Regardless on wired userland memory, KERN_FILE_BYPID and KERN_FILE_BYUID
`allprocess' loops have netlock provided sleep points, so concurrent
process exit(1) could crash kernel.

The main exit1() problem is that process teardown begins while process
is still linked to `allprocess' list, and current code doesn't allow to
unlink it first. Wait for concurrent sysctl(2) `allprocess' loops
between PS_EXITING bit setting and list unlinking. Both KERN_FILE_BYPID
and KERN_FILE_BYUID loops do PS_EXITING check and won't deal with dying
process. Concurrent exit1() thread will wait loops keeping process
linked to `allprocess' list.

Tested with i386 dpb(1) run.
Stress tests and ok bluhm.

show more ...

Revert the knote_processexit() bits of the diff. It introduced a small
window where a knote is available but PS_ZOMBIE is not yet set (causing
waitpid() to not return that pid).
Requested by jca@ and

Revert the knote_processexit() bits of the diff. It introduced a small
window where a knote is available but PS_ZOMBIE is not yet set (causing
waitpid() to not return that pid).
Requested by jca@ and deraadt@

show more ...

Stop using KERNEL_LOCK to protect the per process kqueue list

Instead of the KERNEL_LOCK use the ps_mtx for most operations.
If the ps_klist is modified an additional global rwlock (kqueue_ps_list_l

Stop using KERNEL_LOCK to protect the per process kqueue list

Instead of the KERNEL_LOCK use the ps_mtx for most operations.
If the ps_klist is modified an additional global rwlock (kqueue_ps_list_lock)
is required. This includes the knotes with NOTE_FORK and NOTE_EXIT since
in either cases a ps_klist is changed. In the NOTE_FORK | NOTE_TRACK case
the call to kqueue_register() can sleep this is why a global rwlock is used.

Adjust the reaper() to call knote_processexit() without KERNEL_LOCK.
Double lock idea from visa@
OK mvs@

show more ...

Replace per thread P_CONTINUED with per process PS_CONTINUED flag

dowait6() can only look at per process state so switch this over.
Right now SIGCONT handling in ptsignal is recursive and not quite

Replace per thread P_CONTINUED with per process PS_CONTINUED flag

dowait6() can only look at per process state so switch this over.
Right now SIGCONT handling in ptsignal is recursive and not quite
right but this is a step in the right direction. It fixes dowait6()
handling for multithreaded processes where the main thread exited.

OK mpi@

show more ...

Remove the (pr->ps_single->p_flag & P_SUSPSINGLE) == 0 check since it
is always true. Also consitently wrap all flag checks into parantheses.
OK kettenis@ guenther@

Move uvm_exit() outside of the KERNEL_LOCK() in the reaper.

Use atomic operations to reference count VM spaces.

Tested by claudio@, bluhm@, sthen@, jca@

ok jca@, claudio@

Switch proc_finish_wait() to use the process as argument instead of its
ps_mainproc. dowait6() needs to stop using ps_mainproc and this is the
first step.
OK guenther@

Rework per proc and per process time usage accounting

For procs (threads) the accounting happens now lockless by curproc using
a generation counter. Callers need to use tu_enter() and tu_leave() for

Rework per proc and per process time usage accounting

For procs (threads) the accounting happens now lockless by curproc using
a generation counter. Callers need to use tu_enter() and tu_leave() for this.
To read the proc p_tu struct tuagg_get_proc() should be used. It ensures
that the values read is consistent.

For processes only the time of exited threads is accumulated in ps_tu and
to get the proper process time usage tuagg_get_process() needs to be called.
tuagg_get_process() will sum up all procs p_tu plus the ps_tu.

This removes another SCHED_LOCK() dependency. Adjust the code in
exit1() and exit2() to correctly account for the full run time.
For this adjust sched_exit() to do the runtime accounting like it is done
in mi_switch().

OK jca@ dlg@

show more ...

Fix comment for exit2() this code is called by sched_idle() not cpu_exit().
The note can be removed but add a comment that since this is called from
the idle process exit2() is not allowed to sleep.

Fix comment for exit2() this code is called by sched_idle() not cpu_exit().
The note can be removed but add a comment that since this is called from
the idle process exit2() is not allowed to sleep.
OK jca@

show more ...

Remove the now unsued s argument to SCHED_LOCK and SCHED_UNLOCK.

The SPL level is not tacked by the mutex and we no longer need to track
this in the callers.
OK miod@ mlarkin@ tb@ jca@

Rework interaction between sleep API and exit1() and start unlocking ps_threads

This diff adjusts how single_thread_set() accounts the threads by using
ps_threadcnt as initial value and counting all

Rework interaction between sleep API and exit1() and start unlocking ps_threads

This diff adjusts how single_thread_set() accounts the threads by using
ps_threadcnt as initial value and counting all threads out that are already
parked. In single_thread_check call exit1() before decreasing ps_singlecount
this is now done in exit1().

exit1() and thread_fork() ensure that ps_threadcnt is updated with the
pr->ps_mtx held and in exit1() also account for exiting threads since
exit1() can sleep.

OK mpi@

show more ...

Backout priterator() for walking allprocess list.

This approach does not work as LIST_NEXT() of a removed element
does not return NULL. I causes a crash in syzcaller and triggers
kernel diagnostic

Backout priterator() for walking allprocess list.

This approach does not work as LIST_NEXT() of a removed element
does not return NULL. I causes a crash in syzcaller and triggers
kernel diagnostic assertion "vp->v_uvcount == 0" in sys/kern/kern_unveil.c
line 845 during reboot. Unfortunately the backout brings back the
race in fill_file() and fstat(1) may crash the kernel.

Reported-by: syzbot+54fba1c004d7383d5e85@syzkaller.appspotmail.com

show more ...

The kernel will now read pinsyscall tables out of PT_OPENBSD_SYSCALLS in
the main program or ld.so, and accept a submission of that information
for libc.so from ld.so via pinsyscalls(2). At system c

The kernel will now read pinsyscall tables out of PT_OPENBSD_SYSCALLS in
the main program or ld.so, and accept a submission of that information
for libc.so from ld.so via pinsyscalls(2). At system call invocation,
the syscall number is matched to the specific address it must come from.
ok kettenis, gnezdo, testing of variations by many people

show more ...

Introduce priterator(), the `ps_list' iterator. Some of `allprocess'
list walkthroughs have context switch within, so make exit1() wait
until the last reference released.

Reported-by: syzbot+0e9dda7

Introduce priterator(), the `ps_list' iterator. Some of `allprocess'
list walkthroughs have context switch within, so make exit1() wait
until the last reference released.

Reported-by: syzbot+0e9dda76c42c82c626d7@syzkaller.appspotmail.com

ok bluhm claudio

show more ...

Extend single_thread_set() mode with additional flag attributes.

The mode can now be or-ed with SINGLE_DEEP or SINGLE_NOWAIT to alter
the behaviour of single_thread_set(). This allows explicit contr

Extend single_thread_set() mode with additional flag attributes.

The mode can now be or-ed with SINGLE_DEEP or SINGLE_NOWAIT to alter
the behaviour of single_thread_set(). This allows explicit control
of the SINGLE_DEEP behaviour.

If SINGLE_DEEP is set the deep flag is passed to the initial check call
and by that the check will error out instead of suspending (SINGLE_UNWIND)
or exiting (SINGLE_EXIT). The SINGLE_DEEP flag is required in calls to
single_thread_set() outside of userret. E.g. at the start of sys_execve
because the proc is not allowed to call exit1() in that location.

SINGLE_NOWAIT skips the wait at the end of single_thread_set() and therefor
returns BEFORE all threads have been parked. Currently this is only used by
the ptrace code and should not be used anywhere else. Not waiting for all
threads to settle is asking for trouble.

This solves an issue by using SINGLE_UNWIND in the coredump case where
the code should actually exit in case another thread crashed moments earlier.
Also the SINGLE_UNWIND in pledge_fail() is now marked SINGLE_DEEP since
the call to pledge_fail() is for sure not at the kernel boundary.

OK mpi@

show more ...

Move code inside exit1() to better spots.

- PS_PROFIL bit is moved into the process cleanup block where it belongs
- The proc read-only limit cache cleanup is moved up right after clearing
p->p_fd

Move code inside exit1() to better spots.

- PS_PROFIL bit is moved into the process cleanup block where it belongs
- The proc read-only limit cache cleanup is moved up right after clearing
p->p_fd cache. lim_free() can potentially sleep and so needs to be
above the line where p_stat is set to SDEAD.

With and OK jca@

show more ...