Page MenuHomeFreeBSD
Differential D54215

proc: Fix proc_init / proc_dtor ordering issues
ClosedPublic
Actions

Authored by des on Dec 13 2025, 10:36 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jan 23, 11:31 AM
Unknown Object (File)
Sat, Jan 17, 4:33 AM
Unknown Object (File)
Fri, Jan 16, 6:21 AM
Unknown Object (File)
Thu, Jan 15, 7:56 PM
Unknown Object (File)
Wed, Jan 7, 11:37 PM
Unknown Object (File)
Mon, Jan 5, 10:32 PM
Unknown Object (File)
Thu, Jan 1, 8:06 AM
Unknown Object (File)
Wed, Dec 31, 1:30 PM
View All 16 Files
Subscribers
imp
olce

Details

Reviewers
kib
Commits
rG307cbd494b59: proc: Fix proc_init / proc_dtor ordering issues
rG00bdb832fd5d: proc: Fix proc_init / proc_dtor ordering issues
rGfaac79511757: proc: Fix proc_init / proc_dtor ordering issues
rG026d962ef14d: proc: Fix proc_init / proc_dtor ordering issues
Summary
  • Move the initialization of p_ktr into proc_init() and make the check in proc_dtor() unconditional. Prior to this, it was possible to fail and invoke proc_dtor() after the first thread had been created (which was the condition for checking p_ktr in proc_dtor()) but before p_ktr had been initialized.
  • Move the p_klist initialization in fork1() past the last possible failure point so we don't have to free it on failure. We didn't, which meant we were leaking a knlist every time we failed to fork due to hitting the resource limit.

PR: 291470
MFC after: 1 week

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

des created this revision.Dec 13 2025, 10:36 PM
Herald added subscribers: olce, imp. · View Herald TranscriptDec 13 2025, 10:36 PM
des requested review of this revision.Dec 13 2025, 10:36 PM
Harbormaster completed remote builds in B69238: Diff 167992.Dec 13 2025, 10:36 PM
kib added a comment.Dec 14 2025, 2:12 AM

IMO it would be more proper to move the initialization into proc_init().

kib added a comment.Dec 14 2025, 3:44 AM
In D54215#1238587, @kib wrote:

IMO it would be more proper to move the initialization into proc_init().

And then proc_dtor could assert that p->p_ktr is empty unconditionally, not only when there is a thread owned by the process.

des added a comment.EditedDec 14 2025, 10:45 AM

Should we also move mac_proc_init() and knlist_alloc() into proc_init()? no, we shouldn't.

However, I just realized that we leak the klist if the new process exceeds the resource limit.

des retitled this revision from fork1: Initialize p_ktr earlier to proc: Fix proc_init / proc_dtor ordering issues.Dec 14 2025, 11:08 AM
des edited the summary of this revision. (Show Details)
des updated this revision to Diff 168001.Dec 14 2025, 11:13 AM

plug knlist leak

Harbormaster completed remote builds in B69246: Diff 168001.Dec 14 2025, 11:13 AM
kib accepted this revision.Dec 14 2025, 11:31 AM

Indeed, p_klist initialization should not be moved into constructor, since it is cleared in exit1() (and should not be done in destructor, I believe). Then it would leak in each case where exit1() is not called, i.e. fork failures.
For mac, I have no idea what modules expect, so IMO it is better to keep them as is.

sys/kern/kern_proc.c
243–244

Remove this #ifdef as well, it has no point.

This revision is now accepted and ready to land.Dec 14 2025, 11:31 AM
des added a comment.Dec 14 2025, 12:14 PM

We can't move the MAC initialization, it has to happen before we call priv_check_cred().

des marked an inline comment as done.Dec 14 2025, 12:14 PM
Closed by commit rG026d962ef14d: proc: Fix proc_init / proc_dtor ordering issues (authored by des). · Explain WhyDec 14 2025, 1:46 PM
This revision was automatically updated to reflect the committed changes.
des added a commit: rG026d962ef14d: proc: Fix proc_init / proc_dtor ordering issues.
des added a commit: rGfaac79511757: proc: Fix proc_init / proc_dtor ordering issues.Dec 19 2025, 6:07 PM
des added a commit: rG00bdb832fd5d: proc: Fix proc_init / proc_dtor ordering issues.
des added a commit: rG307cbd494b59: proc: Fix proc_init / proc_dtor ordering issues.

Revision Contents
Changeset List

PathSize
sys/
kern/
4 lines
8 lines

Diff 168005

View Options

sys/kern/kern_fork.c

Loading...
View Options

sys/kern/kern_proc.c

Loading...