svn commit: r335993 - head/sys/kern

[Bjoern A. Zeeb]

Author: bz
Date: Thu Jul  5 16:16:28 2018
New Revision: 335993
URL: https://svnweb.freebsd.org/changeset/base/335993

Log:
  With the introduction of reapers and reaplists in r275800,
  proc0 and init are setup as a circular dependency.
  
  create_init() calls fork1() which calls do_fork(). There the
  newproc (initproc) is setup with a reaper of proc0 who's reaper
  points to itself. The newproc (initproc) is then put on its
  reaper's (proc0) p_reaplist (initproc is a descendants of proc0
  for proc0 to reap). Upon return to create_init(), proc0 is
  added to initproc's p_reaplist (which would mean proc0 is a
  descendant of init, for init to reap). This creates a
  circular dependency which eventually leads to LIST corruptions
  when trying to kill init and a proc0.
  
  For the base system we never really hit this case during reboot.
  The problem only became visible after adding more virtual process
  spaces which could go away cleanly (work existing in an experimental
  branch).
  
  Reviewed by:	kib
  Sponsored by:	iXsystems, Inc.
  Differential Revision:	https://reviews.freebsd.org/D15924

Modified:
  head/sys/kern/init_main.c

Modified: head/sys/kern/init_main.c
==============================================================================
--- head/sys/kern/init_main.c	Thu Jul  5 16:15:17 2018	(r335992)
+++ head/sys/kern/init_main.c	Thu Jul  5 16:16:28 2018	(r335993)
@@ -514,6 +514,7 @@ proc0_init(void *dummy __unused)
 	p->p_peers = 0;
 	p->p_leader = p;
 	p->p_reaper = p;
+	p->p_treeflag |= P_TREE_REAPER;
 	LIST_INIT(&p->p_reaplist);
 
 	strncpy(p->p_comm, "kernel", sizeof (p->p_comm));
@@ -851,7 +852,6 @@ create_init(const void *udata __unused)
 	PROC_LOCK(initproc);
 	initproc->p_flag |= P_SYSTEM | P_INMEM;
 	initproc->p_treeflag |= P_TREE_REAPER;
-	LIST_INSERT_HEAD(&initproc->p_reaplist, &proc0, p_reapsibling);
 	oldcred = initproc->p_ucred;
 	crcopy(newcred, oldcred);
 #ifdef MAC