Home | History | Annotate | Download | only in kern
History log of /src/sys/kern/kern_proc.c
RevisionDateAuthorComments
 1.280  02-Jun-2025  andvar s/pratical/practical/ in comments.
 1.279  17-Mar-2025  riastradh kern_proc.c: Fix mistakes in SET_ERROR sprinkling.

To avoid triggering a SET_ERROR probe, I moved an initial

rval = EPERM;

to a separate label `eperm', and then adjusted all the `goto done'
lines that didn't initialize rval themselves to do `goto eperm'
instead.

However, I was sloppy and missed some cases, so some spuriously
failed when they should have succeeded.

Annoyingly, we don't seem to have any automatic tests for this bug!
So the releng test bed hasn't discovered the problem.
 1.278  16-Mar-2025  riastradh kern_proc.c: Sprinkle SET_ERROR.
 1.277  16-Mar-2025  riastradh kern_proc.c: Sort includes.

No functional change intended.
 1.276  14-Jul-2024  kre PR kern/58425 -- Disallow INT_MIN as a (negative) pid arg.

Since -INT_MIN is undefined, and to point of negative pid args is
to negate them, and use the result as a pgrp id instead, we need
to avoid accidentally negating INT_MIN.

Since pid_t is just an integral type, of unspecified width, when
testing pid_t value test for <= INT_MIN (or > INT_MIN sometimes)
rather than == INT_MIN. When testing int values, just == INT_MIN
is all that is needed, < INT_MIN cannot occur.

XXX pullup -9, -10
 1.275  02-Jun-2024  andvar Fix various typos, mainly triple letters.
 1.274  05-Oct-2023  ad Arrange to update cached LWP credentials in userret() rather than during
syscall/trap entry, eliminating a test+branch on every syscall/trap.

This wasn't possible in the 3.99.x timeframe when l->l_cred came about
because there wasn't a reliable/timely way to force an ONPROC LWP running on
a remote CPU into the kernel (which is just about the only new thing in
this scheme).
 1.273  04-Oct-2023  ad kauth_cred_hold(): return cred verbatim so that donating a reference to
another data structure can be done more elegantly.
 1.272  04-Oct-2023  ad Eliminate l->l_ncsw and l->l_nivcsw. From memory think they were added
before we had per-LWP struct rusage; the same is now tracked there.
 1.271  04-Sep-2023  simonb Whitespace nit.
 1.270  09-Apr-2023  riastradh kern: KASSERT(A && B) -> KASSERT(A); KASSERT(B)
 1.269  26-Oct-2022  riastradh branches: 1.269.2;
kern/exec_elf.c: Get emul_netbsd from sys/proc.h.
 1.268  01-Jul-2022  riastradh kern: Omit stale locking comment in proc_crmod_leave.
 1.267  07-May-2022  mrg bump maxthreads default.

bump the default MAXLWP to 4096 from 2048, and adjust the default
limits seen to be 2048 cur / 4096 max. remove the linkage to
maxuprc entirely.

remove cpu_maxlwp() that isn't implemented anywhere. instead,
grow the maxlwp for larger memory systems, picking 1 lwp per 1MiB
of ram, limited to 65535 like the system limit.

remove some magic numbers.


i've been having weird firefox issues for a few months now and
it turns out i was having pthread_create() failures and since
bumping the defaults i've had none of the recent issues.
 1.266  07-Apr-2022  andvar fix various typos in comments.
 1.265  13-Mar-2022  riastradh kern: Fix ordering of loads for pid_table and pid_tbl_mask.

This introduces a load-acquire where there was none before. This is
a simple correctness change. We could avoid the load-acquire, and
use only load-consume, if we used a pointer indirection for _both_
pid_table and pid_tbl_mask. Takes a little more work, and probably
costs an additional cache line of memory traffic, but might be worth
it to avoid the load-acquire for pid lookup.

Reported-by: syzbot+c49e405d0b977aeed663@syzkaller.appspotmail.com
Reported-by: syzbot+1c88ee7086f93607cea1@syzkaller.appspotmail.com
Reported-by: syzbot+da4e9ed1319b75fe2ef3@syzkaller.appspotmail.com
 1.264  10-Mar-2022  riastradh kern: Use atomic_store_release/atomic_load_consume for pid_table.

This is read without the lock, so ordering is required.
 1.263  12-Feb-2022  thorpej Add inline functions to manipulate the klists that link up knotes
via kn_selnext:

- klist_init()
- klist_fini()
- klist_insert()
- klist_remove()

These provide some API insulation from the implementation details of these
lists (but not completely; see vn_knote_attach() and vn_knote_detach()).
Currently just a wrapper around SLIST(9).

This will make it significantly easier to switch kn_selnext linkage
to a different kind of list.
 1.262  24-Dec-2020  nia Avoid negating the minimum size of pid_t (this overflows).

Reported-by: syzbot+e2eb02f9dfaf4f2e6626@syzkaller.appspotmail.com
 1.261  17-Sep-2020  martin branches: 1.261.2;
PR kern/55665: temporarily comment out an assertion that is known to
trigger in some conditions (where ignoring the wrap around does no harm
for now)
 1.260  05-Sep-2020  riastradh Round of uvm.h cleanup.

The poorly named uvm.h is generally supposed to be for uvm-internal
users only.

- Narrow it to files that actually need it -- mostly files that need
to query whether curlwp is the pagedaemon, which should maybe be
exposed by an external header.

- Use uvm_extern.h where feasible and uvm_*.h for things not exposed
by it. We should split up uvm_extern.h but this will serve for now
to reduce the uvm.h dependencies.

- Use uvm_stat.h and #ifdef UVMHIST uvm.h for files that use
UVMHIST(ubchist), since ubchist is declared in uvm.h but the
reference evaporates if UVMHIST is not defined, so we reduce header
file dependencies.

- Make uvm_device.h and uvm_swap.h independently includable while
here.

ok chs@
 1.259  28-Aug-2020  riastradh Fix pasto in previous -- pass the right size to memset...
 1.258  28-Aug-2020  riastradh Nix trailing whitespace.
 1.257  28-Aug-2020  riastradh Zero out more lock snapshots in sysctl exposure.
 1.256  26-Aug-2020  christos Instead of returning 0 when sysctl kern.expose_address=0, return a random
hashed value of the data. This allows sockstat to work without exposing
kernel addresses or being setgid kmem.
 1.255  11-Jun-2020  ad uvm_availmem(): give it a boolean argument to specify whether a recent
cached value will do, or if the very latest total must be fetched. It can
be called thousands of times a second and fetching the totals impacts not
only the calling LWP but other CPUs doing unrelated activity in the VM
system.
 1.254  26-May-2020  kamil Catch up with the usage of struct vmspace::vm_refcnt

Use the dedicated reference counting routines.

Change the type of struct vmspace::vm_refcnt and struct vm_map::ref_count
to volatile.

Remove the unnecessary vm->vm_map.misc_lock locking in process_domem().

Reviewed by <ad>
 1.253  23-May-2020  ad Move proc_lock into the data segment. It was dynamically allocated because
at the time we had mutex_obj_alloc() but not __cacheline_aligned.
 1.252  23-May-2020  ad - Replace pid_table_lock with a lockless lookup covered by pserialize, with
the "writer" side being pid_table expansion. The basic idea is that when
doing an LWP lookup there is usually already a lock held (p->p_lock), or a
spin mutex that needs to be taken (l->l_mutex), and either can be used to
get the found LWP stable and confidently determine that all is correct.

- For user processes LSLARVAL implies the same thing as LSIDL ("not visible
by ID"), and lookup by ID in proc0 doesn't really happen. In-tree the new
state should be understood by top(1), the tty subsystem and so on, and
would attract the attention of 3rd party kernel grovellers in time, so
remove it and just rely on LSIDL.
 1.251  29-Apr-2020  thorpej - proc_find() retains traditional semantics of requiring the canonical
PID to look up a proc. Add a separate proc_find_lwpid() to look up a
proc by the ID of any of its LWPs.
- Add proc_find_lwp_acquire_proc(), which enables looking up the LWP
*and* a proc given the ID of any LWP. Returns with the proc::p_lock
held.
- Rewrite lwp_find2() in terms of proc_find_lwp_acquire_proc(), and add
allow the proc to be wildcarded, rather than just curproc or specific
proc.
- lwp_find2() now subsumes the original intent of lwp_getref_lwpid(), but
in a much nicer way, so garbage-collect the remnants of that recently
added mechanism.
 1.250  26-Apr-2020  thorpej Add a NetBSD native futex implementation, mostly written by riastradh@.
Map the COMPAT_LINUX futex calls to the native ones.
 1.249  26-Apr-2020  thorpej In expand_pid_table(), calculate the current pid table size before
releasing the lock.
 1.248  24-Apr-2020  thorpej Make sure PT_F_* bits are uintptr_t.
 1.247  24-Apr-2020  thorpej Overhaul the way LWP IDs are allocated. Instead of each LWP having it's
own LWP ID space, LWP IDs came from the same number space as PIDs. The
lead LWP of a process gets the PID as its LID. If a multi-LWP process's
lead LWP exits, the PID persists for the process.

In addition to providing system-wide unique thread IDs, this also lets us
eliminate the per-process LWP radix tree, and some associated locks.

Remove the separate "global thread ID" map added previously; it is no longer
needed to provide this functionality.

Nudged in this direction by ad@ and chs@.
 1.246  21-Apr-2020  ad Revert the changes made in February to make cwdinfo use mostly lockless,
which relied on taking extra vnode refs.

Having benchmarked various experimental changes over the past few months it
seems that it's better to avoid vnode refs as much as possible. cwdi_lock
as a RW lock already did that to some extent for getcwd() and will permit
the same for namei() too.
 1.245  20-Apr-2020  maxv Add three KASSERTs, to detect refcount bugs.

This narrows down an unknown bug in some place near, that has manifested
itself in various forms (use-after-frees, uninit accesses, page faults,
segmentation faults), all pointed out by syzbot.

The first KASSERT in fixjobc() fires when the bug is encountered.
 1.244  19-Apr-2020  thorpej - Only increment nprocs when we're creating a new process, not just
when allocating a PID.
- Per above, proc_free_pid() no longer decrements nprocs. It's now done
in proc_free() right after proc_free_pid().
- Ensure nprocs is accessed using atomics everywhere.
 1.243  06-Apr-2020  kamil branches: 1.243.2;
Reintroduce struct proc::p_oppid

Relying on p_opptr is not safe as there is a race between:
- spawner giving a birth to a child process and being killed
- spawnee accessng p_opptr and reporting TRAP_CHLD

PR kern/54786 by Andreas Gustafsson
 1.242  23-Feb-2020  ad Merge from ad-namecache:

- Have a stab at clustering the members of vnode_t and vnode_impl_t in a
more cache-conscious way. With that done, go back to adjusting v_usecount
with atomics and keep vi_lock directly in vnode_impl_t (saves KVA).

- Allow VOP_LOCK(LK_NONE) for the benefit of VFS_VGET() and VFS_ROOT().
Make sure LK_UPGRADE always comes with LK_NOWAIT.

- Make cwdinfo use mostly lockless.
 1.241  21-Feb-2020  joerg Explicitly cast pointers to uintptr_t before casting to enums. They are
not necessarily the same size. Don't cast pointers to bool, check for
NULL instead.
 1.240  29-Jan-2020  ad - Track LWPs in a per-process radixtree. It uses no extra memory in the
single threaded case. Replace scans of p->p_lwps with lookups in the
tree. Find free LIDs for new LWPs in the tree. Replace the hashed sleep
queues for park/unpark with lookups in the tree under cover of a RW lock.

- lwp_wait(): if waiting on a specific LWP, find the LWP via tree lookup and
return EINVAL if it's detached, not ESRCH.

- Group the locks in struct proc at the end of the struct in their own cache
line.

- Add some comments.
 1.239  31-Dec-2019  ad branches: 1.239.2;
Rename uvm_free() -> uvm_availmem().
 1.238  21-Dec-2019  ad uvmexp.free -> uvm_free()
 1.237  06-Dec-2019  kamil Correct signals in siglist+sigmask passed in kinfo_lwp

Make the union of LWP and PROC pending signals correctly.
 1.236  12-Oct-2019  kamil Remove p_oppid from struct proc

This field is not needed as it duplicated p_opptr that is alread safe to
use, unless proven otherwise.

eventswitch() already contained a check for != initproc (pid1).

Ride ABI bump for 9.99.16.
 1.235  30-Sep-2019  kamil Move TRAP_CHLD/TRAP_LWP ptrace information from struct proc to siginfo

Storing struct ptrace_state information inside struct proc was vulnerable
to synchronization bugs, as multiple events emitted in the same time were
overwritting other ones.

Cache the original parent process id in p_oppid. Reusing here p_opptr is
in theory prone to slight race codition.

Change the semantics of PT_GET_PROCESS_STATE, reutning EINVAL for calls
prompting for the value in cases when there wasn't registered an
appropriate event.

Add an alternative approach to check the ptrace_state information, directly
from the siginfo_t value returned from PT_GET_SIGINFO. The original
PT_GET_PROCESS_STATE approach is kept for compat with older NetBSD and
OpenBSD. New code is recommended to keep using PT_GET_PROCESS_STATE.

Add a couple of compile-time asserts for assumptions in the code.

No functional change intended in existing ptrace(2) software.

All ATF ptrace(2) and ATF GDB tests pass.

This change improves reliability of the threading ptrace(2) code.
 1.234  02-Aug-2019  kamil Update our vm resource use for sysctl(3) call reading kinfo_proc*

Without this change RSS properties are zeroed unless a process exits or
calls getrusage(2).
 1.233  11-Jun-2019  kamil branches: 1.233.2;
Add support for PTRACE_POSIX_SPAWN to report posix_spawn(3) events

posix_spawn(3) is a first class syscall in NetBSD, different to
(V)FORK+EXEC as these operations are executed in one go. This differs to
Linux and FreeBSD, where posix_spawn(3) is implemented with existing kernel
primitives (clone(2), vfork(2), exec(3)) inside libc.

Typically LLDB and GDB software is aware of FORK/VFORK events. As discussed
with the LLDB community, instead of slicing the posix_spawn(3) operation
into phases emulating (V)FORK+EXEC(+VFORK_DONE) and returning intermediate
state to the debugger, that might have abnormal state, introduce new event
type: PTRACE_POSIX_SPAWN.

A debugger implementor can easily map it into existing fork+exec semantics
or treat as a distinct event.

There is no functional change for existing debuggers as there was no
support for reporting posix_spawn(3) events on the kernel side.
 1.232  01-Jun-2019  kamil Align the KERN_PROC_CWD interface to semantics closer to KERN_PROC_PATHNAME

Allow specifying oldlenp as 0 and return size with success for oldp != NULL
 1.231  01-Jun-2019  kamil fill_cwd() Drop GETCWD_CHECK_ACCESS

This additional check is not needed and actually prevents from checking
the path. This follows the protection rules of /proc/*/cwd.
 1.230  31-May-2019  kamil Use proper copylen for copyout in fill_cwd()
 1.229  31-May-2019  kamil Implement KERN_PROC_CWD in sysctl(3)

Retrieve specified process current working directory.

Fixes PR kern/50620 by Thomas Klausner.
 1.228  01-Mar-2019  pgoyette Rename the MODULE_*_HOOK() macros to MODULE_HOOK_*() as briefly
discussed on irc.

NFCI intended.

Ride the earlier kernel bump - it;s getting crowded.
 1.227  01-Mar-2019  christos no more p_nsems.
 1.226  29-Jan-2019  pgoyette Normalize all the compat hooks' names to the form

<subsystem>_<function>_<version>_hook

NFCI

XXX Note that although this introduces a change in the kernel-to-
XXX module interface, we are NOT bumping the kernel version number.
XXX We will bump the version number once the interface stabilizes.
 1.225  27-Jan-2019  pgoyette Merge the [pgoyette-compat] branch
 1.224  10-Dec-2018  maxv Remove unused mbuf.h includes.
 1.223  06-Dec-2018  christos Typo fix (Geoff Wing)
 1.222  05-Dec-2018  christos As discussed in tech-kern:

- make sysctl kern.expose_address tri-state:
0: no access
1: access to processes with open /dev/kmem
2: access to everyone
defaults:
0: KASLR kernels
1: non-KASLR kernels

- improve efficiency by calling get_expose_address() per sysctl, not per
process.

- don't expose addresses for linux procfs

- welcome to 8.99.27, changes to fill_*proc ABI
 1.221  24-Nov-2018  christos - instead of zeroing struct proc on each allocation, provide a pool cache
constructor.
- instead of sprinkling memsets, zalloc the whole buffer.
 1.220  24-Nov-2018  maxv Fix kernel info leak, we do a blunt copy of struct proc, but it has
padding. So zero out the structure on each allocation. And copy field by
field while here, because many fields should be hidden by COND_SET_VALUE.
 1.219  12-Nov-2018  maxv Fix buffer overflow, which can lead to severe information leak. Detected
by kASan.
 1.218  05-Oct-2018  christos Provide a sysctl kern.expose_address to expose kernel addresses in
sysctl structure returns for non-root. Defaults to off. Turning it
on will restore sockstat/fstat and friends for regular users.
 1.217  04-Sep-2018  maxv Clear the kernel pointers from kern.proc and kern.proc2 when the user is
not privileged.
 1.216  04-Sep-2018  maxv Use p->p_session instead of ep->e_sess, no real functional change.
 1.215  04-Sep-2018  maxv Introduce KAUTH_REQ_PROCESS_CANSEE_KPTR, and use it in the already-existing
modstat code. No real functional change.
 1.214  03-Sep-2018  riastradh Rename min/max -> uimin/uimax for better honesty.

These functions are defined on unsigned int. The generic name
min/max should not silently truncate to 32 bits on 64-bit systems.
This is purely a name change -- no functional change intended.

HOWEVER! Some subsystems have

#define min(a, b) ((a) < (b) ? (a) : (b))
#define max(a, b) ((a) > (b) ? (a) : (b))

even though our standard name for that is MIN/MAX. Although these
may invite multiple evaluation bugs, these do _not_ cause integer
truncation.

To avoid `fixing' these cases, I first changed the name in libkern,
and then compile-tested every file where min/max occurred in order to
confirm that it failed -- and thus confirm that nothing shadowed
min/max -- before changing it.

I have left a handful of bootloaders that are too annoying to
compile-test, and some dead code:

cobalt ews4800mips hp300 hppa ia64 luna68k vax
acorn32/if_ie.c (not included in any kernels)
macppc/if_gm.c (superseded by gem(4))

It should be easy to fix the fallout once identified -- this way of
doing things fails safe, and the goal here, after all, is to _avoid_
silent integer truncations, not introduce them.

Maybe one day we can reintroduce min/max as type-generic things that
never silently truncate. But we should avoid doing that for a while,
so that existing code has a chance to be detected by the compiler for
conversion to uimin/uimax without changing the semantics until we can
properly audit it all. (Who knows, maybe in some cases integer
truncation is actually intended!)
 1.213  25-Aug-2018  maxv Add KAUTH_REQ_PROCESS_CANSEE_EPROC, and use it for the kern.proc node.
Same permission as before, so no functional change.
 1.212  14-Apr-2018  kamil branches: 1.212.2;
Don't set errno ESRCH for empty result of KINFO_PROC[2]

Restore the previous behavior as it's prefered.

This new behavior was introduced in 1.210.

Code should check for length of the result.

Requested by <mlelstv>
 1.211  13-Mar-2018  kamil Make sysctl_doeproc() more predictable

Swap the order of looking into zombie and all process lists, start now
with the zombie one. This prevents a race observed previously that the
same process could be detected on both lists during a single polling call.

While there:
- Short-circuit break for KERN_PROC_PID, once a pid has been detected.
- Removal of redundant "if (kbuf)" and "if (marker)" checks.
- Update of comments regarding potential optimization, explaining why we
don't want to it as of now. Performance gain from lookup call vs
iteration over a list is neglible on a regular system.
- Return ESRCH when no results have been found. This allows more easily
to implement a retry or abandon algorithm.

This corrects races observed in the existing ATF ptrace(2) tests, related
to await_zombie(). This function was expecting to check whether a process
has been transformed into a zombie, however it was causing occasional
crashes as it was overflowing the return buffer, returning the same pid
twice: once from allproc list and the second time from zombieproc one.

Fix suggested by <christos>
Short-circuit break suggested by <kre>

Discussed on tech-kern.

Sponsored by <The NetBSD Foundation>
 1.210  11-Mar-2018  kre Make a comment meaningful. ie: s/Ditto/what it was copying/ (more or less)

That is, there was a comment "Ditto" - which once upon a time, was used
to indicate the the previous comment applied here as well. Time passed,
and software mutated, and the previous comment was unfortunately sacrificed.

Poor little Ditto was left all alone.

Noticed while doing some software archaeology.
 1.209  30-Nov-2017  maxv branches: 1.209.2;
If no auxv is present, don't kmem_alloc(0). Easy to panic the kernel by
typing 'cat /proc/aout_pid/auxv' on whatever a.out binary you're running.
Fortunately, amd64 does not enable EXEC_AOUT by default. Unfortunately,
i386 does enable it by default.
 1.208  07-Nov-2017  christos Store full executable path in p->p_path as discussed in tech-kern.
This means that the full executable path is always available.

- exec_elf.c: use p->path to set AT_SUN_EXECNAME, and since this is
always set, do so unconditionally.
- kern_exec.c: simplify pathexec, use kmem_strfree where appropriate
and set p->p_path
- kern_exit.c: free p->p_path
- kern_fork.c: set p->p_path for the child.
- kern_proc.c: use p->p_path to return the executable pathname; the
NULL check for p->p_path, should be a KASSERT?
- exec.h: gc ep_path, it is not used anymore
- param.h: bump version, 'struct proc' size change

TODO:
1. reference count the path string, to save copy at fork and free
just before exec?
2. canonicalize the pathname by changing namei() to LOCKPARENT
vnode and then using getcwd() on the parent directory?
 1.207  28-Aug-2017  kamil Remove the filesystem tracing feature

This is a legacy interface from 4.4BSD, and it was
introduced to overcome shortcomings of ptrace(2) at that time, which are
no longer relevant (performance). Today /proc/#/ctl offers a narrow
subset of ptrace(2) commands and is not applicable for modern
applications use beyond simplistic tracing scenarios.

This removal will simplify kernel internals. Users will still be able to
use all the other /proc files.

This change won't affect other procfs files neither Linux compat
features within mount_procfs(8). /proc/#/ctl isn't available on Linux.

Remove:
- /proc/#/ctl from mount_procfs(8)
- P_FSTRACE note from the documentation of ps(1)
- /proc/#/ctl and filesystem tracing documentation from mount_procfs(8)
- KAUTH_REQ_PROCESS_PROCFS_CTL documentation from kauth(9)
- source code file miscfs/procfs/procfs_ctl.c
- PFSctl and procfs_doctl() from sys/miscfs/procfs/procfs.h
- KAUTH_REQ_PROCESS_PROCFS_CTL from sys/sys/kauth.h
- PSL_FSTRACE (0x00010000) from sys/sys/proc.h
- P_FSTRACE (0x00010000) from sys/sys/sysctl.h

Reduce code complexity after removal of this functionality.

Update TODO.ptrace accordingly: remove two entries about /proc tracing.

Do not keep legacy notes as comments in the headers about removed
PSL_FSTRACE / P_FSTRACE, as this interface had little number of users
(close or equal to zero).

Proposed on tech-kern@.

All filesystem tracing utility users are encouraged to switch to ptrace(2).

Sponsored by <The NetBSD Foundation>
 1.206  30-Mar-2017  christos branches: 1.206.6;
factor out getauxv code.
 1.205  28-Jan-2017  christos We need to define COMPAT_NETBSD32 before we include other files;
otherwise things like ucontext32_t will be missing.
 1.204  27-Jan-2017  christos rump does not have ucontext32_t
 1.203  26-Jan-2017  christos use __HAVE_COMPAT_NETBSD32
 1.202  26-Jan-2017  martin Restrict the forcing of COMPAT_NETBSD32 to _LP64 kernels - this is probably
not the right thing to do, but unbreaks the build for now.
 1.201  26-Jan-2017  martin No COMPAT_NETBSD32 for rump
 1.200  26-Jan-2017  christos always compile in the COMPAT32 code; it is tiny and if we don't it breaks
the modules.
 1.199  14-Nov-2016  kre branches: 1.199.2;

Return the "true" parent's pid as the parent pid (ppid) via the
various sysctl/procfs interfaces that allow it to be interrogated.
(This is rather than the temporary parent's pid when a process is
being traced and has been reparented.)

XXX The ppid in elf32 core files has not been similarly adjusted,
XXX Should it be ?
 1.198  29-Sep-2016  christos Introduce and use PROC_PTRSZ() to handle differing pointer size 64->32
emulation.
 1.197  17-Sep-2016  maxv Use VM_MAXUSER_ADDRESS for proc0, not VM_MAX_ADDRESS. It normally does not
change anything, since kernel processes use the shared kernel map instead
of the one they are given here. For consistency though, it is better to
make sure UVM will not be tempted to access machine-dependent reserved
areas (e.g., the PTE space on x86).
 1.196  25-May-2016  christos branches: 1.196.2;
Introduce security.pax.mprotect.ptrace sysctl which can be used to bypass
mprotect settings so that debuggers can write to the text segment of traced
processes so that they can insert breakpoints. Turned off by default.
Ok: chuq (for now)
 1.195  04-Apr-2016  christos Split p_xstat (composite wait(2) status code, or signal number depending
on context) into:
1. p_xexit: exit code
2. p_xsig: signal number
3. p_sflag & WCOREFLAG bit to indicated that the process core-dumped.

Fix the documentation of the flag bits in <sys/proc.h>
 1.194  24-Sep-2015  christos implementation of KERN_PROC_PATHNAME, some refactoring for KERN_PROC.
 1.193  12-Jul-2014  njoly branches: 1.193.4;
Allow fill_kproc2() to be used by more than sysctl.
 1.192  25-Feb-2014  pooka branches: 1.192.2;
Ensure that the top level sysctl nodes (kern, vfs, net, ...) exist before
the sysctl link sets are processed, and remove redundancy.

Shaves >13kB off of an amd64 GENERIC, not to mention >1k duplicate
lines of code.
 1.191  25-Jan-2014  christos __USING_TOPDOWN_VM is no more, __USE_TOPDOWN_VM...
 1.190  14-Nov-2013  martin As discussed on tech-kern: make TOPDOWN-VM runtime selectable per process
(offer MD code or emulations to override it).
 1.189  25-Oct-2013  martin Mark a diagnostic-only variable
 1.188  10-Sep-2013  matt Support an optional MARCH ELF tag.
Store the MACHINE_ARCH of the executable in mdproc and override sysctl
so that value returned.
 1.187  10-Jun-2013  pooka branches: 1.187.2;
g/c unused static variable
 1.186  09-Jun-2012  christos branches: 1.186.2;
Add a new resource to limit the number of lwps per user, RLIMIT_NTHR. There
is a global sysctl kern.maxlwp to control this, which is by default 2048.
The first lwp of each process or kernel threads are not counted against the
limit. To show the current resource usage per user, I added a new sysctl
that dumps the uidinfo structure fields.
 1.185  06-Jun-2012  martin Henning Petersen in PR kern/46552: include cosmetics
 1.184  05-Jun-2012  martin Measure kinfo_proc2::p_vm_vsize in pages, as it was always documented.
This value seems to never have been used anywhere.
This makes it consistent with it's cousin p_vm_msize (which is in pages as
well and has several uses).
 1.183  13-Apr-2012  yamt comment
 1.182  19-Feb-2012  rmind Remove COMPAT_SA / KERN_SA. Welcome to 6.99.3!
Approved by core@.
 1.181  11-Feb-2012  martin branches: 1.181.2;
Add a posix_spawn syscall, as discussed on tech-kern.
Based on the summer of code project by Charles Zhang, heavily reworked
later by me - all bugs are likely mine.
Ok: core, releng.
 1.180  13-May-2011  rmind branches: 1.180.4; 1.180.8;
Sprinkle __cacheline_aligned and __read_mostly, also const-ify.
 1.179  01-May-2011  rmind - Remove FORK_SHARELIMIT and PL_SHAREMOD, simplify lim_privatise().
- Use kmem(9) for struct plimit::pl_corename.
 1.178  01-May-2011  rmind Merge duplicate code fragments into a new lim_setcorename() routine.
 1.177  01-May-2011  rmind Rename limfree() to lim_free(), misc clean up. No functional change.
 1.176  27-Apr-2011  rmind G/C M_EMULDATA
 1.175  18-Apr-2011  rmind Replace malloc with kmem, and remove M_SUBPROC.
 1.174  05-Apr-2011  rmind sysctl_kern_proc_args: fix the deadlock (hi joerg!).
 1.173  05-Mar-2011  matt Simplify copyin_psstrings a bit.
 1.172  04-Mar-2011  joerg Refactor ps_strings access. Based on PK_32, write either the normal
version or the 32bit compat layout in execve1. Introduce a new function
copyin_psstrings for reading it back from userland and converting it to
the native layout. Refactor procfs to share most of the code with the
kern.proc_args sysctl handler.

This material is based upon work partially supported by
The NetBSD Foundation under a contract with Joerg Sonnenberger.
 1.171  28-Jan-2011  pooka migrate compat32 handling with previous

pointed out by Lars Heidieker
 1.170  28-Jan-2011  pooka Move sysctl routines from init_sysctl.c to kern_descrip.c (for
descriptors) and kern_proc.c (for processes). This makes them
usable in a rump kernel, in case somebody was wondering.
 1.169  17-Jan-2011  uebayasi branches: 1.169.2;
Include internal definitions (uvm/uvm.h) only where necessary.
 1.168  07-Jul-2010  chs branches: 1.168.2;
many changes for COMPAT_LINUX:
- update the linux syscall table for each platform.
- support new-style (NPTL) linux pthreads on all platforms.
clone() with CLONE_THREAD uses 1 process with many LWPs
instead of separate processes.
- move the contents of sys__lwp_setprivate() into a new
lwp_setprivate() and use that everywhere.
- update linux_release[] and linux32_release[] to "2.6.18".
- adjust placement of emul fork/exec/exit hooks as needed
and adjust other emul code to match.
- convert all struct emul definitions to use named initializers.
- change the pid allocator to allow multiple pids to refer to the same proc.
- remove a few fields from struct proc that are no longer needed.
- disable the non-functional "vdso" code in linux32/amd64,
glibc works fine without it.
- fix a race in the futex code where we could miss a wakeup after
a requeue operation.
- redo futex locking to be a little more efficient.
 1.167  01-Jul-2010  rmind Remove pfind() and pgfind(), fix locking in various broken uses of these.
Rename real routines to proc_find() and pgrp_find(), remove PFIND_* flags
and have consistent behaviour. Provide proc_find_raw() for special cases.
Fix memory leak in sysctl_proc_corename().

COMPAT_LINUX: rework ptrace() locking, minimise differences between
different versions per-arch.

Note: while this change adds some formal cosmetics for COMPAT_DARWIN and
COMPAT_IRIX - locking there is utterly broken (for ages).

Fixes PR/43176.
 1.166  10-Jun-2010  pooka lwp0 seems like an lwp instead of a process, so move bits related
to it from kern_proc.c to kern_lwp.c. This makes kern_proc
"scheduling-clean" and more easily usable in environments with a
non-integrated scheduler (like, to take a random example, rump).
 1.165  10-Jun-2010  pooka smoke the smoke, hack the hack, *beep* the *beep*, _KERNEL_OPT the _KERNEL_POT
 1.164  04-Jun-2010  rmind proc_alloc: move kdtrace_proc_ctor() out of the proc_lock.
 1.163  26-Feb-2010  jym branches: 1.163.2;
Change RSS (resident set size) limit. Instead of setting it arbitrarily
to the total free memory available to the system, use the smallest value
between VM_MAXUSER_ADDRESS and total free memory (having a RSS limit
bigger than VM_MAXUSER_ADDRESS has no real meaning).

Fix a possible int overflow when ptoa(uvmexp.free) is bigger than 4GB
with a 32 bits vaddr_t.

This change is similar to the one made in rev 1.144 of uvm/uvm_glue.c.
 1.162  23-Feb-2010  darran DTrace: Get rid of the KDTRACE_HOOKS ifdefs in the kernel. Replace the
functions with inline function that are empty when KDTRACE_HOOKS is not
defined.
 1.161  21-Feb-2010  darran Added a defflag option for KDTRACE_HOOKS and included opt_dtrace.h in the
relevant files. (Per Quentin Garnier - thanks!).
 1.160  21-Feb-2010  darran Add the DTrace hooks to the kernel (KDTRACE_HOOKS config option).
DTrace adds a pointer to the lwp and proc structures which it uses to
manage its state. These are opaque from the kernel perspective to keep
the kernel free of CDDL code. The state arenas are kmem_alloced and freed
as proccesses and threads are created and destoyed.

Also add a check for trap06 (privileged/illegal instruction) so that
DTrace can check for D scripts that may have triggered the trap so it
can clean up after them and resume normal operation.

Ok with core@.
 1.159  17-Dec-2009  rmind branches: 1.159.2;
Replace few USER_TO_UAREA/UAREA_TO_USER uses, reduce sys/user.h inclusions.
 1.158  26-Nov-2009  matt Kill proc0paddr. Use lwp0.l_addr instead.
 1.157  04-Nov-2009  pooka nuke unused local variable
 1.156  01-Nov-2009  rmind orphanpg: remove no longer user variable.
 1.155  21-Oct-2009  rmind Remove uarea swap-out functionality:

- Addresses the issue described in PR/38828.
- Some simplification in threading and sleepq subsystems.
- Eliminates pmap_collect() and, as a side note, allows pmap optimisations.
- Eliminates XS_CTL_DATA_ONSTACK in scsipi code.
- Avoids few scans on LWP list and thus potentially long holds of proc_lock.
- Cuts ~1.5k lines of code. Reduces amd64 kernel size by ~4k.
- Removes __SWAP_BROKEN cases.

Tested on x86, mips, acorn32 (thanks <mpumford>) and partly tested on
acorn26 (thanks to <bjh21>).

Discussed on <tech-kern>, reviewed by <ad>.
 1.154  04-Oct-2009  elad Install floppies (haha) don't get built with ktrace/ptrace, so they don't
include kern/sys_process.c. Move proc_uidmatch() to kern/kern_proc.c which
always gets built instead.

Pointed out by Kurt Schreiner on current-users@:

http://mail-index.netbsd.org/current-users/2009/10/03/msg010745.html
 1.153  03-Oct-2009  elad Move policies for KAUTH_PROCESS_{CANSEE,CORENAME,STOPFLAG,FORK} back to
the subsystem.

Note: Consider killing the signal listener and sticking
KAUTH_PROCESS_SIGNAL here as well.
 1.152  23-May-2009  ad Make descriptor access and file allocation cheaper in many cases,
mostly by avoiding a bunch of atomic operations.
 1.151  25-Apr-2009  rmind - Rearrange pg_delete() and pg_remove() (renamed pg_free), thus
proc_enterpgrp() with proc_leavepgrp() to free process group and/or
session without proc_lock held.
- Rename SESSHOLD() and SESSRELE() to to proc_sesshold() and
proc_sessrele(). The later releases proc_lock now.

Quick OK by <ad>.
 1.150  16-Apr-2009  rmind - Manage pid_table with kmem(9).
- Remove M_PROC and unused M_SESSION.
 1.149  16-Apr-2009  rmind Avoid few #ifdef KSTACK_CHECK_MAGIC.
 1.148  28-Mar-2009  rmind Make inferior() function static, rename to p_inferior(), return bool.
 1.147  24-Jan-2009  rmind branches: 1.147.2;
Set l_psid to PS_NONE for lwp0 (consistency change).
 1.146  17-Dec-2008  cegger kill MALLOC and FREE macros.
 1.145  19-Nov-2008  ad Make the emulations, exec formats, coredump, NFS, and the NFS server
into modules. By and large this commit:

- shuffles header files and ifdefs
- splits code out where necessary to be modular
- adds module glue for each of the components
- adds/replaces hooks for things that can be installed at runtime
 1.144  15-Oct-2008  wrstuden branches: 1.144.2;
Merge wrstuden-revivesa into HEAD.
 1.143  24-Jun-2008  gmcgarry branches: 1.143.2;
The conversion to c99-style designated initialisers brought in the gcc
extension of specifying an array range. Revert to runtime initialization
of limit0.

See here for details: http://gcc.gnu.org/onlinedocs/gcc/Designated-Inits.html
 1.142  19-May-2008  ad branches: 1.142.2;
Reduce ifdefs due to MULTIPROCESSOR slightly.
 1.141  03-May-2008  yamt branches: 1.141.2;
enterpgrp: 0 -> NULL for pointers. no functional changes.
 1.140  28-Apr-2008  martin Remove clause 3 and 4 from TNF licenses
 1.139  27-Apr-2008  ad branches: 1.139.2;
Adjust previous: orphang() shouldn't have been playing about with tty_lock.
It was a bit of code that I accidenally left in.
 1.138  27-Apr-2008  christos orphanpg wants the tty lock held.
 1.137  24-Apr-2008  ad Merge proc::p_mutex and proc::p_smutex into a single adaptive mutex, since
we no longer need to guard against access from hardware interrupt handlers.

Additionally, if cloning a process with CLONE_SIGHAND, arrange to have the
child process share the parent's lock so that signal state may be kept in
sync. Partially addresses PR kern/37437.
 1.136  24-Apr-2008  ad Network protocol interrupts can now block on locks, so merge the globals
proclist_mutex and proclist_lock into a single adaptive mutex (proc_lock).
Implications:

- Inspecting process state requires thread context, so signals can no longer
be sent from a hardware interrupt handler. Signal activity must be
deferred to a soft interrupt or kthread.

- As the proc state locking is simplified, it's now safe to take exit()
and wait() out from under kernel_lock.

- The system spends less time at IPL_SCHED, and there is less lock activity.
 1.135  17-Apr-2008  yamt branches: 1.135.2;
pidtbl_dump: use queue.h macros. no functional change.
 1.134  17-Apr-2008  yamt enterpgrp: update a comment.
 1.133  22-Mar-2008  ad LWP_CACHE_CREDS: instead of testing (l_cred != p_cred), use a per-LWP
flag bit to indicate a pending cred update. Avoids touching one item of
shared state in the syscall path.
 1.132  21-Mar-2008  ad Catch up with descriptor handling changes. See kern_descrip.c revision
1.173 for details.
 1.131  17-Mar-2008  ad Process group and session structures are allocated so infrequently that
there is no point having seperate caches for them. Just use kmem_alloc().
 1.130  17-Mar-2008  rmind - Initialize uihashtbl in resource_init();
- Make some variables static, remove the externs from header;
- Wrap few long lines, misc;

No functional changes are intended.
 1.129  02-Jan-2008  ad branches: 1.129.2; 1.129.6;
Merge vmlocking2 to head.
 1.128  26-Dec-2007  ad Merge more changes from vmlocking2, mainly:

- Locking improvements.
- Use pool_cache for more items.
 1.127  05-Dec-2007  ad branches: 1.127.4;
Match the docs: MUTEX_DRIVER/SPIN are now only for porting code written
for Solaris.
 1.126  04-Dec-2007  ad Use atomics to maintain nprocs.
 1.125  03-Dec-2007  ad branches: 1.125.2;
Soft interrupts can now take proclist_lock, so there is no need to
double-lock alllwp or allproc.
 1.124  11-Nov-2007  matt Change some initialization of static queues to compile time.
(xxx_INIT to xxx_HEAD_INITIALIZER). Drop code which inits
non-auto (global or static) variables to 0 since that's
already implied by being non-auto. Init some static/global
cpu_simple_locks at compile time.
 1.123  07-Nov-2007  matt Use C99 structures initializers when possible.
[from matt-armv6]
 1.122  07-Nov-2007  ad Merge from vmlocking:

- pool_cache changes.
- Debugger/procfs locking fixes.
- Other minor changes.
 1.121  06-Nov-2007  ad Merge scheduler changes from the vmlocking branch. All discussed on
tech-kern:

- Invert priority space so that zero is the lowest priority. Rearrange
number and type of priority levels into bands. Add new bands like
'kernel real time'.
- Ignore the priority level passed to tsleep. Compute priority for
sleep dynamically.
- For SCHED_4BSD, make priority adjustment per-LWP, not per-process.
 1.120  24-Oct-2007  ad branches: 1.120.2;
Make ras_lookup() lockless.
 1.119  23-Oct-2007  yamt proc0_init: change lwp0's priority from PRIBIO to PUSER so that
init and its children has a user priority. uvm_scheduler adjusts
its own priority later.
 1.118  12-Oct-2007  ad branches: 1.118.2;
Merge from vmlocking: fix a deadlock with (threaded) soft interrupts and
process exit.
 1.117  29-Sep-2007  dsl Change the way p->p_limit (and hence p->p_rlimit) is locked.
Should fix PR/36939 and make the rlimit code MP safe.
Posted for comment to tech-kern (non received!)

The p_limit field (for a process) is only be changed once (on the first
write), and a reference to the old structure is kept (for code paths
that have cached the pointer).
Only p->p_limit is now locked by p->p_mutex, and since the referenced memory
will not go away, is only needed if the pointer is to be changed.
The contents of 'struct plimit' are all locked by pl_mutex, except that the
code doesn't bother to acquire it for reads (which are basically atomic).
Add FORK_SHARELIMIT that causes fork1() to share the limits between parent
and child, use it for the IRIX_PR_SULIMIT.
Fix borked test for both IRIX_PR_SUMASK and IRIX_PR_SDIR being set.
 1.116  21-Sep-2007  dsl branches: 1.116.2;
Rename members of 'struct plimit' so that the fields are 'pl_xxx' and
no longer have the same names as members of 'struct proc'.
 1.115  06-Sep-2007  ad - Fix sleepq_block() to return EINTR if the LWP is cancelled. Pointed out
by yamt@.

- Introduce SOBJ_SLEEPQ_LIFO, and use for LWPs sleeping via _lwp_park.
libpthread enqueues most waiters in LIFO order to try and wake LWPs that
ran recently, since their working set is more likely to be in cache.
Matching the order of insertion reduces the time spent searching queues
in the kernel.

- Do not boost the priority of LWPs sleeping in _lwp_park, just let them
sleep at their user priority level. LWPs waiting for some I/O event in
the kernel still wait with kernel priority and get woken more quickly.
This needs more evaluation and is to be revisited, but the effect on a
variety of benchmarks is positive.

- When waking LWPs, do not send an IPI to remote CPUs or arrange for the
current LWP to be preempted unless (a) the thread being awoken has kernel
priority and has higher priority than the currently running thread or (b)
the remote CPU is idle.
 1.114  10-Aug-2007  dyoung branches: 1.114.2;
Fix kernel compilation with 'options KSTACK_CHECK_MAGIC': change
'void *' to 'char *' so pointer arithmetic will work.
 1.113  09-Jul-2007  ad branches: 1.113.2; 1.113.6;
Merge some of the less invasive changes from the vmlocking branch:

- kthread, callout, devsw API changes
- select()/poll() improvements
- miscellaneous MT safety improvements
 1.112  15-Jun-2007  ad splstatclock, spllock -> splhigh
 1.111  14-Jun-2007  yamt proc_drainrefs: fix the case of exec failure.
 1.110  17-May-2007  yamt merge yamt-idlelwp branch. asked by core@. some ports still needs work.

from doc/BRANCHES:

idle lwp, and some changes depending on it.

1. separate context switching and thread scheduling.
(cf. gmcgarry_ctxsw)
2. implement idle lwp.
3. clean up related MD/MI interfaces.
4. make scheduler(s) modular.
 1.109  30-Apr-2007  dsl Remove proc->p_ru and the 'rusage' pool.
I think it existed to cache the numbers in kernel memory of a zombie when
proc->p_stats was part of the 'u' area - so got freed earlier and wouldn't
(easily) be accessible from a separate process. However since both the
p_ru and p_stats fields are freed at the same time it is no longer needed.
Ride the recent 4.99.19 version change.
 1.108  12-Mar-2007  ad branches: 1.108.2;
Pass an ipl argument to pool_init/POOL_INIT to be used when initializing
the pool's lock.
 1.107  09-Mar-2007  ad branches: 1.107.2;
- Make the proclist_lock a mutex. The write:read ratio is unfavourable,
and mutexes are cheaper use than RW locks.
- LOCK_ASSERT -> KASSERT in some places.
- Hold proclist_lock/kernel_lock longer in a couple of places.
 1.106  04-Mar-2007  christos Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
 1.105  26-Feb-2007  yamt implement priority inheritance.
 1.104  21-Feb-2007  thorpej Pick up some additional files that were missed before due to conflicts
with newlock2 merge:

Replace the Mach-derived boolean_t type with the C99 bool type. A
future commit will replace use of TRUE and FALSE with true and false.
 1.103  18-Feb-2007  dsl Add code to support per-system call statistics:
option SYSCALL_STATS counts the number of times each system call is made
option SYSCALL_TIMES counts the amount of time spent in each system call
Currently the counting hooks have only been added to the i386 system call
handler, and the time spent in interrupts is not subtracted.
It ought also be possible to add the times to the processes profiling
counters in order to get a more accurate user/system/interrupt split.
The counts themselves are readable via the sysctl interface.
 1.102  17-Feb-2007  pavel Change the process/lwp flags seen by userland via sysctl back to the
P_*/L_* naming convention, and rename the in-kernel flags to avoid
conflict. (P_ -> PK_, L_ -> LW_ ). Add back the (now unused) LSDEAD
constant.

Restores source compatibility with pre-newlock2 tools like ps or top.

Reviewed by Andrew Doran.
 1.101  17-Feb-2007  dsl Acquire proclist_lock in pgid_in_session() so we don't reference potentially
stale proc & pgrp pointers.
 1.100  09-Feb-2007  ad branches: 1.100.2;
Merge newlock2 to head.
 1.99  21-Oct-2006  pooka branches: 1.99.2;
pool_get(): use PR_WAITOK, not M_WAITOK (which happens to be PR_NOWAIT ..)

XXX: not the first time this mistake has been made
 1.98  11-Oct-2006  thorpej Don't free specificdata in lwp_exit2(); it's not safe to block there.
Instead, free an LWP's specificdata from lwp_exit() (if it is not the
last LWP) or exit1() (if it is the last LWP). For consistency, free the
proc's specificdata from exit1() as well. Add lwp_finispecific() and
proc_finispecific() functions to make this more convenient.
 1.97  09-Oct-2006  martin Remove unused variables.
 1.96  08-Oct-2006  christos add {proc,lwp}_initspecific and use them to init proc0 and lwp0.
 1.95  08-Oct-2006  thorpej Add specificdata support to procs and lwps, each providing their own
wrappers around the speicificdata subroutines. Also:
- Call the new lwpinit() function from main() after calling procinit().
- Move some pool initialization out of kern_proc.c and into files that
are directly related to the pools in question (kern_lwp.c and kern_ras.c).
- Convert uipc_sem.c to proc_{get,set}specific(), and eliminate the p_ksems
member from struct proc.
 1.94  30-Jul-2006  ad branches: 1.94.4; 1.94.6;
Single-thread updates to the process credential.
 1.93  27-Jul-2006  christos PR/34094: Jorge Acereda: Kernel option KSTACK_CHECK_MAGIC doesn't build
 1.92  19-Jul-2006  ad - Hold a reference to the process credentials in each struct lwp.
- Update the reference on syscall and user trap if p_cred has changed.
- Collect accounting flags in the LWP, and collate on LWP exit.
 1.91  25-Jun-2006  yamt move SA related pools to where they are used. make them static.
 1.90  11-Jun-2006  rjs branches: 1.90.2;
Add includes of opt_multiprocessor.h and opt_lockdebug.h where missing.
 1.89  14-May-2006  elad branches: 1.89.2;
integrate kauth.
 1.88  10-Apr-2006  onoe Move "opt_maxuprc.h" from init_main.c to kern_proc.c, as the definition
of maxuprc has been moved to kern_proc.c (rev. 1.80).
 1.87  12-Mar-2006  yamt branches: 1.87.2;
proc_vmspace_getref: treat curproc specially to fix coredump problem pointed
by Christos Zoulas.
 1.86  01-Mar-2006  yamt branches: 1.86.2; 1.86.4;
merge yamt-uio_vmspace branch.

- use vmspace rather than proc or lwp where appropriate.
the latter is more natural to specify an address space.
(and less likely to be abused for random purposes.)
- fix a swdmover race.
 1.85  26-Dec-2005  perry branches: 1.85.2; 1.85.4; 1.85.6;
u_intN_t -> uintN_t
 1.84  24-Dec-2005  perry Remove leading __ from __(const|inline|signed|volatile) -- it is obsolete.
 1.83  26-Nov-2005  simonb Convert malloc/free of struct ptimers to pools.
Move the ptimer pool to kern_time.c to keep like pools together,
and it wasn't used in kern_proc.c
 1.82  05-Aug-2005  junyoung branches: 1.82.6;
Cosmetic changes.
 1.81  05-Aug-2005  junyoung Move proc0 initialization from main() in init_main.c and proc0_insert() in
kern_proc.c into a new function proc0_init() in kern_proc.c, as suggested
on tech-kern@ days ago.
 1.80  03-Oct-2004  yamt branches: 1.80.12;
proclist_foreach_call: tweak an assertion to deal with the case that
spinlockmgr is no-op. PR/27125 from Andreas Wrede.
 1.79  01-Oct-2004  yamt introduce a function, proclist_foreach_call, to iterate all procs on
a proclist and call the specified function for each of them.
primarily to fix a procfs locking problem, but i think that it's useful for
others as well.

while i'm here, introduce PROCLIST_FOREACH macro, which is similar to
LIST_FOREACH but skips marker entries which are used by proclist_foreach_call.
 1.78  06-May-2004  pk Provide a mutex for the process limits data structure.
 1.77  25-Apr-2004  simonb Initialise (most) pools from a link set instead of explicit calls
to pool_init. Untouched pools are ones that either in arch-specific
code, or aren't initialiased during initial system startup.

Convert struct session, ucred and lockf to pools.
 1.76  17-Apr-2004  christos PR/9347: Eric E. Fair: socket buffer pool exhaustion leads to system deadlock
and unkillable processes.
1. Introduce new SBSIZE resource limit from FreeBSD to limit socket buffer
size resource.
2. make sokvareserve interruptible, so processes ltsleeping on it can be
killed.
 1.75  14-Mar-2004  cl add kernel part of concurrency support for SA on MP systems
- move per VP data into struct sadata_vp referenced from l->l_savp
* VP id
* lock on VP data
* LWP on VP
* recently blocked LWP on VP
* queue of LWPs woken which ran on this VP before sleep
* faultaddr
* LWP cache for upcalls
* upcall queue
- add current concurrency and requested concurrency variables
- make process exit run LWP on all VPs
- make signal delivery consider all VPs
- make timer events consider all VPs
- add sa_newsavp to allocate new sadata_vp structure
- add sa_increaseconcurrency to prepare new VP
- make sys_sa_setconcurrency request new VP or wakeup idle VP
- make sa_yield lower current concurrency
- set sa_cpu = VP id in upcalls
- maintain cached LWPs per VP
 1.74  27-Feb-2004  junyoung More typos in comments.
 1.73  26-Feb-2004  junyoung pgrpdump() is gone.
 1.72  26-Feb-2004  junyoung - Fix typos.
- De-__P().
- Remove trailing spaces.
 1.71  06-Feb-2004  pk pg_delete: re-arrange SESSRELE() calls to allow for better code generation.
 1.70  04-Jan-2004  jdolecek Rearrange process exit path to avoid need to free resources from different
process context ('reaper').

From within the exiting process context:
* deactivate pmap and free vmspace while we can still block
* introduce MD cpu_lwp_free() - this cleans all MD-specific context (such
as FPU state), and is the last potentially blocking operation;
all of cpu_wait(), and most of cpu_exit(), is now folded into cpu_lwp_free()
* process is now immediatelly marked as zombie and made available for pickup
by parent; the remaining last lwp continues the exit as fully detached
* MI (rather than MD) code bumps uvmexp.swtch, cpu_exit() is now same
for both 'process' and 'lwp' exit

uvm_lwp_exit() is modified to never block; the u-area memory is now
always just linked to the list of available u-areas. Introduce (blocking)
uvm_uarea_drain(), which is called to release the excessive u-area memory;
this is called by parent within wait4(), or by pagedaemon on memory shortage.
uvm_uarea_free() is now private function within uvm_glue.c.

MD process/lwp exit code now always calls lwp_exit2() immediatelly after
switching away from the exiting lwp.

g/c now unneeded routines and variables, including the reaper kernel thread
 1.69  17-Nov-2003  cl - use list to keep track of free stacks.
- use splay tree for the pagefault check if the thread was running on
an upcall stack.

=> removes the limitation that all upcall stacks need to be
adjoining and that all upcall stacks have to be loaded with the
1st sys_sa_stacks call.
=> enables keeping information associated with a stack in the kernel
which makes it simpler to find out which LWP is using a stack.
=> allows increasing the SA_MAXNUMSTACKS without having to
allocate an array of that size.
 1.68  12-Nov-2003  dsl - Count number of zombies and stopped children and requeue them at the top
of the sibling list so that find_stopped_child can be optimised to avoid
traversing the entire sibling list - helps when a process has a lot of
children.
- Modify locking in pfind() and pgfind() to that the caller can rely on the
result being valid, allow caller to request that zombies be findable.
- Rename pfind() to p_find() to ensure we break binary compatibility.
- Remove svr4_pfind since p_find willnow do the job.
- Modify some of the SMP locking of the proc lists - signals are still stuffed.

Welcome to 1.6ZF
 1.67  04-Nov-2003  dsl Remove p_nras from struct proc - use LIST_EMPTY(&p->p_raslist) instead.
Remove p_raslock and rename p_lwplock p_lock (one lock is enough).
Simplify window test when adding a ras and correct test on VM_MAXUSER_ADDRESS.
Avoid unpredictable branch in i386 locore.S
(pad fields left in struct proc to avoid kernel bump)
 1.66  16-Sep-2003  christos add initialization of siginfo lock and queue.
Also initialize the lock for lwps, although it is not used for proc0 for
code consistency.
 1.65  07-Aug-2003  agc Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22364, verified by myself.
 1.64  19-Mar-2003  dsl branches: 1.64.2;
Indentation fixes
 1.63  19-Mar-2003  christos - use __predict_false for DIAGNOSTIC code.
- #ifdef out a DIAGNOSTIC printf() that was too annoying (rule of thumb,
don't make DIAGNOSTIC printfs() that print *very* frequently...)
- fix DIAGNOSTIC test that would always get triggered on a new session.
 1.62  19-Mar-2003  christos make this compile again (-DDIAGNOSTIC)
 1.61  19-Mar-2003  dsl Alternative pid/proc allocater, removes all searches associated with pid
lookup and allocation, and any dependency on NPROC or MAXUSERS.
NO_PID changed to -1 (and renamed NO_PGID) to remove artificial limit
on PID_MAX.
As discussed on tech-kern.
 1.60  12-Mar-2003  dsl Add pgid_in_session() for validating TIOCSPGRP requests
(approved by christos)
 1.59  12-Mar-2003  dsl KNF function prototypes
 1.58  15-Feb-2003  dsl Fix support of 15 and 16 character lognames.
Warn if the logname is changed within a session - usually a missing setsid.
(approved by christos)
 1.57  01-Feb-2003  thorpej Add extensible malloc types, adapted from FreeBSD. This turns
malloc types into a structure, a pointer to which is passed around,
instead of an int constant. Allow the limit to be adjusted when the
malloc type is defined, or with a function call, as suggested by
Jonathan Stone.
 1.56  22-Jan-2003  yamt make KSTACK_CHECK_* compile after sa merge.
 1.55  18-Jan-2003  thorpej Merge the nathanw_sa branch.
 1.54  27-Sep-2002  provos branches: 1.54.2;
remove trailing \n in panic(). approved perry.
 1.53  25-Sep-2002  thorpej Don't include <sys/map.h>.
 1.52  04-Sep-2002  matt Use the queue macros from <sys/queue.h> instead of referring to the queue
members directly. Use *_FOREACH whenever possible.
 1.51  28-Aug-2002  gmcgarry MI kernel support for user-level Restartable Atomic Sequences (RAS).
 1.50  26-Jul-2002  enami Cosmetic changes.
 1.49  26-Jul-2002  enami Add some necessary but missing resource deallocation.
 1.48  02-Jul-2002  yamt add KSTACK_CHECK_MAGIC. discussed on tech-kern.
 1.47  12-Apr-2002  christos branches: 1.47.2;
Use SESSHOLD and SESSRELE consistently.
Add SESSHOLD and SESSRELE to the t_session, so that we don't have dangling
references [inspired by OpenBSD].
 1.46  08-Mar-2002  thorpej branches: 1.46.2;
Pool deals fairly well with physical memory shortage, but it doesn't
deal with shortages of the VM maps where the backing pages are mapped
(usually kmem_map). Try to deal with this:

* Group all information about the backend allocator for a pool in a
separate structure. The pool references this structure, rather than
the individual fields.
* Change the pool_init() API accordingly, and adjust all callers.
* Link all pools using the same backend allocator on a list.
* The backend allocator is responsible for waiting for physical memory
to become available, but will still fail if it cannot callocate KVA
space for the pages. If this happens, carefully drain all pools using
the same backend allocator, so that some KVA space can be freed.
* Change pool_reclaim() to indicate if it actually succeeded in freeing
some pages, and use that information to make draining easier and more
efficient.
* Get rid of PR_URGENT. There was only one use of it, and it could be
dealt with by the caller.

From art@openbsd.org.
 1.45  12-Nov-2001  lukem add RCSIDs
 1.44  04-Feb-2001  pk branches: 1.44.2; 1.44.4; 1.44.8;
When freeing a session, remove the reference to it from the associated tty.
 1.43  08-Nov-2000  ad Update for hashinit() change.
 1.42  17-Aug-2000  thorpej If maniuplating a read lock on the proc list, we no longer need
to go to splclock() -- spinlockmgr() handles the interrupt blocking
while holding the interlock for us, now.
 1.41  27-May-2000  sommerfeld branches: 1.41.4;
Reduce use of curproc in several places:

- Change ktrace interface to pass in the current process, rather than
p->p_tracep, since the various ktr* function need curproc anyway.

- Add curproc as a parameter to mi_switch() since all callers had it
handy anyway.

- Add a second proc argument for inferior() since callers all had
curproc handy.

Also, miscellaneous cleanups in ktrace:

- ktrace now always uses file-based, rather than vnode-based I/O
(simplifies, increases type safety); eliminate KTRFLAG_FD & KTRFAC_FD.
Do non-blocking I/O, and yield a finite number of times when receiving
EWOULDBLOCK before giving up.

- move code duplicated between sys_fktrace and sys_ktrace into ktrace_common.

- simplify interface to ktrwrite()
 1.40  08-May-2000  thorpej __predict_false() the DIAGNOSTIC error checks.
 1.39  30-Mar-2000  augustss Get rid of register declarations.
 1.38  22-Jan-2000  thorpej After some discussion with Mycroft, change splstatclock() to splclock().
The rule is that you don't get to call scheduler-related functions (e.g.
wakeup()) above the clock interrupt. Going to statclock unnecessarily
hoses e.g. serial interrupts on the SPARC.
 1.37  22-Jan-2000  thorpej Back out rev 1.36... what was I thinking? Also, update the comment that
led me astray to reflect reality.
 1.36  13-Jan-2000  thorpej Per my comment earlier in the file, we only need to go do splsoftclock()
when write-locking the proclist; splstatclock() is a wee bit overkill.
 1.35  28-Sep-1999  bouyer branches: 1.35.2;
Remplace kern.shortcorename sysctl with a more flexible sheme,
core filename format, which allow to change the name of the core dump,
and to relocate it in a directory. Credits to Bill Sommerfeld for giving me
the idea :)
The default core filename format can be changed by options DEFCORENAME and/or
kern.defcorename
Create a new sysctl tree, proc, which holds per-process values (for now
the corename format, and resources limits). Process is designed by its pid
at the second level name. These values are inherited on fork, and the corename
fomat is reset to defcorename on suid/sgid exec.
Create a p_sugid() function, to take appropriate actions on suid/sgid
exec (for now set the P_SUGID flag and reset the per-proc corename).
Adjust dosetrlimit() to allow changing limits of one proc by another, with
credential controls.
 1.34  25-Jul-1999  thorpej Turn the proclist lock into a read/write spinlock. Update proclist locking
calls to reflect this. Also, block statclock rather than softclock during
in the proclist locking functions, to address a problem reported on
current-users by Sean Doran.
 1.33  22-Jul-1999  thorpej Add a read/write lock to the proclists and PID hash table. Use the
write lock when doing PID allocation, and during the process exit path.
Use a read lock every where else, including within schedcpu() (interrupt
context). Note that holding the write lock implies blocking schedcpu()
from running (blocks softclock).

PID allocation is now MP-safe.

Note this actually fixes a bug on single processor systems that was probably
extremely difficult to tickle; it was possible that schedcpu() would run
off a bad pointer if the right clock interrupt happened to come in the
middle of a LIST_INSERT_HEAD() or LIST_REMOVE() to/from allproc.
 1.32  22-Jul-1999  thorpej Rework the process exit path, in preparation for making process exit
and PID allocation MP-safe. A new process state is added: SDEAD. This
state indicates that a process is dead, but not yet a zombie (has not
yet been processed by the process reaper).

SDEAD processes exist on both the zombproc list (via p_list) and deadproc
(via p_hash; the proc has been removed from the pidhash earlier in the exit
path). When the reaper deals with a process, it changes the state to
SZOMB, so that wait4 can process it.

Add a P_ZOMBIE() macro, which treats a proc in SZOMB or SDEAD as a zombie,
and update various parts of the kernel to reflect the new state.
 1.31  08-Sep-1998  thorpej branches: 1.31.8;
- Add a new proclist, deadproc, which holds dead-but-not-yet-zombie
processes.
- Create a new data structure, the proclist_desc, which contains a
pointer to a proclist, and eventually, a pointer to the lock for that
proclist. Declare a static array of proclist_descs, proclists[],
consisting of allproc, deadproc, and zombproc.
 1.30  01-Sep-1998  thorpej Use the pool allocator and the "nointr" pool page allocator for rusage
structures.
 1.29  01-Sep-1998  thorpej Use the pool allocator and the "nointr" pool page allocator for pgrp
structures.
 1.28  31-Aug-1998  thorpej Use the pool allocator and "nointr" pool page allocator for pcred and
plimit structures.
 1.27  28-Aug-1998  thorpej Use the "nointr" pool page allocator.
 1.26  18-Aug-1998  thorpej Add some braces to make egcs happy (ambiguous else warning).
 1.25  04-Aug-1998  perry Abolition of bcopy, ovbcopy, bcmp, and bzero, phase one.
bcopy(x, y, z) -> memcpy(y, x, z)
ovbcopy(x, y, z) -> memmove(y, x, z)
bcmp(x, y, z) -> memcmp(x, y, z)
bzero(x, y) -> memset(x, 0, y)
 1.24  02-Aug-1998  thorpej Use a pool for proc structures.
 1.23  01-Mar-1998  fvdl Merge with Lite2 + local changes
 1.22  14-Feb-1998  kleink Fix variable declarations: register -> register int.
 1.21  14-Feb-1998  thorpej Prevent the session ID from disappearing if the session leader exits
(thus causing s_leader to become NULL) by storing the session ID separately
in the session structure. Export the session ID to userspace in the
eproc structure.

Submitted by Tom Proett <proett@nas.nasa.gov>.
 1.20  07-Feb-1998  chs add flags arg to hashinit(), to pass to malloc().
 1.19  21-May-1997  gwr Moved db_kill_proc() and db_show_all_procs() to ddb/db_xxx.c
 1.18  08-May-1997  kleink Pull in the declarations of db_expression() and db_error(), used by
db_kill_proc().
 1.17  07-May-1997  gwr Add db_kill_proc() for DDB (and move db_show_all_procs here so
all the "proc" debugging stuff is here in one place).
 1.16  13-Oct-1996  christos backout previous kprintf change
 1.15  10-Oct-1996  christos printf -> kprintf, sprintf -> ksprintf
 1.14  09-Feb-1996  christos More proto fixes
 1.13  04-Feb-1996  christos First pass at prototyping
 1.12  19-Mar-1995  mycroft Use %p.
 1.11  24-Dec-1994  cgd various cleanups for -Wall. some inspired by James Jegers.
 1.10  30-Aug-1994  mycroft Convert process, file, and namei lists and hash tables to use queue.h.
 1.9  29-Jun-1994  cgd New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD'
 1.8  08-Jun-1994  mycroft Update to 4.4-Lite fs code.
 1.7  19-May-1994  cgd update to lite
 1.6  04-May-1994  cgd Rename a lot of process flags.
 1.5  18-Dec-1993  mycroft Canonicalize all #includes.
 1.4  27-Jun-1993  andrew branches: 1.4.4;
ANSIfications - removed all implicit function return types and argument
definitions. Ensured that all files include "systm.h" to gain access to
general prototypes. Casts where necessary.
 1.3  22-May-1993  cgd add include of select.h if necessary for protos, or delete if extraneous
 1.2  18-May-1993  cgd make kernel select interface be one-stop shopping & clean it all up.
 1.1  21-Mar-1993  cgd branches: 1.1.1;
Initial revision
 1.1.1.3  01-Mar-1998  fvdl Import 4.4BSD-Lite2
 1.1.1.2  01-Mar-1998  fvdl Import 4.4BSD-Lite for reference
 1.1.1.1  21-Mar-1993  cgd initial import of 386bsd-0.1 sources
 1.4.4.1  14-Nov-1993  mycroft Canonicalize all #includes.
 1.31.8.1  02-Aug-1999  thorpej Update from trunk.
 1.35.2.3  11-Feb-2001  bouyer Sync with HEAD.
 1.35.2.2  22-Nov-2000  bouyer Sync with HEAD.
 1.35.2.1  20-Nov-2000  bouyer Update thorpej_scsipi to -current as of a month ago
 1.41.4.2  26-Apr-2002  he Pull up revision 1.47 (requested by christos):
Use SESSHOLD and SESSRELE consistently, and add them to t_session,
so that we do not have dangling references.
 1.41.4.1  29-Jul-2001  he Pull up revision 1.44 (requested by pk):
When freeing a session, remove the reference to it from the
associated tty.
 1.44.8.1  12-Nov-2001  thorpej Sync the thorpej-mips-cache branch with -current.
 1.44.4.5  10-Oct-2002  jdolecek sync kqueue with -current; this includes merge of gehenna-devsw branch,
merge of i386 MP branch, and part of autoconf rototil work
 1.44.4.4  06-Sep-2002  jdolecek sync kqueue branch with HEAD
 1.44.4.3  23-Jun-2002  jdolecek catch up with -current on kqueue branch
 1.44.4.2  16-Mar-2002  jdolecek Catch up with -current.
 1.44.4.1  10-Jan-2002  thorpej Sync kqueue branch with -current.
 1.44.2.11  18-Oct-2002  nathanw Catch up to -current.
 1.44.2.10  17-Sep-2002  nathanw Catch up to -current.
 1.44.2.9  01-Aug-2002  nathanw Catch up to -current.
 1.44.2.8  12-Jul-2002  nathanw No longer need to pull in lwp.h; proc.h pulls it in for us.
 1.44.2.7  24-Jun-2002  nathanw Curproc->curlwp renaming.

Change uses of "curproc->l_proc" back to "curproc", which is more like the
original use. Bare uses of "curproc" are now "curlwp".

"curproc" is now #defined in proc.h as ((curlwp) ? (curlwp)->l_proc) : NULL)
so that it is always safe to reference curproc (*de*referencing curproc
is another story, but that's always been true).
 1.44.2.6  17-Apr-2002  nathanw Catch up to -current.
 1.44.2.5  01-Apr-2002  nathanw Catch up to -current.
(CVS: It's not just a program. It's an adventure!)
 1.44.2.4  17-Nov-2001  nathanw Implement POSIX realtime timers, and reimplement getitimer() and setitimer()
in terms of them.
 1.44.2.3  14-Nov-2001  nathanw Catch up to -current.
 1.44.2.2  09-Jul-2001  nathanw Move upcall processing to the point of userret() rather than invocation time.
 1.44.2.1  05-Mar-2001  nathanw Initial commit of scheduler activations and lightweight process support.
 1.46.2.1  10-Mar-2002  thorpej Make sure proc structures are aligned to 16 byte boundaries. This
ensures that the lower 4 bits of a proc's address are zero. Forthcoming
new locking primitives rely on this.
 1.47.2.2  29-Aug-2002  gehenna catch up with -current.
 1.47.2.1  15-Jul-2002  gehenna catch up with -current.
 1.54.2.1  18-Dec-2002  gmcgarry Merge pcred and ucred, and poolify. TBD: check backward compatibility
and factor-out some higher-level functionality.
 1.64.2.6  11-Dec-2005  christos Sync with head.
 1.64.2.5  10-Nov-2005  skrll Sync with HEAD. Here we go again...
 1.64.2.4  19-Oct-2004  skrll Sync with HEAD
 1.64.2.3  21-Sep-2004  skrll Fix the sync with head I botched.
 1.64.2.2  18-Sep-2004  skrll Sync with HEAD.
 1.64.2.1  03-Aug-2004  skrll Sync with HEAD
 1.80.12.10  24-Mar-2008  yamt sync with head.
 1.80.12.9  17-Mar-2008  yamt sync with head.
 1.80.12.8  21-Jan-2008  yamt sync with head
 1.80.12.7  07-Dec-2007  yamt sync with head
 1.80.12.6  15-Nov-2007  yamt sync with head.
 1.80.12.5  27-Oct-2007  yamt sync with head.
 1.80.12.4  03-Sep-2007  yamt sync with head.
 1.80.12.3  26-Feb-2007  yamt sync with head.
 1.80.12.2  30-Dec-2006  yamt sync with head.
 1.80.12.1  21-Jun-2006  yamt sync with head.
 1.82.6.1  29-Nov-2005  yamt sync with head.
 1.85.6.2  01-Jun-2006  kardel Sync with head.
 1.85.6.1  22-Apr-2006  simonb Sync with head.
 1.85.4.1  09-Sep-2006  rpaulo sync with head
 1.85.2.1  31-Dec-2005  yamt uio_segflg/uio_lwp -> uio_vmspace.
 1.86.4.5  19-Apr-2006  elad sync with head.
 1.86.4.4  30-Mar-2006  elad Get rid of some stuff we no longer need here:

- suser()
- groupmember()
- pcred/ucred memory pools
- crget(), crfree(), crcmp(), crcopy(), crdup(), crcvt()
 1.86.4.3  10-Mar-2006  elad No need to call kauth_cred_setngroups() here.
 1.86.4.2  09-Mar-2006  elad Namespace cleanup, as requested by yamt@.
 1.86.4.1  08-Mar-2006  elad Adapt to kernel authorization KPI.
 1.86.2.5  11-Aug-2006  yamt sync with head
 1.86.2.4  26-Jun-2006  yamt sync with head.
 1.86.2.3  24-May-2006  yamt sync with head.
 1.86.2.2  11-Apr-2006  yamt sync with head
 1.86.2.1  13-Mar-2006  yamt sync with head.
 1.87.2.1  24-May-2006  tron Merge 2006-05-24 NetBSD-current into the "peter-altq" branch.
 1.89.2.1  19-Jun-2006  chap Sync with head.
 1.90.2.1  13-Jul-2006  gdamore Merge from HEAD.
 1.94.6.1  22-Oct-2006  yamt sync with head
 1.94.4.15  08-Feb-2007  skrll Another typo in a comment.
 1.94.4.14  05-Feb-2007  ad - When clearing signals dequeue siginfo first and free later, once
outside the lock permiter.
- Push kernel_lock back in a a couple of places.
- Adjust limcopy() to be MP safe (this needs redoing).
- Fix a couple of bugs noticed along the way.
- Catch up with condvar changes.
 1.94.4.13  01-Feb-2007  ad Get sh3 compiling.
 1.94.4.12  31-Jan-2007  ad - Have callers to mi_switch() drop the kernel lock.
- Fix a deadlock and some typos.
- Unbreak ptrace().
 1.94.4.11  30-Jan-2007  ad Remove support for SA. Ok core@.
 1.94.4.10  28-Jan-2007  ad - Fix sequence error between saving/raising the SPL.
- Changes for JavaStation.
- Fix bugs with mips & sparc support routines.
 1.94.4.9  27-Jan-2007  ad Drop proclist_mutex and proc::p_smutex back to IPL_VM.
 1.94.4.8  25-Jan-2007  ad Eliminate some uses of mtsleep().
 1.94.4.7  29-Dec-2006  ad Checkpoint work in progress.
 1.94.4.6  18-Nov-2006  ad Sync with head.
 1.94.4.5  17-Nov-2006  ad Checkpoint work in progress.
 1.94.4.4  24-Oct-2006  ad - Redo LWP locking slightly and fix some races.
- Fix some locking botches.
- Make signal mask / stack per-proc for SA processes.
- Add _lwp_kill().
 1.94.4.3  21-Oct-2006  ad Checkpoint work in progress on locking and per-LWP signals. Very much a
a work in progress and there is still a lot to do.
 1.94.4.2  11-Sep-2006  ad Grab proclist_mutex in a few more places.
 1.94.4.1  11-Sep-2006  ad - Allocate and free turnstiles where needed.
- Split proclist_mutex and alllwp_mutex out of the proclist_lock,
and use in interrupt context.
- Fix an MP race in enterpgrp()/setsid().
- Acquire proclist_lock and p_crmutex in some obvious places.
 1.99.2.1  01-Apr-2007  bouyer Apply patch (requested by chs in ticket #554):
sys/kern/kern_exit.c patch
sys/kern/kern_lwp.c patch
sys/kern/kern_proc.c patch
sys/sys/proc.h patch
Add a new SDYING process state. In exit1() release structures before curlwp is
NULL. It should fix the problem described in PR 34892.
 1.100.2.7  07-May-2007  yamt sync with head.
 1.100.2.6  21-Apr-2007  ad Some changes mainly for top/ps:

- Add an optional name field to struct lwp.
- Count the total number of context switches + involuntary,
not voluntary + involuntary.
- Mark the idle threads as LSIDL when not running, otherwise
they show up funny in a top(1) that shows threads.
- Make pctcpu and cpticks per-LWP attributes.
- Add to kinfo_lwp: cpticks, pctcpu, pid, name.
 1.100.2.5  24-Mar-2007  yamt sync with head.
 1.100.2.4  24-Mar-2007  rmind Checkpoint:
- Abstract for per-CPU locking of runqueues.
As a workaround for SCHED_4BSD global runqueue, covered by sched_mutex,
spc_mutex is a pointer for now. After making SCHED_4BSD runqueues
per-CPU, it will became a storage mutex.
- suspendsched: Locking is not necessary for cpu_need_resched().
- Remove mutex_spin_exit() prototype in patch.c and LOCK_ASSERT() check
in runqueue_nextlwp() in sched_4bsd.c to make them compile again.
 1.100.2.3  12-Mar-2007  rmind Sync with HEAD.
 1.100.2.2  27-Feb-2007  yamt - sync with head.
- move sched_changepri back to kern_synch.c as it doesn't know PPQ anymore.
 1.100.2.1  17-Feb-2007  yamt - separate context switching and thread scheduling.
- introduce idle lwp.
- change some related MD/MI interfaces and implement i386 version.
 1.107.2.18  01-Nov-2007  ad - Fix interactivity problems under high load. Beacuse soft interrupts
are being stacked on top of regular LWPs, more often than not aston()
was being called on a soft interrupt thread instead of a user thread,
meaning that preemption was not happening on EOI.

- Don't use bool in a couple of data structures. Sub-word writes are not
always atomic and may clobber other fields in the containing word.

- For SCHED_4BSD, make p_estcpu per thread (l_estcpu). Rework how the
dynamic priority level is calculated - it's much better behaved now.

- Kill the l_usrpri/l_priority split now that priorities are no longer
directly assigned by tsleep(). There are three fields describing LWP
priority:

l_priority: Dynamic priority calculated by the scheduler.
This does not change for kernel/realtime threads,
and always stays within the correct band. Eg for
timeshared LWPs it never moves out of the user
priority range. This is basically what l_usrpri
was before.

l_inheritedprio: Lent to the LWP due to priority inheritance
(turnstiles).

l_kpriority: A boolean value set true the first time an LWP
sleeps within the kernel. This indicates that the LWP
should get a priority boost as compensation for blocking.
lwp_eprio() now does the equivalent of sched_kpri() if
the flag is set. The flag is cleared in userret().

- Keep track of scheduling class (OTHER, FIFO, RR) in struct lwp, and use
this to make decisions in a few places where we previously tested for a
kernel thread.

- Partially fix itimers and usr/sys/intr time accounting in the presence
of software interrupts.

- Use kthread_create() to create idle LWPs. Move priority definitions
from the various modules into sys/param.h.

- newlwp -> lwp_create
 1.107.2.17  27-Oct-2007  yamt fix priorities for some kernel threads. advised and ok'ed by Andrew Doran.
 1.107.2.16  25-Oct-2007  ad - Simplify debugger/procfs reference counting of processes. Use a per-proc
rwlock: rw_tryenter(RW_READER) to gain a reference, and rw_enter(RW_WRITER)
by the process itself to drain out reference holders before major changes
like exiting.
- Fix numerous bugs and locking issues in procfs.
- Mark procfs MPSAFE.
 1.107.2.15  09-Oct-2007  ad Sync with head.
 1.107.2.14  09-Oct-2007  ad Sync with head.
 1.107.2.13  20-Aug-2007  ad Sync with HEAD.
 1.107.2.12  19-Aug-2007  yamt proc_free: release proclist_lock earlier as suggested by Andrew Doran.
calling lwp_free with the lock held leads a deadlock.

1. CPU1: do_sys_wait -> lwp_free busy-waits for an LWP exiting on CPU2,
holding proclist_lock.

2. CPU2: the exiting LWP is interrupted by softclock.

3. CPU2: softclock -> sched_pstats tries to acquire proclist_lock.
it also busy-waits because the owning LWP is running.
 1.107.2.11  15-Jul-2007  ad Sync with head.
 1.107.2.10  15-Jul-2007  ad Sync with head.
 1.107.2.9  01-Jul-2007  ad Adapt to callout API change.
 1.107.2.8  17-Jun-2007  ad - Increase the number of thread priorities from 128 to 256. How the space
is set up is to be revisited.
- Implement soft interrupts as kernel threads. A generic implementation
is provided, with hooks for fast-path MD code that can run the interrupt
threads over the top of other threads executing in the kernel.
- Split vnode::v_flag into three fields, depending on how the flag is
locked (by the interlock, by the vnode lock, by the file system).
- Miscellaneous locking fixes and improvements.
 1.107.2.7  08-Jun-2007  ad Sync with head.
 1.107.2.6  28-Apr-2007  ad select/poll:

- Don't try to awaken LWPs more than once. Prevents unnecessary locking.
- Tidy slightly.
 1.107.2.5  10-Apr-2007  ad Changes to select/poll:

- Make them MP safe and decouple from the proc locks.
- selwakeup: don't call p_find, or traverse per-proc LWP lists (ouch).
- selwakeup: don't lock the sleep queue unless we need to.
 1.107.2.4  09-Apr-2007  ad - Add two new arguments to kthread_create1: pri_t pri, bool mpsafe.
- Fork kthreads off proc0 as new LWPs, not new processes.
 1.107.2.3  05-Apr-2007  ad - Make context switch counters 64-bit, and count the total number of
context switches + voluntary, instead of involuntary + voluntary.
- Add lwp::l_swaplock for uvm.
- PHOLD/PRELE are replaced.
 1.107.2.2  21-Mar-2007  ad - Put a lock around the proc's CWD info (work in progress).
- Replace some more simplelocks.
- Make lbolt a condvar.
 1.107.2.1  13-Mar-2007  ad Sync with head.
 1.108.2.1  11-Jul-2007  mjf Sync with head.
 1.113.6.8  09-Dec-2007  jmcneill Sync with HEAD.
 1.113.6.7  14-Nov-2007  joerg Sync with HEAD.
 1.113.6.6  11-Nov-2007  joerg Sync with HEAD.
 1.113.6.5  06-Nov-2007  joerg Sync with HEAD.
 1.113.6.4  28-Oct-2007  joerg Sync with HEAD.
 1.113.6.3  26-Oct-2007  joerg Sync with HEAD.

Follow the merge of pmap.c on i386 and amd64 and move
pmap_init_tmp_pgtbl into arch/x86/x86/pmap.c. Modify the ACPI wakeup
code to restore CR4 before jumping back into kernel space as the large
page option might cover that.
 1.113.6.2  02-Oct-2007  joerg Sync with HEAD.
 1.113.6.1  16-Aug-2007  jmcneill Sync with HEAD.
 1.113.2.2  10-Sep-2007  skrll Sync with HEAD.
 1.113.2.1  15-Aug-2007  skrll Sync with HEAD.
 1.114.2.6  23-Mar-2008  matt sync with HEAD
 1.114.2.5  09-Jan-2008  matt sync with HEAD
 1.114.2.4  08-Nov-2007  matt sync with -HEAD
 1.114.2.3  06-Nov-2007  matt sync with HEAD
 1.114.2.2  30-Aug-2007  matt Fix inverted test #ifndef -> #ifdef
 1.114.2.1  28-Aug-2007  matt Pre-init the static structures (lwp0,proc0,session0,etc.) whenever possible.
Use curlwp_set()
 1.116.2.2  14-Oct-2007  yamt sync with head.
 1.116.2.1  06-Oct-2007  yamt sync with head.
 1.118.2.1  13-Nov-2007  bouyer Sync with HEAD
 1.120.2.3  18-Feb-2008  mjf Sync with HEAD.
 1.120.2.2  08-Dec-2007  mjf Sync with HEAD.
 1.120.2.1  19-Nov-2007  mjf Sync with HEAD.
 1.125.2.4  26-Dec-2007  ad - Push kernel_lock back into exit, wait and sysctl system calls, mainly
for visibility.
- Serialize calls to brk() from within the same process.
- Mark more syscalls MPSAFE.
 1.125.2.3  21-Dec-2007  ad Protect process groups and sessions with tty_lock.
 1.125.2.2  15-Dec-2007  ad - Use pool_cache for a few more items and make those caches static.
- Mark another 10 syscalls MPSAFE including execve(). A small bit of
work is required to fix a couple of issues (tty, kqueue).
 1.125.2.1  08-Dec-2007  ad Sync with head.
 1.127.4.1  02-Jan-2008  bouyer Sync with HEAD
 1.129.6.4  17-Jan-2009  mjf Sync with HEAD.
 1.129.6.3  29-Jun-2008  mjf Sync with HEAD.
 1.129.6.2  02-Jun-2008  mjf Sync with HEAD.
 1.129.6.1  03-Apr-2008  mjf Sync with HEAD.
 1.129.2.1  24-Mar-2008  keiichi sync with head.
 1.135.2.2  04-Jun-2008  yamt sync with head
 1.135.2.1  18-May-2008  yamt sync with head.
 1.139.2.5  11-Aug-2010  yamt sync with head.
 1.139.2.4  11-Mar-2010  yamt sync with head
 1.139.2.3  20-Jun-2009  yamt sync with head
 1.139.2.2  04-May-2009  yamt sync with head.
 1.139.2.1  16-May-2008  yamt sync with head.
 1.141.2.3  18-Sep-2008  wrstuden Sync with wrstuden-revivesa-base-2.
 1.141.2.2  23-Jun-2008  wrstuden Sync w/ -current. 34 merge conflicts to follow.
 1.141.2.1  10-May-2008  wrstuden Initial checkin of re-adding SA. Everything except kern_sa.c
compiles in GENERIC for i386. This is still a work-in-progress, but
this checkin covers most of the mechanical work (changing signalling
to be able to accomidate SA's process-wide signalling and re-adding
includes of sys/sa.h and savar.h). Subsequent changes will be much
more interesting.

Also, kern_sa.c has received partial cleanup. There's still more
to do, though.
 1.142.2.1  27-Jun-2008  simonb Sync with head.
 1.143.2.2  13-Dec-2008  haad Update haad-dm branch to haad-dm-base2.
 1.143.2.1  19-Oct-2008  haad Sync with HEAD.
 1.144.2.3  28-Apr-2009  skrll Sync with HEAD.
 1.144.2.2  03-Mar-2009  skrll Sync with HEAD.
 1.144.2.1  19-Jan-2009  skrll Sync with HEAD.
 1.147.2.2  23-Jul-2009  jym Sync with HEAD.
 1.147.2.1  13-May-2009  jym Sync with HEAD.

Commit is split, to avoid a "too many arguments" protocol error.
 1.159.2.2  17-Aug-2010  uebayasi Sync with HEAD.
 1.159.2.1  30-Apr-2010  uebayasi Sync with HEAD.
 1.163.2.4  31-May-2011  rmind sync with head
 1.163.2.3  21-Apr-2011  rmind sync with head
 1.163.2.2  05-Mar-2011  rmind sync with head
 1.163.2.1  03-Jul-2010  rmind sync with head
 1.168.2.1  06-Jun-2011  jruoho Sync with HEAD.
 1.169.2.2  05-Mar-2011  bouyer Sync with HEAD
 1.169.2.1  08-Feb-2011  bouyer Sync with HEAD
 1.180.8.3  29-Apr-2012  mrg sync to latest -current.
 1.180.8.2  24-Feb-2012  mrg sync to -current.
 1.180.8.1  18-Feb-2012  mrg merge to -current.
 1.180.4.3  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.180.4.2  30-Oct-2012  yamt sync with head
 1.180.4.1  17-Apr-2012  yamt sync with head
 1.181.2.1  12-Jun-2012  riz Pull up following revision(s) (requested by martin in ticket #310):
sys/kern/kern_proc.c: revision 1.184
lib/libkvm/kvm_proc.c: revision 1.89
Measure kinfo_proc2::p_vm_vsize in pages, as it was always documented.
This value seems to never have been used anywhere.
This makes it consistent with it's cousin p_vm_msize (which is in pages as
well and has several uses).
 1.186.2.3  03-Dec-2017  jdolecek update from HEAD
 1.186.2.2  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.186.2.1  23-Jun-2013  tls resync from head
 1.187.2.1  18-May-2014  rmind sync with head
 1.192.2.1  10-Aug-2014  tls Rebase.
 1.193.4.7  28-Aug-2017  skrll Sync with HEAD
 1.193.4.6  05-Feb-2017  skrll Sync with HEAD
 1.193.4.5  05-Dec-2016  skrll Sync with HEAD
 1.193.4.4  05-Oct-2016  skrll Sync with HEAD
 1.193.4.3  29-May-2016  skrll Sync with HEAD
 1.193.4.2  22-Apr-2016  skrll Sync with HEAD
 1.193.4.1  27-Dec-2015  skrll Sync with HEAD (as of 26th Dec)
 1.196.2.4  26-Apr-2017  pgoyette Sync with HEAD
 1.196.2.3  20-Mar-2017  pgoyette Sync with HEAD
 1.196.2.2  07-Jan-2017  pgoyette Sync with HEAD. (Note that most of these changes are simply $NetBSD$
tag issues.)
 1.196.2.1  04-Nov-2016  pgoyette Sync with HEAD
 1.199.2.1  21-Apr-2017  bouyer Sync with HEAD
 1.206.6.5  12-Nov-2018  martin Pull up following revision(s) (requested by maxv in ticket #1088):

sys/kern/kern_proc.c: revision 1.219 (via patch)

Fix buffer overflow, which can lead to severe information leak. Detected
by kASan.
 1.206.6.4  16-Apr-2018  martin Pull up following revision(s) (requested by kamil in ticket #758):

sys/kern/kern_proc.c: revision 1.212

Don't set errno ESRCH for empty result of KINFO_PROC[2]

Restore the previous behavior as it's prefered.
This new behavior was introduced in 1.210.
Code should check for length of the result.

Requested by <mlelstv>
 1.206.6.3  12-Apr-2018  martin Pull up following revision(s) (requested by kamil in ticket #713):

sys/modules/procfs/Makefile: revision 1.4
sys/miscfs/procfs/procfs_vfsops.c: revision 1.98
bin/ps/ps.1: revision 1.108
sys/compat/linux/arch/i386/linux_ptrace.c: revision 1.32
sys/miscfs/procfs/procfs_vnops.c: revision 1.198
sys/kern/sys_ptrace_common.c: revision 1.23
sys/kern/sys_ptrace_common.c: revision 1.24
sbin/mount_procfs/mount_procfs.8: revision 1.36
sys/kern/sys_ptrace_common.c: revision 1.25
sys/kern/sys_ptrace.c: revision 1.5
sys/compat/linux/arch/powerpc/linux_ptrace.c: revision 1.30
sys/sys/proc.h: revision 1.342
sys/kern/sys_ptrace_common.c: revision 1.26
sys/miscfs/procfs/procfs_ctl.c: file removal
sys/kern/sys_ptrace_common.c: revision 1.27
sys/miscfs/procfs/procfs_subr.c: revision 1.109
sys/kern/sys_ptrace_common.c: revision 1.28
sys/secmodel/extensions/secmodel_extensions.c: revision 1.8
sys/kern/sys_ptrace_common.c: revision 1.29
sys/sys/ptrace.h: revision 1.62
sys/compat/netbsd32/netbsd32_signal.c: revision 1.45
share/man/man9/kauth.9: revision 1.109
sys/miscfs/procfs/files.procfs: revision 1.12
sys/compat/netbsd32/netbsd32.h: revision 1.115
sys/miscfs/procfs/procfs.h: revision 1.72
sys/compat/netbsd32/netbsd32_ptrace.c: revision 1.5
sys/kern/kern_sig.c: revision 1.337
sys/sys/kauth.h: revision 1.75
sys/sys/sysctl.h: revision 1.224
sys/kern/sys_ptrace_common.c: revision 1.30
sys/kern/sys_ptrace_common.c: revision 1.31
sys/kern/sys_ptrace_common.c: revision 1.32
sys/kern/sys_ptrace_common.c: revision 1.33
sys/compat/linux/arch/arm/linux_ptrace.c: revision 1.20
sys/kern/sys_ptrace_common.c: revision 1.34
sys/kern/sys_ptrace_common.c: revision 1.36
sys/kern/kern_proc.c: revision 1.207
sys/kern/kern_exit.c: revision 1.269
doc/TODO.ptrace: revision 1.29

Make {s,g}et{db,fp,}regs work again for PK_32 processes
XXX: pullup-8

add disgusting magic to handle compat_netbsd32 as a module.

use process_*reg32 instead of struct *reg32.

Remove the filesystem tracing feature

This is a legacy interface from 4.4BSD, and it was
introduced to overcome shortcomings of ptrace(2) at that time, which are
no longer relevant (performance). Today /proc/#/ctl offers a narrow
subset of ptrace(2) commands and is not applicable for modern
applications use beyond simplistic tracing scenarios.

This removal will simplify kernel internals. Users will still be able to
use all the other /proc files.

This change won't affect other procfs files neither Linux compat
features within mount_procfs(8). /proc/#/ctl isn't available on Linux.

Remove:
- /proc/#/ctl from mount_procfs(8)
- P_FSTRACE note from the documentation of ps(1)
- /proc/#/ctl and filesystem tracing documentation from mount_procfs(8)
- KAUTH_REQ_PROCESS_PROCFS_CTL documentation from kauth(9)
- source code file miscfs/procfs/procfs_ctl.c
- PFSctl and procfs_doctl() from sys/miscfs/procfs/procfs.h
- KAUTH_REQ_PROCESS_PROCFS_CTL from sys/sys/kauth.h
- PSL_FSTRACE (0x00010000) from sys/sys/proc.h
- P_FSTRACE (0x00010000) from sys/sys/sysctl.h

Reduce code complexity after removal of this functionality.

Update TODO.ptrace accordingly: remove two entries about /proc tracing.

Do not keep legacy notes as comments in the headers about removed

PSL_FSTRACE / P_FSTRACE, as this interface had little number of users
(close or equal to zero).
Proposed on tech-kern@.

All filesystem tracing utility users are encouraged to switch to ptrace(2).

Sponsored by <The NetBSD Foundation>

untangle the mess:
- factor out common code
- break each ptrace subcall to its own sub-function
.. more to come ...
- reduce ifdef ugliness by moving it up top.
- factor out PT_IO and make PT_{READ,WRITE}_{I,D} use it
- factor out PT_DUMPCORE
- factor out sendsig code
.. more to come ...

handle siginfo requests for ptrace32

ptrace: Partially undo PT_{READ,WRITE}_{I,D} and unbreak these commands

The refactored code did not work and was generating EFAULT.

Sponsored by <The NetBSD Foundation>

Merge the code back; the problem was that since we are reading/writing
to a kernel address for PT_{READ,WRITE}_{I,D} we need the kernel vmspace.
provide separate read and write functions to accomodate register functions
that need a size argument.

don't ignore error from copyout_piod

Use the proper process (the tracee) to get information about lwps and
registers and the tracer for vmspace.

Add new sysctl(3) entry: security.models.extensions.user_set_dbregs

Model this new sysctl(3) entry after "user_set_cpu_affinity" in the same
level of sysctl(3) switches.

Allow to read unconditionally Debug Registers (no change here). This is
convenient as even if a user of a debugger does not use hardware assisted
watchpoints/breakpoints, a debugger can still prompt these values to store
in an internal cache with context of registers. Reading them should have
no security concerns.

Add a paranoid MI switch that prohibits by default setting these registers
by a regular user (non-superuser). Make this switch disabled by default.
There are enough reserved bits out there to allow using them
unconditionally on hardened hosts.

Features shipped with Debug Registers are optional features in debuggers.
There is no reduction in elementary functionality.

Reviewed by <christos>

Sponsored by <The NetBSD Foundation>
 1.206.6.2  01-Apr-2018  martin Pull up following revision(s) (requested by kamil in ticket #679):

sys/kern/kern_proc.c: revision 1.211

Make sysctl_doeproc() more predictable

Swap the order of looking into zombie and all process lists, start now
with the zombie one. This prevents a race observed previously that the
same process could be detected on both lists during a single polling call.

While there:
- Short-circuit break for KERN_PROC_PID, once a pid has been detected.
- Removal of redundant "if (kbuf)" and "if (marker)" checks.
- Update of comments regarding potential optimization, explaining why we
don't want to it as of now. Performance gain from lookup call vs
iteration over a list is neglible on a regular system.
- Return ESRCH when no results have been found. This allows more easily
to implement a retry or abandon algorithm.

This corrects races observed in the existing ATF ptrace(2) tests, related
to await_zombie(). This function was expecting to check whether a process
has been transformed into a zombie, however it was causing occasional
crashes as it was overflowing the return buffer, returning the same pid
twice: once from allproc list and the second time from zombieproc one.

Fix suggested by <christos>
Short-circuit break suggested by <kre>

Discussed on tech-kern.

Sponsored by <The NetBSD Foundation>
 1.206.6.1  01-Jan-2018  snj Pull up following revision(s) (requested by maxv in ticket #465):
sys/kern/kern_proc.c: revision 1.209
If no auxv is present, don't kmem_alloc(0). Easy to panic the kernel by
typing 'cat /proc/aout_pid/auxv' on whatever a.out binary you're running.
Fortunately, amd64 does not enable EXEC_AOUT by default. Unfortunately,
i386 does enable it by default.
 1.209.2.15  22-Jan-2019  pgoyette Convert the MODULE_{,VOID_}HOOK_CALL macros to do everything in-line
rather than defining an intermediate hook##call function. Almost
all of the hooks are called only once, and although we lose the
ability of doing things like

if (MODULE_HOOK_CALL(...) == 0) ...

we simplify things quite a bit. With this change, we no longer need
to have both declaration and definition macros, and the definition
no longer needs to have both prototype argument list and a "real"
argument list.

FWIW, the above if now needs to written as

int ret;

MODULE_HOOK_CALL(..., ret);
if (ret == 0) ...

with appropriate use of braces {}.
 1.209.2.14  21-Jan-2019  pgoyette No need to declare the hook_call() function for void hooks. So
remove and simplify.
 1.209.2.13  18-Jan-2019  pgoyette Don't restrict hooks to having only int or void types. Pass the hook's
type to the various macros, as needed.

Allows us to reduce diffs to original in at least one or two places (we
no longer have to provide an additional parameter to the hook routine
for returning a non-int return value).
 1.209.2.12  14-Jan-2019  pgoyette Create a variant of the HOOK macros that handles hook routines of
type void, and use them where appropriate.
 1.209.2.11  13-Jan-2019  pgoyette Remove the HOOK2 versions of the MODULE_HOOK macros. There were
only a few uses, and using them led to some lack of clarity in the
code. Instead, we now use two separate hooks, with names that
make it clear(er) what we're doing.

This also positions us to start unraveling some of the rtsock_50
mess, which will need (at least) five hooks.
 1.209.2.10  26-Dec-2018  pgoyette Sync with HEAD, resolve a few conflicts
 1.209.2.9  26-Nov-2018  pgoyette Sync with HEAD, resolve a couple of conflicts
 1.209.2.8  20-Oct-2018  pgoyette Sync with head
 1.209.2.7  29-Sep-2018  pgoyette In MODULE_HOOK_CALL_DECL we don't need to provide the actual argument
list for calling the hook function, nor do we need to provide the
default value (for when the hook has not been set).
 1.209.2.6  23-Sep-2018  pgoyette Use the proper test: _RUMPKERNEL vs _RUMP_KERNEL
 1.209.2.5  23-Sep-2018  pgoyette This hook doesn't exist for _RUMPSERVER
 1.209.2.4  23-Sep-2018  pgoyette More work on kern_proc_32
 1.209.2.3  06-Sep-2018  pgoyette Sync with HEAD

Resolve a couple of conflicts (result of the uimin/uimax changes)
 1.209.2.2  16-Apr-2018  pgoyette Sync with HEAD, resolve some conflicts
 1.209.2.1  15-Mar-2018  pgoyette Synch with HEAD
 1.212.2.3  21-Apr-2020  martin Sync with HEAD
 1.212.2.2  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411
 1.212.2.1  10-Jun-2019  christos Sync with HEAD
 1.233.2.2  07-Aug-2024  martin Pull up following revision(s) (requested by kre in ticket #1859):

sys/kern/kern_proc.c: revision 1.276 (via patch)
sys/kern/kern_ktrace.c: revision 1.185 (via patch)
sys/kern/sys_sig.c: revision 1.58 (via patch)
sys/kern/kern_descrip.c: revision 1.263 (via patch)
lib/libc/compat-43/killpg.c: revision 1.10
sys/kern/tty.c: revision 1.313 (via patch)
tests/lib/libc/sys/t_kill.c: revision 1.2

PR kern/58425 -- Disallow INT_MIN as a (negative) pid arg.
Since -INT_MIN is undefined, and to point of negative pid args is
to negate them, and use the result as a pgrp id instead, we need
to avoid accidentally negating INT_MIN.

Since pid_t is just an integral type, of unspecified width, when
testing pid_t value test for <= INT_MIN (or > INT_MIN sometimes)
rather than == INT_MIN. When testing int values, just == INT_MIN
is all that is needed, < INT_MIN cannot occur.

tests/lib/libc/sys/t_kill: Test kill(INT_MIN, ...) fails with ESRCH.
PR kern/58425
 1.233.2.1  06-Aug-2019  martin Pull up following revision(s) (requested by kamil in ticket #20):

sys/kern/kern_proc.c: revision 1.234

Update our vm resource use for sysctl(3) call reading kinfo_proc*

Without this change RSS properties are zeroed unless a process exits or
calls getrusage(2).
 1.239.2.2  29-Feb-2020  ad Sync with head.
 1.239.2.1  25-Jan-2020  ad Make cwdinfo use mostly lockless, and largely hide the details in vfs_cwd.c.
 1.243.2.2  25-Apr-2020  bouyer Sync with bouyer-xenpvh-base2 (HEAD)
 1.243.2.1  20-Apr-2020  bouyer Sync with HEAD
 1.261.2.1  03-Jan-2021  thorpej Sync w/ HEAD.
 1.269.2.1  07-Aug-2024  martin Pull up following revision(s) (requested by kre in ticket #773):

sys/kern/kern_proc.c: revision 1.276
sys/kern/kern_ktrace.c: revision 1.185
sys/kern/sys_sig.c: revision 1.58
sys/kern/kern_descrip.c: revision 1.263
lib/libc/compat-43/killpg.c: revision 1.10
sys/kern/tty.c: revision 1.313
tests/lib/libc/sys/t_kill.c: revision 1.2

PR kern/58425 -- Disallow INT_MIN as a (negative) pid arg.

Since -INT_MIN is undefined, and to point of negative pid args is
to negate them, and use the result as a pgrp id instead, we need
to avoid accidentally negating INT_MIN.

Since pid_t is just an integral type, of unspecified width, when
testing pid_t value test for <= INT_MIN (or > INT_MIN sometimes)
rather than == INT_MIN. When testing int values, just == INT_MIN
is all that is needed, < INT_MIN cannot occur.

tests/lib/libc/sys/t_kill: Test kill(INT_MIN, ...) fails with ESRCH.
PR kern/58425

RSS XML Feed