On 2018-12-06, Florian Weimer <fweimer@xxxxxxxxxx> wrote: > > Floriam are you seeing a problem with this behavior or the way Christian > > was describing it? > > My hope is that you could use taskfd_send_signal one day to send a > signal to a process which you *known* (based on how you've written your > application) should be running and not in a zombie state, and get back > an error if it has exited. You can detect if a process is a zombie via the procfd by observing "stat" (the state will be "Z"). Personally I'm with Christian that we should maintain compatibility with the rest of the signal APIs -- sending a signal to a zombie is a defined (though no-op) concept. I don't understand why sending a signal should fail in this case -- a zombie is not the same as a non-existent process. If we need to have a way of checking whether something is a zombie (other than through "stat") we can add another method (or flag if it has to be atomic) in the future. And given the complexity of doing it, I'm even less of a fan of doing it in the initial patchset. > If you get this error, only then you wait on the process, using the file > descriptor you have, and run some recovery code. > > Wouldn't that be a reasonable approach once we've got task descriptors? I think taskfd_wait() is something we'll need eventually, but I don't think that making taskfd_send_signal() do something that is contrary to existing kill(2) interfaces (making it so that transitioning to it won't be seamless), What would the error be? ESRCH would be _very_ wrong, given that it would confuse the two states (zombie/dead-for-real) and would lead to weird cases where fstatat(taskfd) succeeds but taskfd_send_signal(2) fails. -- Aleksa Sarai Senior Software Engineer (Containers) SUSE Linux GmbH <https://www.cyphar.com/>
Attachment:
signature.asc
Description: PGP signature