: bootstrap: integrate ProcHandle in BootstrapProcManager #1282
+1,054
−10
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
No ciflow labels are configured for this repo. |
meta-cla
bot
added
the
CLA Signed
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
ac4540c to
d7a94d4
Compare
shayne-fletcher
added a commit
to shayne-fletcher/monarch-1
that referenced
this pull request
Sep 19, 2025
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Differential Revision: D82846206
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
d7a94d4 to
e6db1d8
Compare
shayne-fletcher
added a commit
to shayne-fletcher/monarch-1
that referenced
this pull request
Sep 19, 2025
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Differential Revision: D82846206
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
shayne-fletcher
added a commit
to shayne-fletcher/monarch-1
that referenced
this pull request
Sep 19, 2025
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. adds a `pid_table` and a `Drop` impl that best-effort `SIGKILL`s recorded pids on `drop`. this replaces relying on `Child.kill_on_drop` now that the exit monitor owns the `Child`. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Differential Revision: D82846206
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
e6db1d8 to
5817b89
Compare
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
5817b89 to
afb087c
Compare
shayne-fletcher
added a commit
to shayne-fletcher/monarch-1
that referenced
this pull request
Sep 19, 2025
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. adds a `pid_table` and a `Drop` impl that best-effort `SIGKILL`s recorded pids on `drop`. this replaces relying on `Child.kill_on_drop` now that the exit monitor owns the `Child`. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Differential Revision: D82846206
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
shayne-fletcher
added a commit
to shayne-fletcher/monarch-1
that referenced
this pull request
Sep 19, 2025
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. adds a `pid_table` and a `Drop` impl that best-effort `SIGKILL`s recorded pids on `drop`. this replaces relying on `Child.kill_on_drop` now that the exit monitor owns the `Child`. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Differential Revision: D82846206
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
afb087c to
8dc5b1a
Compare
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
8dc5b1a to
8787265
Compare
shayne-fletcher
added a commit
to shayne-fletcher/monarch-1
that referenced
this pull request
Sep 19, 2025
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. adds a `pid_table` and a `Drop` impl that best-effort `SIGKILL`s recorded pids on `drop`. this replaces relying on `Child.kill_on_drop` now that the exit monitor owns the `Child`. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Differential Revision: D82846206
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
8787265 to
fc55e98
Compare
shayne-fletcher
added a commit
to shayne-fletcher/monarch-1
that referenced
this pull request
Sep 19, 2025
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. adds a `pid_table` and a `Drop` impl that best-effort `SIGKILL`s recorded pids on `drop`. this replaces relying on `Child.kill_on_drop` now that the exit monitor owns the `Child`. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Differential Revision: D82846206
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
shayne-fletcher
added a commit
to shayne-fletcher/monarch-1
that referenced
this pull request
Sep 19, 2025
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. adds a `pid_table` and a `Drop` impl that best-effort `SIGKILL`s recorded pids on `drop`. this replaces relying on `Child.kill_on_drop` now that the exit monitor owns the `Child`. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Differential Revision: D82846206
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
fc55e98 to
178bf56
Compare
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
Summary: this wires `BootstrapProcManager `up to retain child process handles and drain stdout/stderr so processes don’t block on full pipes. output is sent into tracing for now; we’ll come back to structured log forwarding (like v0) in a later diff. a simple test confirms that dropping the manager tears down its children correctly (`kill_on_drop(true)`), with a /proc check on linux. this gives us safe baseline lifecycle management, with graceful shutdown and other improvements to follow. Reviewed By: mariusae Differential Revision: D82753182
Summary: this replaces the ad-hoc stdout/stderr draining with structured log forwarding, borrowing the v0 model in a lighter form. the proc manager now tees child output into writers that forward over a channel (set in `BOOTSTRAP_LOG_CHANNEL`). on the child side, `boot_v1` starts a `LogForwardActor` + `LogClientActor`, so logs are picked up and aggregated without blocking pipes. a small test shows a fake log making it through forwarder → client → tap. this isn’t full parity with v0’s tailer and global aggregation, but it’s the minimal working building block. Reviewed By: mariusae Differential Revision: D82763884
Summary: this diff lands `ProcStatus` and `ProcHandle` as the lifecycle surface for procs launched under bootstrap. the handle pairs a `ProcId` with the `Child` and tracks status through controlled `mark_*` transitions (starting → running → stopping → stopped/killed/failed). transitions are checked, illegal moves leave the state unchanged, and return values make that explicit in tests. this establishes the basic lifecycle API; the next step is to integrate these handles into `BootstrapProcManager` so that callers can observe and control proc lifecycles directly. Reviewed By: mariusae Differential Revision: D82827662
…ch#1282) Summary: integrates the `ProcStatus` / `ProcHandle` lifecycle surface into `BootstrapProcManager`. the manager now stores `ProcHandle`s instead of raw `Child`s, stamps `Running` on `spawn` when a pid is observable, wires `stdout`/`stderr` to `BOOTSTRAP_LOG_CHANNEL`, and runs an exit monitor that `wait()`s and records `Stopped(code)` or `Killed(signal, core_dumped)` via `ExitStatusExt`. illegal transitions are rejected and the `mark_*`s return `bool` to make that explicit in tests. adds `BootstrapProcManager::status(&ProcId)` for a snapshot of the current status. documents constructors, `transport()` (Unix), and clarifies `mark_running` as a best-effort OS-level liveness stamp, not a readiness guarantee. adds a `pid_table` and a `Drop` impl that best-effort `SIGKILL`s recorded pids on `drop`. this replaces relying on `Child.kill_on_drop` now that the exit monitor owns the `Child`. tests exercise handle transitions, clean exit and `SIGKILL` observed by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goes `Starting` -> `Stopped` without `Running`. the manager-drop test now tolerates linux zombie semantics by polling `/proc/<pid>/status` and accepting `Z` or disappearance. includes an unsafe justification for `libc::kill` in the `SIGKILL` test. graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now. Reviewed By: mariusae Differential Revision: D82846206
shayne-fletcher
force-pushed
the
export-D82846206
branch
from
178bf56 to
4233e72
Compare
|
@shayne-fletcher has exported this pull request. If you are a Meta employee, you can view the originating diff in D82846206. |
|
This pull request has been merged in d944cc1. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary:
integrates the
ProcStatus/ProcHandlelifecycle surface intoBootstrapProcManager. the manager now storesProcHandles instead of rawChilds, stampsRunningonspawnwhen a pid is observable, wiresstdout/stderrtoBOOTSTRAP_LOG_CHANNEL, and runs an exit monitor thatwait()s and recordsStopped(code)orKilled(signal, core_dumped)viaExitStatusExt. illegal transitions are rejected and themark_*s returnboolto make that explicit in tests.adds
BootstrapProcManager::status(&ProcId)for a snapshot of the current status. documents constructors,transport()(Unix), and clarifiesmark_runningas a best-effort OS-level liveness stamp, not a readiness guarantee.tests exercise handle transitions, clean exit and
SIGKILLobserved by the monitor, unknown-proc status, the “child already taken” path, pid disappearing once the monitor claims the child, and the fast-exit path that goesStarting->StoppedwithoutRunning. the manager-drop test now tolerates linux zombie semantics by polling/proc/<pid>/statusand acceptingZor disappearance. includes an unsafe justification forlibc::killin theSIGKILLtest.graceful shutdown (SIGTERM → wait → SIGKILL) remains a TODO. tombstone semantics in children are unchanged for now.
Differential Revision: D82846206