cvs commit: src/sys/kern kern_sig.c

[David Xu]

Scott Long wrote:

> David Xu wrote:
>
>> Julian Elischer wrote:
>>
>>>>
>>>>
>>>>>> The alternative, of course, is to just fix the code that assumes
>>>>>> that swapping doesn't exist.
>>>>>>
>>>>>>     
>>>>>
>>>>>
>>>>>
>>>>> First find all code written in such way, but it is not that easy.
>>>>>   
>>>>
>>>>
>>>>
>>>>
>>>> True.  If we changed msleep() to disable swapping by default, then
>>>> we wouldn't have to worry about correctness problems related to
>>>> missing some.
>>>>  
>>>>
>>>
>>> adding the flag to ENABLE swapping would be ABI compatible.
>>>
>>>
>> how about adding a PNOSWAP to msleep ?  but I won't trust the kernel
>> under swapping, because they can not give me 100% guarantee, my
>> machine crashes several times per-month, even when fscking at boot time,
>> mostly it is a page fault.
>>
>> David Xu
>>
>>
>>
>>
>>
>
> An msleep/tsleep option doesn't solve the problem because the the msleep
> might happen several layers down from where the stack abuse is taking
> place, and thus the caller would have no idea that it's needed.

But it at least can help a piece of code managed by a single guy.

>   The fix
> for sigwait() is easy and can be applied without hacking in new options
> that have limited value.  I don't argue that similar problems might
> exist elsewhere, but swappable kstacks have been part of BSD since
> before most of us knew where the power switch was on our Ataris, so it's
> likely not to be a wide-spread and fundamental problem in the code.  I'd
> be in favor of adding diagnostics that help catch these problems and
> report them, but just throwing away kstack swapping in leiu of taking
> the 2 minutes to fix sigwait() is pretty silly.
>
Yes, sigwait is simple, but  my umtx code is also broken by this silly 
swapping
code, now I have to fill malloc/free/retry/lock_order_reversal_work_around
all over the code.

> Scott
>
>