From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Tue,  6 Feb 1996 07:08:51 -0500
From: forsyth@plan9.cs.york.ac.uk forsyth@plan9.cs.york.ac.uk
Subject: exec(2) problem?
Topicbox-Message-UUID: 3b0fff94-eac8-11e9-9e20-41e7f4b1d025
Message-ID: <19960206120851.ixsfmUsBAFr4nb2zQ9HHgcS6VeFdz0aebm8UOw9QQoo@z>

periodically one of the larger PC cpu servers here goes into an odd state.
a newly typed command hangs, as do subsequent commands, until the
first is interrupted, producing:

ls 17280: suicide: invalid address 0xb532 in sys call pc=0xe622
ls 17280: suicide: bad address in notify

it isn't just ls, and regardless of the actual command, the invalid
address and pc= are always the same, which i found rather eerie.
ps shows a Broken process with a 16Mbyte stack.
after this has happened once, it tends to happen frequently until
it affects something critical, and a reboot is required.

it turns out that 0xe622 is an address in /bin/rc.
term% db /bin/rc
386 binary
#0xe622?i
exec+#7?        RET
exec?i
exec?           MOVL	$#7,AX
exec+#5?        INTB	$#40
exec+#7?        RET

i'm fairly sure the problem arises when the process has committed
to Exec in sysexec in /sys/src/9/port/sysproc.c, but receives a note,
for instance during the tsleep in the resrcwait in imageattach.
if i delayed interrupting a hung ls, ^t^tp on the console
showed the hung process in Exec state in imagereclaim.
indeed, attachimage is probably the only chance for notes to
strike sysexec, since the close() and fdclose() calls
have got their own error handling.  

on my server, it probably runs out of images because conf.nimage is only 50.
it's easy to increase that to decrease the chance of this happening,
but that only addresses the symptom.

if i'm right about the source of the problem, what's the best fix?
defer notes after committing to the exec?  keep the process in
attachimage() until it succeeds?