\documentclass{article}
\input{6828-preamble}

\begin{document}
\psetnum{23}
\date{2004/12/03}

\begin{pset}
  \begin{problem}
    While implementing \texttt{fork()}, I ran into a problem where the
    physical page refcount was not being properly updated when a
    copy-on-write page was copied-on-write. This led to a page being
    placed back on the free list while it was still mapped, which led
    to some very, very strange behavior when that page was then
    allocated and mapped for some other purpose, while still being
    mapped in its original place.

    A metacompiler that enforced a page refcount invariant would have
    caught this error. It could ensure that the refcount was actually
    the number of mappings in any environment's address space for that
    page, that pages on the free list were not mapped anyway, etc.

    (It probably would have been useful to have a stronger abstraction
    around page directories, page tables, and the physical page
    structures such that it wasn't necessary to manipulate page table
    entries directly and adjust refcounts in so many places. If I'd
    thought of it at the time (and I had time for such things), I'd
    probably redesign the code to implement this.)
  \end{problem}
\end{pset}
\end{document}