Jason R Thorpe <thorpej@netbsd.org> writes:

> Change the pmap_enter() API slightly; pmap_enter() now returns an error
> value (KERN_SUCCESS or KERN_RESOURCE_SHORTAGE) indicating if it succeeded
> or failed.  Change the `wired' and `access_type' arguments to a single
> `flags' argument, which includes the access type, and flags:
> 
> 	PMAP_WIRED	the old `wired' boolean
> 	PMAP_CANFAIL	pmap_enter() is allowed to fail

First of all, converting a vm_prot_t to an int and stuffing unrelated
bits into it is at the very least a type violation.

> Change the fault handler to deal with failure (which indicates resource
> shortage) by unlocking everything, waiting for the pagedaemon to free
> more memory, then retrying the fault.

Secondly, the implications for pmap implementations are not
sufficiently documented.  For example, if a pmap were to allocate a
new page for pv_entry structures or a page table page, and then
release it on failure, it's possible for the process to starve
indefinitely if another process is chewing up memory as it becomes
available.  Thus, this change requires that pmap_enter() never free
pages that it allocated.

Lastly, this is yet another change that should have been put up for
review on tech-kern in advance.