Subject: kern/13194: PR_WAITOK within LOCK: pool_get(..., PR_WAITOK) in syssrc/uvm/uvm_aobj.c:uao_find_swhash_elt
To: None <>
From: None <>
List: netbsd-bugs
Date: 06/13/2001 22:44:24
>Number:         13194
>Category:       kern
>Synopsis:       PR_WAITOK when lock held: syssrc/uvm/uvm_aobj.c:uao_find_swhash_elt
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Jun 13 15:43:01 PDT 2001
>Originator:     Sean Doran
>Release:        -current as of 14 Jun 2001
System: NetBSD 1.5W NetBSD 1.5W (SCREAM) #0: Mon Jun 11 06:42:43 CEST 2001 i386
Architecture: i386
Machine: i386

syssrc/arch/i386 is from sommerfeld_i386mp_1 branch

relevant(?) options:

options         MULTIPROCESSOR
options         COM_MPLOCK      # com MP locking; REQUIRED on MP i386
options         LOCKDEBUG
options         MPDEBUG
options         MPVERBOSE


Since 1.58 of syssrc/sys/kern/subr_pool.c there is an assertion that
no locks are held if pool_get is called with PR_WAITOK.

This trips in syssrc/uvm/uvm_aobj.c as of 1.43.  Relevant code is called
locked from uvm_pageout():

 * uao_find_swhash_elt: find (or create) a hash table entry for a page
 * offset.
 * => the object should be locked by the caller


         * allocate a new entry for the bucket and init/insert it in
        elt = pool_get(&uao_swhash_elt_pool, PR_WAITOK);

This triggers 

pool_get(PR_WAITOK) with held simple_lock 0xc02fbbfc CPU 1 ../../../../uvm/uvm_p
pool_get(c02fb860,2,e5075e34,c01c4b0d,25081) at pool_get+0x71
uao_find_swhash_elt(c02c93c0,25081,1,c01c5a00,c0256240) at uao_find_swhash_elt+0
uao_set_swslot(c02c93c0,25081,a,c01d63f0) at uao_set_swslot+0x61
uvmpd_scan_inactive(c02fbbf4,c0256240,355,c01d6bac,c0256240) at uvmpd_scan_inact
uvmpd_scan(e5063720,c01d6088,c01d6088,0,c0100baf) at uvmpd_scan+0x7c
uvm_pageout(e5063720) at uvm_pageout+0x144

	heavy bufcache use will cause pageout of anon pages which
	will drop you into ddb (if enabled), and one or more 'c'ontinues
	will result in the message above & a recovery

	no ddb -> crash
	restructure uao_find_swhash_elt to do NOWAIT