kern/56603: uvm: possible ABBA deadlocks

[baijiaju1990%gmail.com@localhost]

>Number:         56603
>Category:       kern
>Synopsis:       uvm: possible ABBA deadlocks
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jan 04 03:50:00 +0000 2022
>Originator:     Jia-Ju Bai
>Release:        9.2
>Organization:
Tsinghua University
>Environment:
NetBSD localhost 9.2 NetBSD 9.2 (GENERIC) #0: Wed May 12 13:15:55 UTC 2021  mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64
>Description:
Hello,

My static analysis tool reports two possible ABBA deadlocks in the uvm module in NetBSD-9.2:

# BUG1:
uvmpdpol_selectvictim()
  mutex_enter(&pg->interlock); --> Line 268 (Lock A)
  mutex_enter(&s->lock); --> Line 328 (Lock B)

uvmpdpol_balancequeue()
  mutex_enter(&s->lock); --> Line 371 (Lock B)
  mutex_enter(&pg->interlock); --> Line 390 (Lock A)

When uvmpdpol_selectvictim() and uvmpdpol_balancequeue() are concurrently executed, a deadlock can occur.

# BUG2:
uvmpdpol_selectvictim()
  mutex_enter(&pg->interlock); --> Line 268 (Lock A)
  mutex_enter(&s->lock); --> Line 328 (Lock B)

uvmpdpol_flush()
  mutex_enter(&s->lock); --> Line 732 (Lock B)
  mutex_enter(&pg->interlock); --> Line 755 (Lock A)

When uvmpdpol_selectvictim() and uvmpdpol_flush() are concurrently executed, a deadlock can occur.

I am not quite sure whether these possible deadlocks are real and how to fix them if them are real.
Any feedback would be appreciated, thanks

Reported-by: TOTE Robot <oslab%tsinghua.edu.cn@localhost>

>How-To-Repeat:
Concurrently run uvmpdpol_selectvictim() and uvmpdpol_balancequeue() or uvmpdpol_flush(). 
>Fix:
I do not know how to fix them.