kernel - Fix i386 wire_count panics
* Tracked down to a situation where a pmap structure is being dtor'd by
the objcache simultaniously with a vm_page_protect() operation on
a page table page's vm_page_t.
(1) vm_page_protect() begins running, finds page table page to remove,
removes the related pv_entry, but then gets stuck waiting for the
pmap->pm_pteobj (vm_object token).
(2) Exit on another thread simultaniously removes all remaining VM
pages from the pmap. However, due to #(1), there is still an
active page table page in pmap->pm_pteobj that the exit code has
no visibility to.
(3) The related pmap is then dtor'd due to heavy fork/exec/exit load
on the system. The VM page is still present, vm_page_protect()
is still stuck on the token (or hasn't gotten cpu back).
(4) Nominal vm_object_terminate() destroys the page table page.
(5) vm_page_protect() unblocks and tries to destroy the page.
(6) BOOM.
* This fix places a barrier between the normal process exit code and the
dtor which will block while a vm_page_protect() is active on the pmap.
* This time for sure, but if not we still know that the problem is related
to this exit race.
nant's projects / dragonfly.git / commit