On Mon, Feb 28, 2011 at 03:18:47PM +0100, Peter Zijlstra wrote: > On Mon, 2011-02-28 at 12:44 +0100, Peter Zijlstra wrote: > > unmap_region() > > tlb_gather_mmu() > > unmap_vmas() > > for (; vma; vma = vma->vm_next) > > unmao_page_range() > > tlb_start_vma() -> flush cache range > > So why is this correct? Can't we race with a concurrent access to the > memory region (munmap() vs other thread access race)? While > unmap_region() callers will have removed the vma from the tree so faults > will not be satisfied, TLBs might still be present and allow us to > access the memory and thereby reloading it in the cache. It is my understanding that code sections between tlb_gather_mmu() and tlb_finish_mmu() are non-preemptible - that was the case once upon a time when this stuff first appeared. If that's changed then that change has introduced an unnoticed bug. -- Russell King Linux kernel 2.6 ARM Linux - http://www.arm.linux.org.uk/ maintainer of: -- To unsubscribe from this list: send the line "unsubscribe linux-arch" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
