On 2017/6/6 23:56, Oleg Nesterov wrote: > I can't answer authoritatively, but > > On 06/06, zhong jiang wrote: >> Hi >> >> when I review the code, I find the following scenario will lead to a race , >> but I am not sure whether the real issue will hit or not. >> >> cpu1 cpu2 >> exit_mmap mmu_notifier_unregister >> __mmu_notifier_release srcu_read_lock >> srcu_read_lock >> mm->ops->release(mn, mm) mm->ops->release(mn,mm) >> srcu_read_unlock srcu_read_unlock >> >> >> obviously, the specified mm will call identical release function when >> the related condition satisfy. is it right? > I think you are right, this is possible, perhaps the comments should mention > this explicitly. > > See the changelog in d34883d4e35c0a994e91dd847a82b4c9e0c31d83 "mm: mmu_notifier: > re-fix freed page still mapped in secondary MMU": > > "multiple ->release() callouts", we needn't care it too much ... > > Oleg. > > > . > Thank you for clarification. yes, I see that the author admit that this is a issue. The patch describe that it is really rare. Anyway, this issue should be fixed in a separate patch. but so far the issue still exist unfortunately. Regards zhongjiang -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
