On Thu, 21 Oct 2021 18:46:58 -0700 Suren Baghdasaryan <surenb@xxxxxxxxxx> wrote: > Race between process_mrelease and exit_mmap, where free_pgtables is > called while __oom_reap_task_mm is in progress, leads to kernel crash > during pte_offset_map_lock call. oom-reaper avoids this race by setting > MMF_OOM_VICTIM flag and causing exit_mmap to take and release > mmap_write_lock, blocking it until oom-reaper releases mmap_read_lock. > Reusing MMF_OOM_VICTIM for process_mrelease would be the simplest way to > fix this race, however that would be considered a hack. Fix this race > by elevating mm->mm_users and preventing exit_mmap from executing until > process_mrelease is finished. Patch slightly refactors the code to adapt > for a possible mmget_not_zero failure. > This fix has considerable negative impact on process_mrelease performance > and will likely need later optimization. Has the impact been quantified? And where's the added cost happening? The changes all look quite lightweight?
