On 25.05.23 12:06, Karim Manaouil wrote:
Hi, In do_anonymous_page(), a new page is allocated and zeroed, and the corresponding page struct is initialised (setting flags PageUptodate, PageSwapBacked, etc. and initialising the various counters). Then, set_pte_at() is called directly without calling smp_wmb() to make the updates above visible on other CPUs. This could race with a page table walker. The walker can read the new pte and try to access the page struct or the page content before the changes above were made visible.
Only after acquiring the page table lock (which the writer first has to release), right?
-- Thanks, David / dhildenb
