On 06/08, Konstantin Khlebnikov wrote: > > Oleg Nesterov wrote: >> On 06/08, Konstantin Khlebnikov wrote: >>> >>> As result you can see "BUG: Bad rss-counter state mm:ffff88040783a680 idx:1 val:-1" in dmesg >>> >>> There left only one problem: nobody calls sync_mm_rss() after put_user() in mm_release(). >> >> Both callers call sync_mm_rss() to make check_mm() happy. But please >> see the changelog, I think we should move it into mm_release(). See >> the patch below (on top of v2 I sent). I need to recheck. > > Patch below broken: it removes one hunk from kernel/exit.c twice. > And it does not add anything into mm_release(). Yes, sorry. But I guess you understand the intent, mm_release() should simply do sync_mm_rss() after put_user(clear_child_tid) unconditionally. If task->mm == NULL but task->rss_stat, then there is something wrong and probably OOPS makes sense. Oleg. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>