On Wed, Dec 03, 2014 at 10:31:44AM +0100, Lars Persson wrote: > Hi Leonid > > First let me describe the mechanism of this race condition, which was a > fault in the kernel's MIPS architecture code. Specifically in its > implementation of lazy dcache flushing. AFAIK, it would only hit on > systems where the pagein code path writes to the page from the CPU. > > The order of calls is: > flush_dcache_page() (from the FS's readpage) > set_pte_at() > update_mmu_cache() > > The thread number one has executed the set_pte_at() when thread number > two hits the same page. It finds a valid PTE and proceeds to execute > code from a page that is not yet flushed to the point of I/D coherency. > That flush would happen in update_mmu_cache(). > > My patch does increase number of cache flushes for CoW yes and there > could be an optimization opportunity by playing tricks with the pte_t to > include information about executability of the mapping. > > Reverting the patch is a big no-no, then we go back to a state of > undefined CPU behavior. The performance issues of this patch were fairly obvious when I applied the patch. At that time I choose correctness over performance. But it needs proper sorting. Too massive performance impact also is a bug and Leonid's sledgehammer approach to revoke the patch outright without anything better to replace it is not the right way either! Ralf
