Correct (assuming it's coded correctly).
> > Consider copy_page_range from mm1 or __pte_alloc in mm1
> > while try_to_swap_out is acting on shared page table in mm2. In fact,
> > I think even the read faults are vulnerable to races (mm1 and mm2
> > bringing page in at the same time so double-counting it), since your
> > __pte_alloc doesn't regard a read fault as reason to break the share.
> This is exactly what I've been considering, intensively, for days.
> (Sleeping has been optional ;-) Please re-evaluate this in light of the
> exclusive owner observation above.
I only see such page_count code under zap_page_range, and in __pte_alloc
for write-access case. mm/vmscan.c isn't even in the patch (I'm looking
at the one you emailed on Saturday night), and there's no code of that
kind in the header files in the patch.
So how is the page_table_lock taken by swap_out effective when it's
dealing with a page table shared by another mm than the one it is
locking? And when handling a read-fault, again no such code (but
when handling a write-fault, __pte_alloc has unshared in advance).
Since copy_page_range would not copy shared page tables, I'm wrong to
point there. But __pte_alloc does copy shared page tables (to unshare
them), and needs them to be stable while it does so: so locking against
swap_out really is required. It also needs locking against read faults,
and they against each other: but there I imagine it's just a matter of
dropping the write arg to __pte_alloc, going back to pte_alloc again.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/