On 2/5/26 08:30, Lance Yang wrote: ... >> Are there cases where ongoing concurrent lockless page-table walks need >> to see the writes and they can't tolerate seeing valid but slightly >> stale data? > > The issue is we're about to free the page table (e.g. > pmdp_collapse_flush()). > > We have to ensure no walker is still doing a lockless page-table walk > when the page directories are freed, otherwise we get use-after-free.
But isn't this already solved by the existing RCU freeing approach documented above tlb_remove_table_smp_sync()? This seems like a rather classic way to use RCU: wait to free until RCU says there can't be a reader any more. You don't have to sit there and wait for it, you just use call_rcu() which will hold off the free until it's safe.
