Hi£º

Could the crash  related to this patch ? 
http://git.kernel.org/?p=linux/kernel/git/jeremy/xen.git;a=commitdiff;h=45bfd7bfc6cf32f8e60bb91b32349f0b5090eea3

Since now TLB state  change to TLBSTATE_OK(mmu_context.h:40) is before cpumask_clear_cpu(line 49).
Could it possible that right after execute line 40 of mmu_context.h,  CPU revice IPI from other CPU to 
flush the mm, and when in interrupt, find the TLB state happened to be TLBSTATE_OK. Which conflicts.

Thanks.

arch/x86/include/asm/mmu_context.h
 
33 static inline void switch_mm(struct mm_struct *prev, struct mm_struct *next,
 34 <+++<+++<+++     struct task_struct *tsk)
 35 {
 36 <+++unsigned cpu = smp_processor_id();
 37 
 38 <+++if (likely(prev != next)) {
 39 #ifdef CONFIG_SMP
 40 <+++<+++percpu_write(cpu_tlbstate.state, TLBSTATE_OK);
 41 <+++<+++percpu_write(cpu_tlbstate.active_mm, next);
 42 #endif
 43 <+++<+++cpumask_set_cpu(cpu, mm_cpumask(next));
 44 
 45 <+++<+++/* Re-load page tables */
 46 <+++<+++load_cr3(next->pgd);
 47 
 48 <+++<+++/* stop flush ipis for the previous mm */
 49 <+++<+++cpumask_clear_cpu(cpu, mm_cpumask(prev));