On 06/02/2016 02:25 AM, Minchan Kim wrote:
On Wed, Jun 01, 2016 at 04:09:26PM +0200, Vlastimil Babka wrote:
On 06/01/2016 01:21 AM, Minchan Kim wrote:
+ reset_page(page);
+ put_page(page);
+ page = newpage;
+
+ ret = 0;
+unpin_objects:
+ for (addr = s_addr + offset; addr < s_addr + pos;
+ addr += class->size) {
+ head = obj_to_head(page, addr);
+ if (head & OBJ_ALLOCATED_TAG) {
+ handle = head & ~OBJ_ALLOCATED_TAG;
+ if (!testpin_tag(handle))
+ BUG();
+ unpin_tag(handle);
+ }
+ }
+ kunmap_atomic(s_addr);
The above seems suspicious to me. In the success case, page points to
newpage, but s_addr is still the original one?
s_addr is virtual adress of old page by kmap_atomic so page pointer of
new page doesn't matter.
Hmm, I see. The value (head address/handle) it reads from the old page
should be the same as the one in the newpage. And this value doesn't get
changed in the process. So it works, it's just subtle :)
