It seems to me that there is a race in this code in zap_pte_range,
because there is a gap between when we read the pte and when we clear
it:
for (offset=0; offset < size; ptep++, offset += PAGE_SIZE) {
pte_t pte = *ptep;
if (pte_none(pte))
continue;
if (pte_present(pte)) {
unsigned long pfn = pte_pfn(pte);
pte_clear(ptep);
Isn't it possible that another cpu could set the dirty bit in the pte
between the "pte = *ptep" and the "pte_clear(ptep)"? In my case
another cpu could also set the "has hash-table entry" bit.
Shouldn't we do this as "pte = ptep_get_and_clear(ptep)", at least in
the case where we are unmapping stuff?
Paul.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu May 23 2002 - 22:00:24 EST