On Mon, Feb 25, 2019 at 2:11 PM Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote: > > On 2019/02/26 6:55, Joel Fernandes wrote: > >> @@ -763,6 +767,8 @@ static int ashmem_pin_unpin(struct ashmem_area *asma, unsigned long cmd, > >> > >> out_unlock: > >> mutex_unlock(&ashmem_mutex); > >> + if (range) > >> + kmem_cache_free(ashmem_range_cachep, range); > > > > This seems a bit broken to me. Once a range has been added to the LRU list, > > it is then being freed here. So then the ashmem_lru_list will contain a > > dangling range, right? > > If this range was used in range_alloc(), range == NULL here due to > > + struct ashmem_range *range = *new_range; > > + *new_range = NULL; > > . Thus, this range won't be freed here if range_alloc() was called. What am I missing? Sorry, this message is stale. I take it back, I was supposed to delete it before I made the Reviewed-by tag.. You didn't miss anything.. Please only infer the "Reviewed-by" tag from my reply and ignore this message. _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
