From 38e1844b59d023e1913882b23cbde0f311113c60 Mon Sep 17 00:00:00 2001 From: Peter Zijlstra Date: Tue, 24 May 2011 17:12:08 -0700 Subject: [PATCH] --- yaml --- r: 250897 b: refs/heads/master c: 6111e4ca6829a0e8b092b8e5eeb6b5366091f29c h: refs/heads/master i: 250895: 3e161ab6c8cf88a49a0d418644c82d034bc3e8b9 v: v3 --- [refs] | 2 +- trunk/mm/rmap.c | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/[refs] b/[refs] index f3df5761d74c..f58e83532706 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 25aeeb046e695c3093a86aa9386128ffb3b1bc32 +refs/heads/master: 6111e4ca6829a0e8b092b8e5eeb6b5366091f29c diff --git a/trunk/mm/rmap.c b/trunk/mm/rmap.c index c6044761617e..cc140811af56 100644 --- a/trunk/mm/rmap.c +++ b/trunk/mm/rmap.c @@ -320,8 +320,22 @@ void __init anon_vma_init(void) } /* - * Getting a lock on a stable anon_vma from a page off the LRU is - * tricky: page_lock_anon_vma rely on RCU to guard against the races. + * Getting a lock on a stable anon_vma from a page off the LRU is tricky! + * + * Since there is no serialization what so ever against page_remove_rmap() + * the best this function can do is return a locked anon_vma that might + * have been relevant to this page. + * + * The page might have been remapped to a different anon_vma or the anon_vma + * returned may already be freed (and even reused). + * + * All users of this function must be very careful when walking the anon_vma + * chain and verify that the page in question is indeed mapped in it + * [ something equivalent to page_mapped_in_vma() ]. + * + * Since anon_vma's slab is DESTROY_BY_RCU and we know from page_remove_rmap() + * that the anon_vma pointer from page->mapping is valid if there is a + * mapcount, we can dereference the anon_vma after observing those. */ struct anon_vma *page_lock_anon_vma(struct page *page) {