Despite the additional locking added around rmap_walk_anon, bad references still manage to trigger on ppc64. The most likely cause is a use-after-free but it's not clear if it's due to a locking problem or something ppc64 specific. This patch somewhat works around the problem by checking the contents of the anon_vma make sense before using it but it needs reviewing by eyes familiar with the page migration code to try spot where the real problem lies. Signed-off-by: Mel Gorman <mel@xxxxxxxxx> --- mm/rmap.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/mm/rmap.c b/mm/rmap.c index fb695d3..462ac86 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -1237,6 +1237,8 @@ static int rmap_walk_anon(struct page *page, int (*rmap_one)(struct page *, anon_vma = page_anon_vma(page); if (!anon_vma) goto out_rcu_unlock; + if (!anon_vma->head.next) + goto out_rcu_unlock; spin_lock(&anon_vma->lock); /* -- 1.6.5 -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxxx For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>