Suren,
Sorry to review so late.
On Fri, Sep 22, 2023 at 06:31:44PM -0700, Suren Baghdasaryan wrote:
> diff --git a/mm/rmap.c b/mm/rmap.c
> index ec7f8e6c9e48..c1ebbd23fa61 100644
> --- a/mm/rmap.c
> +++ b/mm/rmap.c
> @@ -542,6 +542,7 @@ struct anon_vma *folio_lock_anon_vma_read(struct folio *folio,
> struct anon_vma *root_anon_vma;
> unsigned long anon_mapping;
>
> +repeat:
> rcu_read_lock();
> anon_mapping = (unsigned long)READ_ONCE(folio->mapping);
> if ((anon_mapping & PAGE_MAPPING_FLAGS) != PAGE_MAPPING_ANON)
> @@ -586,6 +587,18 @@ struct anon_vma *folio_lock_anon_vma_read(struct folio *folio,
> rcu_read_unlock();
> anon_vma_lock_read(anon_vma);
>
> + /*
> + * Check if UFFDIO_REMAP changed the anon_vma. This is needed
> + * because we don't assume the folio was locked.
> + */
> + if (unlikely((unsigned long) READ_ONCE(folio->mapping) !=
> + anon_mapping)) {
> + anon_vma_unlock_read(anon_vma);
> + put_anon_vma(anon_vma);
> + anon_vma = NULL;
> + goto repeat;
> + }
We have an open-coded fast path above this:
if (down_read_trylock(&root_anon_vma->rwsem)) {
/*
* If the folio is still mapped, then this anon_vma is still
* its anon_vma, and holding the mutex ensures that it will
* not go away, see anon_vma_free().
*/
if (!folio_mapped(folio)) {
up_read(&root_anon_vma->rwsem);
anon_vma = NULL;
}
goto out;
}
Would that also need such check?
> +
> if (atomic_dec_and_test(&anon_vma->refcount)) {
> /*
> * Oops, we held the last refcount, release the lock
> --
> 2.42.0.515.g380fc7ccd1-goog
>
--
Peter Xu
