linux/mm/mmap.c
Imported from
_research/manual-study-linux/file-notes/linux__mm__mmap.c.md.
File Notes: mm/mmap.c
Status: reviewed.
Purpose
Implements virtual-memory-area creation, lookup, expansion, duplication, and
teardown around mmap(), munmap(), brk(), process fork, the maple tree VMA
index, and the mmap_lock.
Key Types And Functions
SYSCALL_DEFINE1(brk): adjusts the process heap.SYSCALL_DEFINE6(mmap_pgoff): syscall entry formmap.do_mmap(): validates mapping requests and callsmmap_region().find_vma(),find_vma_intersection(),find_vma_prev(): VMA lookup over the maple tree.expand_stack()andmmap_read_lock_maybe_expand(): stack-growth paths that may upgrade from read-side to write-side locking.do_munmap(),vm_munmap(),SYSCALL_DEFINE2(munmap): unmap entry points.dup_mmap(): clones a process address-space VMA layout during fork.
Data Flow
mmap_pgoff() enters with syscall arguments, resolves flags and optional file
state, and routes into do_mmap(). do_mmap() requires the caller to hold
current->mm->mmap_lock for writing, validates length and offset overflow,
checks map-count limits, asks the architecture/address-space policy for an
unmapped range, validates fixed-address collision rules, and splits file-backed
from anonymous mappings before delegating insertion to mmap_region().
VMA lookup is tree-based. find_vma_intersection() and find_vma() use the
mm->mm_mt maple tree rather than scanning a linear list. Previous/next lookup
uses VMA_ITERATOR, allowing update paths to walk adjacent regions while
keeping tree state local to the iterator.
munmap() goes through do_munmap() and do_vmi_munmap(), making unmap a VMA
iterator operation rather than a separate list-specific path. Fork uses
dup_mmap() to duplicate the maple tree, filter VM_DONTCOPY ranges, allocate
new VMA descriptors, copy anon/file metadata, open VMA operations, insert file
mapping interval-tree state, and finally copy page tables.
Invariants And Safety Contracts
do_mmap()asserts the write side ofmmap_lock.- Fixed mappings must not silently replace an existing mapping when
MAP_FIXED_NOREPLACEis set. - Stack expansion can drop a read lock, acquire the write lock, update the VMA, and downgrade back to a read lock for callers that expect read-side coverage.
- Forked VMA copies must unwind partially duplicated tree, file, anon-vma, and page-table state on failure.
Rust Translation Guidance
Model the VMA tree as an address-space-owned interval map with mutation methods
requiring a MmapWriteGuard. Lookup can return read-guard-tied VMA handles.
Fork should be an explicit builder that stages descriptor allocation, anon/file
reference acquisition, operation callbacks, and page-table copy so cleanup is
automatic if any stage fails.
AI-Native Systems Guidance
The VMA map is a strong pattern for agent memory: keep region metadata indexed by address or logical context span, make region insertion explicit, reject conflicting fixed placements, and treat lazy stack/context growth as a lock upgrade with retry semantics rather than an invisible side effect.
Evidence
brk()syscall entry is atmm/mmap.c:116.do_mmap()is documented atmm/mmap.c:280-335and begins at line 336.do_mmap()asserts the write-heldmmap_lockatmm/mmap.c:347.- Request validation covers zero length, page alignment, offset overflow, and
map-count limits at
mm/mmap.c:349-380. - Address selection and fixed-range collision checks are at
mm/mmap.c:405-414. MAP_LOCKED, file-backed, and anonymous mapping policy branches are atmm/mmap.c:417-543.MAP_NORESERVE,mmap_region(), and populate decisions are atmm/mmap.c:546-565.mmap_pgoff()and the old mmap wrapper are atmm/mmap.c:613-635.- Maple-tree VMA lookup is implemented by
find_vma_intersection()andfind_vma()atmm/mmap.c:876-910. - Stack expansion lock upgrade/downgrade is implemented at
mm/mmap.c:1015-1052andmm/mmap.c:1700-1729. do_munmap(),vm_munmap(), andmunmap()syscall entry are atmm/mmap.c:1054-1080.dup_mmap()takes old/new mmap locks, duplicates the maple tree, copies VMA metadata, invokes VMA open hooks, inserts file interval-tree state, and callscopy_page_range()atmm/mmap.c:1731-1840.