Lock always the address space if we changing the virtual mapping. 
This is necessary because we can create or remove a page table.
Modified: trunk/reactos/ntoskrnl/mm/anonmem.c

Modified: trunk/reactos/ntoskrnl/mm/anonmem.c
--- trunk/reactos/ntoskrnl/mm/anonmem.c	2005-10-29 13:43:09 UTC (rev 18847)
+++ trunk/reactos/ntoskrnl/mm/anonmem.c	2005-10-29 14:09:00 UTC (rev 18848)
@@ -171,6 +171,7 @@
     */
    if (!WasDirty)
    {
+      MmLockAddressSpace(AddressSpace);
       MmDeleteVirtualMapping(AddressSpace->Process, Address, FALSE, NULL, NULL);
       MmDeleteAllRmaps(Page, NULL, NULL);
       if ((SwapEntry = MmGetSavedSwapEntryPage(Page)) != 0)
@@ -178,6 +179,7 @@
          MmCreatePageFileMapping(AddressSpace->Process, Address, SwapEntry);
          MmSetSavedSwapEntryPage(Page, 0);
       }
+      MmUnlockAddressSpace(AddressSpace);
       MmReleasePageMemoryConsumer(MC_USER, Page);
       PageOp->Status = STATUS_SUCCESS;
       KeSetEvent(&PageOp->CompletionEvent, IO_NO_INCREMENT, FALSE);
@@ -222,8 +224,10 @@
     * Otherwise we have succeeded, free the page
     */
    DPRINT("MM: Swapped out virtual memory page 0x%.8X!\n", Page << PAGE_SHIFT);
+   MmLockAddressSpace(AddressSpace);
    MmDeleteVirtualMapping(AddressSpace->Process, Address, FALSE, NULL, NULL);
    MmCreatePageFileMapping(AddressSpace->Process, Address, SwapEntry);
+   MmUnlockAddressSpace(AddressSpace);
    MmDeleteAllRmaps(Page, NULL, NULL);
    MmSetSavedSwapEntryPage(Page, 0);
    MmReleasePageMemoryConsumer(MC_USER, Page);
@@ -997,7 +1001,7 @@
    Info->BaseAddress = RegionBase;
    Info->AllocationBase = MemoryArea->StartingAddress;
    Info->AllocationProtect = MemoryArea->Attributes;
-   Info->RegionSize = (char*)RegionBase + Region->Length - (char*)Info->BaseAddress;
+   Info->RegionSize = Region->Length;
    Info->State = Region->Type;
    Info->Protect = Region->Protect;
    Info->Type = MEM_PRIVATE;