[PATCH V3 1/2] mm: avoid marking swap cached page as lazyfree

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

From: Shaohua Li <shli@kernel.org>
To: linux-mm@kvack.org
Cc: asavkov@redhat.com, Kernel-team@fb.com, Shaohua Li <shli@fb.com>,
	stable@vger.kernel.org, Johannes Weiner <hannes@cmpxchg.org>,
	Michal Hocko <mhocko@suse.com>,
	Hillf Danton <hillf.zj@alibaba-inc.com>,
	Minchan Kim <minchan@kernel.org>, Hugh Dickins <hughd@google.com>,
	Mel Gorman <mgorman@techsingularity.net>,
	Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCH V3 1/2] mm: avoid marking swap cached page as lazyfree
Date: Tue, 26 Sep 2017 10:26:25 -0700	[thread overview]
Message-ID: <6537ef3814398c0073630b03f176263bc81f0902.1506446061.git.shli@fb.com> (raw)
In-Reply-To: <cover.1506446061.git.shli@fb.com>
In-Reply-To: <cover.1506446061.git.shli@fb.com>

From: Shaohua Li <shli@fb.com>

MADV_FREE clears pte dirty bit and then marks the page lazyfree (clear
SwapBacked). There is no lock to prevent the page is added to swap cache
between these two steps by page reclaim. Page reclaim could add the page
to swap cache and unmap the page. After page reclaim, the page is added
back to lru. At that time, we probably start draining per-cpu pagevec
and mark the page lazyfree. So the page could be in a state with
SwapBacked cleared and PG_swapcache set. Next time there is a refault in
the virtual address, do_swap_page can find the page from swap cache but
the page has PageSwapCache false because SwapBacked isn't set, so
do_swap_page will bail out and do nothing. The task will keep running
into fault handler.

Reported-and-tested-by: Artem Savkov <asavkov@redhat.com>
Fix: 802a3a92ad7a(mm: reclaim MADV_FREE pages)
Signed-off-by: Shaohua Li <shli@fb.com>
Cc: stable@vger.kernel.org
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Hillf Danton <hillf.zj@alibaba-inc.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Andrew Morton <akpm@linux-foundation.org>
Reviewed-by: Rik van Riel <riel@redhat.com>
---
 mm/swap.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mm/swap.c b/mm/swap.c
index 9295ae9..a77d68f 100644
--- a/mm/swap.c
+++ b/mm/swap.c
@@ -575,7 +575,7 @@ static void lru_lazyfree_fn(struct page *page, struct lruvec *lruvec,
 			    void *arg)
 {
 	if (PageLRU(page) && PageAnon(page) && PageSwapBacked(page) &&
-	    !PageUnevictable(page)) {
+	    !PageSwapCache(page) && !PageUnevictable(page)) {
 		bool active = PageActive(page);
 
 		del_page_from_lru_list(page, lruvec,
@@ -665,7 +665,7 @@ void deactivate_file_page(struct page *page)
 void mark_page_lazyfree(struct page *page)
 {
 	if (PageLRU(page) && PageAnon(page) && PageSwapBacked(page) &&
-	    !PageUnevictable(page)) {
+	    !PageSwapCache(page) && !PageUnevictable(page)) {
 		struct pagevec *pvec = &get_cpu_var(lru_lazyfree_pvecs);
 
 		get_page(page);
-- 
2.9.5

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

next prev parent reply	other threads:[~2017-09-26 17:26 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-09-26 17:26 [PATCH V3 0/2] mm: fix race condition in MADV_FREE Shaohua Li
2017-09-26 17:26 ` Shaohua Li [this message]
2017-09-26 19:25   ` [PATCH V3 1/2] mm: avoid marking swap cached page as lazyfree Johannes Weiner
2017-09-26 20:23   ` Michal Hocko
2017-09-26 23:20   ` Minchan Kim
2017-09-26 17:26 ` [PATCH V3 2/2] mm: fix data corruption caused by lazyfree page Shaohua Li
2017-09-26 19:40   ` Johannes Weiner
2017-09-26 19:46     ` Shaohua Li
2017-09-26 23:20   ` Minchan Kim

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6537ef3814398c0073630b03f176263bc81f0902.1506446061.git.shli@fb.com \
    --to=shli@kernel.org \
    --cc=Kernel-team@fb.com \
    --cc=akpm@linux-foundation.org \
    --cc=asavkov@redhat.com \
    --cc=hannes@cmpxchg.org \
    --cc=hillf.zj@alibaba-inc.com \
    --cc=hughd@google.com \
    --cc=linux-mm@kvack.org \
    --cc=mgorman@techsingularity.net \
    --cc=mhocko@suse.com \
    --cc=minchan@kernel.org \
    --cc=shli@fb.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox