On Tue, Sep 26, 2017 at 10:26:26AM -0700, Shaohua Li wrote: > From: Shaohua Li <shli@xxxxxx> > > MADV_FREE clears pte dirty bit and then marks the page lazyfree (clear > SwapBacked). There is no lock to prevent the page is added to swap cache > between these two steps by page reclaim. If page reclaim finds such > page, it will simply add the page to swap cache without pageout the page > to swap because the page is marked as clean. Next time, page fault will > read data from the swap slot which doesn't have the original data, so we > have a data corruption. To fix issue, we mark the page dirty and pageout > the page. > > However, we shouldn't dirty all pages which is clean and in swap cache. > swapin page is swap cache and clean too. So we only dirty page which is > added into swap cache in page reclaim, which shouldn't be swapin page. > As Minchan suggested, simply dirty the page in add_to_swap can do the > job. > > Reported-by: Artem Savkov <asavkov@xxxxxxxxxx> > Fix: 802a3a92ad7a(mm: reclaim MADV_FREE pages) > Signed-off-by: Shaohua Li <shli@xxxxxx> Acked-by: Minchan Kim <minchan@xxxxxxxxxx>