Commit e9ef9dd3 authored by Huang Ying's avatar Huang Ying

mm, swap: fix swapoff with KSM pages

commit 7af7a8e1 upstream.

KSM pages may be mapped to the multiple VMAs that cannot be reached from
one anon_vma.  So during swapin, a new copy of the page need to be
generated if a different anon_vma is needed, please refer to comments of
ksm_might_need_to_copy() for details.

During swapoff, unuse_vma() uses anon_vma (if available) to locate VMA and
virtual address mapped to the page, so not all mappings to a swapped out
KSM page could be found.  So in try_to_unuse(), even if the swap count of
a swap entry isn't zero, the page needs to be deleted from swap cache, so
that, in the next round a new page could be allocated and swapin for the
other mappings of the swapped out KSM page.

But this contradicts with the THP swap support.  Where the THP could be
deleted from swap cache only after the swap count of every swap entry in
the huge swap cluster backing the THP has reach 0.  So try_to_unuse() is
changed in commit e0709829 ("mm, THP, swap: support to reclaim swap
space for THP swapped out") to check that before delete a page from swap
cache, but this has broken KSM swapoff too.

Fortunately, KSM is for the normal pages only, so the original behavior
for KSM pages could be restored easily via checking PageTransCompound().
That is how this patch works.

The bug is introduced by e0709829 ("mm, THP, swap: support to reclaim
swap space for THP swapped out"), which is merged by v4.14-rc1.  So I
think we should backport the fix to from 4.14 on.  But Hugh thinks it may
be rare for the KSM pages being in the swap device when swapoff, so nobody
reports the bug so far.

Fixes: e0709829 ("mm, THP, swap: support to reclaim swap space for THP swapped out")
Signed-off-by: default avatar"Huang, Ying" <>
Reported-by: default avatarHugh Dickins <>
Tested-by: default avatarHugh Dickins <>
Acked-by: default avatarHugh Dickins <>
Cc: Rik van Riel <>
Cc: Johannes Weiner <>
Cc: Minchan Kim <>
Cc: Shaohua Li <>
Cc: Daniel Jordan <>
Cc: <>
Signed-off-by: default avatarAndrew Morton <>
Signed-off-by: default avatarLinus Torvalds <>
Signed-off-by: default avatarGreg Kroah-Hartman <>
......@@ -2197,7 +2197,8 @@ int try_to_unuse(unsigned int type, bool frontswap,
if (PageSwapCache(page) &&
likely(page_private(page) == entry.val) &&
(!PageTransCompound(page) ||
!swap_page_trans_huge_swapped(si, entry)))
