In collapse_file(), after locking the page, it is necessary to recheck
that the page is up-to-date, clean, and pointing to the proper mapping.
If any check fails, abort the collapse.
Fixes: 99cb0dbd47a1 ("mm,thp: add read-only THP support for (non-shmem) FS")
Cc: Kirill A. Shutemov <kirill.shute...@linux.intel.com>
Cc: Johannes Weiner <han...@cmpxchg.org>
Cc: Hugh Dickins <hu...@google.com>
Cc: William Kucharski <william.kuchar...@oracle.com>
Cc: Andrew Morton <a...@linux-foundation.org>
Signed-off-by: Song Liu <songliubrav...@fb.com>
---
mm/khugepaged.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/mm/khugepaged.c b/mm/khugepaged.c
index 0a1b4b484ac5..7da49b643c4d 100644
--- a/mm/khugepaged.c
+++ b/mm/khugepaged.c
@@ -1619,6 +1619,14 @@ static void collapse_file(struct mm_struct *mm,
result = SCAN_PAGE_LOCK;
goto xa_locked;
}
+
+ /* double check the page is correct and clean */
+ if (unlikely(!PageUptodate(page)) ||
+ unlikely(PageDirty(page)) ||
+ unlikely(page->mapping != mapping)) {
+ result = SCAN_FAIL;
+ goto out_unlock;
+ }
}
/*
--
2.17.1
