Hugh Dickins noticed that we were using rcu_dereference() without rcu_read_lock() in the cache charging routine. The patch below fixes this problem
Signed-off-by: Balbir Singh <[EMAIL PROTECTED]> --- mm/memcontrol.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff -puN mm/memcontrol.c~memory-controller-use-rcu-lead-lock mm/memcontrol.c --- linux-2.6.24-rc5/mm/memcontrol.c~memory-controller-use-rcu-lead-lock 2007-12-19 11:52:44.000000000 +0530 +++ linux-2.6.24-rc5-balbir/mm/memcontrol.c 2007-12-20 14:01:45.000000000 +0530 @@ -717,16 +717,20 @@ int mem_cgroup_charge(struct page *page, int mem_cgroup_cache_charge(struct page *page, struct mm_struct *mm, gfp_t gfp_mask) { + int ret = 0; struct mem_cgroup *mem; if (!mm) mm = &init_mm; + rcu_read_lock(); mem = rcu_dereference(mm->mem_cgroup); + css_get(&mem->css); + rcu_read_unlock(); if (mem->control_type == MEM_CGROUP_TYPE_ALL) - return mem_cgroup_charge_common(page, mm, gfp_mask, + ret = mem_cgroup_charge_common(page, mm, gfp_mask, MEM_CGROUP_CHARGE_TYPE_CACHE); - else - return 0; + css_put(&mem->css); + return ret; } /* _ -- Warm Regards, Balbir Singh Linux Technology Center IBM, ISTL -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/