[PATCH] memcg: fix Bad page state after replace_page_cache

From: Hugh Dickins
Date: Thu Apr 19 2012 - 02:35:09 EST

My 9ce70c0240d0 "memcg: fix deadlock by inverting lrucare nesting" put a
nasty little bug into v3.3's version of mem_cgroup_replace_page_cache(),
sometimes used for FUSE. Replacing __mem_cgroup_commit_charge_lrucare()
by __mem_cgroup_commit_charge(), I used the "pc" pointer set up earlier:
but it's for oldpage, and needs now to be for newpage. Once oldpage was
freed, its PageCgroupUsed bit (cleared above but set again here) caused
"Bad page state" messages - and perhaps worse, being missed from newpage.
(I didn't find this by using FUSE, but in reusing the function for tmpfs.)

Signed-off-by: Hugh Dickins <hughd@xxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx [v3.3 only]

mm/memcontrol.c | 1 +
1 file changed, 1 insertion(+)

--- 3.4-rc3/mm/memcontrol.c 2012-04-15 20:47:37.151777506 -0700
+++ linux/mm/memcontrol.c 2012-04-18 22:29:18.490639511 -0700
@@ -3392,6 +3392,7 @@ void mem_cgroup_replace_page_cache(struc
* the newpage may be on LRU(or pagevec for LRU) already. We lock
* LRU while we overwrite pc->mem_cgroup.
+ pc = lookup_page_cgroup(newpage);
__mem_cgroup_commit_charge(memcg, newpage, 1, pc, type, true);

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/