mm/memcontrol.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)
From: Qi Zheng <zhengqi.arch@bytedance.com>
Reset pn->orig_objcg to NULL to prevent obj_cgroup_put()
from being called agagin in __mem_cgroup_free().
Reported-by: Usama Arif <usama.arif@linux.dev>
Signed-off-by: Qi Zheng <zhengqi.arch@bytedance.com>
---
mm/memcontrol.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 992a3f5caa62b..ad32639ea5959 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -4140,8 +4140,14 @@ static int mem_cgroup_css_online(struct cgroup_subsys_state *css)
for_each_node(nid) {
struct mem_cgroup_per_node *pn = memcg->nodeinfo[nid];
- if (pn && pn->orig_objcg)
+ if (pn && pn->orig_objcg) {
obj_cgroup_put(pn->orig_objcg);
+ /*
+ * Reset pn->orig_objcg to NULL to prevent obj_cgroup_put()
+ * from being called agagin in __mem_cgroup_free().
+ */
+ pn->orig_objcg = NULL;
+ }
}
free_shrinker_info(memcg);
offline_kmem:
--
2.20.1
On 09/03/2026 14:29, Qi Zheng wrote:
> From: Qi Zheng <zhengqi.arch@bytedance.com>
>
> Reset pn->orig_objcg to NULL to prevent obj_cgroup_put()
> from being called agagin in __mem_cgroup_free().
>
> Reported-by: Usama Arif <usama.arif@linux.dev>
> Signed-off-by: Qi Zheng <zhengqi.arch@bytedance.com>
> ---
> mm/memcontrol.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/mm/memcontrol.c b/mm/memcontrol.c
> index 992a3f5caa62b..ad32639ea5959 100644
> --- a/mm/memcontrol.c
> +++ b/mm/memcontrol.c
> @@ -4140,8 +4140,14 @@ static int mem_cgroup_css_online(struct cgroup_subsys_state *css)
> for_each_node(nid) {
> struct mem_cgroup_per_node *pn = memcg->nodeinfo[nid];
>
> - if (pn && pn->orig_objcg)
> + if (pn && pn->orig_objcg) {
> obj_cgroup_put(pn->orig_objcg);
> + /*
> + * Reset pn->orig_objcg to NULL to prevent obj_cgroup_put()
> + * from being called agagin in __mem_cgroup_free().
nit: s/agagin/again/
Apart from the nit.
Acked-by: Usama Arif <usama.arif@linux.dev>
> + */
> + pn->orig_objcg = NULL;
> + }
> }
> free_shrinker_info(memcg);
> offline_kmem:
On 3/9/26 7:33 PM, Usama Arif wrote:
>
>
> On 09/03/2026 14:29, Qi Zheng wrote:
>> From: Qi Zheng <zhengqi.arch@bytedance.com>
>>
>> Reset pn->orig_objcg to NULL to prevent obj_cgroup_put()
>> from being called agagin in __mem_cgroup_free().
>>
>> Reported-by: Usama Arif <usama.arif@linux.dev>
>> Signed-off-by: Qi Zheng <zhengqi.arch@bytedance.com>
>> ---
>> mm/memcontrol.c | 8 +++++++-
>> 1 file changed, 7 insertions(+), 1 deletion(-)
>>
>> diff --git a/mm/memcontrol.c b/mm/memcontrol.c
>> index 992a3f5caa62b..ad32639ea5959 100644
>> --- a/mm/memcontrol.c
>> +++ b/mm/memcontrol.c
>> @@ -4140,8 +4140,14 @@ static int mem_cgroup_css_online(struct cgroup_subsys_state *css)
>> for_each_node(nid) {
>> struct mem_cgroup_per_node *pn = memcg->nodeinfo[nid];
>>
>> - if (pn && pn->orig_objcg)
>> + if (pn && pn->orig_objcg) {
>> obj_cgroup_put(pn->orig_objcg);
>> + /*
>> + * Reset pn->orig_objcg to NULL to prevent obj_cgroup_put()
>> + * from being called agagin in __mem_cgroup_free().
>
> nit: s/agagin/again/
Ouch, my bad.
Hi Andrew, can you help squash the following diff:
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index ad32639ea5959..5fcbb651846a4 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -4144,7 +4144,7 @@ static int mem_cgroup_css_online(struct
cgroup_subsys_state *css)
obj_cgroup_put(pn->orig_objcg);
/*
* Reset pn->orig_objcg to NULL to prevent
obj_cgroup_put()
- * from being called agagin in __mem_cgroup_free().
+ * from being called again in __mem_cgroup_free().
*/
pn->orig_objcg = NULL;
}
>
> Apart from the nit.
>
> Acked-by: Usama Arif <usama.arif@linux.dev>
Thanks!
>
>> + */
>> + pn->orig_objcg = NULL;
>> + }
>> }
>> free_shrinker_info(memcg);
>> offline_kmem:
>
© 2016 - 2026 Red Hat, Inc.