Re: [PATCH v6 31/33] mm: memcontrol: convert objcg to be per-memcg per-node type

[Qi Zheng]

Hi Usama,

On 3/7/26 4:29 AM, Usama Arif wrote:
> On Thu,  5 Mar 2026 19:52:49 +0800 Qi Zheng <qi.zheng@xxxxxxxxx> wrote:
>
> > From: Qi Zheng <zhengqi.arch@xxxxxxxxxxxxx>
> >
> > Convert objcg to be per-memcg per-node type, so that when reparent LRU
> > folios later, we can hold the lru lock at the node level, thus avoiding
> > holding too many lru locks at once.
> >
> > Signed-off-by: Qi Zheng <zhengqi.arch@xxxxxxxxxxxxx>
> > Acked-by: Shakeel Butt <shakeel.butt@xxxxxxxxx>
> > ---
> >   include/linux/memcontrol.h | 23 +++++------
> >   include/linux/sched.h      |  2 +-
> >   mm/memcontrol.c            | 79 +++++++++++++++++++++++---------------
> >   3 files changed, 62 insertions(+), 42 deletions(-)
>
> [...]
>
> > @@ -4087,7 +4100,13 @@ static int mem_cgroup_css_online(struct cgroup_subsys_state *css)
> >   	xa_store(&mem_cgroup_private_ids, memcg->id.id, memcg, GFP_KERNEL);
> >   
> >   	return 0;
> > -free_shrinker:
> > +free_objcg:
> > +	for_each_node(nid) {
> > +		struct mem_cgroup_per_node *pn = memcg->nodeinfo[nid];
> > +
> > +		if (pn && pn->orig_objcg)
> > +			obj_cgroup_put(pn->orig_objcg);
>
> Is it possible that you might call obj_cgroup_put twice on the same cgroup?

Oh, I think you are right. Here pn->orig_objcg was not reset to NULL, so
obj_cgroup_put() will be called in __mem_cgroup_free() again.

> If css_create fails, css_free_rwork_fn is queued, which ends up calling
> mem_cgroup_css_free which calls obj_cgroup_put again?
>
> Maybe adding pn->orig_objcg = NULL overhere after obj_cgroup_put
> is enough to prevent the double put from causing issues?

Agree.

Like this?

diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 992a3f5caa62b..e0795aec4356b 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -4140,8 +4140,10 @@ static int mem_cgroup_css_online(struct 
cgroup_subsys_state *css)
        for_each_node(nid) {
                struct mem_cgroup_per_node *pn = memcg->nodeinfo[nid];

-               if (pn && pn->orig_objcg)
+               if (pn && pn->orig_objcg) {
                        obj_cgroup_put(pn->orig_objcg);
+                       pn->orig_objcg = NULL;
+               }
        }
        free_shrinker_info(memcg);
 offline_kmem:

If there are no problems, I will send a fix patch later.

Thanks,
Qi

> > +	}
> >   	free_shrinker_info(memcg);
> >   offline_kmem:
> >   	memcg_offline_kmem(memcg);
> > --
> > 2.20.1