Re: mm: add NR_ZSMALLOC to vmstat

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Minchan Kim <minchan@kernel.org>
To: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>,
	linux-mm@kvack.org
Subject: Re: mm: add NR_ZSMALLOC to vmstat
Date: Tue, 7 Jun 2016 11:21:23 +0900	[thread overview]
Message-ID: <20160607022123.GD26230@bbox> (raw)
In-Reply-To: <20160606200538.GA31983@mwanda>

Hello Dan,

On Mon, Jun 06, 2016 at 11:05:38PM +0300, Dan Carpenter wrote:
> Hello Minchan Kim,
> 
> The patch b37284200b39: "mm: add NR_ZSMALLOC to vmstat" from Jun 5,
> 2016, leads to the following static checker warning:
> 
> 	mm/zsmalloc.c:1155 alloc_zspage()
> 	error: we previously assumed 'page' could be null (see line 1152)
> 
> mm/zsmalloc.c
>   1130  /*
>   1131   * Allocate a zspage for the given size class
>   1132   */
>   1133  static struct zspage *alloc_zspage(struct zs_pool *pool,
>   1134                                          struct size_class *class,
>   1135                                          gfp_t gfp)
>   1136  {
>   1137          int i;
>   1138          struct page *pages[ZS_MAX_PAGES_PER_ZSPAGE];
>   1139          struct zspage *zspage = cache_alloc_zspage(pool, gfp);
>   1140  
>   1141          if (!zspage)
>   1142                  return NULL;
>   1143  
>   1144          memset(zspage, 0, sizeof(struct zspage));
>   1145          zspage->magic = ZSPAGE_MAGIC;
>   1146          migrate_lock_init(zspage);
>   1147  
>   1148          for (i = 0; i < class->pages_per_zspage; i++) {
>   1149                  struct page *page;
>   1150  
>   1151                  page = alloc_page(gfp);
>   1152                  if (!page) {
>                              ^^^^
>   1153                          while (--i >= 0) {
>   1154                                  __free_page(pages[i]);
>   1155                                  dec_zone_page_state(page, NR_ZSMALLOC);
>                                                             ^^^^
> Potential NULL deref inside function call.

Strictly speaking, it shouldn't be a problem because zone bit encoded
in page->flags is never changed although it is freed but I admit its'
not good pracice. I will send fix.

Thanks!

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

     prev parent reply	other threads:[~2016-06-07  2:20 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-06-06 20:05 mm: add NR_ZSMALLOC to vmstat Dan Carpenter
2016-06-07  2:21 ` Minchan Kim [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160607022123.GD26230@bbox \
    --to=minchan@kernel.org \
    --cc=dan.carpenter@oracle.com \
    --cc=linux-mm@kvack.org \
    --cc=sergey.senozhatsky.work@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.