2023-06-02 13:11:56

by Colin Ian King

[permalink] [raw]
Subject: re: zswap: do not shrink if cgroup may not zswap

Hi,

static analysis with clang scan build has detected an issue in the
following commit:

commit 6804144bf1cfa3978ad98e625d8a1d2a4b80cbee
Author: Nhat Pham <[email protected]>
Date: Tue May 30 15:24:40 2023 -0700

zswap: do not shrink if cgroup may not zswap


The issue is as follows in function zswap_frontswap_store in mm/zswap.c:

/*
* XXX: zswap reclaim does not work with cgroups yet. Without a
* cgroup-aware entry LRU, we will push out entries system-wide
based on
* local cgroup limits.
*/
objcg = get_obj_cgroup_from_page(page);
if (objcg && !obj_cgroup_may_zswap(objcg))
goto reject;

mm/zswap.c:1210:6: warning: variable 'ret' is used uninitialized
whenever 'if' condition is true [-Wsometimes-uninitialized]

The goto reject path ends up returning ret, however, ret at this point
has not been initialized, so a garbage return value is being returned
by function zswap_frontswap_store

Colin


2023-06-02 13:55:36

by Johannes Weiner

[permalink] [raw]
Subject: Re: zswap: do not shrink if cgroup may not zswap

On Fri, Jun 02, 2023 at 01:38:44PM +0100, Colin King (gmail) wrote:
> Hi,
>
> static analysis with clang scan build has detected an issue in the following
> commit:
>
> commit 6804144bf1cfa3978ad98e625d8a1d2a4b80cbee
> Author: Nhat Pham <[email protected]>
> Date: Tue May 30 15:24:40 2023 -0700
>
> zswap: do not shrink if cgroup may not zswap
>
>
> The issue is as follows in function zswap_frontswap_store in mm/zswap.c:
>
> /*
> * XXX: zswap reclaim does not work with cgroups yet. Without a
> * cgroup-aware entry LRU, we will push out entries system-wide
> based on
> * local cgroup limits.
> */
> objcg = get_obj_cgroup_from_page(page);
> if (objcg && !obj_cgroup_may_zswap(objcg))
> goto reject;
>
> mm/zswap.c:1210:6: warning: variable 'ret' is used uninitialized whenever
> 'if' condition is true [-Wsometimes-uninitialized]
>
> The goto reject path ends up returning ret, however, ret at this point has
> not been initialized, so a garbage return value is being returned
> by function zswap_frontswap_store

Thanks Colin. Andrew has picked up a fixlet for this, and it should be
rectified in the next iteration:

https://lore.kernel.org/mm-commits/CAJD7tkZGYj2yiwk5qd=_bqqnxT-Zd+BtFdqRV_xHk2iX+2Rh_g@mail.gmail.com/T/#