* [bug report] memcg: multi-memcg percpu charge cache - fix 2
@ 2025-04-30 8:09 Dan Carpenter
2025-04-30 8:25 ` Michal Hocko
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2025-04-30 8:09 UTC (permalink / raw)
To: Shakeel Butt; +Cc: cgroups, linux-mm
Hello Shakeel Butt,
Commit 1db4ee9862f9 ("memcg: multi-memcg percpu charge cache - fix
2") from Apr 25, 2025 (linux-next), leads to the following Smatch
static checker warning:
mm/memcontrol.c:1959 refill_stock()
error: uninitialized symbol 'stock_pages'.
mm/memcontrol.c
1907 static void refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages)
1908 {
1909 struct memcg_stock_pcp *stock;
1910 struct mem_cgroup *cached;
1911 uint8_t stock_pages;
^^^^^^^^^^^
1912 unsigned long flags;
1913 bool success = false;
1914 int empty_slot = -1;
1915 int i;
1916
1917 /*
1918 * For now limit MEMCG_CHARGE_BATCH to 127 and less. In future if we
1919 * decide to increase it more than 127 then we will need more careful
1920 * handling of nr_pages[] in struct memcg_stock_pcp.
1921 */
1922 BUILD_BUG_ON(MEMCG_CHARGE_BATCH > S8_MAX);
1923
1924 VM_WARN_ON_ONCE(mem_cgroup_is_root(memcg));
1925
1926 if (nr_pages > MEMCG_CHARGE_BATCH ||
1927 !local_trylock_irqsave(&memcg_stock.stock_lock, flags)) {
1928 /*
1929 * In case of larger than batch refill or unlikely failure to
1930 * lock the percpu stock_lock, uncharge memcg directly.
1931 */
1932 memcg_uncharge(memcg, nr_pages);
1933 return;
1934 }
1935
1936 stock = this_cpu_ptr(&memcg_stock);
1937 for (i = 0; i < NR_MEMCG_STOCK; ++i) {
1938 cached = READ_ONCE(stock->cached[i]);
1939 if (!cached && empty_slot == -1)
1940 empty_slot = i;
1941 if (memcg == READ_ONCE(stock->cached[i])) {
1942 stock_pages = READ_ONCE(stock->nr_pages[i]) + nr_pages;
1943 WRITE_ONCE(stock->nr_pages[i], stock_pages);
1944 if (stock_pages > MEMCG_CHARGE_BATCH)
1945 drain_stock(stock, i);
1946 success = true;
^^^^^^^^^^^^^^
When stock_pages is initialized then success is true.
1947 break;
1948 }
1949 }
1950
1951 if (!success) {
^^^^^^^^
success is false.
1952 i = empty_slot;
1953 if (i == -1) {
1954 i = get_random_u32_below(NR_MEMCG_STOCK);
1955 drain_stock(stock, i);
1956 }
1957 css_get(&memcg->css);
1958 WRITE_ONCE(stock->cached[i], memcg);
--> 1959 WRITE_ONCE(stock->nr_pages[i], stock_pages);
^^^^^^^^^^^
This is always uninitialized at this point. Probably on your test system
you are automatically initializing stack variables to zero.
1960 }
1961
1962 local_unlock_irqrestore(&memcg_stock.stock_lock, flags);
1963 }
regards,
dan carpenter
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [bug report] memcg: multi-memcg percpu charge cache - fix 2
2025-04-30 8:09 [bug report] memcg: multi-memcg percpu charge cache - fix 2 Dan Carpenter
@ 2025-04-30 8:25 ` Michal Hocko
0 siblings, 0 replies; 2+ messages in thread
From: Michal Hocko @ 2025-04-30 8:25 UTC (permalink / raw)
To: Dan Carpenter; +Cc: Shakeel Butt, cgroups, linux-mm
On Wed 30-04-25 11:09:50, Dan Carpenter wrote:
> Hello Shakeel Butt,
>
> Commit 1db4ee9862f9 ("memcg: multi-memcg percpu charge cache - fix
> 2") from Apr 25, 2025 (linux-next), leads to the following Smatch
> static checker warning:
>
> mm/memcontrol.c:1959 refill_stock()
> error: uninitialized symbol 'stock_pages'.
Thanks for the report. I believe this should be addressed by the follow
up fix from Hugh d542d18f-1caa-6fea-e2c3-3555c87bcf64@google.com
--
Michal Hocko
SUSE Labs
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-04-30 8:25 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-04-30 8:09 [bug report] memcg: multi-memcg percpu charge cache - fix 2 Dan Carpenter
2025-04-30 8:25 ` Michal Hocko
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox