On Fri, Nov 05, 2021 at 08:23:26AM +0800, Ming Lei wrote: > > --> 2044 zram_reset_device(zram); > > > > This double frees it. > > No. > > Inside zram_reset_device(), if init_done()(zram->disksize) is zero, zram_reset_device() > returns immediately, otherwise zram->disksize is cleared and zram_meta_free() > is run in zram_reset_device(). Meantime zram->init_lock protects the > reset and disksize_store(). > > The 2nd zram_reset_device() can only reset device if disksize_store() sets new > zram->disksize and allocates new meta after the 1st zram_reset_device(). > > Seems smatch static checker need to be improved to cover this case? Yep. It's a bug in Smatch. It's supposed to parse this correctly. I will investigate. Thanks! regards, dan carpenter
