On Fri, Dec 16, 2022 at 03:31:19AM +0000, Chen Jun wrote:
> new.frozen is not initialized before it is used.
>
> Fixes: 2cfb7455d223 ("slub: Rework allocator fastpaths")
> Signed-off-by: Chen Jun <chenjun102@xxxxxxxxxx>
> ---
> mm/slub.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/mm/slub.c b/mm/slub.c
> index 13459c69095a..8628c88875b6 100644
> --- a/mm/slub.c
> +++ b/mm/slub.c
> @@ -3593,6 +3593,7 @@ static void __slab_free(struct kmem_cache *s, struct slab *slab,
> return;
> }
>
> + new.frozen = 0;
> do {
> if (unlikely(n)) {
> spin_unlock_irqrestore(&n->list_lock, flags);
> --
> 2.17.1
This is incorrect because new.frozen is initialized when new.counters is
initialized.
See definition of struct slab in mm/slab.h:
struct slab {
[...]
union {
unsigned long counters;
struct {
unsigned inuse:16;
unsigned objects:15;
unsigned frozen:1;
};
};
}
--
Thanks,
Hyeonggon
