On Mon, 25 Aug 2025 09:34:18 +0800 Kuan-Wei Chiu visitorckw@gmail.com wrote:
The comparison function cmp_loc_by_count() used for sorting stack trace locations in debugfs currently returns -1 if a->count > b->count and 1 otherwise. This breaks the antisymmetry property required by sort(), because when two counts are equal, both cmp(a, b) and cmp(b, a) return
This can lead to undefined or incorrect ordering results. Fix it by explicitly returning 0 when the counts are equal, ensuring that the comparison function follows the expected mathematical properties.
Fixes: 553c0369b3e1 ("mm/slub: sort debugfs output by frequency of stack traces") Cc: stable@vger.kernel.org Signed-off-by: Kuan-Wei Chiu visitorckw@gmail.com
mm/slub.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/slub.c b/mm/slub.c index 30003763d224..c91b3744adbc 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -7718,8 +7718,9 @@ static int cmp_loc_by_count(const void *a, const void *b, const void *data) if (loc1->count > loc2->count) return -1;
- else
- if (loc1->count < loc2->count) return 1;
- return 0;
}
Hello Kuan-Wei,
This is a great catch! I was thinking that in addition to separating out the == case, we can also simplify the behavior by just opting to use the cmp_int macro, which is defined in the <linux/sort.h> header, which is already included in mm/slub.c. For the description, we have:
* Return: 1 if the left argument is greater than the right one; 0 if the * arguments are equal; -1 if the left argument is less than the right one.
So in this case, we can replace the entire code block above with:
return cmp_int(loc2->count, loc1->count);
or
return -1 * cmp_int(loc1->count, loc2->count);
if you prefer to keep the position of loc1 and loc2. I guess we do lose some interpretability of what -1 and 1 would refer to here, but I think a comment should be able to take care of that.
Please let me know what you think. I hope you have a great day! Joshua