Re: [PATCH 4.9.y 1/1] futex: Fix OWNER_DEAD fixup
From: Lee Jones
Date: Wed Feb 24 2021 - 06:20:38 EST
On Tue, 23 Feb 2021, Zheng Yejian wrote:
> From: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
>
> commit a97cb0e7b3f4c6297fd857055ae8e895f402f501 upstream.
>
> Both Geert and DaveJ reported that the recent futex commit:
>
> c1e2f0eaf015 ("futex: Avoid violating the 10th rule of futex")
>
> introduced a problem with setting OWNER_DEAD. We set the bit on an
> uninitialized variable and then entirely optimize it away as a
> dead-store.
>
> Move the setting of the bit to where it is more useful.
>
> Reported-by: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
> Reported-by: Dave Jones <davej@xxxxxxxxxxxxxxxxx>
> Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> Cc: Paul E. McKenney <paulmck@xxxxxxxxxx>
> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
> Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Fixes: c1e2f0eaf015 ("futex: Avoid violating the 10th rule of futex")
> Link: http://lkml.kernel.org/r/20180122103947.GD2228@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx>
> Signed-off-by: Zheng Yejian <zhengyejian1@xxxxxxxxxx>
Why have you dropped my Reviewed-by?
> ---
> kernel/futex.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/kernel/futex.c b/kernel/futex.c
> index b65dbb5d60bb..604d1cb9839d 100644
> --- a/kernel/futex.c
> +++ b/kernel/futex.c
> @@ -2424,9 +2424,6 @@ static int __fixup_pi_state_owner(u32 __user *uaddr, struct futex_q *q,
> int err = 0;
>
> oldowner = pi_state->owner;
> - /* Owner died? */
> - if (!pi_state->owner)
> - newtid |= FUTEX_OWNER_DIED;
>
> /*
> * We are here because either:
> @@ -2484,6 +2481,9 @@ static int __fixup_pi_state_owner(u32 __user *uaddr, struct futex_q *q,
> }
>
> newtid = task_pid_vnr(newowner) | FUTEX_WAITERS;
> + /* Owner died? */
> + if (!pi_state->owner)
> + newtid |= FUTEX_OWNER_DIED;
>
> if (get_futex_value_locked(&uval, uaddr))
> goto handle_fault;
--
Lee Jones [李琼斯]
Senior Technical Lead - Developer Services
Linaro.org │ Open source software for Arm SoCs
Follow Linaro: Facebook | Twitter | Blog