* kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here
@ 2021-11-18 6:30 kernel test robot
0 siblings, 0 replies; 4+ messages in thread
From: kernel test robot @ 2021-11-18 6:30 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 14188 bytes --]
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Peter Zijlstra <peterz@infradead.org>
CC: "André Almeida" <andrealmeid@collabora.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 42eb8fdac2fc5d62392dcfcf0253753e821a97b0
commit: 85dc28fa4ec058645c29bda952d901b29dfaa0b0 futex: Split out PI futex
date: 6 weeks ago
:::::: branch date: 7 hours ago
:::::: commit date: 6 weeks ago
config: m68k-randconfig-m031-20211117 (attached as .config)
compiler: m68k-linux-gcc (GCC) 11.2.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here
vim +1089 kernel/futex/pi.c
85dc28fa4ec058 Peter Zijlstra 2021-09-23 920
85dc28fa4ec058 Peter Zijlstra 2021-09-23 921 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 922 * Userspace tried a 0 -> TID atomic transition of the futex value
85dc28fa4ec058 Peter Zijlstra 2021-09-23 923 * and failed. The kernel side here does the whole locking operation:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 924 * if there are waiters then it will block as a consequence of relying
85dc28fa4ec058 Peter Zijlstra 2021-09-23 925 * on rt-mutexes, it does PI, etc. (Due to races the kernel might see
85dc28fa4ec058 Peter Zijlstra 2021-09-23 926 * a 0 value of the futex too.).
85dc28fa4ec058 Peter Zijlstra 2021-09-23 927 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 928 * Also serves as futex trylock_pi()'ing, and due semantics.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 929 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 930 int futex_lock_pi(u32 __user *uaddr, unsigned int flags, ktime_t *time, int trylock)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 931 {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 932 struct hrtimer_sleeper timeout, *to;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 933 struct task_struct *exiting = NULL;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 934 struct rt_mutex_waiter rt_waiter;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 935 struct futex_hash_bucket *hb;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 936 struct futex_q q = futex_q_init;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 937 int res, ret;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 938
85dc28fa4ec058 Peter Zijlstra 2021-09-23 939 if (!IS_ENABLED(CONFIG_FUTEX_PI))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 940 return -ENOSYS;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 941
85dc28fa4ec058 Peter Zijlstra 2021-09-23 942 if (refill_pi_state_cache())
85dc28fa4ec058 Peter Zijlstra 2021-09-23 943 return -ENOMEM;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 944
85dc28fa4ec058 Peter Zijlstra 2021-09-23 945 to = futex_setup_timer(time, &timeout, flags, 0);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 946
85dc28fa4ec058 Peter Zijlstra 2021-09-23 947 retry:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 948 ret = get_futex_key(uaddr, flags & FLAGS_SHARED, &q.key, FUTEX_WRITE);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 949 if (unlikely(ret != 0))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 950 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 951
85dc28fa4ec058 Peter Zijlstra 2021-09-23 952 retry_private:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 953 hb = futex_q_lock(&q);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 954
85dc28fa4ec058 Peter Zijlstra 2021-09-23 955 ret = futex_lock_pi_atomic(uaddr, hb, &q.key, &q.pi_state, current,
85dc28fa4ec058 Peter Zijlstra 2021-09-23 956 &exiting, 0);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 957 if (unlikely(ret)) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 958 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 959 * Atomic work succeeded and we got the lock,
85dc28fa4ec058 Peter Zijlstra 2021-09-23 960 * or failed. Either way, we do _not_ block.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 961 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 962 switch (ret) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 963 case 1:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 964 /* We got the lock. */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 965 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 966 goto out_unlock_put_key;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 967 case -EFAULT:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 968 goto uaddr_faulted;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 969 case -EBUSY:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 970 case -EAGAIN:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 971 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 972 * Two reasons for this:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 973 * - EBUSY: Task is exiting and we just wait for the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 974 * exit to complete.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 975 * - EAGAIN: The user space value changed.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 976 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 977 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 978 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 979 * Handle the case where the owner is in the middle of
85dc28fa4ec058 Peter Zijlstra 2021-09-23 980 * exiting. Wait for the exit to complete otherwise
85dc28fa4ec058 Peter Zijlstra 2021-09-23 981 * this task might loop forever, aka. live lock.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 982 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 983 wait_for_owner_exiting(ret, exiting);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 984 cond_resched();
85dc28fa4ec058 Peter Zijlstra 2021-09-23 985 goto retry;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 986 default:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 987 goto out_unlock_put_key;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 988 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 989 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 990
85dc28fa4ec058 Peter Zijlstra 2021-09-23 991 WARN_ON(!q.pi_state);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 992
85dc28fa4ec058 Peter Zijlstra 2021-09-23 993 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 994 * Only actually queue now that the atomic ops are done:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 995 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 996 __futex_queue(&q, hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 997
85dc28fa4ec058 Peter Zijlstra 2021-09-23 998 if (trylock) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 999 ret = rt_mutex_futex_trylock(&q.pi_state->pi_mutex);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1000 /* Fixup the trylock return value: */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1001 ret = ret ? 0 : -EWOULDBLOCK;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1002 goto no_block;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1003 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1004
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1005 rt_mutex_init_waiter(&rt_waiter);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1006
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1007 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1008 * On PREEMPT_RT_FULL, when hb->lock becomes an rt_mutex, we must not
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1009 * hold it while doing rt_mutex_start_proxy(), because then it will
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1010 * include hb->lock in the blocking chain, even through we'll not in
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1011 * fact hold it while blocking. This will lead it to report -EDEADLK
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1012 * and BUG when futex_unlock_pi() interleaves with this.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1013 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1014 * Therefore acquire wait_lock while holding hb->lock, but drop the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1015 * latter before calling __rt_mutex_start_proxy_lock(). This
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1016 * interleaves with futex_unlock_pi() -- which does a similar lock
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1017 * handoff -- such that the latter can observe the futex_q::pi_state
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1018 * before __rt_mutex_start_proxy_lock() is done.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1019 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1020 raw_spin_lock_irq(&q.pi_state->pi_mutex.wait_lock);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1021 spin_unlock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1022 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1023 * __rt_mutex_start_proxy_lock() unconditionally enqueues the @rt_waiter
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1024 * such that futex_unlock_pi() is guaranteed to observe the waiter when
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1025 * it sees the futex_q::pi_state.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1026 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1027 ret = __rt_mutex_start_proxy_lock(&q.pi_state->pi_mutex, &rt_waiter, current);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1028 raw_spin_unlock_irq(&q.pi_state->pi_mutex.wait_lock);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1029
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1030 if (ret) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1031 if (ret == 1)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1032 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1033 goto cleanup;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1034 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1035
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1036 if (unlikely(to))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1037 hrtimer_sleeper_start_expires(to, HRTIMER_MODE_ABS);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1038
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1039 ret = rt_mutex_wait_proxy_lock(&q.pi_state->pi_mutex, to, &rt_waiter);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1040
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1041 cleanup:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1042 spin_lock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1043 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1044 * If we failed to acquire the lock (deadlock/signal/timeout), we must
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1045 * first acquire the hb->lock before removing the lock from the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1046 * rt_mutex waitqueue, such that we can keep the hb and rt_mutex wait
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1047 * lists consistent.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1048 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1049 * In particular; it is important that futex_unlock_pi() can not
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1050 * observe this inconsistency.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1051 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1052 if (ret && !rt_mutex_cleanup_proxy_lock(&q.pi_state->pi_mutex, &rt_waiter))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1053 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1054
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1055 no_block:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1056 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1057 * Fixup the pi_state owner and possibly acquire the lock if we
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1058 * haven't already.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1059 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1060 res = fixup_pi_owner(uaddr, &q, !ret);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1061 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1062 * If fixup_pi_owner() returned an error, propagate that. If it acquired
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1063 * the lock, clear our -ETIMEDOUT or -EINTR.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1064 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1065 if (res)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1066 ret = (res < 0) ? res : 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1067
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1068 futex_unqueue_pi(&q);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1069 spin_unlock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1070 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1071
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1072 out_unlock_put_key:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1073 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1074
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1075 out:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1076 if (to) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1077 hrtimer_cancel(&to->timer);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1078 destroy_hrtimer_on_stack(&to->timer);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1079 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1080 return ret != -EINTR ? ret : -ERESTARTNOINTR;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1081
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1082 uaddr_faulted:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1083 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1084
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1085 ret = fault_in_user_writeable(uaddr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1086 if (ret)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1087 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1088
85dc28fa4ec058 Peter Zijlstra 2021-09-23 @1089 if (!(flags & FLAGS_SHARED))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1090 goto retry_private;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1091
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1092 goto retry;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1093 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1094
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 19600 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here
@ 2021-11-18 17:43 kernel test robot
0 siblings, 0 replies; 4+ messages in thread
From: kernel test robot @ 2021-11-18 17:43 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 14189 bytes --]
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Peter Zijlstra <peterz@infradead.org>
CC: "André Almeida" <andrealmeid@collabora.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 42eb8fdac2fc5d62392dcfcf0253753e821a97b0
commit: 85dc28fa4ec058645c29bda952d901b29dfaa0b0 futex: Split out PI futex
date: 6 weeks ago
:::::: branch date: 18 hours ago
:::::: commit date: 6 weeks ago
config: m68k-randconfig-m031-20211117 (attached as .config)
compiler: m68k-linux-gcc (GCC) 11.2.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here
vim +1089 kernel/futex/pi.c
85dc28fa4ec058 Peter Zijlstra 2021-09-23 920
85dc28fa4ec058 Peter Zijlstra 2021-09-23 921 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 922 * Userspace tried a 0 -> TID atomic transition of the futex value
85dc28fa4ec058 Peter Zijlstra 2021-09-23 923 * and failed. The kernel side here does the whole locking operation:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 924 * if there are waiters then it will block as a consequence of relying
85dc28fa4ec058 Peter Zijlstra 2021-09-23 925 * on rt-mutexes, it does PI, etc. (Due to races the kernel might see
85dc28fa4ec058 Peter Zijlstra 2021-09-23 926 * a 0 value of the futex too.).
85dc28fa4ec058 Peter Zijlstra 2021-09-23 927 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 928 * Also serves as futex trylock_pi()'ing, and due semantics.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 929 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 930 int futex_lock_pi(u32 __user *uaddr, unsigned int flags, ktime_t *time, int trylock)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 931 {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 932 struct hrtimer_sleeper timeout, *to;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 933 struct task_struct *exiting = NULL;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 934 struct rt_mutex_waiter rt_waiter;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 935 struct futex_hash_bucket *hb;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 936 struct futex_q q = futex_q_init;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 937 int res, ret;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 938
85dc28fa4ec058 Peter Zijlstra 2021-09-23 939 if (!IS_ENABLED(CONFIG_FUTEX_PI))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 940 return -ENOSYS;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 941
85dc28fa4ec058 Peter Zijlstra 2021-09-23 942 if (refill_pi_state_cache())
85dc28fa4ec058 Peter Zijlstra 2021-09-23 943 return -ENOMEM;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 944
85dc28fa4ec058 Peter Zijlstra 2021-09-23 945 to = futex_setup_timer(time, &timeout, flags, 0);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 946
85dc28fa4ec058 Peter Zijlstra 2021-09-23 947 retry:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 948 ret = get_futex_key(uaddr, flags & FLAGS_SHARED, &q.key, FUTEX_WRITE);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 949 if (unlikely(ret != 0))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 950 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 951
85dc28fa4ec058 Peter Zijlstra 2021-09-23 952 retry_private:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 953 hb = futex_q_lock(&q);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 954
85dc28fa4ec058 Peter Zijlstra 2021-09-23 955 ret = futex_lock_pi_atomic(uaddr, hb, &q.key, &q.pi_state, current,
85dc28fa4ec058 Peter Zijlstra 2021-09-23 956 &exiting, 0);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 957 if (unlikely(ret)) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 958 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 959 * Atomic work succeeded and we got the lock,
85dc28fa4ec058 Peter Zijlstra 2021-09-23 960 * or failed. Either way, we do _not_ block.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 961 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 962 switch (ret) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 963 case 1:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 964 /* We got the lock. */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 965 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 966 goto out_unlock_put_key;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 967 case -EFAULT:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 968 goto uaddr_faulted;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 969 case -EBUSY:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 970 case -EAGAIN:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 971 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 972 * Two reasons for this:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 973 * - EBUSY: Task is exiting and we just wait for the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 974 * exit to complete.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 975 * - EAGAIN: The user space value changed.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 976 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 977 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 978 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 979 * Handle the case where the owner is in the middle of
85dc28fa4ec058 Peter Zijlstra 2021-09-23 980 * exiting. Wait for the exit to complete otherwise
85dc28fa4ec058 Peter Zijlstra 2021-09-23 981 * this task might loop forever, aka. live lock.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 982 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 983 wait_for_owner_exiting(ret, exiting);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 984 cond_resched();
85dc28fa4ec058 Peter Zijlstra 2021-09-23 985 goto retry;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 986 default:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 987 goto out_unlock_put_key;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 988 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 989 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 990
85dc28fa4ec058 Peter Zijlstra 2021-09-23 991 WARN_ON(!q.pi_state);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 992
85dc28fa4ec058 Peter Zijlstra 2021-09-23 993 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 994 * Only actually queue now that the atomic ops are done:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 995 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 996 __futex_queue(&q, hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 997
85dc28fa4ec058 Peter Zijlstra 2021-09-23 998 if (trylock) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 999 ret = rt_mutex_futex_trylock(&q.pi_state->pi_mutex);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1000 /* Fixup the trylock return value: */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1001 ret = ret ? 0 : -EWOULDBLOCK;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1002 goto no_block;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1003 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1004
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1005 rt_mutex_init_waiter(&rt_waiter);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1006
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1007 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1008 * On PREEMPT_RT_FULL, when hb->lock becomes an rt_mutex, we must not
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1009 * hold it while doing rt_mutex_start_proxy(), because then it will
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1010 * include hb->lock in the blocking chain, even through we'll not in
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1011 * fact hold it while blocking. This will lead it to report -EDEADLK
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1012 * and BUG when futex_unlock_pi() interleaves with this.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1013 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1014 * Therefore acquire wait_lock while holding hb->lock, but drop the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1015 * latter before calling __rt_mutex_start_proxy_lock(). This
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1016 * interleaves with futex_unlock_pi() -- which does a similar lock
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1017 * handoff -- such that the latter can observe the futex_q::pi_state
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1018 * before __rt_mutex_start_proxy_lock() is done.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1019 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1020 raw_spin_lock_irq(&q.pi_state->pi_mutex.wait_lock);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1021 spin_unlock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1022 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1023 * __rt_mutex_start_proxy_lock() unconditionally enqueues the @rt_waiter
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1024 * such that futex_unlock_pi() is guaranteed to observe the waiter when
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1025 * it sees the futex_q::pi_state.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1026 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1027 ret = __rt_mutex_start_proxy_lock(&q.pi_state->pi_mutex, &rt_waiter, current);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1028 raw_spin_unlock_irq(&q.pi_state->pi_mutex.wait_lock);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1029
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1030 if (ret) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1031 if (ret == 1)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1032 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1033 goto cleanup;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1034 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1035
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1036 if (unlikely(to))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1037 hrtimer_sleeper_start_expires(to, HRTIMER_MODE_ABS);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1038
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1039 ret = rt_mutex_wait_proxy_lock(&q.pi_state->pi_mutex, to, &rt_waiter);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1040
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1041 cleanup:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1042 spin_lock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1043 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1044 * If we failed to acquire the lock (deadlock/signal/timeout), we must
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1045 * first acquire the hb->lock before removing the lock from the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1046 * rt_mutex waitqueue, such that we can keep the hb and rt_mutex wait
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1047 * lists consistent.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1048 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1049 * In particular; it is important that futex_unlock_pi() can not
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1050 * observe this inconsistency.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1051 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1052 if (ret && !rt_mutex_cleanup_proxy_lock(&q.pi_state->pi_mutex, &rt_waiter))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1053 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1054
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1055 no_block:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1056 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1057 * Fixup the pi_state owner and possibly acquire the lock if we
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1058 * haven't already.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1059 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1060 res = fixup_pi_owner(uaddr, &q, !ret);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1061 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1062 * If fixup_pi_owner() returned an error, propagate that. If it acquired
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1063 * the lock, clear our -ETIMEDOUT or -EINTR.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1064 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1065 if (res)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1066 ret = (res < 0) ? res : 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1067
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1068 futex_unqueue_pi(&q);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1069 spin_unlock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1070 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1071
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1072 out_unlock_put_key:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1073 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1074
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1075 out:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1076 if (to) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1077 hrtimer_cancel(&to->timer);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1078 destroy_hrtimer_on_stack(&to->timer);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1079 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1080 return ret != -EINTR ? ret : -ERESTARTNOINTR;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1081
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1082 uaddr_faulted:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1083 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1084
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1085 ret = fault_in_user_writeable(uaddr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1086 if (ret)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1087 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1088
85dc28fa4ec058 Peter Zijlstra 2021-09-23 @1089 if (!(flags & FLAGS_SHARED))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1090 goto retry_private;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1091
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1092 goto retry;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1093 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1094
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 19600 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here
@ 2021-11-18 1:13 kernel test robot
0 siblings, 0 replies; 4+ messages in thread
From: kernel test robot @ 2021-11-18 1:13 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 14194 bytes --]
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Peter Zijlstra <peterz@infradead.org>
CC: "André Almeida" <andrealmeid@collabora.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: ee1703cda8dc777e937dec172da55beaf1a74919
commit: 85dc28fa4ec058645c29bda952d901b29dfaa0b0 futex: Split out PI futex
date: 6 weeks ago
:::::: branch date: 8 hours ago
:::::: commit date: 6 weeks ago
config: arm-randconfig-m031-20211104 (attached as .config)
compiler: arm-linux-gnueabi-gcc (GCC) 11.2.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here
vim +1089 kernel/futex/pi.c
85dc28fa4ec058 Peter Zijlstra 2021-09-23 920
85dc28fa4ec058 Peter Zijlstra 2021-09-23 921 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 922 * Userspace tried a 0 -> TID atomic transition of the futex value
85dc28fa4ec058 Peter Zijlstra 2021-09-23 923 * and failed. The kernel side here does the whole locking operation:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 924 * if there are waiters then it will block as a consequence of relying
85dc28fa4ec058 Peter Zijlstra 2021-09-23 925 * on rt-mutexes, it does PI, etc. (Due to races the kernel might see
85dc28fa4ec058 Peter Zijlstra 2021-09-23 926 * a 0 value of the futex too.).
85dc28fa4ec058 Peter Zijlstra 2021-09-23 927 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 928 * Also serves as futex trylock_pi()'ing, and due semantics.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 929 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 930 int futex_lock_pi(u32 __user *uaddr, unsigned int flags, ktime_t *time, int trylock)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 931 {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 932 struct hrtimer_sleeper timeout, *to;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 933 struct task_struct *exiting = NULL;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 934 struct rt_mutex_waiter rt_waiter;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 935 struct futex_hash_bucket *hb;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 936 struct futex_q q = futex_q_init;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 937 int res, ret;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 938
85dc28fa4ec058 Peter Zijlstra 2021-09-23 939 if (!IS_ENABLED(CONFIG_FUTEX_PI))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 940 return -ENOSYS;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 941
85dc28fa4ec058 Peter Zijlstra 2021-09-23 942 if (refill_pi_state_cache())
85dc28fa4ec058 Peter Zijlstra 2021-09-23 943 return -ENOMEM;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 944
85dc28fa4ec058 Peter Zijlstra 2021-09-23 945 to = futex_setup_timer(time, &timeout, flags, 0);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 946
85dc28fa4ec058 Peter Zijlstra 2021-09-23 947 retry:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 948 ret = get_futex_key(uaddr, flags & FLAGS_SHARED, &q.key, FUTEX_WRITE);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 949 if (unlikely(ret != 0))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 950 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 951
85dc28fa4ec058 Peter Zijlstra 2021-09-23 952 retry_private:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 953 hb = futex_q_lock(&q);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 954
85dc28fa4ec058 Peter Zijlstra 2021-09-23 955 ret = futex_lock_pi_atomic(uaddr, hb, &q.key, &q.pi_state, current,
85dc28fa4ec058 Peter Zijlstra 2021-09-23 956 &exiting, 0);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 957 if (unlikely(ret)) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 958 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 959 * Atomic work succeeded and we got the lock,
85dc28fa4ec058 Peter Zijlstra 2021-09-23 960 * or failed. Either way, we do _not_ block.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 961 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 962 switch (ret) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 963 case 1:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 964 /* We got the lock. */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 965 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 966 goto out_unlock_put_key;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 967 case -EFAULT:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 968 goto uaddr_faulted;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 969 case -EBUSY:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 970 case -EAGAIN:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 971 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 972 * Two reasons for this:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 973 * - EBUSY: Task is exiting and we just wait for the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 974 * exit to complete.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 975 * - EAGAIN: The user space value changed.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 976 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 977 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 978 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 979 * Handle the case where the owner is in the middle of
85dc28fa4ec058 Peter Zijlstra 2021-09-23 980 * exiting. Wait for the exit to complete otherwise
85dc28fa4ec058 Peter Zijlstra 2021-09-23 981 * this task might loop forever, aka. live lock.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 982 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 983 wait_for_owner_exiting(ret, exiting);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 984 cond_resched();
85dc28fa4ec058 Peter Zijlstra 2021-09-23 985 goto retry;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 986 default:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 987 goto out_unlock_put_key;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 988 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 989 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 990
85dc28fa4ec058 Peter Zijlstra 2021-09-23 991 WARN_ON(!q.pi_state);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 992
85dc28fa4ec058 Peter Zijlstra 2021-09-23 993 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 994 * Only actually queue now that the atomic ops are done:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 995 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 996 __futex_queue(&q, hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 997
85dc28fa4ec058 Peter Zijlstra 2021-09-23 998 if (trylock) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 999 ret = rt_mutex_futex_trylock(&q.pi_state->pi_mutex);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1000 /* Fixup the trylock return value: */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1001 ret = ret ? 0 : -EWOULDBLOCK;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1002 goto no_block;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1003 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1004
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1005 rt_mutex_init_waiter(&rt_waiter);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1006
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1007 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1008 * On PREEMPT_RT_FULL, when hb->lock becomes an rt_mutex, we must not
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1009 * hold it while doing rt_mutex_start_proxy(), because then it will
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1010 * include hb->lock in the blocking chain, even through we'll not in
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1011 * fact hold it while blocking. This will lead it to report -EDEADLK
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1012 * and BUG when futex_unlock_pi() interleaves with this.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1013 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1014 * Therefore acquire wait_lock while holding hb->lock, but drop the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1015 * latter before calling __rt_mutex_start_proxy_lock(). This
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1016 * interleaves with futex_unlock_pi() -- which does a similar lock
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1017 * handoff -- such that the latter can observe the futex_q::pi_state
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1018 * before __rt_mutex_start_proxy_lock() is done.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1019 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1020 raw_spin_lock_irq(&q.pi_state->pi_mutex.wait_lock);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1021 spin_unlock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1022 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1023 * __rt_mutex_start_proxy_lock() unconditionally enqueues the @rt_waiter
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1024 * such that futex_unlock_pi() is guaranteed to observe the waiter when
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1025 * it sees the futex_q::pi_state.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1026 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1027 ret = __rt_mutex_start_proxy_lock(&q.pi_state->pi_mutex, &rt_waiter, current);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1028 raw_spin_unlock_irq(&q.pi_state->pi_mutex.wait_lock);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1029
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1030 if (ret) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1031 if (ret == 1)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1032 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1033 goto cleanup;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1034 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1035
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1036 if (unlikely(to))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1037 hrtimer_sleeper_start_expires(to, HRTIMER_MODE_ABS);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1038
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1039 ret = rt_mutex_wait_proxy_lock(&q.pi_state->pi_mutex, to, &rt_waiter);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1040
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1041 cleanup:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1042 spin_lock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1043 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1044 * If we failed to acquire the lock (deadlock/signal/timeout), we must
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1045 * first acquire the hb->lock before removing the lock from the
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1046 * rt_mutex waitqueue, such that we can keep the hb and rt_mutex wait
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1047 * lists consistent.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1048 *
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1049 * In particular; it is important that futex_unlock_pi() can not
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1050 * observe this inconsistency.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1051 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1052 if (ret && !rt_mutex_cleanup_proxy_lock(&q.pi_state->pi_mutex, &rt_waiter))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1053 ret = 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1054
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1055 no_block:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1056 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1057 * Fixup the pi_state owner and possibly acquire the lock if we
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1058 * haven't already.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1059 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1060 res = fixup_pi_owner(uaddr, &q, !ret);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1061 /*
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1062 * If fixup_pi_owner() returned an error, propagate that. If it acquired
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1063 * the lock, clear our -ETIMEDOUT or -EINTR.
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1064 */
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1065 if (res)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1066 ret = (res < 0) ? res : 0;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1067
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1068 futex_unqueue_pi(&q);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1069 spin_unlock(q.lock_ptr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1070 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1071
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1072 out_unlock_put_key:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1073 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1074
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1075 out:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1076 if (to) {
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1077 hrtimer_cancel(&to->timer);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1078 destroy_hrtimer_on_stack(&to->timer);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1079 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1080 return ret != -EINTR ? ret : -ERESTARTNOINTR;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1081
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1082 uaddr_faulted:
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1083 futex_q_unlock(hb);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1084
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1085 ret = fault_in_user_writeable(uaddr);
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1086 if (ret)
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1087 goto out;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1088
85dc28fa4ec058 Peter Zijlstra 2021-09-23 @1089 if (!(flags & FLAGS_SHARED))
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1090 goto retry_private;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1091
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1092 goto retry;
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1093 }
85dc28fa4ec058 Peter Zijlstra 2021-09-23 1094
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 36790 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here
@ 2021-11-17 13:43 kernel test robot
0 siblings, 0 replies; 4+ messages in thread
From: kernel test robot @ 2021-11-17 13:43 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 14362 bytes --]
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Peter Zijlstra <peterz@infradead.org>
CC: "André Almeida" <andrealmeid@collabora.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 8ab774587903771821b59471cc723bba6d893942
commit: 85dc28fa4ec058645c29bda952d901b29dfaa0b0 futex: Split out PI futex
date: 6 weeks ago
:::::: branch date: 2 days ago
:::::: commit date: 6 weeks ago
config: m68k-randconfig-m031-20211117 (attached as .config)
compiler: m68k-linux-gcc (GCC) 11.2.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here
vim +1089 kernel/futex/pi.c
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 920
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 921 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 922 * Userspace tried a 0 -> TID atomic transition of the futex value
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 923 * and failed. The kernel side here does the whole locking operation:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 924 * if there are waiters then it will block as a consequence of relying
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 925 * on rt-mutexes, it does PI, etc. (Due to races the kernel might see
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 926 * a 0 value of the futex too.).
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 927 *
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 928 * Also serves as futex trylock_pi()'ing, and due semantics.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 929 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 930 int futex_lock_pi(u32 __user *uaddr, unsigned int flags, ktime_t *time, int trylock)
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 931 {
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 932 struct hrtimer_sleeper timeout, *to;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 933 struct task_struct *exiting = NULL;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 934 struct rt_mutex_waiter rt_waiter;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 935 struct futex_hash_bucket *hb;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 936 struct futex_q q = futex_q_init;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 937 int res, ret;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 938
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 939 if (!IS_ENABLED(CONFIG_FUTEX_PI))
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 940 return -ENOSYS;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 941
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 942 if (refill_pi_state_cache())
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 943 return -ENOMEM;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 944
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 945 to = futex_setup_timer(time, &timeout, flags, 0);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 946
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 947 retry:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 948 ret = get_futex_key(uaddr, flags & FLAGS_SHARED, &q.key, FUTEX_WRITE);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 949 if (unlikely(ret != 0))
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 950 goto out;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 951
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 952 retry_private:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 953 hb = futex_q_lock(&q);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 954
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 955 ret = futex_lock_pi_atomic(uaddr, hb, &q.key, &q.pi_state, current,
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 956 &exiting, 0);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 957 if (unlikely(ret)) {
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 958 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 959 * Atomic work succeeded and we got the lock,
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 960 * or failed. Either way, we do _not_ block.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 961 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 962 switch (ret) {
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 963 case 1:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 964 /* We got the lock. */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 965 ret = 0;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 966 goto out_unlock_put_key;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 967 case -EFAULT:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 968 goto uaddr_faulted;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 969 case -EBUSY:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 970 case -EAGAIN:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 971 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 972 * Two reasons for this:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 973 * - EBUSY: Task is exiting and we just wait for the
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 974 * exit to complete.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 975 * - EAGAIN: The user space value changed.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 976 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 977 futex_q_unlock(hb);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 978 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 979 * Handle the case where the owner is in the middle of
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 980 * exiting. Wait for the exit to complete otherwise
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 981 * this task might loop forever, aka. live lock.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 982 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 983 wait_for_owner_exiting(ret, exiting);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 984 cond_resched();
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 985 goto retry;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 986 default:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 987 goto out_unlock_put_key;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 988 }
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 989 }
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 990
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 991 WARN_ON(!q.pi_state);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 992
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 993 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 994 * Only actually queue now that the atomic ops are done:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 995 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 996 __futex_queue(&q, hb);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 997
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 998 if (trylock) {
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 999 ret = rt_mutex_futex_trylock(&q.pi_state->pi_mutex);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1000 /* Fixup the trylock return value: */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1001 ret = ret ? 0 : -EWOULDBLOCK;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1002 goto no_block;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1003 }
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1004
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1005 rt_mutex_init_waiter(&rt_waiter);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1006
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1007 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1008 * On PREEMPT_RT_FULL, when hb->lock becomes an rt_mutex, we must not
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1009 * hold it while doing rt_mutex_start_proxy(), because then it will
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1010 * include hb->lock in the blocking chain, even through we'll not in
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1011 * fact hold it while blocking. This will lead it to report -EDEADLK
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1012 * and BUG when futex_unlock_pi() interleaves with this.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1013 *
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1014 * Therefore acquire wait_lock while holding hb->lock, but drop the
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1015 * latter before calling __rt_mutex_start_proxy_lock(). This
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1016 * interleaves with futex_unlock_pi() -- which does a similar lock
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1017 * handoff -- such that the latter can observe the futex_q::pi_state
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1018 * before __rt_mutex_start_proxy_lock() is done.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1019 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1020 raw_spin_lock_irq(&q.pi_state->pi_mutex.wait_lock);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1021 spin_unlock(q.lock_ptr);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1022 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1023 * __rt_mutex_start_proxy_lock() unconditionally enqueues the @rt_waiter
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1024 * such that futex_unlock_pi() is guaranteed to observe the waiter when
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1025 * it sees the futex_q::pi_state.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1026 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1027 ret = __rt_mutex_start_proxy_lock(&q.pi_state->pi_mutex, &rt_waiter, current);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1028 raw_spin_unlock_irq(&q.pi_state->pi_mutex.wait_lock);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1029
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1030 if (ret) {
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1031 if (ret == 1)
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1032 ret = 0;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1033 goto cleanup;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1034 }
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1035
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1036 if (unlikely(to))
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1037 hrtimer_sleeper_start_expires(to, HRTIMER_MODE_ABS);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1038
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1039 ret = rt_mutex_wait_proxy_lock(&q.pi_state->pi_mutex, to, &rt_waiter);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1040
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1041 cleanup:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1042 spin_lock(q.lock_ptr);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1043 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1044 * If we failed to acquire the lock (deadlock/signal/timeout), we must
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1045 * first acquire the hb->lock before removing the lock from the
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1046 * rt_mutex waitqueue, such that we can keep the hb and rt_mutex wait
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1047 * lists consistent.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1048 *
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1049 * In particular; it is important that futex_unlock_pi() can not
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1050 * observe this inconsistency.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1051 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1052 if (ret && !rt_mutex_cleanup_proxy_lock(&q.pi_state->pi_mutex, &rt_waiter))
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1053 ret = 0;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1054
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1055 no_block:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1056 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1057 * Fixup the pi_state owner and possibly acquire the lock if we
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1058 * haven't already.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1059 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1060 res = fixup_pi_owner(uaddr, &q, !ret);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1061 /*
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1062 * If fixup_pi_owner() returned an error, propagate that. If it acquired
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1063 * the lock, clear our -ETIMEDOUT or -EINTR.
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1064 */
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1065 if (res)
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1066 ret = (res < 0) ? res : 0;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1067
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1068 futex_unqueue_pi(&q);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1069 spin_unlock(q.lock_ptr);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1070 goto out;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1071
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1072 out_unlock_put_key:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1073 futex_q_unlock(hb);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1074
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1075 out:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1076 if (to) {
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1077 hrtimer_cancel(&to->timer);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1078 destroy_hrtimer_on_stack(&to->timer);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1079 }
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1080 return ret != -EINTR ? ret : -ERESTARTNOINTR;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1081
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1082 uaddr_faulted:
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1083 futex_q_unlock(hb);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1084
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1085 ret = fault_in_user_writeable(uaddr);
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1086 if (ret)
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1087 goto out;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1088
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 @1089 if (!(flags & FLAGS_SHARED))
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1090 goto retry_private;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1091
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1092 goto retry;
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1093 }
85dc28fa4ec0586 Peter Zijlstra 2021-09-23 1094
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 19600 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-11-18 17:43 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-18 6:30 kernel/futex/pi.c:1089 futex_lock_pi() warn: bitwise AND condition is false here kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2021-11-18 17:43 kernel test robot
2021-11-18 1:13 kernel test robot
2021-11-17 13:43 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.