[PATCH 4.9.258] futex: fix dead code in attach_to_pi_owner()

[PATCH 4.9.258] futex: fix dead code in attach_to_pi_owner()

[Xiaoming Ni]

The handle_exit_race() function is defined in commit 9c3f39860367
 ("futex: Cure exit race"), which never returns -EBUSY. This results
in a small piece of dead code in the attach_to_pi_owner() function:

	int ret = handle_exit_race(uaddr, uval, p); /* Never return -EBUSY */
	...
	if (ret == -EBUSY)
		*exiting = p; /* dead code */

The return value -EBUSY is added to handle_exit_race() in upsteam
commit ac31c7ff8624409 ("futex: Provide distinct return value when
owner is exiting"). This commit was incorporated into v4.9.255, before
the function handle_exit_race() was introduced, whitout Modify
handle_exit_race().

To fix dead code, extract the change of handle_exit_race() from
commit ac31c7ff8624409 ("futex: Provide distinct return value when owner
 is exiting"), re-incorporated.

Fixes: 9c3f39860367 ("futex: Cure exit race")
Cc: stable@vger.kernel.org # v4.9.258
Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
---
 kernel/futex.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/kernel/futex.c b/kernel/futex.c
index b65dbb5d60bb..0fd785410150 100644
--- a/kernel/futex.c
+++ b/kernel/futex.c
@@ -1207,11 +1207,11 @@ static int handle_exit_race(u32 __user *uaddr, u32 uval,
 	u32 uval2;
 
 	/*
-	 * If the futex exit state is not yet FUTEX_STATE_DEAD, wait
-	 * for it to finish.
+	 * If the futex exit state is not yet FUTEX_STATE_DEAD, tell the
+	 * caller that the alleged owner is busy.
 	 */
 	if (tsk && tsk->futex_state != FUTEX_STATE_DEAD)
-		return -EAGAIN;
+		return -EBUSY;
 
 	/*
 	 * Reread the user space value to handle the following situation:
-- 
2.27.0

Re: [PATCH 4.9.258] futex: fix dead code in attach_to_pi_owner()

[Lee Jones]

On Wed, 24 Feb 2021, Xiaoming Ni wrote:

> The handle_exit_race() function is defined in commit 9c3f39860367
>  ("futex: Cure exit race"), which never returns -EBUSY. This results
> in a small piece of dead code in the attach_to_pi_owner() function:
> 
> 	int ret = handle_exit_race(uaddr, uval, p); /* Never return -EBUSY */
> 	...
> 	if (ret == -EBUSY)
> 		*exiting = p; /* dead code */
> 
> The return value -EBUSY is added to handle_exit_race() in upsteam
> commit ac31c7ff8624409 ("futex: Provide distinct return value when
> owner is exiting"). This commit was incorporated into v4.9.255, before
> the function handle_exit_race() was introduced, whitout Modify
> handle_exit_race().
> 
> To fix dead code, extract the change of handle_exit_race() from
> commit ac31c7ff8624409 ("futex: Provide distinct return value when owner
>  is exiting"), re-incorporated.
> 
> Fixes: 9c3f39860367 ("futex: Cure exit race")
> Cc: stable@vger.kernel.org # v4.9.258
> Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
> ---
>  kernel/futex.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)

To clarify, this is not a wholesale back-port from Mainline.

It takes the remaining functional snippet of:

 ac31c7ff8624409 ("futex: Provide distinct return value when owner is exiting")

... and is the correct fix for this issue.

Reviewed-by: Lee Jones <lee.jones@linaro.org>

> diff --git a/kernel/futex.c b/kernel/futex.c
> index b65dbb5d60bb..0fd785410150 100644
> --- a/kernel/futex.c
> +++ b/kernel/futex.c
> @@ -1207,11 +1207,11 @@ static int handle_exit_race(u32 __user *uaddr, u32 uval,
>  	u32 uval2;
>  
>  	/*
> -	 * If the futex exit state is not yet FUTEX_STATE_DEAD, wait
> -	 * for it to finish.
> +	 * If the futex exit state is not yet FUTEX_STATE_DEAD, tell the
> +	 * caller that the alleged owner is busy.
>  	 */
>  	if (tsk && tsk->futex_state != FUTEX_STATE_DEAD)
> -		return -EAGAIN;
> +		return -EBUSY;
>  
>  	/*
>  	 * Reread the user space value to handle the following situation:

-- 
Lee Jones [李琼斯]
Senior Technical Lead - Developer Services
Linaro.org │ Open source software for Arm SoCs
Follow Linaro: Facebook | Twitter | Blog

Re: [PATCH 4.9.258] futex: fix dead code in attach_to_pi_owner()

[Greg KH]

On Thu, Feb 25, 2021 at 09:17:38AM +0000, Lee Jones wrote:
> On Wed, 24 Feb 2021, Xiaoming Ni wrote:
> 
> > The handle_exit_race() function is defined in commit 9c3f39860367
> >  ("futex: Cure exit race"), which never returns -EBUSY. This results
> > in a small piece of dead code in the attach_to_pi_owner() function:
> > 
> > 	int ret = handle_exit_race(uaddr, uval, p); /* Never return -EBUSY */
> > 	...
> > 	if (ret == -EBUSY)
> > 		*exiting = p; /* dead code */
> > 
> > The return value -EBUSY is added to handle_exit_race() in upsteam
> > commit ac31c7ff8624409 ("futex: Provide distinct return value when
> > owner is exiting"). This commit was incorporated into v4.9.255, before
> > the function handle_exit_race() was introduced, whitout Modify
> > handle_exit_race().
> > 
> > To fix dead code, extract the change of handle_exit_race() from
> > commit ac31c7ff8624409 ("futex: Provide distinct return value when owner
> >  is exiting"), re-incorporated.
> > 
> > Fixes: 9c3f39860367 ("futex: Cure exit race")
> > Cc: stable@vger.kernel.org # v4.9.258
> > Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
> > ---
> >  kernel/futex.c | 6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> To clarify, this is not a wholesale back-port from Mainline.
> 
> It takes the remaining functional snippet of:
> 
>  ac31c7ff8624409 ("futex: Provide distinct return value when owner is exiting")
> 
> ... and is the correct fix for this issue.
> 
> Reviewed-by: Lee Jones <lee.jones@linaro.org>

Thanks, now queued up.

greg k-h