From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D69D1C43216 for ; Fri, 20 Aug 2021 11:18:17 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C11DC61040 for ; Fri, 20 Aug 2021 11:18:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240641AbhHTLSx (ORCPT ); Fri, 20 Aug 2021 07:18:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46908 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240335AbhHTLSi (ORCPT ); Fri, 20 Aug 2021 07:18:38 -0400 Received: from mail-yb1-xb2a.google.com (mail-yb1-xb2a.google.com [IPv6:2607:f8b0:4864:20::b2a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6C76FC061230 for ; Fri, 20 Aug 2021 04:17:47 -0700 (PDT) Received: by mail-yb1-xb2a.google.com with SMTP id k65so18112588yba.13 for ; Fri, 20 Aug 2021 04:17:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=/5YusWKi4mMtAdaU6d/BBWgplNbGITEAezWLtaFz7rU=; b=WY8G1goCQxK+CDam4CXathjUIAYVS3CfJ95oXavKFhMVQSPIA4tCtcLelytlo+41fz H8JyIzANIqEYimrF9QFfCQFWdFGLFvJRfn6d3ilOHICAgdpdRLERHduk8z6QGhQqA50C UDuCiy24nKCuLi9MfT1agQoCXL0wlIIAbUTJAW8zXLM7J7Sl6ntbWshtwTvMMSdVeK6j 6f/jxtZUICWP9d83um/XKnYVZYlPT12eQEKMRd3XtUywx+XJE+yQvzrQlPAV5M7zBeQm rGr5iZrYFHw53bTTFSWm5adIAA0HGO/igYCfxKs7msZxil2f8w6t8KSL0dhGQrqN1Z75 r++g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=/5YusWKi4mMtAdaU6d/BBWgplNbGITEAezWLtaFz7rU=; b=sM8ukEhS8v7BeCEgd3Dh8arYFekIyqI5eZY/FGZA9wjngjNyBWlgozIEfm7cFQ7fdM V36GRBB1AaCXdAh+ISe46NzQNO/PT9Dmv7EhoLPosmUo0K4myoOuLbadv+3wVPjiIHte 2Dzyw4850Qh+6MuejFItnzWlAIuZEPUagujGla1gQM1Wv5C3fmC8JH2EmuLfGgThPEUn WWxM7XWMYD/GMRHUqIFLfpaTxioRmw9pFRCck1v/+B2tIP11xzaA8LieHdP56vh0gogx PcRAe3m8TTgq9SOY2g3NL5XYpqMU8NtRO3os3c+aHqatEgw/DjhOWydOp/twqLWyxw6A tPmQ== X-Gm-Message-State: AOAM533vbdH7sCueUeuSkY3dHL8o3drnblH5bBcfNyg5jZlOBGUM47j8 oB/kgXk0YDg3VBZYGLOZbNLVmo91Z1v1LQ5ST8I= X-Google-Smtp-Source: ABdhPJw0S96eBoW7rmRSkGQ3C0Rx9Rti/xgmk5Y1F2EQjhyKaeELqSCM7qbX+TRdQDmjkzuCBgZfjGSoC8LUu4UuRVA= X-Received: by 2002:a25:f310:: with SMTP id c16mr22964783ybs.464.1629458266629; Fri, 20 Aug 2021 04:17:46 -0700 (PDT) MIME-Version: 1.0 From: Lukas Bulwahn Date: Fri, 20 Aug 2021 13:17:42 +0200 Message-ID: Subject: Question on commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()") To: Thomas Gleixner , Ingo Molnar Cc: Peter Zijlstra , LKML , Sudip Mukherjee Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Dear Thomas, in commit dc7109aaa233 ("futex: Validate waiter correctly in futex_proxy_trylock_atomic()") visible on next-20210819, you add: + /* + * Ensure that this is a waiter sitting in futex_wait_requeue_pi() + * and waiting on the 'waitqueue' futex which is always !PI. + */ + if (!top_waiter->rt_waiter || top_waiter->pi_state) + ret = -EINVAL; However, ret is unconditionally reassigned later and erases any intended effect of this assignment. This is making that assignment above a Dead Store, which clang-analyzer correctly warns about and which motivates me to write you an email. Did you intend to return -EINVAL here? So: + if (!top_waiter->rt_waiter || top_waiter->pi_state) + return -EINVAL; Best regards, Lukas Static analysis tools are as foolish as they are... but every dog has its day...