From: Peter Zijlstra Date: Mon, 22 Jan 2018 10:39:47 +0000 (+0100) Subject: futex: Fix OWNER_DEAD fixup X-Git-Tag: v4.4.259~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e68489bc827dbb9ae28f3e082b147d303599151b;p=thirdparty%2Fkernel%2Fstable.git futex: Fix OWNER_DEAD fixup commit a97cb0e7b3f4c6297fd857055ae8e895f402f501 upstream. Both Geert and DaveJ reported that the recent futex commit: c1e2f0eaf015 ("futex: Avoid violating the 10th rule of futex") introduced a problem with setting OWNER_DEAD. We set the bit on an uninitialized variable and then entirely optimize it away as a dead-store. Move the setting of the bit to where it is more useful. Reported-by: Geert Uytterhoeven Reported-by: Dave Jones Signed-off-by: Peter Zijlstra (Intel) Cc: Andrew Morton Cc: Linus Torvalds Cc: Paul E. McKenney Cc: Peter Zijlstra Cc: Thomas Gleixner Fixes: c1e2f0eaf015 ("futex: Avoid violating the 10th rule of futex") Link: http://lkml.kernel.org/r/20180122103947.GD2228@hirez.programming.kicks-ass.net Signed-off-by: Ingo Molnar Signed-off-by: Zheng Yejian Reviewed-by: Lee Jones Signed-off-by: Greg Kroah-Hartman --- diff --git a/kernel/futex.c b/kernel/futex.c index 199e63c5b6120..70ad21bbb1d55 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -2248,10 +2248,6 @@ static int __fixup_pi_state_owner(u32 __user *uaddr, struct futex_q *q, oldowner = pi_state->owner; - /* Owner died? */ - if (!pi_state->owner) - newtid |= FUTEX_OWNER_DIED; - /* * We are here because either: * @@ -2309,6 +2305,9 @@ retry: } newtid = task_pid_vnr(newowner) | FUTEX_WAITERS; + /* Owner died? */ + if (!pi_state->owner) + newtid |= FUTEX_OWNER_DIED; if (get_futex_value_locked(&uval, uaddr)) goto handle_fault;