[PATCH] fork: simplify overcomplicated if conditions

[PATCH] fork: simplify overcomplicated if conditions

[Joey Pabalinas]

[-- Attachment #1: Type: text/plain, Size: 1038 bytes --]

Since `((a & (b|c)) == (b|c))` is the same thing as `(a & (b|c))`, use
the second version which is simpler.

Signed-off-by: Joey Pabalinas <joeypabalinas@gmail.com>
---
 kernel/fork.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/fork.c b/kernel/fork.c
index af673856499dcaa35e..cb49f25e30e69edaa5 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1930,14 +1930,14 @@ __latent_entropy struct task_struct *copy_process(
 
 	/*
 	 * Don't allow sharing the root directory with processes in a different
 	 * namespace
 	 */
-	if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS))
+	if (clone_flags & (CLONE_NEWNS|CLONE_FS))
 		return ERR_PTR(-EINVAL);
 
-	if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
+	if (clone_flags & (CLONE_NEWUSER|CLONE_FS))
 		return ERR_PTR(-EINVAL);
 
 	/*
 	 * Thread groups must share signals as well, and detached threads
 	 * can only be started up within the thread group.
-- 
Cheers,
Joey Pabalinas

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [PATCH] fork: simplify overcomplicated if conditions

[Kiryl Shutsemau]

On Wed, Sep 03, 2025 at 08:46:29PM -1000, Joey Pabalinas wrote:
> Since `((a & (b|c)) == (b|c))` is the same thing as `(a & (b|c))`, use
> the second version which is simpler.

Huh? No it is not the same thing.

a = 1;
b = 1;
c = 2;

(a & (b|c)) is 1 which is true.
((a & (b|c)) == (b|c)) is false.

-- 
  Kiryl Shutsemau / Kirill A. Shutemov

Re: [PATCH] fork: simplify overcomplicated if conditions

[Joey Pabalinas]

[-- Attachment #1: Type: text/plain, Size: 467 bytes --]

On Thu, Sep 04, 2025 at 10:56:44AM +0100, Kiryl Shutsemau wrote:
> On Wed, Sep 03, 2025 at 08:46:29PM -1000, Joey Pabalinas wrote:
> > Since `((a & (b|c)) == (b|c))` is the same thing as `(a & (b|c))`, use
> > the second version which is simpler.
> 
> Huh? No it is not the same thing.
> 
> a = 1;
> b = 1;
> c = 2;
> 
> (a & (b|c)) is 1 which is true.
> ((a & (b|c)) == (b|c)) is false.

Ah, you are right. My mistake.

-- 
Cheers,
Joey Pabalinas

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[syzbot ci] Re: fork: simplify overcomplicated if conditions

[syzbot ci]

syzbot ci has tested the following series

[v1] fork: simplify overcomplicated if conditions
https://lore.kernel.org/all/357638f71edc7f1d9814b1851a64e09a8895bffc.1756968204.git.joeypabalinas@gmail.com
* [PATCH] fork: simplify overcomplicated if conditions

and found the following issue:
general protection fault in rest_init

Full report is available here:
https://ci.syzbot.org/series/e9c440d7-f494-4207-a59d-773bbbf909ff

***

general protection fault in rest_init

tree:      torvalds
URL:       https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux
base:      b320789d6883cc00ac78ce83bccbfe7ed58afcf0
arch:      amd64
compiler:  Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
config:    https://ci.syzbot.org/builds/58676b34-5a2d-40b9-ab9d-b45b8161dd5c/config

Console: colour VGA+ 80x25
printk: legacy console [ttyS0] enabled
printk: legacy console [ttyS0] enabled
printk: legacy bootconsole [earlyser0] disabled
printk: legacy bootconsole [earlyser0] disabled
Lock dependency validator: Copyright (c) 2006 Red Hat, Inc., Ingo Molnar
... MAX_LOCKDEP_SUBCLASSES:  8
... MAX_LOCK_DEPTH:          48
... MAX_LOCKDEP_KEYS:        8192
... CLASSHASH_SIZE:          4096
... MAX_LOCKDEP_ENTRIES:     1048576
... MAX_LOCKDEP_CHAINS:      1048576
... CHAINHASH_SIZE:          524288
 memory used by lock dependency info: 106625 kB
 memory used for stack traces: 8320 kB
 per task-struct memory footprint: 1920 bytes
mempolicy: Enabling automatic NUMA balancing. Configure with numa_balancing= or the kernel.numa_balancing sysctl
ACPI: Core revision 20250404
clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
APIC: Switch to symmetric I/O mode setup
x2apic enabled
APIC: Switched APIC routing to: physical x2apic
..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x285d45cc0d6, max_idle_ns: 440795339158 ns
Calibrating delay loop (skipped) preset value.. 5600.55 BogoMIPS (lpj=28002760)
Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
mitigations: Enabled attack vectors: user_kernel, user_user, guest_host, guest_guest, SMT mitigations: auto
Speculative Store Bypass: Vulnerable
Spectre V2 : Mitigation: Retpolines
ITS: Mitigation: Aligned branch/return thunks
MDS: Vulnerable: Clear CPU buffers attempted, no microcode
Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
Spectre V2 : Spectre v2 / SpectreRSB: Filling RSB on context switch and VMEXIT
active return thunk: its_return_thunk
x86/fpu: x87 FPU will use FXSAVE
Freeing SMP alternatives memory: 136K
pid_max: default: 32768 minimum: 301
LSM: initializing lsm=lockdown,capability,landlock,yama,safesetid,tomoyo,apparmor,bpf,ima,evm
landlock: Up and running.
Yama: becoming mindful.
TOMOYO Linux initialized
AppArmor: AppArmor initialized
LSM support for eBPF active
Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, vmalloc hugepage)
Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, vmalloc hugepage)
Mount-cache hash table entries: 8192 (order: 4, 65536 bytes, vmalloc)
Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes, vmalloc)
Running RCU synchronous self tests
Running RCU synchronous self tests
Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI
KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:rest_init+0xf8/0x300
Code: f6 49 bf 00 00 00 00 00 fc ff df 89 ef 48 c7 c6 40 57 fe 8d e8 e9 47 12 f6 49 89 c6 48 89 c7 48 83 c7 2c 48 89 f8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 d9 01 00 00 41 80 4e 2f 04 e8 e1 e3 ff
RSP: 0000:ffffffff8de07ee0 EFLAGS: 00010207
RAX: 0000000000000005 RBX: ffffffff8b79fc61 RCX: ffffffff8de95100
RDX: 0000000000000000 RSI: ffffffffffffffea RDI: 000000000000002c
RBP: 00000000ffffffea R08: 0000000000000000 R09: ffffffff8b79fc61
R10: dffffc0000000000 R11: fffffbfff1f47207 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b8618000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff88813ffff000 CR3: 000000000df36000 CR4: 00000000000006f0
Call Trace:
 <TASK>
 start_kernel+0x3a9/0x410
 x86_64_start_reservations+0x24/0x30
 x86_64_start_kernel+0x143/0x1c0
 common_startup_64+0x13e/0x147
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:rest_init+0xf8/0x300
Code: f6 49 bf 00 00 00 00 00 fc ff df 89 ef 48 c7 c6 40 57 fe 8d e8 e9 47 12 f6 49 89 c6 48 89 c7 48 83 c7 2c 48 89 f8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 d9 01 00 00 41 80 4e 2f 04 e8 e1 e3 ff
RSP: 0000:ffffffff8de07ee0 EFLAGS: 00010207
RAX: 0000000000000005 RBX: ffffffff8b79fc61 RCX: ffffffff8de95100
RDX: 0000000000000000 RSI: ffffffffffffffea RDI: 000000000000002c
RBP: 00000000ffffffea R08: 0000000000000000 R09: ffffffff8b79fc61
R10: dffffc0000000000 R11: fffffbfff1f47207 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b8618000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff88813ffff000 CR3: 000000000df36000 CR4: 00000000000006f0


***

If these findings have caused you to resend the series or submit a
separate fix, please add the following tag to your commit message:
  Tested-by: syzbot@syzkaller.appspotmail.com

---
This report is generated by a bot. It may contain errors.
syzbot ci engineers can be reached at syzkaller@googlegroups.com.

Re: [PATCH] fork: simplify overcomplicated if conditions

[David Hildenbrand]

On 04.09.25 12:04, Joey Pabalinas wrote:
> On Thu, Sep 04, 2025 at 10:56:44AM +0100, Kiryl Shutsemau wrote:
>> On Wed, Sep 03, 2025 at 08:46:29PM -1000, Joey Pabalinas wrote:
>>> Since `((a & (b|c)) == (b|c))` is the same thing as `(a & (b|c))`, use
>>> the second version which is simpler.
>>
>> Huh? No it is not the same thing.
>>
>> a = 1;
>> b = 1;
>> c = 2;
>>
>> (a & (b|c)) is 1 which is true.
>> ((a & (b|c)) == (b|c)) is false.
> 
> Ah, you are right. My mistake.

I suspect you didn't even test that patch?

Please do us all a favor and don't send any more such patches.

-- 
Cheers

David / dhildenb

Re: [PATCH] fork: simplify overcomplicated if conditions

[kernel test robot]

Hello,

kernel test robot noticed "BUG:kernel_NULL_pointer_dereference,address" on:

commit: 62b2846e29a8bec933d0dd7a3a4ccc7af409d8d0 ("[PATCH] fork: simplify overcomplicated if conditions")
url: https://github.com/intel-lab-lkp/linux/commits/Joey-Pabalinas/fork-simplify-overcomplicated-if-conditions/20250904-144729
base: https://git.kernel.org/cgit/linux/kernel/git/kees/linux.git for-next/execve
patch link: https://lore.kernel.org/all/357638f71edc7f1d9814b1851a64e09a8895bffc.1756968204.git.joeypabalinas@gmail.com/
patch subject: [PATCH] fork: simplify overcomplicated if conditions

in testcase: boot

config: i386-randconfig-004-20250906
compiler: gcc-13
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G

(please refer to attached dmesg/kmsg for entire log/backtrace)


+---------------------------------------------+------------+------------+
|                                             | 8c94db0ae9 | 62b2846e29 |
+---------------------------------------------+------------+------------+
| boot_successes                              | 6          | 0          |
| boot_failures                               | 0          | 6          |
| BUG:kernel_NULL_pointer_dereference,address | 0          | 6          |
| Oops                                        | 0          | 6          |
| EIP:rest_init                               | 0          | 6          |
| Kernel_panic-not_syncing:Fatal_exception    | 0          | 6          |
+---------------------------------------------+------------+------------+


If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202509081409.2daadf50-lkp@intel.com


[    3.204615][    T0] BUG: kernel NULL pointer dereference, address: 00000020
[    3.205081][    T0] #PF: supervisor write access in kernel mode
[    3.205081][    T0] #PF: error_code(0x0002) - not-present page
[    3.205081][    T0] *pde = 00000000
[    3.205081][    T0] Oops: Oops: 0002 [#1] SMP
[    3.205081][    T0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.17.0-rc2-00004-g62b2846e29a8 #1 PREEMPT(full)  cdac75d461890a0b0673a9c64f8f62c890a06589
[    3.205081][    T0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 3.205081][ T0] EIP: rest_init (init/main.c:717) 
[ 3.205081][ T0] Code: 00 75 1b b9 b4 d6 a7 83 ba 4a 03 00 00 b8 9b d6 a7 83 c6 05 25 19 68 84 01 e8 80 c8 7f fe 89 d8 ba c0 ab f6 83 e8 e0 aa 7c fe <81> 48 20 00 00 00 04 64 8b 3d 18 20 8d 84 89 c6 89 fb 83 e3 1f 43
All code
========
   0:	00 75 1b             	add    %dh,0x1b(%rbp)
   3:	b9 b4 d6 a7 83       	mov    $0x83a7d6b4,%ecx
   8:	ba 4a 03 00 00       	mov    $0x34a,%edx
   d:	b8 9b d6 a7 83       	mov    $0x83a7d69b,%eax
  12:	c6 05 25 19 68 84 01 	movb   $0x1,-0x7b97e6db(%rip)        # 0xffffffff8468193e
  19:	e8 80 c8 7f fe       	call   0xfffffffffe7fc89e
  1e:	89 d8                	mov    %ebx,%eax
  20:	ba c0 ab f6 83       	mov    $0x83f6abc0,%edx
  25:	e8 e0 aa 7c fe       	call   0xfffffffffe7cab0a
  2a:*	81 48 20 00 00 00 04 	orl    $0x4000000,0x20(%rax)		<-- trapping instruction
  31:	64 8b 3d 18 20 8d 84 	mov    %fs:-0x7b72dfe8(%rip),%edi        # 0xffffffff848d2050
  38:	89 c6                	mov    %eax,%esi
  3a:	89 fb                	mov    %edi,%ebx
  3c:	83 e3 1f             	and    $0x1f,%ebx
  3f:	43                   	rex.XB

Code starting with the faulting instruction
===========================================
   0:	81 48 20 00 00 00 04 	orl    $0x4000000,0x20(%rax)
   7:	64 8b 3d 18 20 8d 84 	mov    %fs:-0x7b72dfe8(%rip),%edi        # 0xffffffff848d2026
   e:	89 c6                	mov    %eax,%esi
  10:	89 fb                	mov    %edi,%ebx
  12:	83 e3 1f             	and    $0x1f,%ebx
  15:	43                   	rex.XB
[    3.205081][    T0] EAX: 00000000 EBX: ffffffea ECX: 00000000 EDX: 00000000
[    3.205081][    T0] ESI: ee7fd750 EDI: ee7fd740 EBP: 83eebf80 ESP: 83eebf74
[    3.205081][    T0] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00210246
[    3.205081][    T0] CR0: 80050033 CR2: 00000020 CR3: 04910000 CR4: 00040690
[    3.205081][    T0] Call Trace:
[ 3.205081][ T0] start_kernel (init/main.c:1335) 
[ 3.205081][ T0] i386_start_kernel (arch/x86/kernel/head32.c:129) 
[ 3.205081][ T0] startup_32_smp (arch/x86/kernel/head_32.S:290) 
[    3.205081][    T0] Modules linked in:
[    3.205081][    T0] CR2: 0000000000000020
[    3.205081][    T0] ---[ end trace 0000000000000000 ]---
[ 3.205081][ T0] EIP: rest_init (init/main.c:717) 
[ 3.205081][ T0] Code: 00 75 1b b9 b4 d6 a7 83 ba 4a 03 00 00 b8 9b d6 a7 83 c6 05 25 19 68 84 01 e8 80 c8 7f fe 89 d8 ba c0 ab f6 83 e8 e0 aa 7c fe <81> 48 20 00 00 00 04 64 8b 3d 18 20 8d 84 89 c6 89 fb 83 e3 1f 43
All code
========
   0:	00 75 1b             	add    %dh,0x1b(%rbp)
   3:	b9 b4 d6 a7 83       	mov    $0x83a7d6b4,%ecx
   8:	ba 4a 03 00 00       	mov    $0x34a,%edx
   d:	b8 9b d6 a7 83       	mov    $0x83a7d69b,%eax
  12:	c6 05 25 19 68 84 01 	movb   $0x1,-0x7b97e6db(%rip)        # 0xffffffff8468193e
  19:	e8 80 c8 7f fe       	call   0xfffffffffe7fc89e
  1e:	89 d8                	mov    %ebx,%eax
  20:	ba c0 ab f6 83       	mov    $0x83f6abc0,%edx
  25:	e8 e0 aa 7c fe       	call   0xfffffffffe7cab0a
  2a:*	81 48 20 00 00 00 04 	orl    $0x4000000,0x20(%rax)		<-- trapping instruction
  31:	64 8b 3d 18 20 8d 84 	mov    %fs:-0x7b72dfe8(%rip),%edi        # 0xffffffff848d2050
  38:	89 c6                	mov    %eax,%esi
  3a:	89 fb                	mov    %edi,%ebx
  3c:	83 e3 1f             	and    $0x1f,%ebx
  3f:	43                   	rex.XB

Code starting with the faulting instruction
===========================================
   0:	81 48 20 00 00 00 04 	orl    $0x4000000,0x20(%rax)
   7:	64 8b 3d 18 20 8d 84 	mov    %fs:-0x7b72dfe8(%rip),%edi        # 0xffffffff848d2026
   e:	89 c6                	mov    %eax,%esi
  10:	89 fb                	mov    %edi,%ebx
  12:	83 e3 1f             	and    $0x1f,%ebx
  15:	43                   	rex.XB


The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20250908/202509081409.2daadf50-lkp@intel.com



-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki