Re: tty: deadlock between n_tracerouter_receivebuf and flush_to_ldisc

[Dmitry Vyukov]

On Wed, Jan 20, 2016 at 12:44 PM, Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
> On Wed, Jan 20, 2016 at 10:36:01AM +0100, Dmitry Vyukov wrote:
>
>> +Peter, Ingo, can you please suggest a way to annotate this locking
>> pattern to avoid lockdep false positive?
>
> No, because I haven't a clue what the actual problem is.
>
> The report is fairly clear on how:
>
>  routelock
>    &port->buf.lock/1
>      &o_tty->termios_rwsem/1
>        &buf->lock
>
> gets established, and shows where we try:
>
>   &buf->lock
>     routelock
>
> Which gives a circle, ergo deadlock.
>
> Show which link is wrong and why, and I can suggest ways of annotating
> that.


Alan provided an explanation calling this "false report":
https://groups.google.com/d/msg/syzkaller/YrV0bzdfa-g/cCVoUf1OFQAJ


And I don't understand how the following is a deadlock, since there is
no cycle...

 Possible unsafe locking scenario:
      CPU0                    CPU1
       ----                    ----
  lock(&buf->lock);
                               lock(&o_tty->termios_rwsem/1);
                               lock(&buf->lock);
  lock(routelock);


Shouldn't it look like:

 Possible unsafe locking scenario:
      CPU0                    CPU1
       ----                    ----
  lock(&buf->lock);
                               lock(routelock);
                               lock(&buf->lock);
  lock(routelock);

?