Re: [BUG] android: possible ABBA deadlock in print_binder_proc() and binder_get_txn_from_and_acq_inner()

[Jia-Ju Bai]

Thanks for the reply :)

On 2021/9/8 3:29, Todd Kjos wrote:
> On Mon, Sep 6, 2021 at 7:30 PM Jia-Ju Bai <baijiaju1990@xxxxxxxxx> wrote:
> > Hello,
> >
> > My static analysis tool reports a possible ABBA deadlock in the android
> > driver in Linux 5.10:
> >
> > print_binder_proc()
> >     binder_inner_proc_lock()
> >       _binder_inner_proc_lock()
> >         spin_lock(&proc->inner_lock); --> Line 662 (Lock A)
> >     print_binder_thread_ilocked()
> >       print_binder_transaction_ilocked()
> >         spin_lock(&t->lock); --> Line 5531 (Lock B)
> >
> > binder_get_txn_from_and_acq_inner()
> >     binder_get_txn_from()
> >       spin_lock(&t->lock); --> Line 1833 (Lock B)
> >     binder_inner_proc_lock()
> >       _binder_inner_proc_lock()
> >         spin_lock(&proc->inner_lock); --> Line 662 (Lock A)
> Hmm. What kernel version are you looking at? These line numbers don't
> match what I see in mainline.

Linux 5.10

> Also, the sequence for
> binder_get_txn_from_and_acq_inner() looks like this for me:
>
> binder_get_txn_from_and_acq_inner()
>      binder_get_txn_from()
>        spin_lock(&t->lock); --> Line 1427 (Lock B)
>        spin_unlock(&t->lock); --> Line 1431 (Lock B)
>      binder_inner_proc_lock()
>        _binder_inner_proc_lock()
>           spin_lock(&proc->inner_lock); --> Line 256 (Lock A)
>
> Which doesn't have the deadlock hazard.

Yes, you are right.
My static tool has several errors in the implementation, and thus 
reported this false positive, sorry...


Best wishes,
Jia-Ju Bai