On Thu, Feb 16, 2012 at 07:08:57PM -0500, Dave Jones wrote: > Remember this ? https://lkml.org/lkml/2011/4/15/272 > Josh took a stab at fixing it in e096d0c7e2e4e5893792db865dd065ac73cf1f00, > but it seems to still be there. > the existing dependency chain (in reverse order) is: [snip] ... and as bloody usual, that mentioning of readdir in the output is a red herring; the real problem (and yes, it *is* deadlock-prone) is not with getdents(2) that cannot happen on anything that could be mmaped; it's with hugetlbfs_read() (i.e. read(2)) that very definitely *can*. This is *not* a misannotation and not a false positive; this is a real, honest deadlock. Thread A: read() on hugetlbfs hugetlbfs_read() called i_mutex grabbed hugetlbfs_read_actor() called __copy_to_user() called page fault is triggered Thread B, sharing address space with A: mmap() the same file ->mmap_sem is grabbed on task_B->mm->mmap_sem hugetlbfs_file_mmap() is called attempt to grab ->i_mutex and block waiting for A to give it up Thread A: pagefault handled blocked on attempt to grab task_A->mm->mmap_sem, which happens to be the same thing as task_B->mm->mmap_sem. Block waiting for B to give it up. Deadlock. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/