Re: Deadlock on the mm->mmap_sem

Manfred Spraul (manfred@colorfullife.com)
Mon, 17 Sep 2001 23:50:40 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Gernot: "Annoying OOPS on 2.4.9 kernel"
Previous message: Ben Greear: "Re: notion of a local address [was: Re: ioctl SIOCGIFNETMASK: ip"
Maybe in reply to: Ulrich Weigand: "Deadlock on the mm->mmap_sem"
Next in thread: Linus Torvalds: "Re: Deadlock on the mm->mmap_sem"

> What happens is that proc_pid_read_maps grabs the mmap_sem as a
> reader, and *while it holds the lock*, does a copy_to_user. This can
> of course page-fault, and the handler will also grab the mmap_sem
> (if it is the same task).

Ok, that's a bug.
You must not call copy_to_user with the mmap semaphore acquired - linux
semaphores are not recursive.

> Any ideas how to fix this? Should proc_pid_read_maps just drop the
> lock before copy_to_user?

Yes, and preferable switch to multiline copies - a full page temporary
buffer is allocated, transfering data on a line-by-line base is way too
much overhead (and the current volatile_task is an ugly hack).

-- Manfred

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Gernot: "Annoying OOPS on 2.4.9 kernel"
Previous message: Ben Greear: "Re: notion of a local address [was: Re: ioctl SIOCGIFNETMASK: ip"
Maybe in reply to: Ulrich Weigand: "Deadlock on the mm->mmap_sem"
Next in thread: Linus Torvalds: "Re: Deadlock on the mm->mmap_sem"