I've hit an instance of a bug that was hypothesized here: http://sourceforge.net/p/aufs/mailman/aufs-users/thread/20120723152336.GB1894%40decadent.org.uk/
The LSM called by security_mmap_file in aufs_mmap can attempt to take mmap_sem, in which case the thread deadlocks. The particular offender here is IMA, which ends up calling audit_log_task_info, which tries to get mmap_sem here: http://lxr.free-electrons.com/source/kernel/audit.c?v=3.13#L1738 Here's a stack: schedule+0x29/0x70 rwsem_down_read_failed+0xf5/0x150 call_rwsem_down_read_failed+0x14/0x30 ? down_read+0x20/0x30 audit_log_task_info+0x23b/0x2d0 ima_audit_measurement+0x162/0x1a0 process_measurement+0x20e/0x2a0 ima_file_mmap+0x2d/0x40 security_mmap_file+0x4d/0x90 aufs_mmap+0xd0/0x2a0 [aufs] ? vma_adjust+0x337/0x7d0 ? kmem_cache_alloc+0x132/0x140 ? mmap_region+0x348/0x600 mmap_region+0x3ed/0x600 do_mmap_pgoff+0x34e/0x3d0 vm_mmap_pgoff+0x8d/0xc0 vm_mmap+0x2d/0x40 load_elf_binary+0x596/0xd80 search_binary_handler+0x8f/0x1b0 do_execve_common.isra.22+0x5a7/0x7e0 SyS_execve+0x36/0x50 stub_execve+0x69/0xa0 This commit took security_mmap_file out of mmap_sem elsewhere in the kernel. http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b3ec6814c83d76b85bd13badc48552836c24839 None of the other file systems in the Linux kernel call security_mmap_file. Why does aufs? ------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available. Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs
