Hi Vitaly, We got the below warning once -- it's pretty hard to repro it. I think the cause may be: before the daemon is terminated, we can successfully "rmmod hv_utils" -- as a result all the code/data segments of the module shouldn't be accessed any more, but in the kernel we still has a dangling pointer set up by hvt_op_poll() -> poll_wait(file, &hvt->outmsg_q, wait); Finally, when the daemon is terminated, the call trace could happen. I think the module should never be unloaded when there is a fd opened on /dev/vmbus/hv_kvp? Thanks, -- Dexuan [ 314.908795] ------------[ cut here ]------------ [ 314.909762] WARNING: at lib/list_debug.c:59 __list_del_entry+0xa1/0xd0() [ 314.909762] list_del corruption. prev->next should be ffff8800f326bce8, but was (null) [ 314.909762] Modules linked in: ip6t_rpfilter ip6t_REJECT ipt_REJECT xt_conntrack ebtable_nat ebtable_broute bridge stp llc ebtable_filter ebtables ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw ip6table_filter ip6_tables iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_mangle iptable_security iptable_raw iptable_filter crc32_pclmul ghash_clmulni_intel aesni_intel lrw gf128mul glue_helper ablk_helper cryptd sg pcspkr i2c_piix4 i2c_core ip_tables xfs libcrc32c sd_mod ata_generic crc_t10dif pata_acpi crct10dif_generic hv_netvsc(OE) hyperv_keyboard(OE) hv_balloon(OE) hv_utils(OE) hid_hyperv(OE) hv_storvsc(OE) scsi_transport_fc crct10dif_pclmul scsi_tgt crct10dif_common hyperv_fb(OE) serio_raw crc32c_intel libata [ 314.909762] hv_vmbus(OE) floppy dm_mirror dm_region_hash dm_log dm_mod [ 314.909762] CPU: 1 PID: 1604 Comm: hv_kvp_daemon Tainted: G OE ------------ 3.10.0-327.el7.x86_64 #1 [ 314.909762] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS 090006 11/18/2015 [ 314.909762] ffff8800f326ba40 00000000e65b4e67 ffff8800f326b9f8 ffffffff816351f1 [ 314.909762] ffff8800f326ba30 ffffffff8107b200 ffff8800f326bce8 ffff8800f326bcd0 [ 314.909762] 0000000000000246 ffff8800f326bc90 ffff8800f326bba4 ffff8800f326ba98 [ 314.909762] Call Trace: [ 314.909762] [<ffffffff816351f1>] dump_stack+0x19/0x1b [ 315.102059] [<ffffffff8107b200>] warn_slowpath_common+0x70/0xb0 [ 315.102059] [<ffffffff8107b29c>] warn_slowpath_fmt+0x5c/0x80 [ 315.102059] [<ffffffff810b5d95>] ? check_preempt_curr+0x85/0xa0 [ 315.102059] [<ffffffff8130c3f1>] __list_del_entry+0xa1/0xd0 [ 315.102059] [<ffffffff8130c42d>] list_del+0xd/0x30 [ 315.102059] [<ffffffff810a68f6>] remove_wait_queue+0x26/0x40 [ 315.102059] [<ffffffff811f2c4e>] poll_freewait+0x3e/0xa0 [ 315.102059] [<ffffffff811f3db5>] do_sys_poll+0x145/0x580 [ 315.102059] [<ffffffff810af028>] ? __wake_up_common+0x58/0x90 [ 315.102059] [<ffffffff810b0ddf>] ? __wake_up_sync_key+0x4f/0x60 [ 315.102059] [<ffffffff815135ba>] ? sock_def_readable+0x3a/0x70 [ 315.102059] [<ffffffff815d366a>] ? unix_dgram_sendmsg+0x5ea/0x660 [ 315.102059] [<ffffffff811f2ad0>] ? poll_select_copy_remaining+0x150/0x150 [ 315.102059] [<ffffffff81511281>] ? SYSC_sendto+0x121/0x1c0 [ 315.102059] [<ffffffff81640ec9>] ? __do_page_fault+0x1f9/0x420 [ 315.102059] [<ffffffff811f42f4>] SyS_poll+0x74/0x110 [ 315.102059] [<ffffffff8110b796>] ? __audit_syscall_exit+0x1e6/0x280 [ 315.102059] [<ffffffff81645909>] system_call_fastpath+0x16/0x1b [ 315.102059] ---[ end trace 43c988dcca070c7b ]--- _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
