Hello,
Andrew Morton wrote:
>> EIP is at sysfs_addrm_finish+0x1c2/0x226
>> eax: 00000001 ebx: c5ff9dc0 ecx: c058aa40 edx: 00000001
>> esi: c5ff9de8 edi: c37c3240 ebp: c5ff9e1c esp: c5ff9db8
>> ds: 007b es: 007b fs: 0000 gs: 0033 ss: 0068
>> Process modprobe (pid: 3519, ti=c5ff9000 task=c5ef15e0 task.ti=c5ff9000)
>> Stack: c03a3eda c5ff9e24 00000000 00000001 dead4ead ffffffff ffffffff c0657cf0
>> 00000000 c046359d c5ff9de0 c5ff9de0 00000000 00000001 dead4ead ffffffff
>> ffffffff c0657cf0 00000000 c046359d c5ff9de0 c5ff9de0 c37c3240 c5ff9e24
>> Call Trace:
>> [<c01a7833>] remove_dir+0x2e/0x35
>> [<c01a7894>] __sysfs_remove_dir+0x5a/0x61
>> [<c01a78d1>] sysfs_remove_dir+0x2c/0x30
Hmm... That's weird. I tried to regenerate it here but mine unloads
happily. Can you apply the attached patch and report the resulting
messages when oops happens?
Thanks.
--
tejun
---
fs/sysfs/dir.c | 8 ++++++++
1 file changed, 8 insertions(+)
Index: tree0/fs/sysfs/dir.c
===================================================================
--- tree0.orig/fs/sysfs/dir.c
+++ tree0/fs/sysfs/dir.c
@@ -268,6 +268,9 @@ static void sysfs_deactivate(struct sysf
DECLARE_COMPLETION_ONSTACK(wait);
int v;
+ if (sd->s_sibling || !(sd->s_flags & SYSFS_FLAG_REMOVED))
+ printk("XXX sysfs_deactivate: sd=%p s_sibling=%p s_flags=0x%x\n",
+ sd, sd->s_sibling, sd->s_flags);
BUG_ON(sd->s_sibling || !(sd->s_flags & SYSFS_FLAG_REMOVED));
sd->s_sibling = (void *)&wait;
@@ -530,6 +533,9 @@ void sysfs_remove_one(struct sysfs_addrm
drop_nlink(acxt->parent_inode);
acxt->cnt++;
+
+ printk("XXX sysfs_remove_one: acxt=%p sd=%p s_flags=0x%x cnt=%d\n",
+ acxt, sd, sd->s_flags, acxt->cnt);
}
/**
@@ -624,6 +630,8 @@ int sysfs_addrm_finish(struct sysfs_addr
acxt->removed = sd->s_sibling;
sd->s_sibling = NULL;
+ printk("XXX sysfs_addrm_finish: acxt=%p sd=%p s_sibling=%p s_flags=0x%x\n",
+ acxt, sd, sd->s_sibling, sd->s_flags);
sysfs_drop_dentry(sd);
sysfs_deactivate(sd);
sysfs_put(sd);
