Re: [BUG] Linux 2.6.20.1 - unable to handle kernel paging request - accessing freed memory?

[Pekka Enberg]

Hi,

On 2/26/07, Chris Rankin <rankincj@xxxxxxxxx> wrote:
> BUG: unable to handle kernel paging request at virtual address 6b6b6ceb

[snip]

> EIP is at module_put+0x20/0x52
> eax: 6b6b6ceb   ebx: 6b6b6b6b   ecx: 00000001   edx: e5bf0000
> esi: e9040b08   edi: 6b6b6b6b   ebp: eae0bb3c   esp: e5bf0f58
> ds: 007b   es: 007b   ss: 0068
> Process udevd (pid: 18662, ti=e5bf0000 task=e6aaa030 task.ti=e5bf0000)
> Stack: eb3ff7bc c01839fe 00000010 ed009b7c ed9291d0 c015124b 00000000 00000000
>        f7ff2208 ed009b7c f7bd0678 00000000 ed009b7c c014ed88 00000003 00000003
>        f7bd0678 f7bd06f8 c014fd81 00000003 00000007 00000003 e5bf0000 c0102bce
> Call Trace:
>  [<c01839fe>] sysfs_release+0x2d/0x4c
>  [<c015124b>] __fput+0x96/0x13c

So udevd is closing a sysfs attribute file but the pointer passed to
module_put is bogus. Looks like the sysfs dentry was already taken
down by release_sysfs_dirent(). Can you reproduce this at will? Does
the oops happen in older kernels?

                                       Pekka
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/