diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
index 2fbdff6..a558087 100644
--- a/fs/sysfs/dir.c
+++ b/fs/sysfs/dir.c
@@ -280,6 +280,11 @@ void release_sysfs_dirent(struct sysfs_dirent * sd)
 	 * sd->s_parent won't change beneath us.
 	 */
 	parent_sd = sd->s_parent;
+	if(!(sd->s_flags & SYSFS_FLAG_REMOVED)) {
+		printk("%s-%d sysfs_dirent use after free: %s-%s\n",
+			__func__, __LINE__, parent_sd->s_name, sd->s_name);
+		dump_stack();
+	}
 
 	if (sysfs_type(sd) == SYSFS_KOBJ_LINK)
 		sysfs_put(sd->s_symlink.target_sd);
@@ -962,6 +967,12 @@ static struct sysfs_dirent *sysfs_dir_pos(const void *ns,
 		int valid = !(pos->s_flags & SYSFS_FLAG_REMOVED) &&
 			pos->s_parent == parent_sd &&
 			hash == pos->s_hash;
+
+		if ((atomic_read(&pos->s_count) == 1)) {
+			printk("%s-%d sysfs_dirent use after free: %s(%s)-%s, %lld-%u\n",
+				__func__, __LINE__, parent_sd->s_name, pos->s_parent->s_name,
+				pos->s_name, hash, pos->s_hash);
+		}
 		sysfs_put(pos);
 		if (!valid)
 			pos = NULL;
@@ -1012,56 +1023,80 @@ static int sysfs_readdir(struct file * filp, void * dirent, filldir_t filldir)
 	enum kobj_ns_type type;
 	const void *ns;
 	ino_t ino;
+	loff_t curr;
+	int delta;
 
 	type = sysfs_ns_type(parent_sd);
 	ns = sysfs_info(dentry->d_sb)->ns[type];
 
-	if (filp->f_pos == 0) {
+	mutex_lock(&sysfs_mutex);
+start:
+	delta = 0;
+	curr = filp->f_pos;
+	mutex_unlock(&sysfs_mutex);
+
+	if (curr == 0) {
 		ino = parent_sd->s_ino;
-		if (filldir(dirent, ".", 1, filp->f_pos, ino, DT_DIR) == 0)
-			filp->f_pos++;
+		if (filldir(dirent, ".", 1, 0, ino, DT_DIR) == 0)
+			delta++;
 	}
-	if (filp->f_pos == 1) {
+	if (curr == 1) {
 		if (parent_sd->s_parent)
 			ino = parent_sd->s_parent->s_ino;
 		else
 			ino = parent_sd->s_ino;
-		if (filldir(dirent, "..", 2, filp->f_pos, ino, DT_DIR) == 0)
-			filp->f_pos++;
+		if (filldir(dirent, "..", 2, 1, ino, DT_DIR) == 0)
+			delta++;
 	}
+
 	mutex_lock(&sysfs_mutex);
+	if (curr == filp->f_pos)
+		filp->f_pos += delta;
 	for (pos = sysfs_dir_pos(ns, parent_sd, filp->f_pos, pos);
 	     pos;
 	     pos = sysfs_dir_next_pos(ns, parent_sd, filp->f_pos, pos)) {
 		const char * name;
 		unsigned int type;
 		int len, ret;
+		loff_t off;
 
 		name = pos->s_name;
 		len = strlen(name);
 		ino = pos->s_ino;
 		type = dt_type(pos);
-		filp->f_pos = pos->s_hash;
+		off = filp->f_pos = pos->s_hash;
 		filp->private_data = sysfs_get(pos);
 
 		mutex_unlock(&sysfs_mutex);
-		ret = filldir(dirent, name, len, filp->f_pos, ino, type);
+		ret = filldir(dirent, name, len, off, ino, type);
 		mutex_lock(&sysfs_mutex);
 		if (ret < 0)
 			break;
+		if (filp->f_pos == 0 || filp->f_pos == 1)
+				goto start;
 	}
-	mutex_unlock(&sysfs_mutex);
 	if ((filp->f_pos > 1) && !pos) { /* EOF */
 		filp->f_pos = INT_MAX;
 		filp->private_data = NULL;
 	}
+	mutex_unlock(&sysfs_mutex);
 	return 0;
 }
 
+static loff_t sysfs_dir_llseek(struct file *file, loff_t offset, int whence)
+{
+		loff_t ret;
+
+		mutex_lock(&sysfs_mutex);
+		ret = generic_file_llseek(file, offset, whence);
+		mutex_unlock(&sysfs_mutex);
+
+		return ret;
+}
 
 const struct file_operations sysfs_dir_operations = {
 	.read		= generic_read_dir,
 	.readdir	= sysfs_readdir,
 	.release	= sysfs_dir_release,
-	.llseek		= generic_file_llseek,
+	.llseek		= sysfs_dir_llseek,
 };