Hi,
Simple modprobe loop ; rmmod loop
on Linus' tree now produces now OOPS.
Bisected to patch (and reverting fixes problem)
commit 7681bfeeccff5efa9eb29bf09249a3c400b15327
Author: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Date: Tue Oct 19 09:05:00 2010 +0200
block: fix accounting bug on cross partition merges
The problem is probably that patch uses directly q->queue_lock
even if queue is being destroyed (QUEUE_FLAG_DEAD is set).
See what loop (and not only this code) does:
blk_cleanup_queue(lo->lo_queue);
put_disk(lo->lo_disk);
Milan
OOPS:
[ 40.778161] BUG: unable to handle kernel NULL pointer dereference at (null)
[ 40.779104] IP: [<c11bf2e5>] do_raw_spin_trylock+0x5/0x37
[ 40.779843] *pde = 00000000
[ 40.780113] Oops: 0000 [#1] PREEMPT SMP
[ 40.780410] last sysfs file: /sys/devices/virtual/block/loop7/removable
[ 40.780876] Modules linked in: loop(-) usbcore dm_mod
[ 40.781442]
[ 40.781740] Pid: 3781, comm: rmmod Not tainted 2.6.36+ #85 440BX Desktop Reference Platform/VMware Virtual Platform
[ 40.782177] EIP: 0060:[<c11bf2e5>] EFLAGS: 00010082 CPU: 1
[ 40.782437] EIP is at do_raw_spin_trylock+0x5/0x37
[ 40.782667] EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 00000000
[ 40.782906] ESI: 00000010 EDI: cee60800 EBP: cef07ea4 ESP: cef07ea4
[ 40.804954] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 40.805080] Process rmmod (pid: 3781, ti=cef06000 task=cf5fe070 task.ti=cef06000)
[ 40.805254] Stack:
[ 40.805343] cef07ec4 c130ee92 00000000 00000002 00000000 c11acf48 ce1412e0 ced14070
[ 40.805521] <0> cef07ed4 c11acf48 cec08c00 c14a1a50 cef07ee0 c11acfbd ce1f6d40 cef07eec
[ 40.805747] <0> c122d14c cec08c58 cef07f00 c11b5982 cec08c74 c11b5942 ce14fe00 cef07f10
[ 40.807338] Call Trace:
[ 40.807576] [<c130ee92>] ? _raw_spin_lock_irq+0x35/0x5e
[ 40.807681] [<c11acf48>] ? disk_replace_part_tbl+0x27/0x49
[ 40.807771] [<c11acf48>] ? disk_replace_part_tbl+0x27/0x49
[ 40.807858] ...
