On Sun, Sep 30, 2018 at 09:04:11AM +1000, NeilBrown wrote: > Hi Al, > I don't think wake_up_all() does remove anything from the queue. > It simply wakes up the various processes that are waiting. > They remain on the queue until they call remove_wait_queue(), which > could be delayed arbitrarily. > If it was delayed until after the module was unloaded and > "md_event_waiters" no longer existed, the unlink attempt would cause an > invalid memory access. > > I think your approach for simplify the code would only work if > md_event_waiters could be moved out of the module, or if some global > wait_queue could be used instead. > Maybe we could use bit_waitqueue(NULL,0) (rather an ugly hack). > Maybe we could export a general-purpose waitqueue for modules to use. > Maybe procfs could export something?? > > I agree that we can remove md_unloading, by moving remove_proc_entry() > before the wakeup. I'm not yet convinced that we can remove the wakeup > loop. > > Or am I missing something else here? You are not, unfortunately; I plead a bad braino. remove_wait_queue() will, indeed, happen only when we get around to poll_freewait(). Bugger... That's a problem, and I'm not at all sure that it's only md that needs to be concerned with it. And it's not just procfs either - debugfs users have exact same problem if they have ->poll() in their file_operations...
