On Wed, Apr 15, 2009 at 06:23:29AM -0700, Eric W. Biederman wrote: > > There is a GIGANTIC reason to have the wait queue on tfile. > > If you open a file, and do ip link del tapN you can still > be blocked waiting in poll. > > The problem is specifically free_poll_entry, where we call > remove_wait_queue and fput without calling any file methods. > So all of this happens without struct tun_file's count being > elevated. Which means tun_net_uninit can detach before we get > off of the stupid poll wait queue. What about taking a netdev refcount before calling poll_wait? Thanks, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/virtualization
