Excerpts from netbsd: 9-Jul-97 Re: if_delete * if_alloc Bill
Studenmund@loki.sta (1943*)

> If a userland program is trying to detach a driver, can't we just
> sleep until it's done?

It's certainly possible, but hard if we allow LKMs consisting
of several loosely coupled, but somehow depending "subfunctions".
(eg, driver + cdevsw). In my experience, it's hard to catch cases
where such LKM's are partially detached. Basically everything
which could be in a LKM would need a dependency counter, and
perhaps a state variable which can express the "unloading" state
and which has potentially to be checked on every access.
I found that the only reasonably save way to unload such a LKM
is to
-splhigh()
-ask all parts if they can be unloaded
-if a part is busy, error out
-unload everything
-splx()

It needs a really clever idea here...

[my somehow confusing example for LKM deadlocks]

> I don't understand the above idea. Why do we unload on an open()?

I meant that somebody can try to unload while a user process
is using the device. Ie, the user process called open() before
and is sleeping for whatever reason.
The problem could be avoided with a refcount in the cdevsw[]
entry. But generalizing, _everything_ would need a refcount.
This would mean a serious bloat.

As a general thought: softc's are allocated in a higher autoconf
level, so they should be freed there. Symmetry is a good think.

best regards
Matthias