ron@gatech.EDU (Ron Hutchins) (10/17/86)
There have been several reports in our area of system crashes on 4.3bsd which
show a segmentation fault on the console panic message. We have been experiencing
them quite frequently and it appears that running layers on 4.3 exercises the
bug. After looking through the crash dumps it appeared that the stack showed
ptsclose
ttylclose
ttywflush
ttywait
and then off into never never land and various syscalls from the kernel or a
panic from the Xtransflt routine, etc.
As it turns out the ttywait routine calls the tp->t_oproc routine
which for ptys is ptsstart. BUT if the controlling side of the pty closes
first, it zeros the pointer to the routine as a flag that it is closed. Thus
when ttywait calls the function, it jumps through a 0 pointer.
Looking at the 4.2 (BRL fixes) code there is a comment in the
ttywait routine which says "kludge for pty" which does a check for the
pointer being 0 before doing the jump. We added this to the 4.3 code and it
appears to be working so far. The differences are #ifdef'd with GATECH below.
Ron Hutchins
School of Information & Computer Science, Georgia Tech, Atlanta GA 30332
CSNet: ron @ GATech ARPA: ron%GATech.CSNet @ CSNet-Relay.ARPA
uucp: ...!{akgua,allegra,amd,hplabs,ihnp4,seismo,ut-ngp}!gatech!ron
***********************************************************************************
/*
* Copyright (c) 1982, 1986 Regents of the University of California.
* All rights reserved. The Berkeley software License Agreement
* specifies the terms and conditions for redistribution.
*
* @(#)tty.c 7.1 (Berkeley) 6/5/86
*/
*
*
*
*
*
*
*
ttywait(tp)
register struct tty *tp;
{
register int s = spltty();
while ((tp->t_outq.c_cc || tp->t_state&TS_BUSY) &&
#ifdef GATECH
tp->t_state&TS_CARR_ON && tp->t_oproc) { /*KLUDGE for pty from BRL*/
#else
tp->t_state&TS_CARR_ON) {
#endif
(*tp->t_oproc)(tp);
tp->t_state |= TS_ASLEEP;
sleep((caddr_t)&tp->t_outq, TTOPRI);
}
splx(s);
}
*
*
*
*
*
*
*
*
--
Ron Hutchins
School of Information & Computer Science, Georgia Tech, Atlanta GA 30332
CSNet: ron @ GATech ARPA: ron%GATech.CSNet @ CSNet-Relay.ARPA
uucp: ...!{akgua,allegra,amd,hplabs,ihnp4,seismo,ut-ngp}!gatech!ron