thomson (12/20/82)
Running 4.1bsd's pty.c (4.7 81/03/11) we have had panics from system calls in kernel mode. They occur when the controlling device is closed while a write is in progress on the slave. The problem is that the close can occur while the slave is blocked waiting for the outq to drain; ptcclose() flushes the queues and sets tp->t_oproc to 0 to mark the device closed. The slave then wakes and tries to use the now corrupt tp->t_oproc, thereby entering the user program in kernel mode. We 'fixed' this by de-conceiving ptys, since they weren't in use. However, I hear that 4.1a does use them and may not have fixed this bug; my humble suggestion is: 1) don't clear tp->t_oproc ever 2) change instances of if(tp->t_oproc) to if(tp->t_state&CARR_ON) 3) make ptsstart(tp) do if((tp->t_state&CARR_ON) == 0) flushtty(tp, FWRITE); to throw away remnants of the last slave write() call. Brian Thomson CSRG University of Toronto utcsrgv!thomson