Re: 3.8-rc regression with pps-ldisc due to 70ece7a731
From: Peter Hurley
Date: Wed Feb 06 2013 - 10:53:55 EST
Hi George,
On Sun, 2013-02-03 at 20:03 -0500, George Spelvin wrote:
> "TTY: n_tty, add ldisc data to n_tty"
>
> The PPS line discipline has incestuous relations with the n_tty line
> discipline, using some hooks to call internal routines.
>
> However, I started noticing violent kernel explosions when testing 3.8-rc,
> and after a bit of digging, I think it's due to the fact that the PPS code
> assumes that the ->ldisc pointer is available to hold a pointer to a "pps"
> structure, but this commit started using it in the core n_tty discipline.
>
> If you look at pps_tty_open in drivers/pps/clients/pps-ldisc.c, you can
> see it does:
>
> pps = pps_register_source(&info, PPS_CAPTUREBOTH | \
> PPS_OFFSETASSERT | PPS_OFFSETCLEAR);
> if (pps == NULL) {
> pr_err("cannot register PPS source \"%s\"\n", info.path);
> return -ENOMEM;
> }
> tty->disc_data = pps;
>
> /* Should open N_TTY ldisc too */
> ret = alias_n_tty_open(tty);
>
> Where "alias_n_tty_open" is filled in by n_tty_inherit_ops() to be
> n_tty_open(). However, in this commit, n_tty_open() now allocates
> its own structure and overwrites the disc_data pointer, leading to an
> earth-shattering kaboom as NULL pointers are dereferenced in interrupt
> handlers.
Yuck. Little wonder it broke.
> My first thought is to reserve a pointer in n_tty_data for the
> pps structure and update the pps code to chase pointers one more
> level. But I wanted to solicit opinions.
Tight coupling is what caused this to break in the first place -- I
don't think tighter coupling is the right answer.
Alternate coming...
Regards,
Peter Hurley
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/