Re: tty crash in tty_ldisc_receive_buf()

From: Benjamin Herrenschmidt
Date: Thu Apr 06 2017 - 03:17:11 EST

Next message: Andrzej Hajda: "Re: [PATCH v3 3/9] drm: bridge: analogix: Destroy connector when unbinding"
Previous message: Maxime Ripard: "Re: [PATCH 2/2] arm64: allwinner: a64: add pmu0 regs for USB PHY"
In reply to: Michael Neuling: "tty crash in tty_ldisc_receive_buf()"
Next in thread: Rob Herring: "Re: tty crash in tty_ldisc_receive_buf()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2017-04-06 at 17:04 +1000, Michael Neuling wrote:
> We see this usually on boot but can also see it if we kill a getty attached to
> tty (which is then respawned by systemd).Â It seems like we are flushing data to
> a tty at the same time as it's being torn down and restarted.
>
> I did try the below patch which avoids the crash but locks up one of the CPUs. I
> guess the data never gets flushed if we say nothing is processed.
>
> This is on powerpc but has also been reported by parisc.
>
> I'm not at all familiar with the tty layer and looking at the locks, mutexes,
> semaphores and reference counting in there scares the hell out of me.Â
>
> If anyone has an idea, I'm happy to try a patch.

Note that we noticed one path that called reinit without the ldisc lock
held for writing, we added that, but it didn't fix the problem.

Cheers,
Ben.

Next message: Andrzej Hajda: "Re: [PATCH v3 3/9] drm: bridge: analogix: Destroy connector when unbinding"
Previous message: Maxime Ripard: "Re: [PATCH 2/2] arm64: allwinner: a64: add pmu0 regs for USB PHY"
In reply to: Michael Neuling: "tty crash in tty_ldisc_receive_buf()"
Next in thread: Rob Herring: "Re: tty crash in tty_ldisc_receive_buf()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]