Re: [PATCH] tty: make sure a BUG is hit if tty_port will be destroyed before tty

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Alexander Holler <holler@ahsoftware.de>
To: Peter Hurley <peter@hurleysoftware.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Jiri Slaby <jslaby@suse.cz>,
	linux-kernel@vger.kernel.org, stable@vger.kernel.org
Subject: Re: [PATCH] tty: make sure a BUG is hit if tty_port will be destroyed before tty
Date: Fri, 17 May 2013 21:22:03 +0200	[thread overview]
Message-ID: <5196835B.4060100@ahsoftware.de> (raw)
In-Reply-To: <5196718D.30904@hurleysoftware.com>

Am 17.05.2013 20:06, schrieb Peter Hurley:
> On 05/17/2013 12:41 PM, Alexander Holler wrote:
>> Am 17.05.2013 17:31, schrieb Greg Kroah-Hartman:
>>> On Fri, May 17, 2013 at 09:12:08AM +0200, Alexander Holler wrote:
>>>> tty depends on tty_port until tty_release() was called. Make sure a BUG
>>>> will be hit, if tty_port will be destroyed before tty.
>>>
>>> So you want to ensure that we crash a machine?  No, please never add
>>
>> Exactly. Let me quote myself:
>>
>>  >> As described before, it ends up with memory corruption because freed
>>  >> memory is used, so if a BUG() happens, it doesn't help much. E.g.
>> with
>>  >> kernel 3.9.2 I never have seen a bug, just a rebooting machine
>>  >> (sometimes minutes after the real bug happened).
>>
>>> BUG() statements to the kernel, unless something _really_ bad is going
>>> to happen if we don't call it.  I never want to stop a machine from
>>> running, do you?
>>
>> Yes. I'm not sure how you define _really_ bad, but a memory corruption
>> with undefined result is exactly how I would define such.
> 
> First, I like the idea of a diagnostic here. But I'm with Greg on
> this; BUG() is overkill. Just because the specific path which you found
> only kills the process doesn't mean that other callers might not
> prompt machine halt.
> 
> The memory corruption happens as a result of the tty_port being freed
> by tty_port_destructor(). So a suitable diagnostic is to detect the
> condition, WARN, and return without actually performing the destroy, yes?
> 
>> And in the case of rfcomm, the box doesn't stop, at least not here.
>> Just the process is killed together with an easy to identfiy oops. And
>> the BUG_ON() prevents that memory will become corrupted and the
>> machine is still usable afterwards. If that isn't a use case for
>> BUG_ON(), I really don't know what else would be a use case for it.

Sorry, I didn't express it such, that this can't be misunderstood.
Without that BUG_ON() in my proposed patch, my boxes always died
afterwards. And that with a lot of different results before. Sometimes
nothing happened and the machine just rebooted, sometimes I've just seen
a warn_slowpath before the machine stopped/rebooted, sometimes I've just
got the BUG I posted in a previous mail, and often I've seen many OOPSes
before the machine rebooted. But in every case, the machine died unexpectly.

The case that the machine didn't die, but just the process, only happens
when my proposed patch is applied, which prevents the memory corruption.

Regards,

Alexander Holler

next prev parent reply	other threads:[~2013-05-17 19:23 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-05-16  6:45 BUG: tty: memory corruption through tty_release/tty_ldisc_release Alexander Holler
2013-05-16 13:15 ` Alexander Holler
2013-05-16 13:47 ` Peter Hurley
2013-05-16 13:59   ` Alexander Holler
2013-05-16 21:53     ` Peter Hurley
2013-05-17  4:43       ` Alexander Holler
2013-05-17  7:12         ` [PATCH] tty: make sure a BUG is hit if tty_port will be destroyed before tty Alexander Holler
2013-05-17 15:31           ` Greg Kroah-Hartman
2013-05-17 16:41             ` Alexander Holler
2013-05-17 18:06               ` Peter Hurley
2013-05-17 19:22                 ` Alexander Holler [this message]
2013-05-17 19:43                   ` Alexander Holler
2013-05-17 22:51                     ` Peter Hurley
2013-05-17 23:41                       ` Alexander Holler
2013-06-25 14:18         ` BUG: tty: memory corruption through tty_release/tty_ldisc_release Dean Jenkins
2013-06-26  7:23           ` Alexander Holler

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5196835B.4060100@ahsoftware.de \
    --to=holler@ahsoftware.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=jslaby@suse.cz \
    --cc=linux-kernel@vger.kernel.org \
    --cc=peter@hurleysoftware.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox