The root of problem it use carelessly buffer flushing, then another thread can write to it.<br />
This patch resolve this problem.<br />
-------------------------------------------------------------------------<br />
diff --git a/drivers/char/tty_buffer.c b/drivers/char/tty_buffer.c<br />
index ded3a77..53fdcf2 100644<br />
--- a/drivers/char/tty_buffer.c<br />
+++ b/drivers/char/tty_buffer.c<br />
@@ -114,11 +114,14 @@ static void __tty_buffer_flush(struct tty_struct *tty)<br />
{<br />
struct tty_buffer *thead;<br />
<br />
- while ((thead = tty->buf.head) != NULL) {<br />
- tty->buf.head = thead->next;<br />
- tty_buffer_free(tty, thead);<br />
+ if (tty->buf.head == NULL)<br />
+ return;<br />
+ while ((thead = tty->buf.head->next) != NULL) {<br />
+ tty_buffer_free(tty, tty->buf.head);<br />
+ tty->buf.head = thead;<br />
}<br />
- tty->buf.tail = NULL;<br />
+ WARN_ON(tty->buf.head != tty->buf.tail);<br />
+ tty->buf.head->read = tty->buf.head->commit;<br />
}<br />
<br />
/**
↧
