Attention 7.x and 8.x ptmx/pts users (read if you set kern.pts.enable=1)

Ed Schouten ed at
Tue Dec 4 03:47:25 PST 2007

* Robert Watson <rwatson at> wrote:
> Yes.  There's also another known issue, likely not corrected by this patch, 
> in which closing the pty before the pts fails to properly wake up processes 
> hung off the pts and inform them of its impending doom, resulting in the 
> pty/pts pair never being garbage-collected.  I've not tracked this down 
> yet, but you can reproduce it by running screen(1) and then "killing" a 
> screen.  screen(1) closes the pty and relies on the pty/pts mechanism to do 
> the rest, which doesn't.

Indeed. I also noticed this bug. Simply killing sshd also reproduces
this. The leak is caused by the obvious if-statement inside
pty_maybecleanup(). This is because SESSRELE() is called after sshd
closes the pty, if I can remember correctly.

This also causes the dreaded `jail leak', because device nodes still
exist that have been created with make_dev_cred(), so the ucred is
still referenced.

I guess the problem is that we can only call pty_maybecleanup() when
ptsclose() is called and not when the real use-count of the tty has
reached zero.

 Ed Schouten <ed at>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the freebsd-stable mailing list