Module Name: src
Committed By: kamil
Date: Thu Jun 13 00:07:19 UTC 2019
Modified Files:
src/sys/kern: kern_sig.c
Log Message:
Correct inversed condition for dying process in sigswitch()
If a process is exiting and it was not asked to relock proc_lock, do not
free the mutex as it causes panic. This bug is a timing bug as the faulty
condition is not deterministic and fires only somtimes, but is quickly
triggerable when executed in an infinite loop.
Detected and reported with LLDB test-suite by <mgorny>
To generate a diff of this commit:
cvs rdiff -u -r1.359 -r1.360 src/sys/kern/kern_sig.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_sig.c
diff -u src/sys/kern/kern_sig.c:1.359 src/sys/kern/kern_sig.c:1.360
--- src/sys/kern/kern_sig.c:1.359 Tue Jun 4 11:54:03 2019
+++ src/sys/kern/kern_sig.c Thu Jun 13 00:07:19 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_sig.c,v 1.359 2019/06/04 11:54:03 kamil Exp $ */
+/* $NetBSD: kern_sig.c,v 1.360 2019/06/13 00:07:19 kamil Exp $ */
/*-
* Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.359 2019/06/04 11:54:03 kamil Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_sig.c,v 1.360 2019/06/13 00:07:19 kamil Exp $");
#include "opt_ptrace.h"
#include "opt_dtrace.h"
@@ -1654,7 +1654,7 @@ sigswitch(int ppmask, int signo, bool re
*/
if (__predict_false(ISSET(p->p_sflag, PS_WEXIT))) {
mutex_exit(p->p_lock);
- if (relock) {
+ if (!relock) {
mutex_exit(proc_lock);
}
lwp_exit(l);
