AFAICS ksiginfo_put() assumes the queue pointers are placed
first in the ksiginfo structure, which is not true since
introduction of ksi_flags. So the code trashes queue pointers
if it ever replaces a entry.

I propose following fix:

Index: kern_sig.c
===================================================================
RCS file: /cvsroot/src/sys/kern/kern_sig.c,v
retrieving revision 1.171
diff -u -p -r1.171 kern_sig.c
--- kern_sig.c	25 Oct 2003 16:50:37 -0000	1.171
+++ kern_sig.c	30 Oct 2003 12:14:06 -0000
@@ -154,10 +154,8 @@ ksiginfo_put(struct proc *p, const ksigi
 	{
 		CIRCLEQ_FOREACH(kp, &p->p_sigctx.ps_siginfo, ksi_list) {
 			if (kp->ksi_signo == ksi->ksi_signo) {
-				CIRCLEQ_ENTRY(ksiginfo) sv;
-				(void)memcpy(&sv, &kp->ksi_list, sizeof(sv));
-				*kp = *ksi;
-				(void)memcpy(&kp->ksi_list, &sv, sizeof(sv));
+				kp->ksi_info = ksi->ksi_info;
+				kp->ksi_flags = ksi->ksi_flags;
 				goto out;
 			}
 		}

Is this right?

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>            http://www.NetBSD.cz/
-=- We should be mindful of the potential goal, but as the tantric    -=-
-=- Buddhist masters say, ``You may notice during meditation that you -=-
-=- sometimes levitate or glow.   Do not let this distract you.''     -=-