Re: kern/40717

[Onno van der Linden <o.vd.linden%quicknet.nl@localhost>]

The following reply was made to PR kern/40717; it has been noted by GNATS.

From: Onno van der Linden <o.vd.linden%quicknet.nl@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: kern/40717
Date: Wed, 4 Nov 2009 20:42:17 +0100

 > diff -u -p -r1.218 kern_exit.c
 > --- kern_exit.c      22 Jan 2009 14:38:35 -0000      1.218
 > +++ kern_exit.c      22 Feb 2009 21:38:42 -0000
 > @@ -688,9 +688,10 @@ do_sys_wait(struct lwp *l, int *pid, int
 >      if (child->p_stat == SZOMB) {
 >              /* proc_free() will release the proc_lock. */
 >              *was_zombie = 1;
 > -            if (options & WNOWAIT)
 > +            if (options & WNOWAIT) {
 >                      mutex_exit(proc_lock);
 > -            else {
 > +                    memset(ru, 0, sizeof(*ru));
 > +            } else {
 >                      proc_free(child, ru);
 >              }
 >      } else {
 > @@ -698,6 +699,7 @@ do_sys_wait(struct lwp *l, int *pid, int
 >              *was_zombie = 0;
 >              mutex_exit(proc_lock);
 >              *status = W_STOPCODE(*status);
 > +            memset(ru, 0, sizeof(*ru));
 >      }
 
 The "unprotected" memsets won't like a null pointer being
 passed to them, the call to do_sys_wait in sys___wait450 says:
 
 error = do_sys_wait(l, &pid, &status, SCARG(uap, options),
            SCARG(uap, rusage) != NULL ? &ru : NULL, &was_zombie)
 
 which means ru can be null.
 
 With ^Z as my susp character I tried at the shell prompt:
 cat
 ^Z
 
 and poof .....
 
 if (ru)
 in front of those memsets will fix that.
 
 And what's up with that was_zombie variable in sys___wait450 ?
 It gets set in do_sys_wait but is never referenced again.
 
 Onno