>Number:         37004
>Category:       kern
>Synopsis:       SIGINFO while process is dying results in panic
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Sep 19 04:15:00 +0000 2007
>Originator:     Aaron J. Grier
>Release:        NetBSD 4.0_RC1
>Organization:
Frye Electronics, Tigard, OR
>Environment:

Architecture: i386
Machine: i386
>Description:

>How-To-Repeat:
run (threaded?  forked?)  program via gdb.  control-C program.  program
gets SIGQUIT and dies.  while program is busy dying, control-T program.
kernel attempts to pass SIGINFO to program, and panics since it is in
SDYING state.

I have no way to get a coredump on this machine due to no swap space,
but I'm fairly certain I could replicate it elsewhere if necessary.

here's the backtrace: 

panic
kpsignal2
kpgsignal
pgsignal
ttyinput_wlock
ttyinput
ptcwrite
spec_write
VOP_WRITE
vn_write
dofilewrite
sys_write
syscall_plain
--- syscall (number 4) ---

current will also panic given the same sequence of events.

>Fix:
add case for switch (p->p_stat) in kern/kern_sig.c to handle dying
states without panicing, like SIDL, perhaps?

(alternately, change status values to enums so the compiler can warn you
if you're missing a case.)