From nobody  Tue Sep  8 05:11:16 1998
Received: (from nobody@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id FAA18040;
          Tue, 8 Sep 1998 05:11:16 -0700 (PDT)
          (envelope-from nobody)
Message-Id: <199809081211.FAA18040@hub.freebsd.org>
Date: Tue, 8 Sep 1998 05:11:16 -0700 (PDT)
From: info@highwind.com
To: freebsd-gnats-submit@freebsd.org
Subject: libc_r calls free() while in a signal handler
X-Send-Pr-Version: www-1.0

>Number:         7863
>Category:       bin
>Synopsis:       libc_r calls free() while in a signal handler
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Sep  8 05:20:01 PDT 1998
>Closed-Date:    Thu Dec 10 14:16:36 PST 1998
>Last-Modified:  Thu Dec 10 14:18:40 PST 1998
>Originator:     Robert M. Fleischman
>Release:        3.0 Current
>Organization:
HighWind Software, Inc.
>Environment:
FreeBSD zonda.highwind.com 3.0-19980831-SNAP FreeBSD 3.0-19980831-SNAP #0: Mon Aug 31 14:03:19 GMT 1998     root@make.ican.net:/usr/src/sys/compile/GENERIC  i386

>Description:
libc_r calls free() while in a signal handler. This is very *BAD*.
malloc()/free() should NOT be called from within a signal handler.

Code path is as follows:
	SIGVTALRM goes off and is caught by _thread_sig_handler()
	_thread_sig_handler() calls _thread_kern_sched()
	_thread_kern_sched() calls free()
>How-To-Repeat:
This is a timing issue. However, given the code path I outlined earlier,
the sequence is quite possible.
>Fix:

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: steve 
State-Changed-When: Thu Dec 10 14:16:36 PST 1998 
State-Changed-Why:  
John B. has committed a bunch of changes that seem to have corrected 
this problem.  Please give them a try and let us know if you are still 
seeing this problem.  Thanks. 
>Unformatted:
