1 /* 2 * Copyright (c) 1982, 1986, 1989 Regents of the University of California. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms are permitted 6 * provided that the above copyright notice and this paragraph are 7 * duplicated in all such forms and that any documentation, 8 * advertising materials, and other materials related to such 9 * distribution and use acknowledge that the software was developed 10 * by the University of California, Berkeley. The name of the 11 * University may not be used to endorse or promote products derived 12 * from this software without specific prior written permission. 13 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 14 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 15 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. 16 * 17 * @(#)kern_sig.c 7.6 (Berkeley) 05/01/89 18 */ 19 20 #include "param.h" 21 #include "systm.h" 22 #include "dir.h" 23 #include "ucred.h" 24 #include "user.h" 25 #include "vnode.h" 26 #include "proc.h" 27 #include "timeb.h" 28 #include "times.h" 29 #include "buf.h" 30 #include "mount.h" 31 #include "text.h" 32 #include "seg.h" 33 #include "vm.h" 34 #include "acct.h" 35 #include "uio.h" 36 #include "file.h" 37 #include "kernel.h" 38 39 #include "machine/reg.h" 40 #include "machine/pte.h" 41 #include "machine/psl.h" 42 #include "machine/mtpr.h" 43 44 #define cantmask (sigmask(SIGKILL)|sigmask(SIGCONT)|sigmask(SIGSTOP)) 45 #define stopsigmask (sigmask(SIGSTOP)|sigmask(SIGTSTP)| \ 46 sigmask(SIGTTIN)|sigmask(SIGTTOU)) 47 48 /* 49 * Generalized interface signal handler. 50 */ 51 sigvec() 52 { 53 register struct a { 54 int signo; 55 struct sigvec *nsv; 56 struct sigvec *osv; 57 } *uap = (struct a *)u.u_ap; 58 struct sigvec vec; 59 register struct sigvec *sv; 60 register int sig; 61 int bit; 62 63 sig = uap->signo; 64 if (sig <= 0 || sig >= NSIG || sig == SIGKILL || sig == SIGSTOP) { 65 u.u_error = EINVAL; 66 return; 67 } 68 sv = &vec; 69 if (uap->osv) { 70 sv->sv_handler = u.u_signal[sig]; 71 sv->sv_mask = u.u_sigmask[sig]; 72 bit = sigmask(sig); 73 sv->sv_flags = 0; 74 if ((u.u_sigonstack & bit) != 0) 75 sv->sv_flags |= SV_ONSTACK; 76 if ((u.u_sigintr & bit) != 0) 77 sv->sv_flags |= SV_INTERRUPT; 78 u.u_error = 79 copyout((caddr_t)sv, (caddr_t)uap->osv, sizeof (vec)); 80 if (u.u_error) 81 return; 82 } 83 if (uap->nsv) { 84 u.u_error = 85 copyin((caddr_t)uap->nsv, (caddr_t)sv, sizeof (vec)); 86 if (u.u_error) 87 return; 88 if (sig == SIGCONT && sv->sv_handler == SIG_IGN) { 89 u.u_error = EINVAL; 90 return; 91 } 92 setsigvec(sig, sv); 93 } 94 } 95 96 setsigvec(sig, sv) 97 int sig; 98 register struct sigvec *sv; 99 { 100 register struct proc *p; 101 register int bit; 102 103 bit = sigmask(sig); 104 p = u.u_procp; 105 /* 106 * Change setting atomically. 107 */ 108 (void) splhigh(); 109 u.u_signal[sig] = sv->sv_handler; 110 u.u_sigmask[sig] = sv->sv_mask &~ cantmask; 111 if (sv->sv_flags & SV_INTERRUPT) 112 u.u_sigintr |= bit; 113 else 114 u.u_sigintr &= ~bit; 115 if (sv->sv_flags & SV_ONSTACK) 116 u.u_sigonstack |= bit; 117 else 118 u.u_sigonstack &= ~bit; 119 if (sv->sv_handler == SIG_IGN) { 120 p->p_sig &= ~bit; /* never to be seen again */ 121 p->p_sigignore |= bit; 122 p->p_sigcatch &= ~bit; 123 } else { 124 p->p_sigignore &= ~bit; 125 if (sv->sv_handler == SIG_DFL) 126 p->p_sigcatch &= ~bit; 127 else 128 p->p_sigcatch |= bit; 129 } 130 (void) spl0(); 131 } 132 133 sigblock() 134 { 135 struct a { 136 int mask; 137 } *uap = (struct a *)u.u_ap; 138 register struct proc *p = u.u_procp; 139 140 (void) splhigh(); 141 u.u_r.r_val1 = p->p_sigmask; 142 p->p_sigmask |= uap->mask &~ cantmask; 143 (void) spl0(); 144 } 145 146 sigsetmask() 147 { 148 struct a { 149 int mask; 150 } *uap = (struct a *)u.u_ap; 151 register struct proc *p = u.u_procp; 152 153 (void) splhigh(); 154 u.u_r.r_val1 = p->p_sigmask; 155 p->p_sigmask = uap->mask &~ cantmask; 156 (void) spl0(); 157 } 158 159 sigpause() 160 { 161 struct a { 162 int mask; 163 } *uap = (struct a *)u.u_ap; 164 register struct proc *p = u.u_procp; 165 166 /* 167 * When returning from sigpause, we want 168 * the old mask to be restored after the 169 * signal handler has finished. Thus, we 170 * save it here and mark the proc structure 171 * to indicate this (should be in u.). 172 */ 173 u.u_oldmask = p->p_sigmask; 174 p->p_flag |= SOMASK; 175 p->p_sigmask = uap->mask &~ cantmask; 176 for (;;) 177 sleep((caddr_t)&u, PSLEP); 178 /*NOTREACHED*/ 179 } 180 #undef cantmask 181 182 sigstack() 183 { 184 register struct a { 185 struct sigstack *nss; 186 struct sigstack *oss; 187 } *uap = (struct a *)u.u_ap; 188 struct sigstack ss; 189 190 if (uap->oss) { 191 u.u_error = copyout((caddr_t)&u.u_sigstack, (caddr_t)uap->oss, 192 sizeof (struct sigstack)); 193 if (u.u_error) 194 return; 195 } 196 if (uap->nss) { 197 u.u_error = 198 copyin((caddr_t)uap->nss, (caddr_t)&ss, sizeof (ss)); 199 if (u.u_error == 0) 200 u.u_sigstack = ss; 201 } 202 } 203 204 kill() 205 { 206 register struct a { 207 int pid; 208 int signo; 209 } *uap = (struct a *)u.u_ap; 210 register struct proc *p; 211 212 if (uap->signo < 0 || uap->signo > NSIG) { 213 u.u_error = EINVAL; 214 return; 215 } 216 if (uap->pid > 0) { 217 /* kill single process */ 218 p = pfind(uap->pid); 219 if (p == 0) { 220 u.u_error = ESRCH; 221 return; 222 } 223 if (u.u_uid && u.u_uid != p->p_uid) 224 u.u_error = EPERM; 225 else if (uap->signo) 226 psignal(p, uap->signo); 227 return; 228 } 229 switch (uap->pid) { 230 case -1: /* broadcast signal */ 231 u.u_error = killpg1(uap->signo, 0, 1); 232 break; 233 case 0: /* signal own process group */ 234 u.u_error = killpg1(uap->signo, 0, 0); 235 break; 236 default: /* negative explicit process group */ 237 u.u_error = killpg1(uap->signo, -uap->pid, 0); 238 break; 239 } 240 return; 241 } 242 243 killpg() 244 { 245 register struct a { 246 int pgid; 247 int signo; 248 } *uap = (struct a *)u.u_ap; 249 250 if (uap->signo < 0 || uap->signo > NSIG) { 251 u.u_error = EINVAL; 252 return; 253 } 254 u.u_error = killpg1(uap->signo, uap->pgid, 0); 255 } 256 257 /* KILL CODE SHOULDNT KNOW ABOUT PROCESS INTERNALS !?! */ 258 259 killpg1(signo, pgid, all) 260 int signo, pgid, all; 261 { 262 register struct proc *p; 263 struct pgrp *pgrp; 264 int f = 0, error = 0; 265 266 267 if (all) 268 /* 269 * broadcast 270 */ 271 for (p = allproc; p != NULL; p = p->p_nxt) { 272 if (p->p_ppid == 0 || p->p_flag&SSYS || 273 p == u.u_procp || 274 (u.u_uid && u.u_uid != p->p_uid && 275 !(signo == SIGCONT && inferior(p)))) 276 continue; 277 f++; 278 if (signo) 279 psignal(p, signo); 280 } 281 else { 282 if (pgid == 0) 283 /* 284 * zero pgid means send to my process group. 285 */ 286 pgrp = u.u_procp->p_pgrp; 287 else { 288 pgrp = pgfind(pgid); 289 if (pgrp == NULL) 290 return(ESRCH); 291 } 292 if (!(pgrp->pg_jobc) && 293 (signo==SIGTTIN || signo==SIGTTOU || signo==SIGTSTP)) 294 return(EPERM); 295 for (p = pgrp->pg_mem; p != NULL; p = p->p_pgrpnxt) { 296 if (p->p_ppid == 0 || p->p_flag&SSYS) 297 continue; 298 if (u.u_uid && u.u_uid != p->p_uid && 299 !(signo == SIGCONT && inferior(p))) { 300 error = EPERM; 301 continue; 302 } 303 f++; 304 if (signo) 305 psignal(p, signo); 306 } 307 } 308 return (error ? error : (f == 0 ? ESRCH : 0)); 309 } 310 311 /* 312 * Send the specified signal to 313 * all processes with 'pgid' as 314 * process group. 315 */ 316 gsignal(pgid, sig) 317 { 318 register struct pgrp *pgrp; 319 register struct proc *p; 320 321 if (!pgid) 322 return; 323 if ((pgrp = pgfind(pgid)) == NULL) 324 return; 325 pgsignal(pgrp, sig); 326 } 327 328 pgsignal(pgrp, sig) 329 register struct pgrp *pgrp; 330 { 331 register struct proc *p; 332 333 if (!(pgrp->pg_jobc) && 334 (sig==SIGTTIN || sig==SIGTTOU || sig==SIGTSTP)) 335 return; 336 for (p = pgrp->pg_mem; p != NULL; p = p->p_pgrpnxt) 337 psignal(p, sig); 338 } 339 340 /* 341 * Send the specified signal to 342 * the specified process. 343 */ 344 psignal(p, sig) 345 register struct proc *p; 346 register int sig; 347 { 348 register int s; 349 register int (*action)(); 350 int mask; 351 352 if ((unsigned)sig >= NSIG) 353 return; 354 mask = sigmask(sig); 355 356 /* 357 * If proc is traced, always give parent a chance. 358 */ 359 if (p->p_flag & STRC) 360 action = SIG_DFL; 361 else { 362 /* 363 * If the signal is being ignored, 364 * then we forget about it immediately. 365 */ 366 if (p->p_sigignore & mask) 367 return; 368 if (p->p_sigmask & mask) 369 action = SIG_HOLD; 370 else if (p->p_sigcatch & mask) 371 action = SIG_CATCH; 372 else 373 action = SIG_DFL; 374 } 375 if (sig) { 376 switch (sig) { 377 378 case SIGTERM: 379 if ((p->p_flag&STRC) || action != SIG_DFL) 380 break; 381 /* fall into ... */ 382 383 case SIGKILL: 384 if (p->p_nice > NZERO) 385 p->p_nice = NZERO; 386 break; 387 388 case SIGCONT: 389 p->p_sig &= ~stopsigmask; 390 break; 391 392 case SIGTSTP: 393 case SIGTTIN: 394 case SIGTTOU: 395 /*FALLTHROUGH*/ 396 case SIGSTOP: 397 p->p_sig &= ~sigmask(SIGCONT); 398 break; 399 } 400 p->p_sig |= mask; 401 } 402 /* 403 * Defer further processing for signals which are held. 404 */ 405 if (action == SIG_HOLD) 406 return; 407 s = splhigh(); 408 switch (p->p_stat) { 409 410 case SSLEEP: 411 /* 412 * If process is sleeping at negative priority 413 * we can't interrupt the sleep... the signal will 414 * be noticed when the process returns through 415 * trap() or syscall(). 416 */ 417 if (p->p_pri <= PZERO) 418 goto out; 419 /* 420 * Process is sleeping and traced... make it runnable 421 * so it can discover the signal in issig() and stop 422 * for the parent. 423 */ 424 if (p->p_flag&STRC) 425 goto run; 426 switch (sig) { 427 428 case SIGSTOP: 429 case SIGTSTP: 430 case SIGTTIN: 431 case SIGTTOU: 432 /* 433 * These are the signals which by default 434 * stop a process. 435 */ 436 if (action != SIG_DFL) 437 goto run; 438 /* 439 * If a child in vfork(), stopping could 440 * cause deadlock. 441 */ 442 if (p->p_flag&SVFORK) 443 goto out; 444 p->p_sig &= ~mask; 445 p->p_cursig = sig; 446 psignal(p->p_pptr, SIGCHLD); 447 stop(p); 448 goto out; 449 450 case SIGIO: 451 case SIGURG: 452 case SIGCHLD: 453 case SIGWINCH: 454 /* 455 * These signals are special in that they 456 * don't get propogated... if the process 457 * isn't interested, forget it. 458 */ 459 if (action != SIG_DFL) 460 goto run; 461 p->p_sig &= ~mask; /* take it away */ 462 goto out; 463 464 default: 465 /* 466 * All other signals cause the process to run 467 */ 468 goto run; 469 } 470 /*NOTREACHED*/ 471 472 case SSTOP: 473 /* 474 * If traced process is already stopped, 475 * then no further action is necessary. 476 */ 477 if (p->p_flag&STRC) 478 goto out; 479 switch (sig) { 480 481 case SIGKILL: 482 /* 483 * Kill signal always sets processes running. 484 */ 485 goto run; 486 487 case SIGCONT: 488 /* 489 * If the process catches SIGCONT, let it handle 490 * the signal itself. If it isn't waiting on 491 * an event, then it goes back to run state. 492 * Otherwise, process goes back to sleep state. 493 */ 494 if (action != SIG_DFL || p->p_wchan == 0) 495 goto run; 496 p->p_stat = SSLEEP; 497 goto out; 498 499 case SIGSTOP: 500 case SIGTSTP: 501 case SIGTTIN: 502 case SIGTTOU: 503 /* 504 * Already stopped, don't need to stop again. 505 * (If we did the shell could get confused.) 506 */ 507 p->p_sig &= ~mask; /* take it away */ 508 goto out; 509 510 default: 511 /* 512 * If process is sleeping interruptibly, then 513 * unstick it so that when it is continued 514 * it can look at the signal. 515 * But don't setrun the process as its not to 516 * be unstopped by the signal alone. 517 */ 518 if (p->p_wchan && p->p_pri > PZERO) 519 unsleep(p); 520 goto out; 521 } 522 /*NOTREACHED*/ 523 524 default: 525 /* 526 * SRUN, SIDL, SZOMB do nothing with the signal, 527 * other than kicking ourselves if we are running. 528 * It will either never be noticed, or noticed very soon. 529 */ 530 if (p == u.u_procp && !noproc) 531 aston(); 532 goto out; 533 } 534 /*NOTREACHED*/ 535 run: 536 /* 537 * Raise priority to at least PUSER. 538 */ 539 if (p->p_pri > PUSER) 540 p->p_pri = PUSER; 541 setrun(p); 542 out: 543 splx(s); 544 } 545 546 /* 547 * Returns true if the current 548 * process has a signal to process. 549 * The signal to process is put in p_cursig. 550 * This is asked at least once each time a process enters the 551 * system (though this can usually be done without actually 552 * calling issig by checking the pending signal masks.) 553 * A signal does not do anything 554 * directly to a process; it sets 555 * a flag that asks the process to 556 * do something to itself. 557 */ 558 issig() 559 { 560 register struct proc *p; 561 register int sig; 562 int sigbits, mask; 563 564 p = u.u_procp; 565 for (;;) { 566 sigbits = p->p_sig &~ p->p_sigmask; 567 if ((p->p_flag&STRC) == 0) 568 sigbits &= ~p->p_sigignore; 569 if (p->p_flag&SVFORK) 570 sigbits &= ~stopsigmask; 571 if (sigbits == 0) 572 break; 573 sig = ffs((long)sigbits); 574 mask = sigmask(sig); 575 p->p_sig &= ~mask; /* take the signal! */ 576 p->p_cursig = sig; 577 if (p->p_flag&STRC && (p->p_flag&SVFORK) == 0) { 578 /* 579 * If traced, always stop, and stay 580 * stopped until released by the parent. 581 */ 582 psignal(p->p_pptr, SIGCHLD); 583 do { 584 stop(p); 585 swtch(); 586 } while (!procxmt() && p->p_flag&STRC); 587 588 /* 589 * If the traced bit got turned off, 590 * then put the signal taken above back into p_sig 591 * and go back up to the top to rescan signals. 592 * This ensures that p_sig* and u_signal are consistent. 593 */ 594 if ((p->p_flag&STRC) == 0) { 595 p->p_sig |= mask; 596 continue; 597 } 598 599 /* 600 * If parent wants us to take the signal, 601 * then it will leave it in p->p_cursig; 602 * otherwise we just look for signals again. 603 */ 604 sig = p->p_cursig; 605 if (sig == 0) 606 continue; 607 608 /* 609 * If signal is being masked put it back 610 * into p_sig and look for other signals. 611 */ 612 mask = sigmask(sig); 613 if (p->p_sigmask & mask) { 614 p->p_sig |= mask; 615 continue; 616 } 617 } 618 switch ((int)u.u_signal[sig]) { 619 620 case SIG_DFL: 621 /* 622 * Don't take default actions on system processes. 623 */ 624 if (p->p_ppid == 0) 625 break; 626 switch (sig) { 627 628 case SIGTSTP: 629 case SIGTTIN: 630 case SIGTTOU: 631 case SIGSTOP: 632 if (p->p_flag&STRC) 633 continue; 634 psignal(p->p_pptr, SIGCHLD); 635 stop(p); 636 swtch(); 637 continue; 638 639 case SIGCONT: 640 case SIGCHLD: 641 case SIGURG: 642 case SIGIO: 643 case SIGWINCH: 644 /* 645 * These signals are normally not 646 * sent if the action is the default. 647 */ 648 continue; /* == ignore */ 649 650 default: 651 goto send; 652 } 653 /*NOTREACHED*/ 654 655 case SIG_HOLD: 656 case SIG_IGN: 657 /* 658 * Masking above should prevent us 659 * ever trying to take action on a held 660 * or ignored signal, unless process is traced. 661 */ 662 if ((p->p_flag&STRC) == 0) 663 printf("issig\n"); 664 continue; 665 666 default: 667 /* 668 * This signal has an action, let 669 * psig process it. 670 */ 671 goto send; 672 } 673 /*NOTREACHED*/ 674 } 675 /* 676 * Didn't find a signal to send. 677 */ 678 p->p_cursig = 0; 679 return (0); 680 681 send: 682 /* 683 * Let psig process the signal. 684 */ 685 return (sig); 686 } 687 688 /* 689 * Put the argument process into the stopped 690 * state and notify the parent via wakeup. 691 * Signals are handled elsewhere. 692 */ 693 stop(p) 694 register struct proc *p; 695 { 696 697 p->p_stat = SSTOP; 698 p->p_flag &= ~SWTED; 699 wakeup((caddr_t)p->p_pptr); 700 } 701 702 /* 703 * Perform the action specified by 704 * the current signal. 705 * The usual sequence is: 706 * if (issig()) 707 * psig(); 708 * The signal bit has already been cleared by issig, 709 * and the current signal number stored in p->p_cursig. 710 */ 711 psig() 712 { 713 register struct proc *p = u.u_procp; 714 register int sig = p->p_cursig; 715 int mask = sigmask(sig), returnmask; 716 register int (*action)(); 717 718 if (sig == 0) 719 panic("psig"); 720 action = u.u_signal[sig]; 721 if (action != SIG_DFL) { 722 if (action == SIG_IGN || (p->p_sigmask & mask)) 723 panic("psig action"); 724 u.u_error = 0; 725 /* 726 * Set the new mask value and also defer further 727 * occurences of this signal (unless we're simulating 728 * the old signal facilities). 729 * 730 * Special case: user has done a sigpause. Here the 731 * current mask is not of interest, but rather the 732 * mask from before the sigpause is what we want restored 733 * after the signal processing is completed. 734 */ 735 (void) splhigh(); 736 if (p->p_flag & SOUSIG) { 737 if (sig != SIGILL && sig != SIGTRAP) { 738 u.u_signal[sig] = SIG_DFL; 739 p->p_sigcatch &= ~mask; 740 } 741 mask = 0; 742 } 743 if (p->p_flag & SOMASK) { 744 returnmask = u.u_oldmask; 745 p->p_flag &= ~SOMASK; 746 } else 747 returnmask = p->p_sigmask; 748 p->p_sigmask |= u.u_sigmask[sig] | mask; 749 (void) spl0(); 750 u.u_ru.ru_nsignals++; 751 sendsig(action, sig, returnmask); 752 p->p_cursig = 0; 753 return; 754 } 755 u.u_acflag |= AXSIG; 756 switch (sig) { 757 758 case SIGILL: 759 case SIGIOT: 760 case SIGBUS: 761 case SIGQUIT: 762 case SIGTRAP: 763 case SIGEMT: 764 case SIGFPE: 765 case SIGSEGV: 766 case SIGSYS: 767 u.u_arg[0] = sig; 768 if (core() == 0) 769 sig += 0200; 770 } 771 exit(sig); 772 } 773 774 /* 775 * Create a core image on the file "core" 776 * If you are looking for protection glitches, 777 * there are probably a wealth of them here 778 * when this occurs to a suid command. 779 * 780 * It writes UPAGES block of the 781 * user.h area followed by the entire 782 * data+stack segments. 783 */ 784 core() 785 { 786 register struct vnode *vp, *dvp; 787 register struct nameidata *ndp = &u.u_nd; 788 struct vattr vattr; 789 int error; 790 791 if (u.u_uid != u.u_ruid || u.u_gid != u.u_rgid) 792 return (EFAULT); 793 if (ctob(UPAGES + u.u_dsize + u.u_ssize) >= 794 u.u_rlimit[RLIMIT_CORE].rlim_cur) 795 return (EFAULT); 796 if (u.u_procp->p_textp) { 797 vop_lock(u.u_procp->p_textp->x_vptr); 798 error = vn_access(u.u_procp->p_textp->x_vptr, VREAD, u.u_cred); 799 vop_unlock(u.u_procp->p_textp->x_vptr); 800 if (error) 801 return (EFAULT); 802 } 803 ndp->ni_segflg = UIO_SYSSPACE; 804 ndp->ni_dirp = "core"; 805 if (error = vn_open(ndp, FCREAT|FWRITE, 0644)) 806 return (error); 807 vp = ndp->ni_vp; 808 if (vp->v_type != VREG || 809 vop_getattr(vp, &vattr, u.u_cred) || 810 vattr.va_nlink != 1) { 811 error = EFAULT; 812 goto out; 813 } 814 #ifdef MMAP 815 { register int fd; 816 /* unmasp funky devices in the user's address space */ 817 for (fd = 0; fd < u.u_lastfile; fd++) 818 if (u.u_ofile[fd] && (u.u_pofile[fd] & UF_MAPPED)) 819 munmapfd(fd); 820 } 821 #endif 822 vattr_null(&vattr); 823 vattr.va_size = 0; 824 vop_setattr(vp, &vattr, u.u_cred); 825 u.u_acflag |= ACORE; 826 error = vn_rdwr(UIO_WRITE, vp, (caddr_t)&u, ctob(UPAGES), (off_t)0, 827 UIO_SYSSPACE, IO_UNIT, (int *)0); 828 if (error == 0) 829 error = vn_rdwr(UIO_WRITE, vp, 830 (caddr_t)ctob(dptov(u.u_procp, 0)), 831 (int)ctob(u.u_dsize), (off_t)ctob(UPAGES), 832 UIO_USERSPACE, IO_UNIT, (int *)0); 833 if (error == 0) 834 error = vn_rdwr(UIO_WRITE, vp, 835 (caddr_t)ctob(sptov(u.u_procp, u.u_ssize - 1)), 836 (int)ctob(u.u_ssize), 837 (off_t)ctob(UPAGES) + ctob(u.u_dsize), 838 UIO_USERSPACE, IO_UNIT, (int *)0); 839 out: 840 if (vp) 841 vrele(vp); 842 return (error); 843 } 844