Check for in_sender_list() instead of receiver()

[Christian Ehrhardt]

Sender::receiver() might return a stale value as the _receiver field
is not cleared. AFAICS the safe way to check for presence in a
sender list is in_sender_list() and not receiver(). Check both in
asserts and use in_sender_list() in Thread::do_kill.


diff --git a/src/kernel/fiasco/src/kern/ipc_sender.cpp b/src/kernel/fiasco/src/kern/ipc_sender.cpp
index bd4f9f8..3290255 100644
--- a/src/kernel/fiasco/src/kern/ipc_sender.cpp
+++ b/src/kernel/fiasco/src/kern/ipc_sender.cpp
@@ -31,7 +31,7 @@ PUBLIC
 virtual void
 Ipc_sender_base::ipc_receiver_aborted()
 {
-  assert (receiver());
+  assert (receiver() && in_sender_list());
 
   sender_dequeue(receiver()->sender_list());
   receiver()->vcpu_update_state();
diff --git a/src/kernel/fiasco/src/kern/thread-ipc.cpp b/src/kernel/fiasco/src/kern/thread-ipc.cpp
index f8e1995..3288b2a 100644
--- a/src/kernel/fiasco/src/kern/thread-ipc.cpp
+++ b/src/kernel/fiasco/src/kern/thread-ipc.cpp
@@ -111,7 +111,7 @@ PUBLIC
 virtual void
 Thread::ipc_receiver_aborted()
 {
-  assert_kdb (receiver());
+  assert_kdb (receiver() && in_sender_list());
 
   sender_dequeue(receiver()->sender_list());
   receiver()->vcpu_update_state();
diff --git a/src/kernel/fiasco/src/kern/thread.cpp b/src/kernel/fiasco/src/kern/thread.cpp
index 08150e8..27f2206 100644
--- a/src/kernel/fiasco/src/kern/thread.cpp
+++ b/src/kernel/fiasco/src/kern/thread.cpp
@@ -561,7 +561,7 @@ Thread::do_kill()
   }
 
   // if engaged in IPC operation, stop it
-  if (receiver())
+  if (in_sender_list())
     sender_dequeue(receiver()->sender_list());
 
   Context::do_kill();