@@ -63,22 +63,24 @@ static void onas_fan_exit(int sig)

 {

 	logg("*ClamFanotif: onas_fan_exit(), signal %d\n", sig);

-        if(onas_fan_fd) {

-    close(onas_fan_fd);

-        }

-        onas_fan_fd = 0;

-

-    if (ddd_pid > 0) {

-        pthread_kill(ddd_pid, SIGUSR1);

-        pthread_join(ddd_pid, NULL);

-    }

-        ddd_pid = 0;

-

-        if (scque_pid > 0) {

-		pthread_kill(scque_pid, SIGUSR2);

+	if(onas_fan_fd) {

+		close(onas_fan_fd);

+	}

+	onas_fan_fd = 0;

+

+	logg("*ClamFanotif: attempting to stop event consumer thread ...\n");

+	if (scque_pid > 0) {

+		pthread_cancel(scque_pid);

 		pthread_join(scque_pid, NULL);

-    }

-        scque_pid = 0;

+	}

+	scque_pid = 0;

+

+	logg("*ClamFanotif: attempting to stop ddd thread ... \n");

+	if (ddd_pid > 0) {

+		pthread_cancel(ddd_pid);

+		pthread_join(ddd_pid, NULL);

+	}

+	ddd_pid = 0;

 	logg("ClamFanotif: stopped\n");

 	pthread_exit(NULL);

@@ -168,7 +170,7 @@ cl_error_t onas_setup_fanotif(struct onas_context **ctx) {

 int onas_fan_eloop(struct onas_context **ctx) {

 	int ret = 0;

-        int err_cnt = 0;

+	int err_cnt = 0;

 	sigset_t sigset;

 	struct sigaction act;

 	short int scan;

@@ -184,12 +186,14 @@ int onas_fan_eloop(struct onas_context **ctx) {

 	/* ignore all signals except SIGUSR1 */

 	sigfillset(&sigset);

 	sigdelset(&sigset, SIGUSR1);

+	sigdelset(&sigset, SIGUSR2);

 	/* The behavior of a process is undefined after it ignores a

 	 * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */

 	sigdelset(&sigset, SIGFPE);

 	sigdelset(&sigset, SIGILL);

 	sigdelset(&sigset, SIGSEGV);

 	sigdelset(&sigset, SIGINT);

+	sigdelset(&sigset, SIGTERM);

 #ifdef SIGBUS

 	sigdelset(&sigset, SIGBUS);

 #endif

@@ -197,28 +201,31 @@ int onas_fan_eloop(struct onas_context **ctx) {

 	memset(&act, 0, sizeof(struct sigaction));

 	act.sa_handler = onas_fan_exit;

 	sigfillset(&(act.sa_mask));

-	sigaction(SIGUSR1, &act, NULL);

+	sigaction(SIGUSR2, &act, NULL);

+	sigaction(SIGTERM, &act, NULL);

 	sigaction(SIGSEGV, &act, NULL);

 	sigaction(SIGINT, &act, NULL);

-    FD_ZERO(&rfds);

+	FD_ZERO(&rfds);

 	FD_SET((*ctx)->fan_fd, &rfds);

-    do {

+

+        logg("*ClamFanotif: starting fanotify event loop with process id (%d) ... \n", getpid());

+	do {

 		ret = select((*ctx)->fan_fd + 1, &rfds, NULL, NULL, NULL);

 	} while((ret == -1 && errno == EINTR));

-    time_t start = time(NULL) - 30;

+	time_t start = time(NULL) - 30;

 	while(((bread = read((*ctx)->fan_fd, buf, sizeof(buf))) > 0) || (errno == EOVERFLOW || errno == EMFILE || errno == EACCES)) {

 		switch(errno) {

 			case EOVERFLOW:

-            if (time(NULL) - start >= 30) {

+				if (time(NULL) - start >= 30) {

 					logg("*ClamFanotif: internal error (failed to read data) ... %s\n", strerror(errno));

 					logg("*ClamFanotif: file too large for fanotify ... recovering and continuing scans...\n");

-                start = time(NULL);

-            }

+					start = time(NULL);

+				}

-            errno = 0;

-            continue;

+				errno = 0;

+				continue;

 			case EACCES:

 				logg("*ClamFanotif: internal error (failed to read data) ... %s\n", strerror(errno));

 				logg("*ClamFanotif: check your SELinux audit logs and consider adding an exception \

@@ -228,113 +235,113 @@ int onas_fan_eloop(struct onas_context **ctx) {

 				continue;

 			case EMFILE:

 				logg("*ClamFanotif: internal error (failed to read data) ... %s\n", strerror(errno));

-                                logg("*ClamFanotif: waiting for consumer thread to catch up then retrying ...\n");

-                                sleep(3);

+				logg("*ClamFanotif: waiting for consumer thread to catch up then retrying ...\n");

+				sleep(3);

 				errno = 0;

-                                continue;

+				continue;

 			default:

-			break;

-                }

-

-        fmd = (struct fanotify_event_metadata *)buf;

-        while (FAN_EVENT_OK(fmd, bread)) {

-            scan = 1;

-            if (fmd->fd >= 0) {

-                sprintf(fname, "/proc/self/fd/%d", fmd->fd);

-                                errno = 0;

-                len = readlink(fname, fname, sizeof(fname) - 1);

-                if (len == -1) {

-                    close(fmd->fd);

+				break;

+		}

+

+		fmd = (struct fanotify_event_metadata *)buf;

+		while (FAN_EVENT_OK(fmd, bread)) {

+			scan = 1;

+			if (fmd->fd >= 0) {

+				sprintf(fname, "/proc/self/fd/%d", fmd->fd);

+				errno = 0;

+				len = readlink(fname, fname, sizeof(fname) - 1);

+				if (len == -1) {

+					close(fmd->fd);

 					logg("!ClamFanotif: internal error (readlink() failed), %d, %s\n", fmd->fd, strerror(errno));

-                                        if (errno == EBADF) {

-                                            logg("ClamWorker: fd already closed ... recovering ...\n");

-                                            continue;

-                                        } else {

-					return 2;

-                }

+					if (errno == EBADF) {

+						logg("ClamWorker: fd already closed ... recovering ...\n");

+						continue;

+					} else {

+						return 2;

+					}

 				}

 				fname[len] = '\0';

 				if((check = onas_fan_checkowner(fmd->pid, (*ctx)->clamdopts))) {

-                    scan = 0;

-                    if (check != CHK_SELF) {

-							logg("*ClamFanotif: %s skipped (excluded UID)\n", fname);

-                }

-            }

+					scan = 0;

+					if (check != CHK_SELF) {

+						logg("*ClamFanotif: %s skipped (excluded UID)\n", fname);

+					}

+				}

-                                if (scan) {

+				if (scan) {

 					struct onas_scan_event *event_data;

 					event_data = cli_calloc(1, sizeof(struct onas_scan_event));

-                                        if (NULL == event_data) {

-					    logg("!ClamFanotif: could not allocate memory for event data struct\n");

-                                            return 2;

-                                        }

+					if (NULL == event_data) {

+						logg("!ClamFanotif: could not allocate memory for event data struct\n");

+						return 2;

+					}

-                                        /* general mapping */

-                                        onas_map_context_info_to_event_data(*ctx, &event_data);

+					/* general mapping */

+					onas_map_context_info_to_event_data(*ctx, &event_data);

 					scan ? event_data->bool_opts |= ONAS_SCTH_B_SCAN : scan;

-                                        /* fanotify specific stuffs */

+					/* fanotify specific stuffs */

 					event_data->bool_opts |= ONAS_SCTH_B_FANOTIFY;

-                                        event_data->fmd = cli_malloc(sizeof(struct fanotify_event_metadata));

-                                        if (NULL == event_data->fmd) {

-					    logg("!ClamFanotif: could not allocate memory for event data struct fmd\n");

-                                            return 2;

-                                        }

+					event_data->fmd = cli_malloc(sizeof(struct fanotify_event_metadata));

+					if (NULL == event_data->fmd) {

+						logg("!ClamFanotif: could not allocate memory for event data struct fmd\n");

+						return 2;

+					}

 					memcpy(event_data->fmd, fmd, sizeof(struct fanotify_event_metadata));

-                                        event_data->pathname = cli_strdup(fname);

+					event_data->pathname = cli_strdup(fname);

 					logg("*ClamFanotif: attempting to feed consumer queue\n");

 					/* feed consumer queue */

 					if (CL_SUCCESS != onas_queue_event(event_data)) {

-                close(fmd->fd);

+						close(fmd->fd);

 						logg("!ClamFanotif: error occurred while feeding consumer queue ... \n");

-                                                if ((*ctx)->retry_on_error) {

-                                                    err_cnt++;

-                                                    if (err_cnt < (*ctx)->retry_attempts) {

-                                                        logg("ClamFanotif: ... recovering ...\n");

-                                                        continue;

-                                                    }

-                                                }

+						if ((*ctx)->retry_on_error) {

+							err_cnt++;

+							if (err_cnt < (*ctx)->retry_attempts) {

+								logg("ClamFanotif: ... recovering ...\n");

+								continue;

+							}

+						}

 						return 2;

 					}

-                                } else {

-                                    if (fmd->mask & FAN_ALL_PERM_EVENTS) {

-                                        struct fanotify_response res;

+				} else {

+					if (fmd->mask & FAN_ALL_PERM_EVENTS) {

+						struct fanotify_response res;

-                                        res.fd = fmd->fd;

-                                        res.response = FAN_ALLOW;

+						res.fd = fmd->fd;

+						res.response = FAN_ALLOW;

-                                        if (-1 == write((*ctx)->fan_fd, &res, sizeof(res))) {

-						logg("!ClamFanotif: error occurred while excluding event\n");

-                                                return 2;

-                                        }

+						if (-1 == write((*ctx)->fan_fd, &res, sizeof(res))) {

+							logg("!ClamFanotif: error occurred while excluding event\n");

+							return 2;

+						}

 					}

-                                        if (-1 == close(fmd->fd)) {

+					if (-1 == close(fmd->fd)) {

 						logg("!ClamFanotif: error occurred while closing metadata fd, %d\n", fmd->fd);

-                                                if (errno == EBADF) {

-                                                    logg("ClamFanotif: fd already closed ... recovering ...\n");

-                                                } else {

-                                                return 2;

-                                        }

-                                    }

-                                }

-        }

-        fmd = FAN_EVENT_NEXT(fmd, bread);

-    }

-    do {

-				ret = select((*ctx)->fan_fd + 1, &rfds, NULL, NULL, NULL);

+						if (errno == EBADF) {

+							logg("ClamFanotif: fd already closed ... recovering ...\n");

+						} else {

+							return 2;

+						}

+					}

+				}

+			}

+			fmd = FAN_EVENT_NEXT(fmd, bread);

+		}

+		do {

+			ret = select((*ctx)->fan_fd + 1, &rfds, NULL, NULL, NULL);

 		} while((ret == -1 && errno == EINTR));

-}

+	}

-		if(bread < 0) {

+	if(bread < 0) {

 		logg("!ClamFanotif: internal error (failed to read data) ... %s\n", strerror(errno));

-                        return 2;

-                }

+		return 2;

+	}

 	return ret;

@@ -74,8 +74,7 @@ static void onas_ddd_handle_in_create(struct onas_context *ctx, const char *path

 static void onas_ddd_handle_in_moved_from(struct onas_context *ctx, const char *path, const char *child_path, const struct inotify_event *event, int wd);

 static void onas_ddd_handle_in_delete(struct onas_context *ctx, const char *path, const char *child_path, const struct inotify_event *event, int wd);

 static void onas_ddd_handle_extra_scanning(struct onas_context *ctx, const char *pathname, int extra_options);

-

-static void onas_ddd_exit(int sig);

+static void onas_ddd_exit(void *arg);

 /* TODO: Unglobalize these. */

 static struct onas_ht *ddd_ht;

@@ -327,57 +326,52 @@ cl_error_t onas_enable_inotif_ddd(struct onas_context **ctx) {

 void *onas_ddd_th(void *arg) {

 	struct onas_context *ctx = (struct onas_context *) arg;

-    sigset_t sigset;

-    struct sigaction act;

-    const struct optstruct *pt;

-    uint64_t in_mask = IN_ONLYDIR | IN_MOVE | IN_DELETE | IN_CREATE;

-    fd_set rfds;

-    char buf[4096];

-    ssize_t bread;

-    const struct inotify_event *event;

+	sigset_t sigset;

+	struct sigaction act;

+	const struct optstruct *pt;

+	uint64_t in_mask = IN_ONLYDIR | IN_MOVE | IN_DELETE | IN_CREATE;

+	fd_set rfds;

+	char buf[4096];

+	ssize_t bread;

+	const struct inotify_event *event;

 	int ret, len, idx;

 	char** include_list = NULL;

 	char** exclude_list = NULL;

 	int num_exdirs, num_indirs;

-        cl_error_t err;

+	cl_error_t err;

-    /* ignore all signals except SIGUSR1 */

-    sigfillset(&sigset);

-    sigdelset(&sigset, SIGUSR1);

-    /* The behavior of a process is undefined after it ignores a

+	/* ignore all signals */

+	sigfillset(&sigset);

+	sigdelset(&sigset, SIGUSR1);

+	sigdelset(&sigset, SIGUSR2);

+	/* The behavior of a process is undefined after it ignores a

 	 * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */

-    sigdelset(&sigset, SIGFPE);

-    sigdelset(&sigset, SIGILL);

-	sigdelset(&sigset, SIGSEGV);

+	sigdelset(&sigset, SIGFPE);

+	sigdelset(&sigset, SIGILL);

+	sigdelset(&sigset, SIGTERM);

 	sigdelset(&sigset, SIGINT);

 #ifdef SIGBUS

-    sigdelset(&sigset, SIGBUS);

+	sigdelset(&sigset, SIGBUS);

 #endif

-    pthread_sigmask(SIG_SETMASK, &sigset, NULL);

-    memset(&act, 0, sizeof(struct sigaction));

-    act.sa_handler = onas_ddd_exit;

-    sigfillset(&(act.sa_mask));

-    sigaction(SIGUSR1, &act, NULL);

-    sigaction(SIGSEGV, &act, NULL);

-        logg("*ClamInotif: starting inotify event thread\n");

+	logg("*ClamInotif: starting inotify event loop ...\n");

-    onas_in_fd = inotify_init1(IN_NONBLOCK);

-    if (onas_in_fd == -1) {

+	onas_in_fd = inotify_init1(IN_NONBLOCK);

+	if (onas_in_fd == -1) {

 		logg("!ClamInotif: could not init inotify\n");

-        return NULL;

-    }

+		return NULL;

+	}

-    ret = onas_ddd_init(0, ONAS_DEFAULT_HT_SIZE);

-    if (ret) {

+	ret = onas_ddd_init(0, ONAS_DEFAULT_HT_SIZE);

+	if (ret) {

 		logg("!ClamInotif: failed to initialize DDD system\n");

-        return NULL;

-    }

+		return NULL;

+	}

 	logg("*ClamInotif: dynamically determining directory hierarchy...\n");

-    /* Add provided paths recursively. */

+	/* Add provided paths recursively. */

 	if (!optget(ctx->opts, "watch-list")->enabled && !optget(ctx->clamdopts, "OnAccessIncludePath")->enabled) {

 		logg("!ClamInotif: Please specify at least one path with OnAccessIncludePath\n");

@@ -386,24 +380,24 @@ void *onas_ddd_th(void *arg) {

 	if((pt = optget(ctx->clamdopts, "OnAccessIncludePath"))->enabled) {

-        while (pt) {

-            if (!strcmp(pt->strarg, "/")) {

+		while (pt) {

+			if (!strcmp(pt->strarg, "/")) {

 				logg("!ClamInotif: not including path '%s' while DDD is enabled\n", pt->strarg);

 				logg("!ClamInotif: please use the OnAccessMountPath option to watch '%s'\n", pt->strarg);

-                pt = (struct optstruct *)pt->nextarg;

-                continue;

-            }

-            if (onas_ht_get(ddd_ht, pt->strarg, strlen(pt->strarg), NULL) != CL_SUCCESS) {

-                if (onas_ht_add_hierarchy(ddd_ht, pt->strarg)) {

+				pt = (struct optstruct *)pt->nextarg;

+				continue;

+			}

+			if (onas_ht_get(ddd_ht, pt->strarg, strlen(pt->strarg), NULL) != CL_SUCCESS) {

+				if (onas_ht_add_hierarchy(ddd_ht, pt->strarg)) {

 					logg("!ClamInotif: can't include '%s'\n", pt->strarg);

-                    return NULL;

+					return NULL;

 				} else {

 					logg("ClamInotif: watching '%s' (and all sub-directories)\n", pt->strarg);

-            }

+				}

 			}

-            pt = (struct optstruct *)pt->nextarg;

-        }

+			pt = (struct optstruct *)pt->nextarg;

+		}

 	}

 	if((pt = optget(ctx->opts, "watch-list"))->enabled) {

@@ -413,8 +407,8 @@ void *onas_ddd_th(void *arg) {

 		include_list = onas_get_opt_list(pt->strarg, &num_indirs, &err);

 		if (NULL == include_list) {

-        return NULL;

-    }

+			return NULL;

+		}

 		idx = 0;

 		while (NULL != include_list[idx]) {

@@ -432,21 +426,21 @@ void *onas_ddd_th(void *arg) {

 		}

 	}

-    /* Remove provided paths recursively. */

+	/* Remove provided paths recursively. */

 	if((pt = optget(ctx->clamdopts, "OnAccessExcludePath"))->enabled) {

-        while (pt) {

-            size_t ptlen = strlen(pt->strarg);

-            if (onas_ht_get(ddd_ht, pt->strarg, ptlen, NULL) == CL_SUCCESS) {

-                if (onas_ht_rm_hierarchy(ddd_ht, pt->strarg, ptlen, 0)) {

+		while (pt) {

+			size_t ptlen = strlen(pt->strarg);

+			if (onas_ht_get(ddd_ht, pt->strarg, ptlen, NULL) == CL_SUCCESS) {

+				if (onas_ht_rm_hierarchy(ddd_ht, pt->strarg, ptlen, 0)) {

 					logg("!ClamInotif: can't exclude '%s'\n", pt->strarg);

-                    return NULL;

-                } else

+					return NULL;

+				} else

 					logg("ClamInotif: excluding '%s' (and all sub-directories)\n", pt->strarg);

-            }

+			}

-            pt = (struct optstruct *)pt->nextarg;

-        }

-    }

+			pt = (struct optstruct *)pt->nextarg;

+		}

+	}

 	if((pt = optget(ctx->opts, "exclude-list"))->enabled) {

@@ -473,35 +467,35 @@ void *onas_ddd_th(void *arg) {

 		}

 	}

-    /* Watch provided paths recursively */

+	/* Watch provided paths recursively */

 	if((pt = optget(ctx->clamdopts, "OnAccessIncludePath"))->enabled) {

-        while (pt) {

+		while (pt) {

 			errno = 0;

-            size_t ptlen = strlen(pt->strarg);

-            if (onas_ht_get(ddd_ht, pt->strarg, ptlen, NULL) == CL_SUCCESS) {

+			size_t ptlen = strlen(pt->strarg);

+			if (onas_ht_get(ddd_ht, pt->strarg, ptlen, NULL) == CL_SUCCESS) {

 				if(err = onas_ddd_watch(pt->strarg, ctx->fan_fd, ctx->fan_mask, onas_in_fd, in_mask)) {

 					if (0 == errno) {

 						logg("!ClamInotif: could not watch path '%s', %d\n ", pt->strarg, err);

 					} else {

 						logg("!ClamInotif: could not watch path '%s', %s\n", pt->strarg, strerror(errno));

-					if(errno == EINVAL && optget(ctx->clamdopts, "OnAccessPrevention")->enabled) {

+						if(errno == EINVAL && optget(ctx->clamdopts, "OnAccessPrevention")->enabled) {

 							logg("*ClamInotif: when using the OnAccessPrevention option, please ensure your kernel\n\t\t\twas compiled with CONFIG_FANOTIFY_ACCESS_PERMISSIONS set to Y\n");

-                        kill(getpid(), SIGTERM);

-                    }

+							kill(getpid(), SIGTERM);

+						}

 						if (errno == ENOSPC) {

 							logg("*ClamInotif: you likely do not have enough inotify watchpoints available ... run the follow command to increase available watchpoints and try again ...\n");

 							logg("*\t $ echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p\n");

 							kill(getpid(), SIGTERM);

-                                                }

-                }

-            }

-            pt = (struct optstruct *)pt->nextarg;

-        }

-    }

+						}

+					}

+				}

+				pt = (struct optstruct *)pt->nextarg;

+			}

+		}

 	}

 	if(NULL != include_list) {

@@ -536,82 +530,85 @@ void *onas_ddd_th(void *arg) {

 	if(optget(ctx->clamdopts, "OnAccessExtraScanning")->enabled) {

 		logg("ClamInotif: extra scanning on inotify events enabled\n");

-}

-

-    FD_ZERO(&rfds);

-    FD_SET(onas_in_fd, &rfds);

-

-    while (1) {

-        do {

-            ret = select(onas_in_fd + 1, &rfds, NULL, NULL, NULL);

-        } while (ret == -1 && errno == EINTR);

+	}

-        while ((bread = read(onas_in_fd, buf, sizeof(buf))) > 0) {

+	FD_ZERO(&rfds);

+	FD_SET(onas_in_fd, &rfds);

-            /* Handle events. */

-            int wd;

-            char *p           = buf;

-            const char *path  = NULL;

-            const char *child = NULL;

-            for (; p < buf + bread; p += sizeof(struct inotify_event) + event->len) {

+	pthread_cleanup_push(onas_ddd_exit, NULL);

-                event = (const struct inotify_event *)p;

-                wd    = event->wd;

-                path  = wdlt[wd];

-                child = event->name;

+	while (1) {

+		do {

+			ret = select(onas_in_fd + 1, &rfds, NULL, NULL, NULL);

+		} while (ret == -1 && errno == EINTR);

+

+		while ((bread = read(onas_in_fd, buf, sizeof(buf))) > 0) {

+			pthread_testcancel();

+			/* Handle events. */

+			int wd;

+			char *p           = buf;

+			const char *path  = NULL;

+			const char *child = NULL;

+			for (; p < buf + bread; p += sizeof(struct inotify_event) + event->len) {

+

+				event = (const struct inotify_event *)p;

+				wd    = event->wd;

+				path  = wdlt[wd];

+				child = event->name;

 				if (path == NULL) {

 					logg("*ClamInotif: watch descriptor not found in lookup table ... skipping\n");

 					continue;

 				}

-                len              = strlen(path);

-                size_t size      = strlen(child) + len + 2;

-                char *child_path = (char *)cli_malloc(size);

+				len              = strlen(path);

+				size_t size      = strlen(child) + len + 2;

+				char *child_path = (char *)cli_malloc(size);

 				if (child_path == NULL) {

 					logg("*ClamInotif: could not allocate space for child path ... aborting\n");

-                    return NULL;

+					return NULL;

 				}

 				if (path[len-1] == '/') {

-                    snprintf(child_path, --size, "%s%s", path, child);

+					snprintf(child_path, --size, "%s%s", path, child);

 				} else {

-                    snprintf(child_path, size, "%s/%s", path, child);

+					snprintf(child_path, size, "%s/%s", path, child);

 				}

-                if (event->mask & IN_DELETE) {

+				if (event->mask & IN_DELETE) {

 					onas_ddd_handle_in_delete(ctx, path, child_path, event, wd);

-                } else if (event->mask & IN_MOVED_FROM) {

+				} else if (event->mask & IN_MOVED_FROM) {

 					onas_ddd_handle_in_moved_from(ctx, path, child_path, event, wd);

-                } else if (event->mask & IN_CREATE) {

+				} else if (event->mask & IN_CREATE) {

 					onas_ddd_handle_in_create(ctx, path, child_path, event, wd, in_mask);

-                } else if (event->mask & IN_MOVED_TO) {

+				} else if (event->mask & IN_MOVED_TO) {

 					onas_ddd_handle_in_moved_to(ctx, path, child_path, event, wd, in_mask);

-                }

-            }

-        }

-    }

+				}

+			}

+		}

+	}

-        logg("*ClamInotif: exiting inotify event thread\n");

-    return NULL;

+	logg("*ClamInotif: exiting inotify event thread\n");

+	pthread_cleanup_pop(1);

+	return NULL;

 }

 static void onas_ddd_handle_in_delete(struct onas_context *ctx,

 		const char *path, const char *child_path, const struct inotify_event *event, int wd) {

-    struct stat s;

-    if (stat(child_path, &s) == 0 && S_ISREG(s.st_mode)) return;

-    if (!(event->mask & IN_ISDIR)) return;

+	struct stat s;

+	if (stat(child_path, &s) == 0 && S_ISREG(s.st_mode)) return;

+	if (!(event->mask & IN_ISDIR)) return;

 	logg("*ClamInotif: DELETE - removing %s from %s with wd:%d\n", child_path, path, wd);

 	onas_ddd_unwatch(child_path, ctx->fan_fd, onas_in_fd);

-    onas_ht_rm_hierarchy(ddd_ht, child_path, strlen(child_path), 0);

+	onas_ht_rm_hierarchy(ddd_ht, child_path, strlen(child_path), 0);

-    return;

+	return;

 }

 static void onas_ddd_handle_in_moved_from(struct onas_context *ctx,

@@ -716,25 +713,25 @@ static void onas_ddd_handle_extra_scanning(struct onas_context *ctx, const char

     return;

 }

-static void onas_ddd_exit(int sig) {

-	logg("*ClamInotif: onas_ddd_exit(), signal %d\n", sig);

+static void onas_ddd_exit(void *arg) {

+	logg("*ClamInotif: onas_ddd_exit()\n");

-        if (onas_in_fd) {

-    close(onas_in_fd);

-        }

-        onas_in_fd = 0;

+	if (onas_in_fd) {

+		close(onas_in_fd);

+	}

+	onas_in_fd = 0;

 	if (ddd_ht) {

-    onas_free_ht(ddd_ht);

-        }

-        ddd_ht = NULL;

+		onas_free_ht(ddd_ht);

+	}

+	ddd_ht = NULL;

-        if (wdlt) {

-    free(wdlt);

-        }

-        wdlt = NULL;

+	if (wdlt) {

+		free(wdlt);

+	}

+	wdlt = NULL;

 	logg("ClamInotif: stopped\n");

-	pthread_exit(NULL);

 }

+

 #endif

@@ -44,7 +44,7 @@

 #include "./onaccess_scth.h"

 #include "./onaccess_scque.h"

-static void onas_scanque_exit(int sig);

+static void onas_scanque_exit(void * arg);

 static int onas_consume_event(threadpool thpool);

 static cl_error_t onas_new_event_queue_node(struct onas_event_queue_node **node);

 static void onas_destroy_event_queue_node(struct onas_event_queue_node *node);

@@ -121,6 +121,10 @@ static void onas_destroy_event_queue_node(struct onas_event_queue_node *node) {

 static void onas_destroy_event_queue() {

+	if (NULL == g_onas_event_queue_head) {

+		return;

+	}

+

 	struct onas_event_queue_node *curr = g_onas_event_queue_head;

 	struct onas_event_queue_node *next = curr->next;

@@ -147,7 +151,7 @@ void *onas_scanque_th(void *arg) {

         cl_error_t err;

-	/* ignore all signals except SIGUSR1 */

+	/* ignore all signals except SIGUSR2 */

 	sigfillset(&sigset);

 	sigdelset(&sigset, SIGUSR2);

 	/* The behavior of a process is undefined after it ignores a

@@ -155,16 +159,11 @@ void *onas_scanque_th(void *arg) {

 	sigdelset(&sigset, SIGFPE);

 	sigdelset(&sigset, SIGILL);

 	sigdelset(&sigset, SIGSEGV);

+	sigdelset(&sigset, SIGTERM);

 	sigdelset(&sigset, SIGINT);

 #ifdef SIGBUS

 	sigdelset(&sigset, SIGBUS);

 #endif

-	pthread_sigmask(SIG_SETMASK, &sigset, NULL);

-	memset(&act, 0, sizeof(struct sigaction));

-	act.sa_handler = onas_scanque_exit;

-	sigfillset(&(act.sa_mask));

-	sigaction(SIGUSR2, &act, NULL);

-	sigaction(SIGSEGV, &act, NULL);

 	logg("*ClamQueue: initializing event queue consumer ... (%d) threads in thread pool\n", ctx->maxthreads);

         onas_init_event_queue();

@@ -172,20 +171,21 @@ void *onas_scanque_th(void *arg) {

 	g_thpool = thpool;

         /* loop w/ onas_consume_event until we die */

+        pthread_cleanup_push(onas_scanque_exit, NULL);

 	logg("*ClamQueue: waiting to consume events ...\n");

 	do {

-            pthread_mutex_lock(&onas_scque_loop);

-            pthread_cond_wait(&onas_scque_empty_cond, &onas_scque_loop);

-            /* run 'till we're empty */

+		pthread_mutex_lock(&onas_scque_loop);

+		pthread_cond_wait(&onas_scque_empty_cond, &onas_scque_loop);

+		/* run 'till we're empty */

 		do {

-                    ret = onas_consume_event(thpool);

-                } while (1 != ret);

-            pthread_mutex_unlock(&onas_scque_loop);

-

-

+			pthread_testcancel();

+			ret = onas_consume_event(thpool);

+		} while (1 != ret);

+		pthread_mutex_unlock(&onas_scque_loop);

 	} while(1);

+	pthread_cleanup_pop(1);

 }

 static int onas_queue_is_b_empty() {

@@ -282,17 +282,19 @@ cl_error_t onas_scanque_start(struct onas_context **ctx) {

 	return CL_SUCCESS;

 }

-static void onas_scanque_exit(int sig) {

+static void onas_scanque_exit(void *arg) {

-	logg("*ClamScanque: onas_scanque_exit(), signal %d\n", sig);

+	logg("*ClamScanque: onas_scanque_exit()\n");

+	pthread_mutex_lock(&onas_queue_lock);

 	onas_destroy_event_queue();

+

         if (g_thpool) {

             thpool_destroy(g_thpool);

         }

         g_thpool = NULL;

+	pthread_mutex_unlock(&onas_queue_lock);

 	logg("ClamScanque: stopped\n");

-	pthread_exit(NULL);

 }