summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2020-10-28 16:13:45 -0400
committerRich Felker <dalias@aerifal.cx>2020-10-28 16:13:45 -0400
commitf70375df85d26235a45e74559afd69be59e5ff99 (patch)
treed83ea1381c3cf18c251fb7d03f6b1d11e9ad6389
parent613ccabeb0c10ac818e36ef53e09753d23785cbf (diff)
downloadmusl-f70375df85d26235a45e74559afd69be59e5ff99.tar.gz
fix sem_close unmapping of still-referenced semaphore
sem_open is required to return the same sem_t pointer for all references to the same named semaphore when it's opened more than once in the same process. thus we keep a table of all the mapped semaphores and their reference counts. the code path for sem_close checked the reference count, but then proceeded to unmap the semaphore regardless of whether the count had reached zero. add an immediate unlock-and-return for the nonzero refcnt case so the property of performing the munmap syscall after releasing the lock can be preserved.
-rw-r--r--src/thread/sem_open.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/thread/sem_open.c b/src/thread/sem_open.c
index de8555c5..6fb0c5b2 100644
--- a/src/thread/sem_open.c
+++ b/src/thread/sem_open.c
@@ -163,10 +163,12 @@ int sem_close(sem_t *sem)
int i;
LOCK(lock);
for (i=0; i<SEM_NSEMS_MAX && semtab[i].sem != sem; i++);
- if (!--semtab[i].refcnt) {
- semtab[i].sem = 0;
- semtab[i].ino = 0;
+ if (--semtab[i].refcnt) {
+ UNLOCK(lock);
+ return 0;
}
+ semtab[i].sem = 0;
+ semtab[i].ino = 0;
UNLOCK(lock);
munmap(sem, sizeof *sem);
return 0;