fix sem_close unmapping of still-referenced semaphore

sem_open is required to return the same sem_t pointer for all references to the same named semaphore when it's opened more than once in the same process. thus we keep a table of all the mapped semaphores and their reference counts. the code path for sem_close checked the reference count, but then proceeded to unmap the semaphore regardless of whether the count had reached zero. add an immediate unlock-and-return for the nonzero refcnt case so the property of performing the munmap syscall after releasing the lock can be preserved.
author: Rich Felker <dalias@aerifal.cx> 2020-10-28 16:13:45 -0400
committer: Rich Felker <dalias@aerifal.cx> 2020-10-28 16:13:45 -0400
commit: f70375df85d26235a45e74559afd69be59e5ff99 (patch)
tree: d83ea1381c3cf18c251fb7d03f6b1d11e9ad6389
parent: 613ccabeb0c10ac818e36ef53e09753d23785cbf (diff)
download: musl-f70375df85d26235a45e74559afd69be59e5ff99.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/src/thread/sem_open.c b/src/thread/sem_open.c
index de8555c5..6fb0c5b2 100644
--- a/src/thread/sem_open.c
+++ b/src/thread/sem_open.c
@@ -163,10 +163,12 @@ int sem_close(sem_t *sem)
 	int i;
 	LOCK(lock);
 	for (i=0; i<SEM_NSEMS_MAX && semtab[i].sem != sem; i++);
-	if (!--semtab[i].refcnt) {
-		semtab[i].sem = 0;
-		semtab[i].ino = 0;
+	if (--semtab[i].refcnt) {
+		UNLOCK(lock);
+		return 0;
 	}
+	semtab[i].sem = 0;
+	semtab[i].ino = 0;
 	UNLOCK(lock);
 	munmap(sem, sizeof *sem);
 	return 0;
author	Rich Felker <dalias@aerifal.cx>	2020-10-28 16:13:45 -0400
committer	Rich Felker <dalias@aerifal.cx>	2020-10-28 16:13:45 -0400
commit	f70375df85d26235a45e74559afd69be59e5ff99 (patch)
tree	d83ea1381c3cf18c251fb7d03f6b1d11e9ad6389
parent	613ccabeb0c10ac818e36ef53e09753d23785cbf (diff)
download	musl-f70375df85d26235a45e74559afd69be59e5ff99.tar.gz