From: Manfred Spraul Date: Fri, 6 Jun 2014 21:37:47 +0000 (-0700) Subject: ipc/sem.c: bugfix for semctl(,,GETZCNT) X-Git-Tag: firefly_0821_release~176^2~3820^2~4^2~50 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=1994862dc9c16f360a9169a4d27200d15ba29713;p=firefly-linux-kernel-4.4.55.git ipc/sem.c: bugfix for semctl(,,GETZCNT) GETZCNT is supposed to return the number of threads that wait until a semaphore value becomes 0. The current implementation overlooks complex operations that contain both wait-for-zero operation and operations that alter at least one semaphore. The patch fixes that. It's intentionally copy&paste, this will be cleaned up in the next patch. Signed-off-by: Manfred Spraul Cc: Davidlohr Bueso Cc: Michael Kerrisk Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/ipc/sem.c b/ipc/sem.c index fe0928a3d08b..4321fa420fe1 100644 --- a/ipc/sem.c +++ b/ipc/sem.c @@ -1047,6 +1047,16 @@ static int count_semzcnt(struct sem_array *sma, ushort semnum) && !(sops[i].sem_flg & IPC_NOWAIT)) semzcnt++; } + list_for_each_entry(q, &sma->pending_alter, list) { + struct sembuf *sops = q->sops; + int nsops = q->nsops; + int i; + for (i = 0; i < nsops; i++) + if (sops[i].sem_num == semnum + && (sops[i].sem_op == 0) + && !(sops[i].sem_flg & IPC_NOWAIT)) + semzcnt++; + } return semzcnt; }