PIMutexUnlock: load owner_tid in non-common case For a recursive or errorcheck PI mutex, the old_owner variable wasn't being initialized. As a result, unlocking a doubly-locked recursive mutex owned by another thread decremented the mutex counter. Instead, the unlock call should fail with EPERM. Bug: http://b/130841532 Test: bionic-unit-tests Test: bionic-unit-tests-glibc --gtest_filter='pthread.pthread_mutex_lock*' Change-Id: I37adb094cb2ce8d51df7b4f48e8d6bc144436418

commit: 4b6c0f5dce5ad8d93e4e707977e09153a5399139 [log] [tgz]
author: Ryan Prichard <rprichard@google.com> Thu Apr 18 22:47:04 2019 -0700
committer: Ryan Prichard <rprichard@google.com> Fri Apr 19 17:16:16 2019 -0700
tree: a6cb5df96d21f0aca90c12b5fba1ee172cd3b62d
parent: 9586c0f4f421e63342074eeae9806cf11d622703 [diff] [blame]
diff --git a/libc/bionic/pthread_mutex.cpp b/libc/bionic/pthread_mutex.cpp
index d9ddf10..f92184e 100644
--- a/libc/bionic/pthread_mutex.cpp
+++ b/libc/bionic/pthread_mutex.cpp

@@ -199,6 +199,8 @@
                                                                    memory_order_relaxed))) {
             return 0;
         }
+    } else {
+        old_owner = atomic_load_explicit(&mutex.owner_tid, memory_order_relaxed);
     }
 
     if (tid != (old_owner & FUTEX_TID_MASK)) {
commit	4b6c0f5dce5ad8d93e4e707977e09153a5399139	[log] [tgz]
author	Ryan Prichard <rprichard@google.com>	Thu Apr 18 22:47:04 2019 -0700
committer	Ryan Prichard <rprichard@google.com>	Fri Apr 19 17:16:16 2019 -0700
tree	a6cb5df96d21f0aca90c12b5fba1ee172cd3b62d
parent	9586c0f4f421e63342074eeae9806cf11d622703 [diff] [blame]