Fix a potential race between creating and destroying mmaped strings

Potentially, we might try to create a new reference to a memory-mapped
region while another thread unreferences and frees that region.  Ensure
when freeing the mapping that there really are no mappings (doube-check
after taking the lock).

diff --git a/bluesky/log.c b/bluesky/log.c
index 5a16238..984cf16 100644 (file)
--- a/bluesky/log.c
+++ b/bluesky/log.c
@@ -751,7 +751,7 @@ void bluesky_mmap_unref(BlueSkyCacheFile *mmap)
 
     if (g_atomic_int_dec_and_test(&mmap->mapcount)) {
         g_mutex_lock(mmap->lock);
-        if (mmap->addr != NULL) {
+        if (mmap->addr != NULL && g_atomic_int_get(&mmap->mapcount) == 0) {
             if (bluesky_verbose)
                 g_print("Unmapped log segment %d...\n", mmap->log_seq);
             munmap((void *)mmap->addr, mmap->len);