Check return from nxsem_wait_initialize()

Resolution of Issue 619 will require multiple steps, this part of the first step in that resolution:  Every call to nxsem_wait_uninterruptible() must handle the return value from nxsem_wait_uninterruptible properly.  This commit is only for those files under fs/driver, fs/aio, fs/nfs, crypto/, and boards/.

Please note:  The modified file under fs/nfs generates several " Mixed case identifier found" errors.  Please ignore these.  These cannot be fixed without changes to numerous other files.  They also follow a non-standard convention that is used many files:  Using lower case structure names in custom SIZEOF_ definitions.

fs/aio/aio.h

@@ -1,35 +1,20 @@
 /****************************************************************************
  * fs/aio/aio.h
  *
- *   Copyright (C) 2014 Gregory Nutt. All rights reserved.
- *   Author: Gregory Nutt <gnutt@nuttx.org>
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ *   http://www.apache.org/licenses/LICENSE-2.0
  *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- * 3. Neither the name NuttX nor the names of its contributors may be
- *    used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
- * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
  *
  ****************************************************************************/
 
@@ -150,11 +135,11 @@ void aio_initialize(void);
  *   None
  *
  * Returned Value:
- *   None
+ *   aio_lock() return -ECANCELED if the calling thread is canceled.
  *
  ****************************************************************************/
 
-void aio_lock(void);
+int aio_lock(void);
 void aio_unlock(void);
 
 /****************************************************************************

fs/aio/aio_cancel.c

@@ -1,35 +1,20 @@
 /****************************************************************************
  * fs/aio/aio_cancel.c
  *
- *   Copyright (C) 2014 Gregory Nutt. All rights reserved.
- *   Author: Gregory Nutt <gnutt@nuttx.org>
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ *   http://www.apache.org/licenses/LICENSE-2.0
  *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- * 3. Neither the name NuttX nor the names of its contributors may be
- *    used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
- * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
  *
  ****************************************************************************/
 
@@ -110,7 +95,7 @@ int aio_cancel(int fildes, FAR struct aiocb *aiocbp)
 
   ret = AIO_ALLDONE;
   sched_lock();
-  aio_lock();
+  ret = aio_lock();
 
   if (aiocbp)
     {

fs/aio/aio_initialize.c

@@ -1,35 +1,20 @@
 /****************************************************************************
  * fs/aio/aio_initialize.c
  *
- *   Copyright (C) 2014, 2017 Gregory Nutt. All rights reserved.
- *   Author: Gregory Nutt <gnutt@nuttx.org>
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ *   http://www.apache.org/licenses/LICENSE-2.0
  *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- * 3. Neither the name NuttX nor the names of its contributors may be
- *    used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
- * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
  *
  ****************************************************************************/
 
@@ -140,13 +125,14 @@ void aio_initialize(void)
  *   None
  *
  * Returned Value:
- *   None
+ *   aio_lock() return -ECANCELED if the calling thread is canceled.
  *
  ****************************************************************************/
 
-void aio_lock(void)
+int aio_lock(void)
 {
   pid_t me = getpid();
+  int ret = OK;
 
   /* Does this thread already hold the semaphore? */
 
@@ -159,13 +145,17 @@ void aio_lock(void)
     }
   else
     {
-      nxsem_wait_uninterruptible(&g_aio_exclsem);
+      ret = nxsem_wait_uninterruptible(&g_aio_exclsem);
+      if (ret >= 0)
+        {
+          /* And mark it as ours */
 
-      /* And mark it as ours */
-
-      g_aio_holder = me;
-      g_aio_count  = 1;
+          g_aio_holder = me;
+          g_aio_count  = 1;
+        }
     }
+
+  return ret;
 }
 
 void aio_unlock(void)
@@ -211,21 +201,30 @@ void aio_unlock(void)
 
 FAR struct aio_container_s *aioc_alloc(void)
 {
-  FAR struct aio_container_s *aioc;
+  FAR struct aio_container_s *aioc = NULL;
+  int ret;
 
   /* Take a count from semaphore, thus guaranteeing that we have an AIO
    * container set aside for us.
    */
 
-  nxsem_wait_uninterruptible(&g_aioc_freesem);
+  ret = nxsem_wait_uninterruptible(&g_aioc_freesem);
+  if (ret < 0)
+    {
+      return NULL;
+    }
 
   /* Get our AIO container */
 
-  aio_lock();
-  aioc = (FAR struct aio_container_s *)dq_remfirst(&g_aioc_free);
-  aio_unlock();
+  ret = aio_lock();
+  if (ret >= 0)
+    {
+      aioc = (FAR struct aio_container_s *)dq_remfirst(&g_aioc_free);
+      aio_unlock();
+
+      DEBUGASSERT(aioc);
+    }
 
-  DEBUGASSERT(aioc);
   return aioc;
 }
 
@@ -246,11 +245,24 @@ FAR struct aio_container_s *aioc_alloc(void)
 
 void aioc_free(FAR struct aio_container_s *aioc)
 {
+  int ret;
+
   DEBUGASSERT(aioc);
 
   /* Return the container to the free list */
 
-  aio_lock();
+  do
+    {
+      ret = aio_lock();
+
+      /* The only possible error should be if we were awakened only by
+       * thread cancellation.
+       */
+
+      DEBUGASSERT(ret == OK || ret == -ECANCELED);
+    }
+  while (ret < 0);
+
   dq_addlast(&aioc->aioc_link, &g_aioc_free);
   aio_unlock();
 

fs/aio/aioc_contain.c

@@ -1,35 +1,20 @@
 /****************************************************************************
  * fs/aio/aioc_contain.c
  *
- *   Copyright (C) 2014, 2017-2018 Gregory Nutt. All rights reserved.
- *   Author: Gregory Nutt <gnutt@nuttx.org>
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ *   http://www.apache.org/licenses/LICENSE-2.0
  *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- * 3. Neither the name NuttX nor the names of its contributors may be
- *    used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
- * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
  *
  ****************************************************************************/
 
@@ -121,29 +106,38 @@ FAR struct aio_container_s *aio_contain(FAR struct aiocb *aiocbp)
 #endif
 
   /* Allocate the AIO control block container, waiting for one to become
-   * available if necessary.  This should never fail.
+   * available if necessary.  This should not fail except for in the case
+   * where the calling thread is canceled.
    */
 
   aioc = aioc_alloc();
-  DEBUGASSERT(aioc);
+  if (aioc != NULL)
+    {
+      /* Initialize the container */
 
-  /* Initialize the container */
-
-  memset(aioc, 0, sizeof(struct aio_container_s));
-  aioc->aioc_aiocbp = aiocbp;
-  aioc->u.ptr = u.ptr;
-  aioc->aioc_pid = getpid();
+      memset(aioc, 0, sizeof(struct aio_container_s));
+      aioc->aioc_aiocbp = aiocbp;
+      aioc->u.ptr       = u.ptr;
+      aioc->aioc_pid    = getpid();
 
 #ifdef CONFIG_PRIORITY_INHERITANCE
-  DEBUGVERIFY(nxsched_getparam (aioc->aioc_pid, &param));
-  aioc->aioc_prio = param.sched_priority;
+      DEBUGVERIFY(nxsched_getparam (aioc->aioc_pid, &param));
+      aioc->aioc_prio   = param.sched_priority;
 #endif
 
-  /* Add the container to the pending transfer list. */
+      /* Add the container to the pending transfer list. */
+
+      ret = aio_lock();
+      if (ret < 0)
+        {
+          aioc_free(aioc);
+          goto errout;
+        }
+
+      dq_addlast(&aioc->aioc_link, &g_aio_pending);
+      aio_unlock();
+    }
 
-  aio_lock();
-  dq_addlast(&aioc->aioc_link, &g_aio_pending);
-  aio_unlock();
   return aioc;
 
 errout:
@@ -168,21 +162,26 @@ errout:
 
 FAR struct aiocb *aioc_decant(FAR struct aio_container_s *aioc)
 {
-  FAR struct aiocb *aiocbp;
+  FAR struct aiocb *aiocbp = NULL;
+  int ret;
 
   DEBUGASSERT(aioc);
 
   /* Remove the container to the pending transfer list. */
 
-  aio_lock();
-  dq_rem(&aioc->aioc_link, &g_aio_pending);
+  ret = aio_lock();
+  if (ret >= 0)
+    {
+      dq_rem(&aioc->aioc_link, &g_aio_pending);
 
-  /* De-cant the AIO control block and return the container to the free list */
+      /* De-cant the AIO control block and return the container to the free list */
 
-  aiocbp = aioc->aioc_aiocbp;
-  aioc_free(aioc);
+      aiocbp = aioc->aioc_aiocbp;
+      aioc_free(aioc);
+
+      aio_unlock();
+    }
 
-  aio_unlock();
   return aiocbp;
 }
 

fs/driver/fs_blockproxy.c

@@ -1,35 +1,20 @@
 /****************************************************************************
  * fs/driver/fs_blockproxy.c
  *
- *   Copyright (C) 2015-2018 Gregory Nutt. All rights reserved.
- *   Author: Gregory Nutt <gnutt@nuttx.org>
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
  *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ *   http://www.apache.org/licenses/LICENSE-2.0
  *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- * 3. Neither the name NuttX nor the names of its contributors may be
- *    used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
- * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
- * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
- * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
  *
  ****************************************************************************/
 
@@ -101,7 +86,12 @@ static FAR char *unique_chardev(void)
     {
       /* Get the semaphore protecting the path number */
 
-      nxsem_wait_uninterruptible(&g_devno_sem);
+      ret = nxsem_wait_uninterruptible(&g_devno_sem);
+      if (ret < 0)
+        {
+          ferr("ERROR: nxsem_wait_uninterruptible failed: %d\n", ret);
+          return NULL;
+        }
 
       /* Get the next device number and release the semaphore */
 

fs/driver/fs_mtdproxy.c

@@ -96,7 +96,12 @@ static FAR char *unique_blkdev(void)
     {
       /* Get the semaphore protecting the path number */
 
-      nxsem_wait_uninterruptible(&g_devno_sem);
+      ret = nxsem_wait_uninterruptible(&g_devno_sem);
+      if (ret < 0)
+        {
+          ferr("ERROR: nxsem_wait_uninterruptible failed: %d\n", ret);
+          return NULL;
+        }
 
       /* Get the next device number and release the semaphore */
 
@@ -197,9 +202,9 @@ int mtd_proxy(FAR const char *mtddev, int mountflags,
       goto out_with_fltdev;
     }
 
-  /* Unlink and free the block device name.  The driver instance will persist,
-   * provided that CONFIG_DISABLE_PSEUDOFS_OPERATIONS=y (otherwise, we have
-   * a problem here!)
+  /* Unlink and free the block device name.  The driver instance will
+   * persist, provided that CONFIG_DISABLE_PSEUDOFS_OPERATIONS=y (otherwise,
+   * we have a problem here!)
    */
 
 out_with_fltdev:

fs/inode/fs_inoderelease.c

@@ -52,16 +52,18 @@ void inode_release(FAR struct inode *node)
     {
       /* Decrement the references of the inode */
 
-      ret = inode_semtake();
-      if (ret < 0)
+      do
         {
-          /* REVISIT:  Reference count will be wrong.  This could only
-           * happen on thread cancellation.
+          ret = inode_semtake();
+
+          /* This only possible error is due to cancellation of the thread.
+           * We need to try again anyway in this case, otherwise the
+           * reference count would be wrong.
            */
 
-          ferr("ERROR: inode_semtake failed: %d\n", ret);
-          return;
+          DEBUGASSERT(ret = OK || ret == -ECANCELED);
         }
+      while (ret < 0);
 
       if (node->i_crefs)
         {

fs/mqueue/mq_close.c

@@ -176,16 +176,17 @@ void mq_inode_release(FAR struct inode *inode)
 
   /* Decrement the reference count on the inode */
 
-  ret = inode_semtake();
-  if (ret < 0)
+  do
     {
-      /* REVISIT:  Should get here only on task cancellation.  The MQ inode
-       * would not not be released in this case.
+      ret = inode_semtake();
+
+      /* The only error that is expected is due to thread cancellation.
+       * At this point, we must continue to free the mqueue anyway.
        */
 
-      ferr("ERROR: inode_semtake() failed: %d\n", ret);
-      return;
+      DEBUGASSERT(ret == OK || ret == -ECANCELED);
     }
+  while (ret < 0);
 
   if (inode->i_crefs > 0)
     {

fs/nfs/Kconfig

@@ -13,7 +13,7 @@ config NFS
 #if NFS
 
 config NFS_STATISTICS
-	bool "NFS Statics"
+	bool "NFS Statistics"
 	default n
 	depends on NFS
 	---help---

fs/semaphore/sem_close.c

@@ -81,16 +81,17 @@ int sem_close(FAR sem_t *sem)
 
   /* Decrement the reference count on the inode */
 
-  ret = inode_semtake();
-  if (ret < 0)
+  do
     {
-      /* REVISIT:  This failure is probably -ECANCELED meaning that the
-       * thread was canceled.  In this case, the semaphore will not be
-       * closed.
+      ret = inode_semtake();
+
+      /* The only error that is expected is due to thread cancellation.
+       * At this point, we must continue to free the semaphore anyway.
        */
 
-      return ret;
+      DEBUGASSERT(ret == OK || ret == -ECANCELED);
     }
+  while (ret < 0);
 
   if (inode->i_crefs > 0)
     {