net/local: remove client from server.lc_waiters when client close

if client is a noblocking socket, user can do close when server has not yet
invoke accept interface, so we need remove this socket from server.lc_waiters.
avoid server socket access the freed memory.

==936564==ERROR: AddressSanitizer: heap-use-after-free on address 0xf23071c8 at pc 0x58eaac3b bp 0xf0b9e218 sp 0xf0b9e208
READ of size 4 at 0xf23071c8 thread T0
    #0 0x58eaac3a in dq_remfirst queue/dq_remfirst.c:45
    #1 0x58fd1efe in local_accept local/local_accept.c:141
    #2 0x58f66df6 in psock_accept socket/accept.c:149
    apache#3 0x58f672a4 in accept4 socket/accept.c:280
    apache#4 0x5be9ee0c in accept net/lib_accept.c:50
    apache#5 0x592d6a5d in uv__accept libuv/src/unix/core.c:502
    apache#6 0x5930d83b in uv__server_io libuv/src/unix/stream.c:550
    apache#7 0x592efbde in uv__io_poll libuv/src/unix/posix-poll.c:335
    apache#8 0x592d649a in uv_run libuv/src/unix/core.c:387
    apache#9 0x5a7180f7 in service_schedule_loop service/common/service_loop.c:146
    apache#10 0x591f300b in pthread_startup pthread/pthread_create.c:59
    apache#11 0x5be8134f in pthread_start pthread/pthread_create.c:139
    apache#12 0x58ee2762 in pre_start sim/sim_initialstate.c:53

Signed-off-by: zhanghongyu <[email protected]>

Author: zhhyu7

net/local/local_release.c

@@ -66,9 +66,37 @@ int local_release(FAR struct local_conn_s *conn)
 
   DEBUGASSERT(conn->lc_state != LOCAL_STATE_ACCEPT);
 
+  if (conn->lc_state == LOCAL_STATE_CONNECTING)
+    {
+      FAR struct local_conn_s *server = NULL;
+      FAR struct local_conn_s *client;
+      FAR dq_entry_t *waiter = NULL;
+
+      while ((server = local_nextconn(server)) && waiter == NULL)
+        {
+          if (server->lc_state == LOCAL_STATE_LISTENING)
+            {
+              for (waiter = dq_peek(&server->u.server.lc_waiters);
+                   waiter;
+                   waiter = dq_next(&client->u.client.lc_waiter))
+                {
+                  if (&conn->u.client.lc_waiter == waiter)
+                    {
+                      dq_rem(waiter, &server->u.server.lc_waiters);
+                      server->u.server.lc_pending--;
+                      break;
+                    }
+
+                  client = container_of(waiter, struct local_conn_s,
+                                        u.client.lc_waiter);
+                }
+            }
+        }
+    }
+
   /* Is the socket is listening socket (SOCK_STREAM server) */
 
-  if (conn->lc_state == LOCAL_STATE_LISTENING)
+  else if (conn->lc_state == LOCAL_STATE_LISTENING)
     {
       FAR struct local_conn_s *client;
       FAR dq_entry_t *waiter;