From 6b8db0bce33d75b1181e86e55305e1e320102440 Mon Sep 17 00:00:00 2001 From: Stefan Wahren Date: Fri, 26 May 2017 00:26:22 +0200 Subject: [PATCH] staging: vchiq_core: Bail out if service is NULL In the unlikely case that service is NULL we should bail out instead of calling BUG_ON(). The other BUG_ON calls will be fixed in separate patches. Signed-off-by: Stefan Wahren Signed-off-by: Greg Kroah-Hartman --- .../vc04_services/interface/vchiq_arm/vchiq_core.c | 38 ++++++++++++++-------- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c index d40366c..a84b4ef3 100644 --- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c +++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c @@ -289,9 +289,11 @@ void lock_service(VCHIQ_SERVICE_T *service) { spin_lock(&service_spinlock); - BUG_ON(!service || (service->ref_count == 0)); - if (service) + WARN_ON(!service); + if (service) { + BUG_ON(service->ref_count == 0); service->ref_count++; + } spin_unlock(&service_spinlock); } @@ -299,17 +301,21 @@ void unlock_service(VCHIQ_SERVICE_T *service) { spin_lock(&service_spinlock); - BUG_ON(!service || (service->ref_count == 0)); - if (service && service->ref_count) { - service->ref_count--; - if (!service->ref_count) { - VCHIQ_STATE_T *state = service->state; - - BUG_ON(service->srvstate != VCHIQ_SRVSTATE_FREE); - state->services[service->localport] = NULL; - } else - service = NULL; + if (!service) { + WARN(1, "%s: service is NULL\n", __func__); + goto unlock; } + BUG_ON(service->ref_count == 0); + service->ref_count--; + if (!service->ref_count) { + VCHIQ_STATE_T *state = service->state; + + BUG_ON(service->srvstate != VCHIQ_SRVSTATE_FREE); + state->services[service->localport] = NULL; + } else { + service = NULL; + } +unlock: spin_unlock(&service_spinlock); if (service && service->userdata_term) @@ -822,7 +828,12 @@ queue_message(VCHIQ_STATE_T *state, VCHIQ_SERVICE_T *service, if (type == VCHIQ_MSG_DATA) { int tx_end_index; - BUG_ON(!service); + if (!service) { + WARN(1, "%s: service is NULL\n", __func__); + mutex_unlock(&state->slot_mutex); + return VCHIQ_ERROR; + } + BUG_ON((flags & (QMFLAGS_NO_MUTEX_LOCK | QMFLAGS_NO_MUTEX_UNLOCK)) != 0); @@ -923,7 +934,6 @@ queue_message(VCHIQ_STATE_T *state, VCHIQ_SERVICE_T *service, header, size, VCHIQ_MSG_SRCPORT(msgid), VCHIQ_MSG_DSTPORT(msgid)); - BUG_ON(!service); BUG_ON((flags & (QMFLAGS_NO_MUTEX_LOCK | QMFLAGS_NO_MUTEX_UNLOCK)) != 0); -- 2.7.4