staging: vchiq_core: Bail out if service is NULL

In the unlikely case that service is NULL we should bail out instead
of calling BUG_ON(). The other BUG_ON calls will be fixed in separate
patches.

Signed-off-by: Stefan Wahren <stefan.wahren@i2se.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c
index d40366c32f89209106476b515e0325d2fbe2c158..a84b4ef36abe9889ba85f04e303724f66200e038 100644 (file)
--- a/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c
+++ b/drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c
@@ -289,9 +289,11 @@ void
 lock_service(VCHIQ_SERVICE_T *service)
 {
        spin_lock(&service_spinlock);
-       BUG_ON(!service || (service->ref_count == 0));
-       if (service)
+       WARN_ON(!service);
+       if (service) {
+               BUG_ON(service->ref_count == 0);
                service->ref_count++;
+       }
        spin_unlock(&service_spinlock);
 }
 
@@ -299,17 +301,21 @@ void
 unlock_service(VCHIQ_SERVICE_T *service)
 {
        spin_lock(&service_spinlock);
-       BUG_ON(!service || (service->ref_count == 0));
-       if (service && service->ref_count) {
-               service->ref_count--;
-               if (!service->ref_count) {
-                       VCHIQ_STATE_T *state = service->state;
-
-                       BUG_ON(service->srvstate != VCHIQ_SRVSTATE_FREE);
-                       state->services[service->localport] = NULL;
-               } else
-                       service = NULL;
+       if (!service) {
+               WARN(1, "%s: service is NULL\n", __func__);
+               goto unlock;
        }
+       BUG_ON(service->ref_count == 0);
+       service->ref_count--;
+       if (!service->ref_count) {
+               VCHIQ_STATE_T *state = service->state;
+
+               BUG_ON(service->srvstate != VCHIQ_SRVSTATE_FREE);
+               state->services[service->localport] = NULL;
+       } else {
+               service = NULL;
+       }
+unlock:
        spin_unlock(&service_spinlock);
 
        if (service && service->userdata_term)
@@ -822,7 +828,12 @@ queue_message(VCHIQ_STATE_T *state, VCHIQ_SERVICE_T *service,
        if (type == VCHIQ_MSG_DATA) {
                int tx_end_index;
 
-               BUG_ON(!service);
+               if (!service) {
+                       WARN(1, "%s: service is NULL\n", __func__);
+                       mutex_unlock(&state->slot_mutex);
+                       return VCHIQ_ERROR;
+               }
+
                BUG_ON((flags & (QMFLAGS_NO_MUTEX_LOCK |
                                 QMFLAGS_NO_MUTEX_UNLOCK)) != 0);
 
@@ -923,7 +934,6 @@ queue_message(VCHIQ_STATE_T *state, VCHIQ_SERVICE_T *service,
                        header, size, VCHIQ_MSG_SRCPORT(msgid),
                        VCHIQ_MSG_DSTPORT(msgid));
 
-               BUG_ON(!service);
                BUG_ON((flags & (QMFLAGS_NO_MUTEX_LOCK |
                                 QMFLAGS_NO_MUTEX_UNLOCK)) != 0);