Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 6c9de52884aeafb05a935467c3a2c05a2d445ab7^! / .
commit6c9de52884aeafb05a935467c3a2c05a2d445ab7[log] [tgz]
authorAndy Walls <awalls@radix.net>Wed Sep 03 17:11:54 2008 -0300
committerMauro Carvalho Chehab <mchehab@redhat.com>Wed Sep 03 18:37:14 2008 -0300
tree5afe1394ac754e97b3942cdbb74044d90a2c56d7
parentc6eb8eafdba4ad18b4520a0d28a38bc9e61883ea [diff]
V4L/DVB (8769): cx18: Simplify queue flush logic to prevent oops in cx18_flush_queues()

cx18: Simplify queue flush logic to prevent oops in cx18_flush_queues().
If accounting of a queue is in error, logic borrowed from ivtv will cause
an oops when flushing the queues for a stream.  This change greatly
simplifies the queue flush logic, and sets the queue back to sane
defaults on a flush.

Signed-off-by: Andy Walls <awalls@radix.net>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>

diff --git a/drivers/media/video/cx18/cx18-queue.c b/drivers/media/video/cx18/cx18-queue.c
index a31da49..dbe792a 100644
--- a/drivers/media/video/cx18/cx18-queue.c
+++ b/drivers/media/video/cx18/cx18-queue.c

@@ -110,99 +110,31 @@
 	return NULL;
 }
 
-static void cx18_queue_move_buf(struct cx18_stream *s, struct cx18_queue *from,
-		struct cx18_queue *to, int clear, int full)
-{
-	struct cx18_buffer *buf =
-		list_entry(from->list.next, struct cx18_buffer, list);
-
-	list_move_tail(from->list.next, &to->list);
-	from->buffers--;
-	from->length -= s->buf_size;
-	from->bytesused -= buf->bytesused - buf->readpos;
-	/* special handling for q_free */
-	if (clear)
-		buf->bytesused = buf->readpos = buf->b_flags = 0;
-	else if (full) {
-		/* special handling for stolen buffers, assume
-		   all bytes are used. */
-		buf->bytesused = s->buf_size;
-		buf->readpos = buf->b_flags = 0;
-	}
-	to->buffers++;
-	to->length += s->buf_size;
-	to->bytesused += buf->bytesused - buf->readpos;
-}
-
-/* Move 'needed_bytes' worth of buffers from queue 'from' into queue 'to'.
-   If 'needed_bytes' == 0, then move all buffers from 'from' into 'to'.
-   If 'steal' != NULL, then buffers may also taken from that queue if
-   needed.
-
-   The buffer is automatically cleared if it goes to the free queue. It is
-   also cleared if buffers need to be taken from the 'steal' queue and
-   the 'from' queue is the free queue.
-
-   When 'from' is q_free, then needed_bytes is compared to the total
-   available buffer length, otherwise needed_bytes is compared to the
-   bytesused value. For the 'steal' queue the total available buffer
-   length is always used.
-
-   -ENOMEM is returned if the buffers could not be obtained, 0 if all
-   buffers where obtained from the 'from' list and if non-zero then
-   the number of stolen buffers is returned. */
-static int cx18_queue_move(struct cx18_stream *s, struct cx18_queue *from,
-			   struct cx18_queue *steal, struct cx18_queue *to,
-			   int needed_bytes)
+/* Move all buffers of a queue to q_free, while flushing the buffers */
+static void cx18_queue_flush(struct cx18_stream *s, struct cx18_queue *q)
 {
 	unsigned long flags;
-	int rc = 0;
-	int from_free = from == &s->q_free;
-	int to_free = to == &s->q_free;
-	int bytes_available;
+	struct cx18_buffer *buf;
+
+	if (q == &s->q_free)
+		return;
 
 	spin_lock_irqsave(&s->qlock, flags);
-	if (needed_bytes == 0) {
-		from_free = 1;
-		needed_bytes = from->length;
+	while (!list_empty(&q->list)) {
+		buf = list_entry(q->list.next, struct cx18_buffer, list);
+		list_move_tail(q->list.next, &s->q_free.list);
+		buf->bytesused = buf->readpos = buf->b_flags = 0;
+		s->q_free.buffers++;
+		s->q_free.length += s->buf_size;
 	}
-
-	bytes_available = from_free ? from->length : from->bytesused;
-	bytes_available += steal ? steal->length : 0;
-
-	if (bytes_available < needed_bytes) {
-		spin_unlock_irqrestore(&s->qlock, flags);
-		return -ENOMEM;
-	}
-	if (from_free) {
-		u32 old_length = to->length;
-
-		while (to->length - old_length < needed_bytes) {
-			if (list_empty(&from->list))
-				from = steal;
-			if (from == steal)
-				rc++; 	/* keep track of 'stolen' buffers */
-			cx18_queue_move_buf(s, from, to, 1, 0);
-		}
-	} else {
-		u32 old_bytesused = to->bytesused;
-
-		while (to->bytesused - old_bytesused < needed_bytes) {
-			if (list_empty(&from->list))
-				from = steal;
-			if (from == steal)
-				rc++; 	/* keep track of 'stolen' buffers */
-			cx18_queue_move_buf(s, from, to, to_free, rc);
-		}
-	}
+	cx18_queue_init(q);
 	spin_unlock_irqrestore(&s->qlock, flags);
-	return rc;
 }
 
 void cx18_flush_queues(struct cx18_stream *s)
 {
-	cx18_queue_move(s, &s->q_io, NULL, &s->q_free, 0);
-	cx18_queue_move(s, &s->q_full, NULL, &s->q_free, 0);
+	cx18_queue_flush(s, &s->q_io);
+	cx18_queue_flush(s, &s->q_full);
 }
 
 int cx18_stream_alloc(struct cx18_stream *s)