From e3234bd66f0c9780f6185789630ed2e11d96f18f Mon Sep 17 00:00:00 2001
From: xuzaibo <xuzaibo@huawei.com>
Date: Mon, 13 May 2019 11:51:57 +0800
Subject: [PATCH] Bugfixed while multi-thread core dump as running Zip test

driver inclusion
category: bugfix
bugzilla: NA
CVE: NA

[  339.430885] Process wd_zip_test (pid: 4940, stack limit = 0x(____ptrval____))
[  339.438005] Call trace:
[  339.440439]  uacce_fops_release+0x54/0x90 [uacce]
[  339.445131]  __fput+0x8c/0x1c8
[  339.448172]  ____fput+0xc/0x18
[  339.451213]  task_work_run+0x90/0xb0
[  339.454776]  do_exit+0x2ac/0xa18
[  339.457991]  do_group_exit+0x38/0xa0
[  339.461552]  __arm64_sys_exit_group+0x14/0x18
[  339.465895]  el0_svc_common+0x5c/0x100
[  339.469630]  el0_svc_handler+0x2c/0x80
[  339.473366]  el0_svc+0x8/0xc
[  339.476233] Code: f9400260 910f0000 940001d2 a9478261 (f9000420)
[  339.482313] ---[ end trace aa62e71a5bb54ff8 ]---
[  339.488570] Unable to handle kernel paging request at virtual address ffff000010065034
[  339.496472] Mem abort info:
[  339.499251]   ESR = 0x96000061
[  339.502292]   Exception class = DABT (current EL), IL = 32 bits
[  339.508196]   SET = 0, FnV = 0
[  339.511236]   EA = 0, S1PTW = 0
[  339.514362] Data abort info:
[  339.517229]   ISV = 0, ISS = 0x00000061
[  339.521049]   CM = 0, WnR = 1

Feature or Bugfix:Bugfix

Signed-off-by: xuzaibo <xuzaibo@huawei.com>
Reviewed-by: wangzhou <wangzhou1@hisilicon.com>
Signed-off-by: lingmingqiang <lingmingqiang@huawei.com>
Reviewed-by: hucheng.hu <hucheng.hu@huawei.com>
Reviewed-by: Xie XiuQi <xiexiuqi@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
---
 drivers/uacce/uacce.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/drivers/uacce/uacce.c b/drivers/uacce/uacce.c
index e4d1a4c25455..75b647c365a4 100644
--- a/drivers/uacce/uacce.c
+++ b/drivers/uacce/uacce.c
@@ -632,7 +632,11 @@ static int uacce_queue_drain(struct uacce_queue *q)
 static int uacce_fops_flush(struct file *filep, fl_owner_t id)
 {
 	struct uacce_queue *q = filep->private_data;
-	struct uacce *uacce = q->uacce;
+	struct uacce *uacce;
+
+	if (!q)
+		return 0;
+	uacce = q->uacce;
 
 	if (UACCE_ST_INIT ==
 	    atomic_cmpxchg(&q->status, UACCE_ST_OPENNED, UACCE_ST_INIT))
@@ -648,6 +652,7 @@ static int uacce_fops_flush(struct file *filep, fl_owner_t id)
 	mutex_lock(&uacce->q_lock);
 	list_del(&q->q_dev);
 	mutex_unlock(&uacce->q_lock);
+	filep->private_data = NULL;
 
 	return uacce_queue_drain(q);
 }
@@ -709,6 +714,9 @@ static int uacce_fops_release(struct inode *inode, struct file *filep)
 {
 	struct uacce_queue *q = filep->private_data;
 
+	if (!q)
+		return 0;
+
 	if (UACCE_ST_INIT ==
 	    atomic_cmpxchg(&q->status, UACCE_ST_OPENNED, UACCE_ST_INIT))
 		return 0;
-- 
GitLab