From: kernel test robot <lkp@intel.com>
To: kbuild@lists.01.org
Subject: drivers/android/binder.c:3540 binder_thread_write() warn: overwrite may leak 'death'
Date: Thu, 22 Apr 2021 12:12:48 +0800 [thread overview]
Message-ID: <202104221225.xs2Pjqjy-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 55160 bytes --]
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Jakub Jelinek <jakub@redhat.com>
CC: "Peter Zijlstra (Intel)" <peterz@infradead.org>
CC: Andrew Morton <akpm@linux-foundation.org>
CC: Linux Memory Management List <linux-mm@kvack.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 16fc44d6387e260f4932e9248b985837324705d8
commit: 2f78788b55baa3410b1ec91a576286abe1ad4d6a ilog2: improve ilog2 for constant arguments
date: 4 months ago
:::::: branch date: 11 hours ago
:::::: commit date: 4 months ago
config: riscv-randconfig-m031-20210421 (attached as .config)
compiler: riscv32-linux-gcc (GCC) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
smatch warnings:
drivers/android/binder.c:3540 binder_thread_write() warn: overwrite may leak 'death'
vim +/death +3540 drivers/android/binder.c
44d8047f1d87ad drivers/android/binder.c Todd Kjos 2018-08-28 3188
fb07ebc3e82a98 drivers/staging/android/binder.c Bojan Prtvar 2013-09-02 3189 static int binder_thread_write(struct binder_proc *proc,
fb07ebc3e82a98 drivers/staging/android/binder.c Bojan Prtvar 2013-09-02 3190 struct binder_thread *thread,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3191 binder_uintptr_t binder_buffer, size_t size,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3192 binder_size_t *consumed)
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3193 {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3194 uint32_t cmd;
342e5c90b60134 drivers/android/binder.c Martijn Coenen 2017-02-03 3195 struct binder_context *context = proc->context;
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3196 void __user *buffer = (void __user *)(uintptr_t)binder_buffer;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3197 void __user *ptr = buffer + *consumed;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3198 void __user *end = buffer + size;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3199
26549d17741035 drivers/android/binder.c Todd Kjos 2017-06-29 3200 while (ptr < end && thread->return_error.cmd == BR_OK) {
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3201 int ret;
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3202
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3203 if (get_user(cmd, (uint32_t __user *)ptr))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3204 return -EFAULT;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3205 ptr += sizeof(uint32_t);
975a1ac9a9fe65 drivers/staging/android/binder.c Arve Hjønnevåg 2012-10-16 3206 trace_binder_command(cmd);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3207 if (_IOC_NR(cmd) < ARRAY_SIZE(binder_stats.bc)) {
0953c7976c36ce drivers/android/binder.c Badhri Jagan Sridharan 2017-06-29 3208 atomic_inc(&binder_stats.bc[_IOC_NR(cmd)]);
0953c7976c36ce drivers/android/binder.c Badhri Jagan Sridharan 2017-06-29 3209 atomic_inc(&proc->stats.bc[_IOC_NR(cmd)]);
0953c7976c36ce drivers/android/binder.c Badhri Jagan Sridharan 2017-06-29 3210 atomic_inc(&thread->stats.bc[_IOC_NR(cmd)]);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3211 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3212 switch (cmd) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3213 case BC_INCREFS:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3214 case BC_ACQUIRE:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3215 case BC_RELEASE:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3216 case BC_DECREFS: {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3217 uint32_t target;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3218 const char *debug_string;
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3219 bool strong = cmd == BC_ACQUIRE || cmd == BC_RELEASE;
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3220 bool increment = cmd == BC_INCREFS || cmd == BC_ACQUIRE;
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3221 struct binder_ref_data rdata;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3222
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3223 if (get_user(target, (uint32_t __user *)ptr))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3224 return -EFAULT;
c44b1231ff1170 drivers/android/binder.c Todd Kjos 2017-06-29 3225
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3226 ptr += sizeof(uint32_t);
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3227 ret = -1;
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3228 if (increment && !target) {
c44b1231ff1170 drivers/android/binder.c Todd Kjos 2017-06-29 3229 struct binder_node *ctx_mgr_node;
6c20032c22d982 drivers/android/binder.c Andrew Bridges 2020-10-27 3230
c44b1231ff1170 drivers/android/binder.c Todd Kjos 2017-06-29 3231 mutex_lock(&context->context_mgr_node_lock);
c44b1231ff1170 drivers/android/binder.c Todd Kjos 2017-06-29 3232 ctx_mgr_node = context->binder_context_mgr_node;
4b836a1426cb0f drivers/android/binder.c Jann Horn 2020-07-27 3233 if (ctx_mgr_node) {
4b836a1426cb0f drivers/android/binder.c Jann Horn 2020-07-27 3234 if (ctx_mgr_node->proc == proc) {
4b836a1426cb0f drivers/android/binder.c Jann Horn 2020-07-27 3235 binder_user_error("%d:%d context manager tried to acquire desc 0\n",
4b836a1426cb0f drivers/android/binder.c Jann Horn 2020-07-27 3236 proc->pid, thread->pid);
4b836a1426cb0f drivers/android/binder.c Jann Horn 2020-07-27 3237 mutex_unlock(&context->context_mgr_node_lock);
4b836a1426cb0f drivers/android/binder.c Jann Horn 2020-07-27 3238 return -EINVAL;
4b836a1426cb0f drivers/android/binder.c Jann Horn 2020-07-27 3239 }
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3240 ret = binder_inc_ref_for_node(
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3241 proc, ctx_mgr_node,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3242 strong, NULL, &rdata);
4b836a1426cb0f drivers/android/binder.c Jann Horn 2020-07-27 3243 }
c44b1231ff1170 drivers/android/binder.c Todd Kjos 2017-06-29 3244 mutex_unlock(&context->context_mgr_node_lock);
c44b1231ff1170 drivers/android/binder.c Todd Kjos 2017-06-29 3245 }
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3246 if (ret)
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3247 ret = binder_update_ref_for_handle(
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3248 proc, target, increment, strong,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3249 &rdata);
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3250 if (!ret && rdata.desc != target) {
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3251 binder_user_error("%d:%d tried to acquire reference to desc %d, got %d instead\n",
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3252 proc->pid, thread->pid,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3253 target, rdata.desc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3254 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3255 switch (cmd) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3256 case BC_INCREFS:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3257 debug_string = "IncRefs";
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3258 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3259 case BC_ACQUIRE:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3260 debug_string = "Acquire";
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3261 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3262 case BC_RELEASE:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3263 debug_string = "Release";
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3264 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3265 case BC_DECREFS:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3266 default:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3267 debug_string = "DecRefs";
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3268 break;
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3269 }
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3270 if (ret) {
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3271 binder_user_error("%d:%d %s %d refcount change on invalid ref %d ret %d\n",
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3272 proc->pid, thread->pid, debug_string,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3273 strong, target, ret);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3274 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3275 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3276 binder_debug(BINDER_DEBUG_USER_REFS,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3277 "%d:%d %s ref %d desc %d s %d w %d\n",
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3278 proc->pid, thread->pid, debug_string,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3279 rdata.debug_id, rdata.desc, rdata.strong,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3280 rdata.weak);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3281 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3282 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3283 case BC_INCREFS_DONE:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3284 case BC_ACQUIRE_DONE: {
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3285 binder_uintptr_t node_ptr;
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3286 binder_uintptr_t cookie;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3287 struct binder_node *node;
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3288 bool free_node;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3289
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3290 if (get_user(node_ptr, (binder_uintptr_t __user *)ptr))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3291 return -EFAULT;
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3292 ptr += sizeof(binder_uintptr_t);
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3293 if (get_user(cookie, (binder_uintptr_t __user *)ptr))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3294 return -EFAULT;
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3295 ptr += sizeof(binder_uintptr_t);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3296 node = binder_get_node(proc, node_ptr);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3297 if (node == NULL) {
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3298 binder_user_error("%d:%d %s u%016llx no match\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3299 proc->pid, thread->pid,
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3300 cmd == BC_INCREFS_DONE ?
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3301 "BC_INCREFS_DONE" :
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3302 "BC_ACQUIRE_DONE",
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3303 (u64)node_ptr);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3304 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3305 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3306 if (cookie != node->cookie) {
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3307 binder_user_error("%d:%d %s u%016llx node %d cookie mismatch %016llx != %016llx\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3308 proc->pid, thread->pid,
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3309 cmd == BC_INCREFS_DONE ?
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3310 "BC_INCREFS_DONE" : "BC_ACQUIRE_DONE",
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3311 (u64)node_ptr, node->debug_id,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3312 (u64)cookie, (u64)node->cookie);
adc1884222276d drivers/android/binder.c Todd Kjos 2017-06-29 3313 binder_put_node(node);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3314 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3315 }
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3316 binder_node_inner_lock(node);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3317 if (cmd == BC_ACQUIRE_DONE) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3318 if (node->pending_strong_ref == 0) {
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3319 binder_user_error("%d:%d BC_ACQUIRE_DONE node %d has no pending acquire request\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3320 proc->pid, thread->pid,
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3321 node->debug_id);
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3322 binder_node_inner_unlock(node);
adc1884222276d drivers/android/binder.c Todd Kjos 2017-06-29 3323 binder_put_node(node);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3324 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3325 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3326 node->pending_strong_ref = 0;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3327 } else {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3328 if (node->pending_weak_ref == 0) {
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3329 binder_user_error("%d:%d BC_INCREFS_DONE node %d has no pending increfs request\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3330 proc->pid, thread->pid,
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3331 node->debug_id);
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3332 binder_node_inner_unlock(node);
adc1884222276d drivers/android/binder.c Todd Kjos 2017-06-29 3333 binder_put_node(node);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3334 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3335 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3336 node->pending_weak_ref = 0;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3337 }
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3338 free_node = binder_dec_node_nilocked(node,
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3339 cmd == BC_ACQUIRE_DONE, 0);
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3340 WARN_ON(free_node);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3341 binder_debug(BINDER_DEBUG_USER_REFS,
adc1884222276d drivers/android/binder.c Todd Kjos 2017-06-29 3342 "%d:%d %s node %d ls %d lw %d tr %d\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3343 proc->pid, thread->pid,
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3344 cmd == BC_INCREFS_DONE ? "BC_INCREFS_DONE" : "BC_ACQUIRE_DONE",
adc1884222276d drivers/android/binder.c Todd Kjos 2017-06-29 3345 node->debug_id, node->local_strong_refs,
adc1884222276d drivers/android/binder.c Todd Kjos 2017-06-29 3346 node->local_weak_refs, node->tmp_refs);
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3347 binder_node_inner_unlock(node);
adc1884222276d drivers/android/binder.c Todd Kjos 2017-06-29 3348 binder_put_node(node);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3349 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3350 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3351 case BC_ATTEMPT_ACQUIRE:
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3352 pr_err("BC_ATTEMPT_ACQUIRE not supported\n");
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3353 return -EINVAL;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3354 case BC_ACQUIRE_RESULT:
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3355 pr_err("BC_ACQUIRE_RESULT not supported\n");
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3356 return -EINVAL;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3357
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3358 case BC_FREE_BUFFER: {
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3359 binder_uintptr_t data_ptr;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3360 struct binder_buffer *buffer;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3361
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3362 if (get_user(data_ptr, (binder_uintptr_t __user *)ptr))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3363 return -EFAULT;
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3364 ptr += sizeof(binder_uintptr_t);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3365
53d311cfa19ad3 drivers/android/binder.c Todd Kjos 2017-06-29 3366 buffer = binder_alloc_prepare_to_free(&proc->alloc,
19c987241ca121 drivers/android/binder.c Todd Kjos 2017-06-29 3367 data_ptr);
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3368 if (IS_ERR_OR_NULL(buffer)) {
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3369 if (PTR_ERR(buffer) == -EPERM) {
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3370 binder_user_error(
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3371 "%d:%d BC_FREE_BUFFER u%016llx matched unreturned or currently freeing buffer\n",
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3372 proc->pid, thread->pid,
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3373 (u64)data_ptr);
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3374 } else {
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3375 binder_user_error(
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3376 "%d:%d BC_FREE_BUFFER u%016llx no match\n",
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3377 proc->pid, thread->pid,
7bada55ab50697 drivers/android/binder.c Todd Kjos 2018-11-06 3378 (u64)data_ptr);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3379 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3380 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3381 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3382 binder_debug(BINDER_DEBUG_FREE_BUFFER,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3383 "%d:%d BC_FREE_BUFFER u%016llx found buffer %d for %s transaction\n",
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3384 proc->pid, thread->pid, (u64)data_ptr,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3385 buffer->debug_id,
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3386 buffer->transaction ? "active" : "finished");
44d8047f1d87ad drivers/android/binder.c Todd Kjos 2018-08-28 3387 binder_free_buf(proc, buffer);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3388 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3389 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3390
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3391 case BC_TRANSACTION_SG:
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3392 case BC_REPLY_SG: {
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3393 struct binder_transaction_data_sg tr;
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3394
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3395 if (copy_from_user(&tr, ptr, sizeof(tr)))
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3396 return -EFAULT;
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3397 ptr += sizeof(tr);
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3398 binder_transaction(proc, thread, &tr.transaction_data,
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3399 cmd == BC_REPLY_SG, tr.buffers_size);
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3400 break;
7980240b6d63e0 drivers/android/binder.c Martijn Coenen 2017-02-03 3401 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3402 case BC_TRANSACTION:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3403 case BC_REPLY: {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3404 struct binder_transaction_data tr;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3405
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3406 if (copy_from_user(&tr, ptr, sizeof(tr)))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3407 return -EFAULT;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3408 ptr += sizeof(tr);
4bfac80af3a63f drivers/android/binder.c Martijn Coenen 2017-02-03 3409 binder_transaction(proc, thread, &tr,
4bfac80af3a63f drivers/android/binder.c Martijn Coenen 2017-02-03 3410 cmd == BC_REPLY, 0);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3411 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3412 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3413
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3414 case BC_REGISTER_LOOPER:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3415 binder_debug(BINDER_DEBUG_THREADS,
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3416 "%d:%d BC_REGISTER_LOOPER\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3417 proc->pid, thread->pid);
b3e6861283790d drivers/android/binder.c Todd Kjos 2017-06-29 3418 binder_inner_proc_lock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3419 if (thread->looper & BINDER_LOOPER_STATE_ENTERED) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3420 thread->looper |= BINDER_LOOPER_STATE_INVALID;
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3421 binder_user_error("%d:%d ERROR: BC_REGISTER_LOOPER called after BC_ENTER_LOOPER\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3422 proc->pid, thread->pid);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3423 } else if (proc->requested_threads == 0) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3424 thread->looper |= BINDER_LOOPER_STATE_INVALID;
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3425 binder_user_error("%d:%d ERROR: BC_REGISTER_LOOPER called without request\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3426 proc->pid, thread->pid);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3427 } else {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3428 proc->requested_threads--;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3429 proc->requested_threads_started++;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3430 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3431 thread->looper |= BINDER_LOOPER_STATE_REGISTERED;
b3e6861283790d drivers/android/binder.c Todd Kjos 2017-06-29 3432 binder_inner_proc_unlock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3433 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3434 case BC_ENTER_LOOPER:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3435 binder_debug(BINDER_DEBUG_THREADS,
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3436 "%d:%d BC_ENTER_LOOPER\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3437 proc->pid, thread->pid);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3438 if (thread->looper & BINDER_LOOPER_STATE_REGISTERED) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3439 thread->looper |= BINDER_LOOPER_STATE_INVALID;
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3440 binder_user_error("%d:%d ERROR: BC_ENTER_LOOPER called after BC_REGISTER_LOOPER\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3441 proc->pid, thread->pid);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3442 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3443 thread->looper |= BINDER_LOOPER_STATE_ENTERED;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3444 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3445 case BC_EXIT_LOOPER:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3446 binder_debug(BINDER_DEBUG_THREADS,
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3447 "%d:%d BC_EXIT_LOOPER\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3448 proc->pid, thread->pid);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3449 thread->looper |= BINDER_LOOPER_STATE_EXITED;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3450 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3451
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3452 case BC_REQUEST_DEATH_NOTIFICATION:
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3453 case BC_CLEAR_DEATH_NOTIFICATION: {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3454 uint32_t target;
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3455 binder_uintptr_t cookie;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3456 struct binder_ref *ref;
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3457 struct binder_ref_death *death = NULL;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3458
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3459 if (get_user(target, (uint32_t __user *)ptr))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3460 return -EFAULT;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3461 ptr += sizeof(uint32_t);
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3462 if (get_user(cookie, (binder_uintptr_t __user *)ptr))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3463 return -EFAULT;
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3464 ptr += sizeof(binder_uintptr_t);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3465 if (cmd == BC_REQUEST_DEATH_NOTIFICATION) {
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3466 /*
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3467 * Allocate memory for death notification
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3468 * before taking lock
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3469 */
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3470 death = kzalloc(sizeof(*death), GFP_KERNEL);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3471 if (death == NULL) {
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3472 WARN_ON(thread->return_error.cmd !=
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3473 BR_OK);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3474 thread->return_error.cmd = BR_ERROR;
148ade2c4d4f46 drivers/android/binder.c Martijn Coenen 2017-11-15 3475 binder_enqueue_thread_work(
148ade2c4d4f46 drivers/android/binder.c Martijn Coenen 2017-11-15 3476 thread,
148ade2c4d4f46 drivers/android/binder.c Martijn Coenen 2017-11-15 3477 &thread->return_error.work);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3478 binder_debug(
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3479 BINDER_DEBUG_FAILED_TRANSACTION,
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3480 "%d:%d BC_REQUEST_DEATH_NOTIFICATION failed\n",
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3481 proc->pid, thread->pid);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3482 break;
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3483 }
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3484 }
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3485 binder_proc_lock(proc);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3486 ref = binder_get_ref_olocked(proc, target, false);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3487 if (ref == NULL) {
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3488 binder_user_error("%d:%d %s invalid ref %d\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3489 proc->pid, thread->pid,
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3490 cmd == BC_REQUEST_DEATH_NOTIFICATION ?
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3491 "BC_REQUEST_DEATH_NOTIFICATION" :
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3492 "BC_CLEAR_DEATH_NOTIFICATION",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3493 target);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3494 binder_proc_unlock(proc);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3495 kfree(death);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3496 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3497 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3498
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3499 binder_debug(BINDER_DEBUG_DEATH_NOTIFICATION,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3500 "%d:%d %s %016llx ref %d desc %d s %d w %d for node %d\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3501 proc->pid, thread->pid,
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3502 cmd == BC_REQUEST_DEATH_NOTIFICATION ?
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3503 "BC_REQUEST_DEATH_NOTIFICATION" :
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3504 "BC_CLEAR_DEATH_NOTIFICATION",
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3505 (u64)cookie, ref->data.debug_id,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3506 ref->data.desc, ref->data.strong,
372e3147df7016 drivers/android/binder.c Todd Kjos 2017-06-29 3507 ref->data.weak, ref->node->debug_id);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3508
ab51ec6bdf0b7a drivers/android/binder.c Martijn Coenen 2017-06-29 3509 binder_node_lock(ref->node);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3510 if (cmd == BC_REQUEST_DEATH_NOTIFICATION) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3511 if (ref->death) {
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3512 binder_user_error("%d:%d BC_REQUEST_DEATH_NOTIFICATION death notification already set\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3513 proc->pid, thread->pid);
ab51ec6bdf0b7a drivers/android/binder.c Martijn Coenen 2017-06-29 3514 binder_node_unlock(ref->node);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3515 binder_proc_unlock(proc);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3516 kfree(death);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3517 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3518 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3519 binder_stats_created(BINDER_STAT_DEATH);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3520 INIT_LIST_HEAD(&death->work.entry);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3521 death->cookie = cookie;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3522 ref->death = death;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3523 if (ref->node->proc == NULL) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3524 ref->death->work.type = BINDER_WORK_DEAD_BINDER;
bb74562a7f8398 drivers/android/binder.c Martijn Coenen 2017-08-31 3525
1b77e9dcc3da93 drivers/android/binder.c Martijn Coenen 2017-08-31 3526 binder_inner_proc_lock(proc);
1b77e9dcc3da93 drivers/android/binder.c Martijn Coenen 2017-08-31 3527 binder_enqueue_work_ilocked(
bb74562a7f8398 drivers/android/binder.c Martijn Coenen 2017-08-31 3528 &ref->death->work, &proc->todo);
bb74562a7f8398 drivers/android/binder.c Martijn Coenen 2017-08-31 3529 binder_wakeup_proc_ilocked(proc);
1b77e9dcc3da93 drivers/android/binder.c Martijn Coenen 2017-08-31 3530 binder_inner_proc_unlock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3531 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3532 } else {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3533 if (ref->death == NULL) {
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3534 binder_user_error("%d:%d BC_CLEAR_DEATH_NOTIFICATION death notification not active\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3535 proc->pid, thread->pid);
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3536 binder_node_unlock(ref->node);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3537 binder_proc_unlock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3538 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3539 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 @3540 death = ref->death;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3541 if (death->cookie != cookie) {
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3542 binder_user_error("%d:%d BC_CLEAR_DEATH_NOTIFICATION death notification cookie mismatch %016llx != %016llx\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3543 proc->pid, thread->pid,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3544 (u64)death->cookie,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3545 (u64)cookie);
673068eee8560d drivers/android/binder.c Todd Kjos 2017-06-29 3546 binder_node_unlock(ref->node);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3547 binder_proc_unlock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3548 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3549 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3550 ref->death = NULL;
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3551 binder_inner_proc_lock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3552 if (list_empty(&death->work.entry)) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3553 death->work.type = BINDER_WORK_CLEAR_DEATH_NOTIFICATION;
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3554 if (thread->looper &
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3555 (BINDER_LOOPER_STATE_REGISTERED |
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3556 BINDER_LOOPER_STATE_ENTERED))
148ade2c4d4f46 drivers/android/binder.c Martijn Coenen 2017-11-15 3557 binder_enqueue_thread_work_ilocked(
148ade2c4d4f46 drivers/android/binder.c Martijn Coenen 2017-11-15 3558 thread,
148ade2c4d4f46 drivers/android/binder.c Martijn Coenen 2017-11-15 3559 &death->work);
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3560 else {
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3561 binder_enqueue_work_ilocked(
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3562 &death->work,
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3563 &proc->todo);
1b77e9dcc3da93 drivers/android/binder.c Martijn Coenen 2017-08-31 3564 binder_wakeup_proc_ilocked(
408c68b17aea2f drivers/android/binder.c Martijn Coenen 2017-08-31 3565 proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3566 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3567 } else {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3568 BUG_ON(death->work.type != BINDER_WORK_DEAD_BINDER);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3569 death->work.type = BINDER_WORK_DEAD_BINDER_AND_CLEAR;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3570 }
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3571 binder_inner_proc_unlock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3572 }
ab51ec6bdf0b7a drivers/android/binder.c Martijn Coenen 2017-06-29 3573 binder_node_unlock(ref->node);
2c1838dc6817dd drivers/android/binder.c Todd Kjos 2017-06-29 3574 binder_proc_unlock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3575 } break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3576 case BC_DEAD_BINDER_DONE: {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3577 struct binder_work *w;
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3578 binder_uintptr_t cookie;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3579 struct binder_ref_death *death = NULL;
10f62861b4a2f2 drivers/staging/android/binder.c Seunghun Lee 2014-05-01 3580
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3581 if (get_user(cookie, (binder_uintptr_t __user *)ptr))
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3582 return -EFAULT;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3583
7a64cd887fdb97 drivers/android/binder.c Lisa Du 2016-02-17 3584 ptr += sizeof(cookie);
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3585 binder_inner_proc_lock(proc);
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3586 list_for_each_entry(w, &proc->delivered_death,
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3587 entry) {
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3588 struct binder_ref_death *tmp_death =
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3589 container_of(w,
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3590 struct binder_ref_death,
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3591 work);
10f62861b4a2f2 drivers/staging/android/binder.c Seunghun Lee 2014-05-01 3592
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3593 if (tmp_death->cookie == cookie) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3594 death = tmp_death;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3595 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3596 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3597 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3598 binder_debug(BINDER_DEBUG_DEAD_BINDER,
8ca86f1639ec58 drivers/android/binder.c Todd Kjos 2018-02-07 3599 "%d:%d BC_DEAD_BINDER_DONE %016llx found %pK\n",
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3600 proc->pid, thread->pid, (u64)cookie,
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3601 death);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3602 if (death == NULL) {
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3603 binder_user_error("%d:%d BC_DEAD_BINDER_DONE %016llx not found\n",
da49889deb34d3 drivers/staging/android/binder.c Arve Hjønnevåg 2014-02-21 3604 proc->pid, thread->pid, (u64)cookie);
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3605 binder_inner_proc_unlock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3606 break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3607 }
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3608 binder_dequeue_work_ilocked(&death->work);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3609 if (death->work.type == BINDER_WORK_DEAD_BINDER_AND_CLEAR) {
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3610 death->work.type = BINDER_WORK_CLEAR_DEATH_NOTIFICATION;
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3611 if (thread->looper &
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3612 (BINDER_LOOPER_STATE_REGISTERED |
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3613 BINDER_LOOPER_STATE_ENTERED))
148ade2c4d4f46 drivers/android/binder.c Martijn Coenen 2017-11-15 3614 binder_enqueue_thread_work_ilocked(
148ade2c4d4f46 drivers/android/binder.c Martijn Coenen 2017-11-15 3615 thread, &death->work);
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3616 else {
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3617 binder_enqueue_work_ilocked(
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3618 &death->work,
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3619 &proc->todo);
408c68b17aea2f drivers/android/binder.c Martijn Coenen 2017-08-31 3620 binder_wakeup_proc_ilocked(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3621 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3622 }
72196393a5e3d2 drivers/android/binder.c Todd Kjos 2017-06-29 3623 binder_inner_proc_unlock(proc);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3624 } break;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3625
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3626 default:
56b468fc709b2b drivers/staging/android/binder.c Anmol Sarma 2012-10-30 3627 pr_err("%d:%d unknown command %d\n",
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3628 proc->pid, thread->pid, cmd);
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3629 return -EINVAL;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3630 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3631 *consumed = ptr - buffer;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3632 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3633 return 0;
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3634 }
355b0502f6efea drivers/staging/android/binder.c Greg Kroah-Hartman 2011-11-30 3635
:::::: The code at line 3540 was first introduced by commit
:::::: 355b0502f6efea0ff9492753888772c96972d2a3 Revert "Staging: android: delete android drivers"
:::::: TO: Greg Kroah-Hartman <gregkh@suse.de>
:::::: CC: Greg Kroah-Hartman <gregkh@suse.de>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 40020 bytes --]
reply other threads:[~2021-04-22 4:12 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202104221225.xs2Pjqjy-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.