diff options
| author | Gene Cumm <gene.cumm@gmail.com> | 2013-08-03 15:59:26 -0400 |
|---|---|---|
| committer | Gene Cumm <gene.cumm@gmail.com> | 2013-08-03 15:59:26 -0400 |
| commit | dc3059be195f0b1c878273f648dcaf1b45c5a860 (patch) | |
| tree | 5af91be81c9fdb305ce5b768f033aa1c3477c080 | |
| parent | 64cf622143afc759062a44a255742a7413c6c5b4 (diff) | |
| download | syslinux-dc3059be195f0b1c878273f648dcaf1b45c5a860.tar.gz syslinux-dc3059be195f0b1c878273f648dcaf1b45c5a860.tar.xz syslinux-dc3059be195f0b1c878273f648dcaf1b45c5a860.zip | |
core: mbox/semaphore NULL checks
Also set mbox invalid and mbox pointer NULL when free()d
Signed-off-by: Gene Cumm <gene.cumm@gmail.com>
| -rw-r--r-- | core/include/mbox.h | 5 | ||||
| -rw-r--r-- | core/include/thread.h | 5 | ||||
| -rw-r--r-- | core/lwip/src/arch/sys_arch.c | 5 | ||||
| -rw-r--r-- | core/thread/mbox.c | 22 | ||||
| -rw-r--r-- | core/thread/semaphore.c | 28 |
5 files changed, 41 insertions, 24 deletions
diff --git a/core/include/mbox.h b/core/include/mbox.h index 3c35ce4e..6fec267c 100644 --- a/core/include/mbox.h +++ b/core/include/mbox.h @@ -45,7 +45,8 @@ mstime_t mbox_fetch(struct mailbox *mbox, void **msg, mstime_t timeout); */ static inline void mbox_set_invalid(struct mailbox *mbox) { - sem_set_invalid(&mbox->prod_sem); + if (!!mbox) + sem_set_invalid(&mbox->prod_sem); } /* @@ -53,7 +54,7 @@ static inline void mbox_set_invalid(struct mailbox *mbox) */ static inline bool mbox_is_valid(struct mailbox *mbox) { - return sem_is_valid(&mbox->prod_sem); + return ((!!mbox) && sem_is_valid(&mbox->prod_sem)); } #endif /* _MBOX_H */ diff --git a/core/include/thread.h b/core/include/thread.h index 6bfdfaa7..8ec4a267 100644 --- a/core/include/thread.h +++ b/core/include/thread.h @@ -93,7 +93,8 @@ void sem_init(struct semaphore *, int); */ static inline void sem_set_invalid(struct semaphore *sem) { - sem->list.next = NULL; + if (!!sem) + sem->list.next = NULL; } /* @@ -101,7 +102,7 @@ static inline void sem_set_invalid(struct semaphore *sem) */ static inline bool sem_is_valid(struct semaphore *sem) { - return !!sem->list.next; + return ((!!sem) && (!!sem->list.next)); } struct thread *start_thread(const char *name, size_t stack_size, int prio, diff --git a/core/lwip/src/arch/sys_arch.c b/core/lwip/src/arch/sys_arch.c index 894f6ada..2597bd48 100644 --- a/core/lwip/src/arch/sys_arch.c +++ b/core/lwip/src/arch/sys_arch.c @@ -71,8 +71,11 @@ err_t sys_mbox_new(sys_mbox_t *mbox, int size) void sys_mbox_free(sys_mbox_t *mbox) { - if (!!mbox && !!*mbox) + if (!!mbox && !!*mbox) { + sys_mbox_set_invalid(mbox); free(*mbox); + *mbox = NULL; + } } void sys_mbox_post(sys_mbox_t *mbox, void *msg) diff --git a/core/thread/mbox.c b/core/thread/mbox.c index c518eeba..6ad576ba 100644 --- a/core/thread/mbox.c +++ b/core/thread/mbox.c @@ -10,18 +10,22 @@ void mbox_init(struct mailbox *mbox, size_t size) { - sem_init(&mbox->prod_sem, size); /* All slots empty */ - sem_init(&mbox->cons_sem, 0); /* No slots full */ - sem_init(&mbox->head_sem, 1); /* Head mutex */ - sem_init(&mbox->tail_sem, 1); /* Tail mutex */ - - mbox->wrap = &mbox->data[size]; - mbox->head = &mbox->data[0]; - mbox->tail = &mbox->data[0]; + if (!!mbox) { + sem_init(&mbox->prod_sem, size); /* All slots empty */ + sem_init(&mbox->cons_sem, 0); /* No slots full */ + sem_init(&mbox->head_sem, 1); /* Head mutex */ + sem_init(&mbox->tail_sem, 1); /* Tail mutex */ + + mbox->wrap = &mbox->data[size]; + mbox->head = &mbox->data[0]; + mbox->tail = &mbox->data[0]; + } }; int mbox_post(struct mailbox *mbox, void *msg, mstime_t timeout) { + if (!mbox) + return ENOMEM; if (sem_down(&mbox->prod_sem, timeout) == (mstime_t)-1) return ENOMEM; sem_down(&mbox->head_sem, 0); @@ -40,6 +44,8 @@ mstime_t mbox_fetch(struct mailbox *mbox, void **msg, mstime_t timeout) { mstime_t t; + if (!mbox) + return -1; t = sem_down(&mbox->cons_sem, timeout); if (t == (mstime_t)-1) return -1; diff --git a/core/thread/semaphore.c b/core/thread/semaphore.c index 6a2e4c13..abd4f418 100644 --- a/core/thread/semaphore.c +++ b/core/thread/semaphore.c @@ -3,8 +3,10 @@ void sem_init(struct semaphore *sem, int count) { - sem->list.next = sem->list.prev = &sem->list; - sem->count = count; + if (!!sem) { + sem->list.next = sem->list.prev = &sem->list; + sem->count = count; + } } mstime_t __sem_down_slow(struct semaphore *sem, mstime_t timeout) @@ -14,7 +16,9 @@ mstime_t __sem_down_slow(struct semaphore *sem, mstime_t timeout) irq = irq_save(); - if (sem->count >= 0) { + if (!sem) { + rv = -1; + } else if (sem->count >= 0) { /* Something already freed the semaphore on us */ rv = 0; } else if (timeout == -1) { @@ -64,17 +68,19 @@ void __sem_up_slow(struct semaphore *sem) * we don't have to do anything, since the bailout clause in * __sem_down_slow will take care of it. */ - l = sem->list.next; - if (l != &sem->list) { - struct thread_block *block; - block = container_of(l, struct thread_block, list); + if (!!sem) { + l = sem->list.next; + if (l != &sem->list) { + struct thread_block *block; + block = container_of(l, struct thread_block, list); - sem->list.next = block->list.next; - block->list.next->prev = &sem->list; + sem->list.next = block->list.next; + block->list.next->prev = &sem->list; - block->thread->blocked = NULL; + block->thread->blocked = NULL; - __schedule(); + __schedule(); + } } irq_restore(irq); |