From fc16cbb578c7dcacf9d6dfc45625b4233570b659 Mon Sep 17 00:00:00 2001 From: Sylvain Munaut Date: Sat, 4 Jun 2011 12:21:52 +0200 Subject: [PATCH] fw/comm/msgb: Really panic (i.e. lockup) if we run out of msgb Ideally we should only panic in interrupt context. In user context, we could wait ... We could also return NULL and let the calling code deal with it but it's not ready for that yet. Signed-off-by: Sylvain Munaut --- src/target/firmware/comm/msgb.c | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/src/target/firmware/comm/msgb.c b/src/target/firmware/comm/msgb.c index cf912ee..fbf874a 100644 --- a/src/target/firmware/comm/msgb.c +++ b/src/target/firmware/comm/msgb.c @@ -45,23 +45,24 @@ static struct supermsg msgs[MSGB_NUM]; void *_talloc_zero(void *ctx, unsigned int size, const char *name) { unsigned int i; + if (size > sizeof(struct msgb) + MSGB_DATA_SIZE) goto panic; - while (1) { - for (i = 0; i < ARRAY_SIZE(msgs); i++) { - if (!msgs[i].allocated) { - msgs[i].allocated = 1; - memset(&msgs[i].msg, 0, sizeof(&msgs[i].msg)); - memset(&msgs[i].buf, 0, sizeof(&msgs[i].buf)); - return &msgs[i].msg; - } + for (i = 0; i < ARRAY_SIZE(msgs); i++) { + if (!msgs[i].allocated) { + msgs[i].allocated = 1; + memset(&msgs[i].msg, 0, sizeof(&msgs[i].msg)); + memset(&msgs[i].buf, 0, sizeof(&msgs[i].buf)); + return &msgs[i].msg; } - cons_puts("unable to allocate msgb\n"); - delay_ms(50); } + panic: - return NULL; + cons_puts("unable to allocate msgb\n"); + while (1); + + return NULL; /* not reached */ } void talloc_free(void *msg) { -- 2.20.1