smp: Fix error case handling in smp_call_function_*()

Commit 8053871 ("smp: Fix smp_call_function_single_async() locking") fixed the locking for the asynchronous smp-call case, but in the process of moving the lock handling around, one of the error cases ended up not unlocking the call data at all. This went unnoticed on x86, because this is a "caller is buggy" case, where the caller is trying to call a non-existent CPU. But apparently ARM does that (at least under qemu-arm). Bindly doing cross-cpu calls to random CPU's that aren't even online seems a bit fishy, but the error handling was clearly not correct. Simply add the missing "csd_unlock()" to the error path. Reported-and-tested-by: Guenter Roeck <[email protected]> Analyzed-by: Rabin Vincent <[email protected]> Acked-by: Ingo Molnar <[email protected]> Signed-off-by: Linus Torvalds <[email protected]>
kawasaki · Apr 19, 2015 · 5224b96 · 5224b96
1 parent 64fb1d0
commit 5224b96
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/kernel/smp.c b/kernel/smp.c
@@ -159,8 +159,10 @@ static int generic_exec_single(int cpu, struct call_single_data *csd,
 	}
 
 
-	if ((unsigned)cpu >= nr_cpu_ids || !cpu_online(cpu))
+	if ((unsigned)cpu >= nr_cpu_ids || !cpu_online(cpu)) {
+		csd_unlock(csd);
 		return -ENXIO;
+	}
 
 	csd->func = func;
 	csd->info = info;