msm: vidc: fix deadlock between queue and flush buffer handling

		return -EINVAL;

	}

	q = msm_comm_get_vb2q(inst, b->type);

	if (!q) {

		s_vpr_e(inst->sid,

			"Failed to find buffer queue. type %d\n", b->type);

		return -EINVAL;

	}

	mutex_lock(&q->lock);

	if ((inst->out_flush && b->type == OUTPUT_MPLANE) || inst->in_flush) {

		s_vpr_e(inst->sid,

			"%s: in flush, discarding qbuf, type %u, index %u\n",

			__func__, b->type, b->index);

		return -EINVAL;

		rc = -EINVAL;

		goto unlock;

	}

	inst->last_qbuf_time_ns = ktime_get_ns();

	for (i = 0; i < b->length; i++) {

				0, inst->sid);

		if (rc) {

			s_vpr_e(inst->sid, "Failed to store input tag");

			return -EINVAL;

			rc = -EINVAL;

			goto unlock;

		}

	}

		&& b->type == INPUT_MPLANE)

		b->flags |= V4L2_BUF_FLAG_PERF_MODE;

	q = msm_comm_get_vb2q(inst, b->type);

	if (!q) {

		s_vpr_e(inst->sid,

			"Failed to find buffer queue. type %d\n", b->type);

		return -EINVAL;

	}

	mutex_lock(&q->lock);

	rc = vb2_qbuf(&q->vb2_bufq, b);

	mutex_unlock(&q->lock);

	if (rc)

		s_vpr_e(inst->sid, "Failed to qbuf, %d\n", rc);

unlock:

	mutex_unlock(&q->lock);

	return rc;

}

	mutex_init(&inst->bufq[OUTPUT_PORT].lock);

	mutex_init(&inst->bufq[INPUT_PORT].lock);

	mutex_init(&inst->lock);

	mutex_init(&inst->flush_lock);

	INIT_MSM_VIDC_LIST(&inst->scratchbufs);

	INIT_MSM_VIDC_LIST(&inst->input_crs);

	mutex_destroy(&inst->bufq[OUTPUT_PORT].lock);

	mutex_destroy(&inst->bufq[INPUT_PORT].lock);

	mutex_destroy(&inst->lock);

	mutex_destroy(&inst->flush_lock);

	DEINIT_MSM_VIDC_LIST(&inst->scratchbufs);

	DEINIT_MSM_VIDC_LIST(&inst->persistbufs);

	mutex_destroy(&inst->bufq[OUTPUT_PORT].lock);

	mutex_destroy(&inst->bufq[INPUT_PORT].lock);

	mutex_destroy(&inst->lock);

	mutex_destroy(&inst->flush_lock);

	msm_vidc_debugfs_deinit_inst(inst);

		return;

	}

	mutex_lock(&inst->flush_lock);

	if (response->data.flush_type & HAL_FLUSH_INPUT)

		mutex_lock(&inst->bufq[INPUT_PORT].lock);

	if (response->data.flush_type & HAL_FLUSH_OUTPUT)

		mutex_lock(&inst->bufq[OUTPUT_PORT].lock);

	if (msm_comm_get_stream_output_mode(inst) ==

			HAL_VIDEO_DECODER_SECONDARY) {

	v4l2_event_queue_fh(&inst->event_handler, &flush_event);

exit:

	mutex_unlock(&inst->flush_lock);

	if (response->data.flush_type & HAL_FLUSH_OUTPUT)

		mutex_unlock(&inst->bufq[OUTPUT_PORT].lock);

	if (response->data.flush_type & HAL_FLUSH_INPUT)

		mutex_unlock(&inst->bufq[INPUT_PORT].lock);

	s_vpr_l(inst->sid, "handled: SESSION_FLUSH_DONE\n");

	put_inst(inst);

}

		return NULL;

	}

	mutex_lock(&inst->bufq[port].lock);

	WARN_ON(!mutex_is_locked(&inst->bufq[port].lock));

	found = false;

	q = &inst->bufq[port].vb2_bufq;

	if (!q->streaming) {

		}

	}

unlock:

	mutex_unlock(&inst->bufq[port].lock);

	if (!found) {

		print_vidc_buffer(VIDC_ERR, "vb2 not found for", inst, mbuf);

		return NULL;

	struct vb2_buffer *vb2;

	struct vb2_v4l2_buffer *vbuf;

	u32 i, port;

	int rc = 0;

	if (!inst || !mbuf) {

		d_vpr_e("%s: invalid params %pK %pK\n",

	else

		return -EINVAL;

	vb2 = msm_comm_get_vb_using_vidc_buffer(inst, mbuf);

	if (!vb2)

		return -EINVAL;

	/*

	 * access vb2 buffer under q->lock and if streaming only to

	 * ensure the buffer was not free'd by vb2 framework while

	 * we are accessing it here.

	 */

	mutex_lock(&inst->bufq[port].lock);

	vb2 = msm_comm_get_vb_using_vidc_buffer(inst, mbuf);

	if (!vb2) {

		s_vpr_e(inst->sid, "%s: port %d buffer not found\n",

			__func__, port);

		rc = -EINVAL;

		goto unlock;

	}

	if (inst->bufq[port].vb2_bufq.streaming) {

		vbuf = to_vb2_v4l2_buffer(vb2);

		vbuf->flags = mbuf->vvb.flags;

		s_vpr_e(inst->sid, "%s: port %d is not streaming\n",

			__func__, port);

	}

unlock:

	mutex_unlock(&inst->bufq[port].lock);

	return 0;

	return rc;

}

static bool is_eos_buffer(struct msm_vidc_inst *inst, u32 device_addr)

	ip_flush = !!(flags & V4L2_CMD_FLUSH_OUTPUT);

	op_flush = !!(flags & V4L2_CMD_FLUSH_CAPTURE);

	if (ip_flush && !op_flush) {

		s_vpr_e(inst->sid,

			"Input only flush not supported, making it flush all\n");

		goto exit;

	}

	mutex_lock(&inst->flush_lock);

	if (ip_flush)

		mutex_lock(&inst->bufq[INPUT_PORT].lock);

	if (op_flush)

		mutex_lock(&inst->bufq[OUTPUT_PORT].lock);

	/* enable in flush */

	inst->in_flush = ip_flush;

	inst->out_flush = op_flush;

		rc = call_hfi_op(hdev, session_flush, inst->session,

			HAL_FLUSH_OUTPUT);

	}

	mutex_unlock(&inst->flush_lock);

	if (op_flush)

		mutex_unlock(&inst->bufq[OUTPUT_PORT].lock);

	if (ip_flush)

		mutex_unlock(&inst->bufq[INPUT_PORT].lock);

	if (rc) {

		s_vpr_e(inst->sid,

			"Sending flush to firmware failed, flush out all buffers\n");

	else

		return -EINVAL;

	mutex_lock(&inst->bufq[port].lock);

	if (inst->bufq[port].vb2_bufq.streaming) {

		vb->planes[0].bytesused = 0;

		vb2_buffer_done(vb, VB2_BUF_STATE_DONE);

		s_vpr_e(inst->sid, "%s: port %d is not streaming\n",

			__func__, port);

	}

	mutex_unlock(&inst->bufq[port].lock);

	return 0;

}

	unsigned int i = 0;

	u32 planes[VIDEO_MAX_PLANES] = {0};

	mutex_lock(&inst->flush_lock);

	mutex_lock(&inst->bufq[OUTPUT_PORT].lock);

	mutex_lock(&inst->registeredbufs.lock);

	found = false;

	/* check if mbuf was not removed by any chance */

			print_vidc_buffer(VIDC_ERR,

				"rbr qbuf failed", inst, mbuf);

	}

	mutex_unlock(&inst->flush_lock);

	mutex_unlock(&inst->bufq[OUTPUT_PORT].lock);

}

int msm_comm_unmap_vidc_buffer(struct msm_vidc_inst *inst,

struct msm_vidc_inst {

	struct list_head list;

	struct mutex sync_lock, lock, flush_lock;

	struct mutex sync_lock, lock;

	struct msm_vidc_core *core;

	enum session_type session_type;

	void *session;

};

enum hal_flush {

	HAL_FLUSH_INPUT,

	HAL_FLUSH_OUTPUT,

	HAL_FLUSH_ALL,

	HAL_UNUSED_FLUSH = 0x10000000,

	HAL_FLUSH_INPUT = BIT(0),

	HAL_FLUSH_OUTPUT = BIT(1),

	HAL_FLUSH_ALL = HAL_FLUSH_INPUT | HAL_FLUSH_OUTPUT,

};

enum hal_event_type {