diff mbox series

[v2,06/10] common/cnxk: fix null pointer dereferences

Message ID	20220121120424.28166-6-ndabilpuram@marvell.com (mailing list archive)
State	Accepted, archived
Delegated to:	Jerin Jacob
Headers	From: Nithin Dabilpuram <ndabilpuram@marvell.com> To: <jerinj@marvell.com>, Nithin Dabilpuram <ndabilpuram@marvell.com>, "Kiran Kumar K" <kirankumark@marvell.com>, Sunil Kumar Kori <skori@marvell.com>, Satha Rao <skoteshwar@marvell.com> CC: <dev@dpdk.org>, <ferruh.yigit@intel.com>, <stable@dpdk.org>, "Gowrishankar Muthukrishnan" <gmuthukrishn@marvell.com> Subject: [PATCH v2 06/10] common/cnxk: fix null pointer dereferences Date: Fri, 21 Jan 2022 17:34:20 +0530 Message-ID: <20220121120424.28166-6-ndabilpuram@marvell.com> In-Reply-To: <20220121120424.28166-1-ndabilpuram@marvell.com> References: <20211209091342.27017-1-ndabilpuram@marvell.com> <20220121120424.28166-1-ndabilpuram@marvell.com> MIME-Version: 1.0 Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	[v2,01/10] common/cnxk: fix shift offset for TL3 length disable \| [v2,01/10] common/cnxk: fix shift offset for TL3 length disable [v2,02/10] common/cnxk: use for loop in shaper profiles cleanup [v2,03/10] common/cnxk: fix byte order of frag sizes and infos [v2,04/10] common/cnxk: reset stale values on error debug registers [v2,05/10] common/cnxk: always use single interrupt ID with NIX [v2,06/10] common/cnxk: fix null pointer dereferences [v2,07/10] common/cnxk: fix uninitialized variable issues [v2,08/10] net/cnxk: improve inbound inline error handling for cn9k [v2,09/10] common/cnxk: set UDP ports for IPsec UDP encapsulation [v2,10/10] net/cnxk: synchronize inline session create and destroy

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Nithin Dabilpuram Jan. 21, 2022, 12:04 p.m. UTC

  Fix null pointer dereference issues reported by
klockwork(static analysis tool).

Fixes: c045d2e5cbbc ("common/cnxk: add CPT configuration")
Fixes: 585bb3e538f9 ("common/cnxk: add VF support to base device class")
Fixes: 665ff1ccc2c4 ("common/cnxk: add base device class")
Fixes: da57d4589a6f ("common/cnxk: support NIX flow control")
Fixes: 218d022e1f3f ("common/cnxk: support NIX stats")
Fixes: 4efa6e82fe43 ("common/cnxk: support NIX extended stats")
Fixes: 0885429c3028 ("common/cnxk: add NIX TM hierarchy enable/disable")
Cc: stable@dpdk.org

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
---
 drivers/common/cnxk/roc_cpt.c       |  3 ++
 drivers/common/cnxk/roc_dev.c       | 19 ++++++++++++
 drivers/common/cnxk/roc_nix_debug.c |  6 ++++
 drivers/common/cnxk/roc_nix_fc.c    | 12 ++++++++
 drivers/common/cnxk/roc_nix_queue.c | 61 ++++++++++++++++++++++++++++++++++---
 drivers/common/cnxk/roc_nix_stats.c | 18 +++++++++++
 drivers/common/cnxk/roc_nix_tm.c    |  6 ++++
 7 files changed, 121 insertions(+), 4 deletions(-)

diff mbox series

Patch

diff --git a/drivers/common/cnxk/roc_cpt.c b/drivers/common/cnxk/roc_cpt.c
index 8f8e6d3..84cc5f0 100644
--- a/drivers/common/cnxk/roc_cpt.c
+++ b/drivers/common/cnxk/roc_cpt.c
@@ -385,6 +385,9 @@  cpt_lfs_alloc(struct dev *dev, uint8_t eng_grpmsk, uint8_t blkaddr,
 		return -EINVAL;
 
 	req = mbox_alloc_msg_cpt_lf_alloc(mbox);
+	if (!req)
+		return -ENOSPC;
+
 	req->nix_pf_func = 0;
 	if (inl_dev_sso && nix_inl_dev_pffunc_get())
 		req->sso_pf_func = nix_inl_dev_pffunc_get();
diff --git a/drivers/common/cnxk/roc_dev.c b/drivers/common/cnxk/roc_dev.c
index 926a916..0ac50ca 100644
--- a/drivers/common/cnxk/roc_dev.c
+++ b/drivers/common/cnxk/roc_dev.c
@@ -152,6 +152,11 @@  af_pf_wait_msg(struct dev *dev, uint16_t vf, int num_msg)
 		/* Reserve PF/VF mbox message */
 		size = PLT_ALIGN(size, MBOX_MSG_ALIGN);
 		rsp = mbox_alloc_msg(&dev->mbox_vfpf, vf, size);
+		if (!rsp) {
+			plt_err("Failed to reserve VF%d message", vf);
+			continue;
+		}
+
 		mbox_rsp_init(msg->id, rsp);
 
 		/* Copy message from AF<->PF mbox to PF<->VF mbox */
@@ -236,6 +241,12 @@  vf_pf_process_msgs(struct dev *dev, uint16_t vf)
 				BIT_ULL(vf % max_bits);
 			rsp = (struct ready_msg_rsp *)mbox_alloc_msg(
 				mbox, vf, sizeof(*rsp));
+			if (!rsp) {
+				plt_err("Failed to alloc VF%d READY message",
+					vf);
+				continue;
+			}
+
 			mbox_rsp_init(msg->id, rsp);
 
 			/* PF/VF function ID */
@@ -988,6 +999,9 @@  dev_setup_shared_lmt_region(struct mbox *mbox, bool valid_iova, uint64_t iova)
 	struct lmtst_tbl_setup_req *req;
 
 	req = mbox_alloc_msg_lmtst_tbl_setup(mbox);
+	if (!req)
+		return -ENOSPC;
+
 	/* This pcifunc is defined with primary pcifunc whose LMT address
 	 * will be shared. If call contains valid IOVA, following pcifunc
 	 * field is of no use.
@@ -1061,6 +1075,11 @@  dev_lmt_setup(struct dev *dev)
 	 */
 	if (!dev->disable_shared_lmt) {
 		idev = idev_get_cfg();
+		if (!idev) {
+			errno = EFAULT;
+			goto free;
+		}
+
 		if (!__atomic_load_n(&idev->lmt_pf_func, __ATOMIC_ACQUIRE)) {
 			idev->lmt_base_addr = dev->lmt_base;
 			idev->lmt_pf_func = dev->pf_func;
diff --git a/drivers/common/cnxk/roc_nix_debug.c b/drivers/common/cnxk/roc_nix_debug.c
index 266935a..7dc54f3 100644
--- a/drivers/common/cnxk/roc_nix_debug.c
+++ b/drivers/common/cnxk/roc_nix_debug.c
@@ -323,6 +323,9 @@  nix_q_ctx_get(struct dev *dev, uint8_t ctype, uint16_t qid, __io void **ctx_p)
 		int rc;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = qid;
 		aq->ctype = ctype;
 		aq->op = NIX_AQ_INSTOP_READ;
@@ -341,6 +344,9 @@  nix_q_ctx_get(struct dev *dev, uint8_t ctype, uint16_t qid, __io void **ctx_p)
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = qid;
 		aq->ctype = ctype;
 		aq->op = NIX_AQ_INSTOP_READ;
diff --git a/drivers/common/cnxk/roc_nix_fc.c b/drivers/common/cnxk/roc_nix_fc.c
index ca29cd2..d311371 100644
--- a/drivers/common/cnxk/roc_nix_fc.c
+++ b/drivers/common/cnxk/roc_nix_fc.c
@@ -113,6 +113,9 @@  nix_fc_cq_config_get(struct roc_nix *roc_nix, struct roc_nix_fc_cfg *fc_cfg)
 		struct nix_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = fc_cfg->cq_cfg.rq;
 		aq->ctype = NIX_AQ_CTYPE_CQ;
 		aq->op = NIX_AQ_INSTOP_READ;
@@ -120,6 +123,9 @@  nix_fc_cq_config_get(struct roc_nix *roc_nix, struct roc_nix_fc_cfg *fc_cfg)
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = fc_cfg->cq_cfg.rq;
 		aq->ctype = NIX_AQ_CTYPE_CQ;
 		aq->op = NIX_AQ_INSTOP_READ;
@@ -147,6 +153,9 @@  nix_fc_cq_config_set(struct roc_nix *roc_nix, struct roc_nix_fc_cfg *fc_cfg)
 		struct nix_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = fc_cfg->cq_cfg.rq;
 		aq->ctype = NIX_AQ_CTYPE_CQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -164,6 +173,9 @@  nix_fc_cq_config_set(struct roc_nix *roc_nix, struct roc_nix_fc_cfg *fc_cfg)
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = fc_cfg->cq_cfg.rq;
 		aq->ctype = NIX_AQ_CTYPE_CQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
diff --git a/drivers/common/cnxk/roc_nix_queue.c b/drivers/common/cnxk/roc_nix_queue.c
index 80e1c9f..e2426d9 100644
--- a/drivers/common/cnxk/roc_nix_queue.c
+++ b/drivers/common/cnxk/roc_nix_queue.c
@@ -38,6 +38,9 @@  nix_rq_ena_dis(struct dev *dev, struct roc_nix_rq *rq, bool enable)
 		struct nix_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = rq->qid;
 		aq->ctype = NIX_AQ_CTYPE_RQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -48,6 +51,9 @@  nix_rq_ena_dis(struct dev *dev, struct roc_nix_rq *rq, bool enable)
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = rq->qid;
 		aq->ctype = NIX_AQ_CTYPE_RQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -80,6 +86,9 @@  nix_rq_cn9k_cfg(struct dev *dev, struct roc_nix_rq *rq, uint16_t qints,
 	struct nix_aq_enq_req *aq;
 
 	aq = mbox_alloc_msg_nix_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = rq->qid;
 	aq->ctype = NIX_AQ_CTYPE_RQ;
 	aq->op = cfg ? NIX_AQ_INSTOP_WRITE : NIX_AQ_INSTOP_INIT;
@@ -195,6 +204,9 @@  nix_rq_cfg(struct dev *dev, struct roc_nix_rq *rq, uint16_t qints, bool cfg,
 	struct mbox *mbox = dev->mbox;
 
 	aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = rq->qid;
 	aq->ctype = NIX_AQ_CTYPE_RQ;
 	aq->op = cfg ? NIX_AQ_INSTOP_WRITE : NIX_AQ_INSTOP_INIT;
@@ -463,6 +475,9 @@  roc_nix_cq_init(struct roc_nix *roc_nix, struct roc_nix_cq *cq)
 		struct nix_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = cq->qid;
 		aq->ctype = NIX_AQ_CTYPE_CQ;
 		aq->op = NIX_AQ_INSTOP_INIT;
@@ -471,6 +486,9 @@  roc_nix_cq_init(struct roc_nix *roc_nix, struct roc_nix_cq *cq)
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = cq->qid;
 		aq->ctype = NIX_AQ_CTYPE_CQ;
 		aq->op = NIX_AQ_INSTOP_INIT;
@@ -547,6 +565,9 @@  roc_nix_cq_fini(struct roc_nix_cq *cq)
 		struct nix_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = cq->qid;
 		aq->ctype = NIX_AQ_CTYPE_CQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -558,6 +579,9 @@  roc_nix_cq_fini(struct roc_nix_cq *cq)
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = cq->qid;
 		aq->ctype = NIX_AQ_CTYPE_CQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -659,7 +683,7 @@  sqb_pool_populate(struct roc_nix *roc_nix, struct roc_nix_sq *sq)
 	return rc;
 }
 
-static void
+static int
 sq_cn9k_init(struct nix *nix, struct roc_nix_sq *sq, uint32_t rr_quantum,
 	     uint16_t smq)
 {
@@ -667,6 +691,9 @@  sq_cn9k_init(struct nix *nix, struct roc_nix_sq *sq, uint32_t rr_quantum,
 	struct nix_aq_enq_req *aq;
 
 	aq = mbox_alloc_msg_nix_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = sq->qid;
 	aq->ctype = NIX_AQ_CTYPE_SQ;
 	aq->op = NIX_AQ_INSTOP_INIT;
@@ -695,6 +722,7 @@  sq_cn9k_init(struct nix *nix, struct roc_nix_sq *sq, uint32_t rr_quantum,
 	 * might result in software missing the interrupt.
 	 */
 	aq->sq.qint_idx = 0;
+	return 0;
 }
 
 static int
@@ -708,6 +736,9 @@  sq_cn9k_fini(struct nix *nix, struct roc_nix_sq *sq)
 	int rc, count;
 
 	aq = mbox_alloc_msg_nix_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = sq->qid;
 	aq->ctype = NIX_AQ_CTYPE_SQ;
 	aq->op = NIX_AQ_INSTOP_READ;
@@ -721,6 +752,9 @@  sq_cn9k_fini(struct nix *nix, struct roc_nix_sq *sq)
 
 	/* Disable sq */
 	aq = mbox_alloc_msg_nix_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = sq->qid;
 	aq->ctype = NIX_AQ_CTYPE_SQ;
 	aq->op = NIX_AQ_INSTOP_WRITE;
@@ -732,6 +766,9 @@  sq_cn9k_fini(struct nix *nix, struct roc_nix_sq *sq)
 
 	/* Read SQ and free sqb's */
 	aq = mbox_alloc_msg_nix_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = sq->qid;
 	aq->ctype = NIX_AQ_CTYPE_SQ;
 	aq->op = NIX_AQ_INSTOP_READ;
@@ -763,7 +800,7 @@  sq_cn9k_fini(struct nix *nix, struct roc_nix_sq *sq)
 	return 0;
 }
 
-static void
+static int
 sq_init(struct nix *nix, struct roc_nix_sq *sq, uint32_t rr_quantum,
 	uint16_t smq)
 {
@@ -771,6 +808,9 @@  sq_init(struct nix *nix, struct roc_nix_sq *sq, uint32_t rr_quantum,
 	struct nix_cn10k_aq_enq_req *aq;
 
 	aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = sq->qid;
 	aq->ctype = NIX_AQ_CTYPE_SQ;
 	aq->op = NIX_AQ_INSTOP_INIT;
@@ -798,6 +838,7 @@  sq_init(struct nix *nix, struct roc_nix_sq *sq, uint32_t rr_quantum,
 	 * might result in software missing the interrupt.
 	 */
 	aq->sq.qint_idx = 0;
+	return 0;
 }
 
 static int
@@ -811,6 +852,9 @@  sq_fini(struct nix *nix, struct roc_nix_sq *sq)
 	int rc, count;
 
 	aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = sq->qid;
 	aq->ctype = NIX_AQ_CTYPE_SQ;
 	aq->op = NIX_AQ_INSTOP_READ;
@@ -824,6 +868,9 @@  sq_fini(struct nix *nix, struct roc_nix_sq *sq)
 
 	/* Disable sq */
 	aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = sq->qid;
 	aq->ctype = NIX_AQ_CTYPE_SQ;
 	aq->op = NIX_AQ_INSTOP_WRITE;
@@ -835,6 +882,9 @@  sq_fini(struct nix *nix, struct roc_nix_sq *sq)
 
 	/* Read SQ and free sqb's */
 	aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+	if (!aq)
+		return -ENOSPC;
+
 	aq->qidx = sq->qid;
 	aq->ctype = NIX_AQ_CTYPE_SQ;
 	aq->op = NIX_AQ_INSTOP_READ;
@@ -905,9 +955,12 @@  roc_nix_sq_init(struct roc_nix *roc_nix, struct roc_nix_sq *sq)
 
 	/* Init SQ context */
 	if (roc_model_is_cn9k())
-		sq_cn9k_init(nix, sq, rr_quantum, smq);
+		rc = sq_cn9k_init(nix, sq, rr_quantum, smq);
 	else
-		sq_init(nix, sq, rr_quantum, smq);
+		rc = sq_init(nix, sq, rr_quantum, smq);
+
+	if (rc)
+		goto nomem;
 
 	rc = mbox_process(mbox);
 	if (rc)
diff --git a/drivers/common/cnxk/roc_nix_stats.c b/drivers/common/cnxk/roc_nix_stats.c
index c50c8fa..756111f 100644
--- a/drivers/common/cnxk/roc_nix_stats.c
+++ b/drivers/common/cnxk/roc_nix_stats.c
@@ -124,6 +124,9 @@  nix_stat_rx_queue_reset(struct nix *nix, uint16_t qid)
 		struct nix_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = qid;
 		aq->ctype = NIX_AQ_CTYPE_RQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -143,6 +146,9 @@  nix_stat_rx_queue_reset(struct nix *nix, uint16_t qid)
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = qid;
 		aq->ctype = NIX_AQ_CTYPE_RQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -174,6 +180,9 @@  nix_stat_tx_queue_reset(struct nix *nix, uint16_t qid)
 		struct nix_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = qid;
 		aq->ctype = NIX_AQ_CTYPE_SQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -190,6 +199,9 @@  nix_stat_tx_queue_reset(struct nix *nix, uint16_t qid)
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = qid;
 		aq->ctype = NIX_AQ_CTYPE_SQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -295,6 +307,9 @@  roc_nix_xstats_get(struct roc_nix *roc_nix, struct roc_nix_xstat *xstats,
 
 	if (roc_model_is_cn9k()) {
 		req = mbox_alloc_msg_cgx_stats(mbox);
+		if (!req)
+			return -ENOSPC;
+
 		req->hdr.pcifunc = roc_nix_get_pf_func(roc_nix);
 
 		rc = mbox_process_msg(mbox, (void *)&cgx_resp);
@@ -316,6 +331,9 @@  roc_nix_xstats_get(struct roc_nix *roc_nix, struct roc_nix_xstat *xstats,
 		}
 	} else {
 		req = mbox_alloc_msg_rpm_stats(mbox);
+		if (!req)
+			return -ENOSPC;
+
 		req->hdr.pcifunc = roc_nix_get_pf_func(roc_nix);
 
 		rc = mbox_process_msg(mbox, (void *)&rpm_resp);
diff --git a/drivers/common/cnxk/roc_nix_tm.c b/drivers/common/cnxk/roc_nix_tm.c
index fe9e83f..3b38cc0 100644
--- a/drivers/common/cnxk/roc_nix_tm.c
+++ b/drivers/common/cnxk/roc_nix_tm.c
@@ -766,6 +766,9 @@  nix_tm_sq_sched_conf(struct nix *nix, struct nix_tm_node *node,
 		struct nix_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = qid;
 		aq->ctype = NIX_AQ_CTYPE_SQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;
@@ -781,6 +784,9 @@  nix_tm_sq_sched_conf(struct nix *nix, struct nix_tm_node *node,
 		struct nix_cn10k_aq_enq_req *aq;
 
 		aq = mbox_alloc_msg_nix_cn10k_aq_enq(mbox);
+		if (!aq)
+			return -ENOSPC;
+
 		aq->qidx = qid;
 		aq->ctype = NIX_AQ_CTYPE_SQ;
 		aq->op = NIX_AQ_INSTOP_WRITE;