tree: git://github.com/smfrench/smb3-kernel.git for-next head: 28711a66701e3aefc5748dcde38dba1e2e79de34 commit: 46c2db2a20898662a26fc3de1fa9499271049570 [12/18] cifs: take cifs_tcp_ses_lock for status checks config: x86_64-randconfig-m001-20211119 (attached as .config) compiler: gcc-9 (Debian 9.3.0-22) 9.3.0 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp(a)intel.com&gt; Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com&gt; smatch warnings: fs/cifs/smb1ops.c:229 cifs_get_next_mid() error: uninitialized symbol 'reconnect'. vim +/reconnect +229 fs/cifs/smb1ops.c 88257360605f93 Pavel Shilovsky 2012-05-23 161 static __u64 88257360605f93 Pavel Shilovsky 2012-05-23 162 cifs_get_next_mid(struct TCP_Server_Info *server) 88257360605f93 Pavel Shilovsky 2012-05-23 163 { 88257360605f93 Pavel Shilovsky 2012-05-23 164 __u64 mid = 0; 88257360605f93 Pavel Shilovsky 2012-05-23 165 __u16 last_mid, cur_mid; 46c2db2a208986 Steve French 2021-11-19 166 bool collision, reconnect; "reconnect" is never set to false. 88257360605f93 Pavel Shilovsky 2012-05-23 167 88257360605f93 Pavel Shilovsky 2012-05-23 168 spin_lock(&GlobalMid_Lock); 88257360605f93 Pavel Shilovsky 2012-05-23 169 88257360605f93 Pavel Shilovsky 2012-05-23 170 /* mid is 16 bit only for CIFS/SMB */ 88257360605f93 Pavel Shilovsky 2012-05-23 171 cur_mid = (__u16)((server->CurrentMid) & 0xffff); 88257360605f93 Pavel Shilovsky 2012-05-23 172 /* we do not want to loop forever */ 88257360605f93 Pavel Shilovsky 2012-05-23 173 last_mid = cur_mid; 88257360605f93 Pavel Shilovsky 2012-05-23 174 cur_mid++; 03d9a9fe3f3aec Roberto Bergantinos Corpas 2019-10-14 175 /* avoid 0xFFFF MID */ 03d9a9fe3f3aec Roberto Bergantinos Corpas 2019-10-14 176 if (cur_mid == 0xffff) 03d9a9fe3f3aec Roberto Bergantinos Corpas 2019-10-14 177 cur_mid++; 88257360605f93 Pavel Shilovsky 2012-05-23 178 88257360605f93 Pavel Shilovsky 2012-05-23 179 /* 88257360605f93 Pavel Shilovsky 2012-05-23 180 * This nested loop looks more expensive than it is. 88257360605f93 Pavel Shilovsky 2012-05-23 181 * In practice the list of pending requests is short, 88257360605f93 Pavel Shilovsky 2012-05-23 182 * fewer than 50, and the mids are likely to be unique 88257360605f93 Pavel Shilovsky 2012-05-23 183 * on the first pass through the loop unless some request 88257360605f93 Pavel Shilovsky 2012-05-23 184 * takes longer than the 64 thousand requests before it 88257360605f93 Pavel Shilovsky 2012-05-23 185 * (and it would also have to have been a request that 88257360605f93 Pavel Shilovsky 2012-05-23 186 * did not time out). 88257360605f93 Pavel Shilovsky 2012-05-23 187 */ 88257360605f93 Pavel Shilovsky 2012-05-23 188 while (cur_mid != last_mid) { 88257360605f93 Pavel Shilovsky 2012-05-23 189 struct mid_q_entry *mid_entry; 88257360605f93 Pavel Shilovsky 2012-05-23 190 unsigned int num_mids; 88257360605f93 Pavel Shilovsky 2012-05-23 191 88257360605f93 Pavel Shilovsky 2012-05-23 192 collision = false; 88257360605f93 Pavel Shilovsky 2012-05-23 193 if (cur_mid == 0) 88257360605f93 Pavel Shilovsky 2012-05-23 194 cur_mid++; 88257360605f93 Pavel Shilovsky 2012-05-23 195 88257360605f93 Pavel Shilovsky 2012-05-23 196 num_mids = 0; 88257360605f93 Pavel Shilovsky 2012-05-23 197 list_for_each_entry(mid_entry, &server->pending_mid_q, qhead) { 88257360605f93 Pavel Shilovsky 2012-05-23 198 ++num_mids; 88257360605f93 Pavel Shilovsky 2012-05-23 199 if (mid_entry->mid == cur_mid && 88257360605f93 Pavel Shilovsky 2012-05-23 200 mid_entry->mid_state == MID_REQUEST_SUBMITTED) { 88257360605f93 Pavel Shilovsky 2012-05-23 201 /* This mid is in use, try a different one */ 88257360605f93 Pavel Shilovsky 2012-05-23 202 collision = true; 88257360605f93 Pavel Shilovsky 2012-05-23 203 break; 88257360605f93 Pavel Shilovsky 2012-05-23 204 } 88257360605f93 Pavel Shilovsky 2012-05-23 205 } 88257360605f93 Pavel Shilovsky 2012-05-23 206 88257360605f93 Pavel Shilovsky 2012-05-23 207 /* 88257360605f93 Pavel Shilovsky 2012-05-23 208 * if we have more than 32k mids in the list, then something 88257360605f93 Pavel Shilovsky 2012-05-23 209 * is very wrong. Possibly a local user is trying to DoS the 88257360605f93 Pavel Shilovsky 2012-05-23 210 * box by issuing long-running calls and SIGKILL'ing them. If 88257360605f93 Pavel Shilovsky 2012-05-23 211 * we get to 2^16 mids then we're in big trouble as this 88257360605f93 Pavel Shilovsky 2012-05-23 212 * function could loop forever. 88257360605f93 Pavel Shilovsky 2012-05-23 213 * 88257360605f93 Pavel Shilovsky 2012-05-23 214 * Go ahead and assign out the mid in this situation, but force 88257360605f93 Pavel Shilovsky 2012-05-23 215 * an eventual reconnect to clean out the pending_mid_q. 88257360605f93 Pavel Shilovsky 2012-05-23 216 */ 88257360605f93 Pavel Shilovsky 2012-05-23 217 if (num_mids > 32768) 46c2db2a208986 Steve French 2021-11-19 218 reconnect = true; 88257360605f93 Pavel Shilovsky 2012-05-23 219 88257360605f93 Pavel Shilovsky 2012-05-23 220 if (!collision) { 88257360605f93 Pavel Shilovsky 2012-05-23 221 mid = (__u64)cur_mid; 88257360605f93 Pavel Shilovsky 2012-05-23 222 server->CurrentMid = mid; 88257360605f93 Pavel Shilovsky 2012-05-23 223 break; 88257360605f93 Pavel Shilovsky 2012-05-23 224 } 88257360605f93 Pavel Shilovsky 2012-05-23 225 cur_mid++; 88257360605f93 Pavel Shilovsky 2012-05-23 226 } 88257360605f93 Pavel Shilovsky 2012-05-23 227 spin_unlock(&GlobalMid_Lock); 46c2db2a208986 Steve French 2021-11-19 228 46c2db2a208986 Steve French 2021-11-19 @229 if (reconnect) { 46c2db2a208986 Steve French 2021-11-19 230 spin_lock(&cifs_tcp_ses_lock); 46c2db2a208986 Steve French 2021-11-19 231 server->tcpStatus = CifsNeedReconnect; 46c2db2a208986 Steve French 2021-11-19 232 spin_unlock(&cifs_tcp_ses_lock); 46c2db2a208986 Steve French 2021-11-19 233 } 46c2db2a208986 Steve French 2021-11-19 234 88257360605f93 Pavel Shilovsky 2012-05-23 235 return mid; 88257360605f93 Pavel Shilovsky 2012-05-23 236 } --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org