tree:
git://github.com/smfrench/smb3-kernel.git for-next
head: 28711a66701e3aefc5748dcde38dba1e2e79de34
commit: 46c2db2a20898662a26fc3de1fa9499271049570 [12/18] cifs: take cifs_tcp_ses_lock for
status checks
config: x86_64-randconfig-m001-20211119 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
smatch warnings:
fs/cifs/smb1ops.c:229 cifs_get_next_mid() error: uninitialized symbol
'reconnect'.
vim +/reconnect +229 fs/cifs/smb1ops.c
88257360605f93 Pavel Shilovsky 2012-05-23 161 static __u64
88257360605f93 Pavel Shilovsky 2012-05-23 162 cifs_get_next_mid(struct
TCP_Server_Info *server)
88257360605f93 Pavel Shilovsky 2012-05-23 163 {
88257360605f93 Pavel Shilovsky 2012-05-23 164 __u64 mid = 0;
88257360605f93 Pavel Shilovsky 2012-05-23 165 __u16 last_mid, cur_mid;
46c2db2a208986 Steve French 2021-11-19 166 bool collision, reconnect;
"reconnect" is never set to false.
88257360605f93 Pavel Shilovsky 2012-05-23 167
88257360605f93 Pavel Shilovsky 2012-05-23 168
spin_lock(&GlobalMid_Lock);
88257360605f93 Pavel Shilovsky 2012-05-23 169
88257360605f93 Pavel Shilovsky 2012-05-23 170 /* mid is 16 bit only for
CIFS/SMB */
88257360605f93 Pavel Shilovsky 2012-05-23 171 cur_mid =
(__u16)((server->CurrentMid) & 0xffff);
88257360605f93 Pavel Shilovsky 2012-05-23 172 /* we do not want to loop
forever */
88257360605f93 Pavel Shilovsky 2012-05-23 173 last_mid = cur_mid;
88257360605f93 Pavel Shilovsky 2012-05-23 174 cur_mid++;
03d9a9fe3f3aec Roberto Bergantinos Corpas 2019-10-14 175 /* avoid 0xFFFF MID */
03d9a9fe3f3aec Roberto Bergantinos Corpas 2019-10-14 176 if (cur_mid == 0xffff)
03d9a9fe3f3aec Roberto Bergantinos Corpas 2019-10-14 177 cur_mid++;
88257360605f93 Pavel Shilovsky 2012-05-23 178
88257360605f93 Pavel Shilovsky 2012-05-23 179 /*
88257360605f93 Pavel Shilovsky 2012-05-23 180 * This nested loop looks more
expensive than it is.
88257360605f93 Pavel Shilovsky 2012-05-23 181 * In practice the list of
pending requests is short,
88257360605f93 Pavel Shilovsky 2012-05-23 182 * fewer than 50, and the mids
are likely to be unique
88257360605f93 Pavel Shilovsky 2012-05-23 183 * on the first pass through
the loop unless some request
88257360605f93 Pavel Shilovsky 2012-05-23 184 * takes longer than the 64
thousand requests before it
88257360605f93 Pavel Shilovsky 2012-05-23 185 * (and it would also have to
have been a request that
88257360605f93 Pavel Shilovsky 2012-05-23 186 * did not time out).
88257360605f93 Pavel Shilovsky 2012-05-23 187 */
88257360605f93 Pavel Shilovsky 2012-05-23 188 while (cur_mid != last_mid) {
88257360605f93 Pavel Shilovsky 2012-05-23 189 struct mid_q_entry
*mid_entry;
88257360605f93 Pavel Shilovsky 2012-05-23 190 unsigned int num_mids;
88257360605f93 Pavel Shilovsky 2012-05-23 191
88257360605f93 Pavel Shilovsky 2012-05-23 192 collision = false;
88257360605f93 Pavel Shilovsky 2012-05-23 193 if (cur_mid == 0)
88257360605f93 Pavel Shilovsky 2012-05-23 194 cur_mid++;
88257360605f93 Pavel Shilovsky 2012-05-23 195
88257360605f93 Pavel Shilovsky 2012-05-23 196 num_mids = 0;
88257360605f93 Pavel Shilovsky 2012-05-23 197
list_for_each_entry(mid_entry, &server->pending_mid_q, qhead) {
88257360605f93 Pavel Shilovsky 2012-05-23 198 ++num_mids;
88257360605f93 Pavel Shilovsky 2012-05-23 199 if (mid_entry->mid ==
cur_mid &&
88257360605f93 Pavel Shilovsky 2012-05-23 200 mid_entry->mid_state
== MID_REQUEST_SUBMITTED) {
88257360605f93 Pavel Shilovsky 2012-05-23 201 /* This mid is in use, try
a different one */
88257360605f93 Pavel Shilovsky 2012-05-23 202 collision = true;
88257360605f93 Pavel Shilovsky 2012-05-23 203 break;
88257360605f93 Pavel Shilovsky 2012-05-23 204 }
88257360605f93 Pavel Shilovsky 2012-05-23 205 }
88257360605f93 Pavel Shilovsky 2012-05-23 206
88257360605f93 Pavel Shilovsky 2012-05-23 207 /*
88257360605f93 Pavel Shilovsky 2012-05-23 208 * if we have more than 32k
mids in the list, then something
88257360605f93 Pavel Shilovsky 2012-05-23 209 * is very wrong. Possibly a
local user is trying to DoS the
88257360605f93 Pavel Shilovsky 2012-05-23 210 * box by issuing
long-running calls and SIGKILL'ing them. If
88257360605f93 Pavel Shilovsky 2012-05-23 211 * we get to 2^16 mids then
we're in big trouble as this
88257360605f93 Pavel Shilovsky 2012-05-23 212 * function could loop
forever.
88257360605f93 Pavel Shilovsky 2012-05-23 213 *
88257360605f93 Pavel Shilovsky 2012-05-23 214 * Go ahead and assign out
the mid in this situation, but force
88257360605f93 Pavel Shilovsky 2012-05-23 215 * an eventual reconnect to
clean out the pending_mid_q.
88257360605f93 Pavel Shilovsky 2012-05-23 216 */
88257360605f93 Pavel Shilovsky 2012-05-23 217 if (num_mids > 32768)
46c2db2a208986 Steve French 2021-11-19 218 reconnect = true;
88257360605f93 Pavel Shilovsky 2012-05-23 219
88257360605f93 Pavel Shilovsky 2012-05-23 220 if (!collision) {
88257360605f93 Pavel Shilovsky 2012-05-23 221 mid = (__u64)cur_mid;
88257360605f93 Pavel Shilovsky 2012-05-23 222 server->CurrentMid =
mid;
88257360605f93 Pavel Shilovsky 2012-05-23 223 break;
88257360605f93 Pavel Shilovsky 2012-05-23 224 }
88257360605f93 Pavel Shilovsky 2012-05-23 225 cur_mid++;
88257360605f93 Pavel Shilovsky 2012-05-23 226 }
88257360605f93 Pavel Shilovsky 2012-05-23 227
spin_unlock(&GlobalMid_Lock);
46c2db2a208986 Steve French 2021-11-19 228
46c2db2a208986 Steve French 2021-11-19 @229 if (reconnect) {
46c2db2a208986 Steve French 2021-11-19 230
spin_lock(&cifs_tcp_ses_lock);
46c2db2a208986 Steve French 2021-11-19 231 server->tcpStatus =
CifsNeedReconnect;
46c2db2a208986 Steve French 2021-11-19 232
spin_unlock(&cifs_tcp_ses_lock);
46c2db2a208986 Steve French 2021-11-19 233 }
46c2db2a208986 Steve French 2021-11-19 234
88257360605f93 Pavel Shilovsky 2012-05-23 235 return mid;
88257360605f93 Pavel Shilovsky 2012-05-23 236 }
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org