diff options
| author | Ronnie Sahlberg <lsahlber@redhat.com> | 2018-08-29 20:12:59 -0400 |
|---|---|---|
| committer | Steve French <stfrench@microsoft.com> | 2018-10-02 19:12:31 -0400 |
| commit | ddf83afb9f60ee58cdec30bb615eff65d00ba05e (patch) | |
| tree | 41a64ddbced37ea36da1defdcd8f2eb6c0a270fa | |
| parent | 0595751f267994c3c7027377058e4185b3a28e75 (diff) | |
cifs: add a warning if we try to to dequeue a deleted mid
cifs_delete_mid() is called once we are finished handling a mid and we
expect no more work done on this mid.
Needed to fix recent commit:
commit 730928c8f4be88e9d6a027a16b1e8fa9c59fc077
("cifs: update smb2_queryfs() to use compounding")
Add a warning if someone tries to dequeue a mid that has already been
flagged to be deleted.
Also change list_del() to list_del_init() so that if we have similar bugs
resurface in the future we will not oops.
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
| -rw-r--r-- | fs/cifs/cifsglob.h | 1 | ||||
| -rw-r--r-- | fs/cifs/connect.c | 10 | ||||
| -rw-r--r-- | fs/cifs/transport.c | 3 |
3 files changed, 12 insertions, 2 deletions
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 0c9ab62c3df4..9dcaed031843 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h | |||
| @@ -1553,6 +1553,7 @@ static inline void free_dfs_info_array(struct dfs_info3_param *param, | |||
| 1553 | 1553 | ||
| 1554 | /* Flags */ | 1554 | /* Flags */ |
| 1555 | #define MID_WAIT_CANCELLED 1 /* Cancelled while waiting for response */ | 1555 | #define MID_WAIT_CANCELLED 1 /* Cancelled while waiting for response */ |
| 1556 | #define MID_DELETED 2 /* Mid has been dequeued/deleted */ | ||
| 1556 | 1557 | ||
| 1557 | /* Types of response buffer returned from SendReceive2 */ | 1558 | /* Types of response buffer returned from SendReceive2 */ |
| 1558 | #define CIFS_NO_BUFFER 0 /* Response buffer not returned */ | 1559 | #define CIFS_NO_BUFFER 0 /* Response buffer not returned */ |
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 7aa08dba4719..e9d64c92b8da 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c | |||
| @@ -659,7 +659,15 @@ dequeue_mid(struct mid_q_entry *mid, bool malformed) | |||
| 659 | mid->mid_state = MID_RESPONSE_RECEIVED; | 659 | mid->mid_state = MID_RESPONSE_RECEIVED; |
| 660 | else | 660 | else |
| 661 | mid->mid_state = MID_RESPONSE_MALFORMED; | 661 | mid->mid_state = MID_RESPONSE_MALFORMED; |
| 662 | list_del_init(&mid->qhead); | 662 | /* |
| 663 | * Trying to handle/dequeue a mid after the send_recv() | ||
| 664 | * function has finished processing it is a bug. | ||
| 665 | */ | ||
| 666 | if (mid->mid_flags & MID_DELETED) | ||
| 667 | printk_once(KERN_WARNING | ||
| 668 | "trying to dequeue a deleted mid\n"); | ||
| 669 | else | ||
| 670 | list_del_init(&mid->qhead); | ||
| 663 | spin_unlock(&GlobalMid_Lock); | 671 | spin_unlock(&GlobalMid_Lock); |
| 664 | } | 672 | } |
| 665 | 673 | ||
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c index 78f96fa3d7d9..9cc9a127749e 100644 --- a/fs/cifs/transport.c +++ b/fs/cifs/transport.c | |||
| @@ -142,7 +142,8 @@ void | |||
| 142 | cifs_delete_mid(struct mid_q_entry *mid) | 142 | cifs_delete_mid(struct mid_q_entry *mid) |
| 143 | { | 143 | { |
| 144 | spin_lock(&GlobalMid_Lock); | 144 | spin_lock(&GlobalMid_Lock); |
| 145 | list_del(&mid->qhead); | 145 | list_del_init(&mid->qhead); |
| 146 | mid->mid_flags |= MID_DELETED; | ||
| 146 | spin_unlock(&GlobalMid_Lock); | 147 | spin_unlock(&GlobalMid_Lock); |
| 147 | 148 | ||
| 148 | DeleteMidQEntry(mid); | 149 | DeleteMidQEntry(mid); |