Commit ddf83afb authored by Ronnie Sahlberg's avatar Ronnie Sahlberg Committed by Steve French

cifs: add a warning if we try to to dequeue a deleted mid

cifs_delete_mid() is called once we are finished handling a mid and we
expect no more work done on this mid.

Needed to fix recent commit:
commit 730928c8
("cifs: update smb2_queryfs() to use compounding")

Add a warning if someone tries to dequeue a mid that has already been
flagged to be deleted.
Also change list_del() to list_del_init() so that if we have similar bugs
resurface in the future we will not oops.
Signed-off-by: default avatarRonnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
Reviewed-by: default avatarPavel Shilovsky <pshilov@microsoft.com>
parent 0595751f
...@@ -1553,6 +1553,7 @@ static inline void free_dfs_info_array(struct dfs_info3_param *param, ...@@ -1553,6 +1553,7 @@ static inline void free_dfs_info_array(struct dfs_info3_param *param,
/* Flags */ /* Flags */
#define MID_WAIT_CANCELLED 1 /* Cancelled while waiting for response */ #define MID_WAIT_CANCELLED 1 /* Cancelled while waiting for response */
#define MID_DELETED 2 /* Mid has been dequeued/deleted */
/* Types of response buffer returned from SendReceive2 */ /* Types of response buffer returned from SendReceive2 */
#define CIFS_NO_BUFFER 0 /* Response buffer not returned */ #define CIFS_NO_BUFFER 0 /* Response buffer not returned */
......
...@@ -659,6 +659,14 @@ dequeue_mid(struct mid_q_entry *mid, bool malformed) ...@@ -659,6 +659,14 @@ dequeue_mid(struct mid_q_entry *mid, bool malformed)
mid->mid_state = MID_RESPONSE_RECEIVED; mid->mid_state = MID_RESPONSE_RECEIVED;
else else
mid->mid_state = MID_RESPONSE_MALFORMED; mid->mid_state = MID_RESPONSE_MALFORMED;
/*
* Trying to handle/dequeue a mid after the send_recv()
* function has finished processing it is a bug.
*/
if (mid->mid_flags & MID_DELETED)
printk_once(KERN_WARNING
"trying to dequeue a deleted mid\n");
else
list_del_init(&mid->qhead); list_del_init(&mid->qhead);
spin_unlock(&GlobalMid_Lock); spin_unlock(&GlobalMid_Lock);
} }
......
...@@ -142,7 +142,8 @@ void ...@@ -142,7 +142,8 @@ void
cifs_delete_mid(struct mid_q_entry *mid) cifs_delete_mid(struct mid_q_entry *mid)
{ {
spin_lock(&GlobalMid_Lock); spin_lock(&GlobalMid_Lock);
list_del(&mid->qhead); list_del_init(&mid->qhead);
mid->mid_flags |= MID_DELETED;
spin_unlock(&GlobalMid_Lock); spin_unlock(&GlobalMid_Lock);
DeleteMidQEntry(mid); DeleteMidQEntry(mid);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment