[cifs:for-next 31/31] fs/cifs/smb2ops.c:786 open_shroot() error: double unlock 'mutex:&tcon->crfid.fid_mutex'

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



tree:   git://git.samba.org/sfrench/cifs-2.6.git for-next
head:   5fc321fb644fc787710353be11129edadd313f3a
commit: 5fc321fb644fc787710353be11129edadd313f3a [31/31] smb3: fix unmount hang in open_shroot

If you fix the issue, kindly add following tag
Reported-by: kbuild test robot <lkp@xxxxxxxxx>
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

New smatch warnings:
fs/cifs/smb2ops.c:786 open_shroot() error: double unlock 'mutex:&tcon->crfid.fid_mutex'

git remote add cifs git://git.samba.org/sfrench/cifs-2.6.git
git remote update cifs
git checkout 5fc321fb644fc787710353be11129edadd313f3a
vim +786 fs/cifs/smb2ops.c

fs/cifs/smb2ops.c
   726                  /*
   727                   * caller expects this func to set pfid to a valid
   728                   * cached root, so we copy the existing one and get a
   729                   * reference.
   730                   */
   731                  memcpy(pfid, tcon->crfid.fid, sizeof(*pfid));
   732                  kref_get(&tcon->crfid.refcount);
   733  
   734                  mutex_unlock(&tcon->crfid.fid_mutex);
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Unlock (recently added)

   735  
   736                  if (rc == 0) {
   737                          /* close extra handle outside of crit sec */
   738                          SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
   739                  }
   740                  goto oshr_free;
   741          }
   742  
   743          /* Cached root is still invalid, continue normaly */
   744  
   745          if (rc) {
   746                  if (rc == -EREMCHG) {
   747                          tcon->need_reconnect = true;
   748                          printk_once(KERN_WARNING "server share %s deleted\n",
   749                                      tcon->treeName);
   750                  }
   751                  goto oshr_exit;
   752          }
   753  
   754          o_rsp = (struct smb2_create_rsp *)rsp_iov[0].iov_base;
   755          oparms.fid->persistent_fid = o_rsp->PersistentFileId;
   756          oparms.fid->volatile_fid = o_rsp->VolatileFileId;
   757  #ifdef CONFIG_CIFS_DEBUG2
   758          oparms.fid->mid = le64_to_cpu(o_rsp->sync_hdr.MessageId);
   759  #endif /* CIFS_DEBUG2 */
   760  
   761          memcpy(tcon->crfid.fid, pfid, sizeof(struct cifs_fid));
   762          tcon->crfid.tcon = tcon;
   763          tcon->crfid.is_valid = true;
   764          kref_init(&tcon->crfid.refcount);
   765  
   766          /* BB TBD check to see if oplock level check can be removed below */
   767          if (o_rsp->OplockLevel == SMB2_OPLOCK_LEVEL_LEASE) {
   768                  kref_get(&tcon->crfid.refcount);
   769                  smb2_parse_contexts(server, o_rsp,
   770                                  &oparms.fid->epoch,
   771                                  oparms.fid->lease_key, &oplock, NULL);
   772          } else
   773                  goto oshr_exit;
   774  
   775          qi_rsp = (struct smb2_query_info_rsp *)rsp_iov[1].iov_base;
   776          if (le32_to_cpu(qi_rsp->OutputBufferLength) < sizeof(struct smb2_file_all_info))
   777                  goto oshr_exit;
   778          if (!smb2_validate_and_copy_iov(
   779                                  le16_to_cpu(qi_rsp->OutputBufferOffset),
   780                                  sizeof(struct smb2_file_all_info),
   781                                  &rsp_iov[1], sizeof(struct smb2_file_all_info),
   782                                  (char *)&tcon->crfid.file_all_info))
   783                  tcon->crfid.file_all_info_is_valid = 1;
   784  
   785  oshr_exit:
   786          mutex_unlock(&tcon->crfid.fid_mutex);
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Double unlock.

   787  oshr_free:
   788          SMB2_open_free(&rqst[0]);
   789          SMB2_query_info_free(&rqst[1]);
   790          free_rsp_buf(resp_buftype[0], rsp_iov[0].iov_base);
   791          free_rsp_buf(resp_buftype[1], rsp_iov[1].iov_base);
   792          return rc;
   793  }

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation



[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux