Google Git
Sign in
kunit/linux/f505d49ffd25ed062e76ffd17568d3937fcd338c^!/./drivers/ide
commit
f505d49ffd25ed062e76ffd17568d3937fcd338c
[log]
author
Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
Sat Apr 18 17:42:20 2009 +0200
committer
Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
Sat Apr 18 17:42:20 2009 +0200
tree
1ffafdccffd2373ec8b5f60bb72da841d4d200d8
parent
d5f840bf74c09ca5a31e518c9d984999926b5f44 [diff]
ide: fix barriers support

Freeing non-slab objects is bad and results in an oops.  Fix it.

Reported-and-tested-by: Andrew Price <andy@andrewprice.me.uk>
Cc: Theodore Tso <tytso@mit.edu>
Cc: "Rafael J. Wysocki" <rjw@sisk.pl>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>

diff --git a/drivers/ide/ide-io.c b/drivers/ide/ide-io.c
index 2ae02b8..35dc38d 100644
--- a/drivers/ide/ide-io.c
+++ b/drivers/ide/ide-io.c

@@ -102,11 +102,14 @@
 			drive->dev_flags |= IDE_DFLAG_PARKED;
 	}
 
-	if (rq && rq->cmd_type == REQ_TYPE_ATA_TASKFILE)
-		memcpy(rq->special, cmd, sizeof(*cmd));
+	if (rq && rq->cmd_type == REQ_TYPE_ATA_TASKFILE) {
+		struct ide_cmd *orig_cmd = rq->special;
 
-	if (cmd->tf_flags & IDE_TFLAG_DYN)
-		kfree(cmd);
+		if (cmd->tf_flags & IDE_TFLAG_DYN)
+			kfree(orig_cmd);
+		else
+			memcpy(orig_cmd, cmd, sizeof(*cmd));
+	}
 }
 
 /* obsolete, blk_rq_bytes() should be used instead */