[PATCH] cifs: Do not interpret oplock break responses as responses to an unrelated command

.. even if the multiplex ids match.

Signed-off-by: Steve French (sfrench@us.ibm.com)
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
diff --git a/fs/cifs/CHANGES b/fs/cifs/CHANGES
index de88580..de63a0e 100644
--- a/fs/cifs/CHANGES
+++ b/fs/cifs/CHANGES
@@ -10,6 +10,8 @@
 cifs_close. Add mount option for remapping reserved characters in
 filenames (also allow recognizing files with created by SFU which have any
 of these seven reserved characters, except backslash, to be recognized).
+Fix invalid transact2 message (we were sometimes trying to interpret
+oplock breaks as SMB responses).
 
 Version 1.31
 ------------
diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c
index e7bd93e..efa0991 100644
--- a/fs/cifs/cifs_debug.c
+++ b/fs/cifs/cifs_debug.c
@@ -111,7 +111,12 @@
 					mid_q_entry,
 					qhead);
 				if(mid_entry) {
-					length = sprintf(buf,"State: %d com: %d pid: %d tsk: %p mid %d\n",mid_entry->midState,mid_entry->command,mid_entry->pid,mid_entry->tsk,mid_entry->mid);
+					length = sprintf(buf,"State: %d com: %d pid: %d tsk: %p mid %d\n",
+						mid_entry->midState,
+						(int)mid_entry->command,
+						mid_entry->pid,
+						mid_entry->tsk,
+						mid_entry->mid);
 					buf += length;
 				}
 			}
diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
index 1b3082d..fe14097 100644
--- a/fs/cifs/cifsglob.h
+++ b/fs/cifs/cifsglob.h
@@ -313,12 +313,12 @@
 	__u16 mid;		/* multiplex id */
 	__u16 pid;		/* process id */
 	__u32 sequence_number;  /* for CIFS signing */
-	__u16 command;		/* smb command code */
 	struct timeval when_sent;	/* time when smb sent */
 	struct cifsSesInfo *ses;	/* smb was sent to this server */
 	struct task_struct *tsk;	/* task waiting for response */
 	struct smb_hdr *resp_buf;	/* response buffer */
 	int midState;	/* wish this were enum but can not pass to wait_event */
+	__u8 command;		/* smb command code */
 };
 
 struct oplock_q_entry {
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 1f22b85..383e55f 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -361,9 +361,13 @@
 							       mid_q_entry,
 							       qhead);
 
-					if ((mid_entry->mid == smb_buffer->Mid) && (mid_entry->midState == MID_REQUEST_SUBMITTED)) {
-						cFYI(1,
-						     (" Mid 0x%x matched - waking up ",mid_entry->mid));
+					if ((mid_entry->mid == smb_buffer->Mid)
+						&& (mid_entry->midState == 
+							MID_REQUEST_SUBMITTED) 
+						&& (mid_entry->command == 
+							smb_buffer->Command)) {
+						cFYI(1,("Found Mid 0x%x wake up"
+							,mid_entry->mid));
 						task_to_wake = mid_entry->tsk;
 						mid_entry->resp_buf =
 						    smb_buffer;
diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
index a9e4f98..aab62ed 100644
--- a/fs/cifs/transport.c
+++ b/fs/cifs/transport.c
@@ -189,7 +189,6 @@
 	struct msghdr smb_msg;
 	number_of_pages += 1; /* account for SMB header */
 	struct kvec * piov  = kmalloc(number_of_pages * sizeof(struct kvec));
-	if(i=0;i<num_pages-1;i++
 	unsigned len = smb_buf_length + 4;
 
 	if(ssocket == NULL)