From: Jens Axboe <jaxboe@fusionio.com>
Date: Mon, 7 Mar 2011 07:59:06 +0000 (+0100)
Subject: cfq-iosched: fix race in cfq_set_request()
X-Git-Url: http://drtracing.org/?a=commitdiff_plain;h=93803e0140c6216b68fe926ccc611297120da273;p=deliverable%2Flinux.git

cfq-iosched: fix race in cfq_set_request()

We need to hold the queue lock over the reference increment,
it's not atomic anymore.

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
---

diff --git a/block/cfq-iosched.c b/block/cfq-iosched.c
index 3202c7e87fb3..fb2141ec205c 100644
--- a/block/cfq-iosched.c
+++ b/block/cfq-iosched.c
@@ -3675,12 +3675,11 @@ new_queue:
 
 	cfqq->allocated[rw]++;
 
-	spin_unlock_irqrestore(q->queue_lock, flags);
-
 	cfqq->ref++;
 	rq->elevator_private[0] = cic;
 	rq->elevator_private[1] = cfqq;
 	rq->elevator_private[2] = cfq_ref_get_cfqg(cfqq->cfqg);
+	spin_unlock_irqrestore(q->queue_lock, flags);
 	return 0;
 
 queue_fail: