From 93803e0140c6216b68fe926ccc611297120da273 Mon Sep 17 00:00:00 2001
From: Jens Axboe <jaxboe@fusionio.com>
Date: Mon, 7 Mar 2011 08:59:06 +0100
Subject: cfq-iosched: fix race in cfq_set_request()

We need to hold the queue lock over the reference increment,
it's not atomic anymore.

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
---
 block/cfq-iosched.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'block/cfq-iosched.c')

diff --git a/block/cfq-iosched.c b/block/cfq-iosched.c
index 3202c7e87fb..fb2141ec205 100644
--- a/block/cfq-iosched.c
+++ b/block/cfq-iosched.c
@@ -3675,12 +3675,11 @@ new_queue:
 
 	cfqq->allocated[rw]++;
 
-	spin_unlock_irqrestore(q->queue_lock, flags);
-
 	cfqq->ref++;
 	rq->elevator_private[0] = cic;
 	rq->elevator_private[1] = cfqq;
 	rq->elevator_private[2] = cfq_ref_get_cfqg(cfqq->cfqg);
+	spin_unlock_irqrestore(q->queue_lock, flags);
 	return 0;
 
 queue_fail:
-- 
cgit v1.2.3-70-g09d2