cfq-iosched: fix race in cfq_set_request()
Jens Axboe [Mon, 7 Mar 2011 07:59:06 +0000 (08:59 +0100)]
We need to hold the queue lock over the reference increment,
it's not atomic anymore.

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>

block/cfq-iosched.c

index 3202c7e..fb2141e 100644 (file)
@@ -3675,12 +3675,11 @@ new_queue:
 
        cfqq->allocated[rw]++;
 
-       spin_unlock_irqrestore(q->queue_lock, flags);
-
        cfqq->ref++;
        rq->elevator_private[0] = cic;
        rq->elevator_private[1] = cfqq;
        rq->elevator_private[2] = cfq_ref_get_cfqg(cfqq->cfqg);
+       spin_unlock_irqrestore(q->queue_lock, flags);
        return 0;
 
 queue_fail: