[PATCH] libata: clear ap->active_tag atomically w.r.t. command completion

ap->active_tag was cleared in ata_qc_free(). This left ap->active_tag dangling after ata_qc_complete(). Spurious interrupts inbetween could incorrectly access the qc. Clear active_tag in ata_qc_complete(). This change is necessary for later EH changes. Signed-off-by: Tejun Heo <htejun@gmail.com>
author: Tejun Heo <htejun@gmail.com> 2006-05-15 20:57:32 +0900
committer: Tejun Heo <htejun@gmail.com> 2006-05-15 20:57:32 +0900
commit: 7401abf2f44695ef44eef47d5deba1c20214a063 (patch)
tree: 582a02c76d1d975846bd779923d715cb617efef9
parent: f8c2c4202d86e14ca03b7adc7ebcb30fc74b24e1 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/drivers/scsi/libata-core.c b/drivers/scsi/libata-core.c
index 1669dae53ce..86cd0e0895d 100644
--- a/drivers/scsi/libata-core.c
+++ b/drivers/scsi/libata-core.c
@@ -4083,8 +4083,6 @@ void ata_qc_free(struct ata_queued_cmd *qc)
 	qc->flags = 0;
 	tag = qc->tag;
 	if (likely(ata_tag_valid(tag))) {
-		if (tag == ap->active_tag)
-			ap->active_tag = ATA_TAG_POISON;
 		qc->tag = ATA_TAG_POISON;
 		clear_bit(tag, &ap->qactive);
 	}
@@ -4098,6 +4096,9 @@ void __ata_qc_complete(struct ata_queued_cmd *qc)
 	if (likely(qc->flags & ATA_QCFLAG_DMAMAP))
 		ata_sg_clean(qc);
 
+	/* command should be marked inactive atomically with qc completion */
+	qc->ap->active_tag = ATA_TAG_POISON;
+
 	/* atapi: mark qc as inactive to prevent the interrupt handler
 	 * from completing the command twice later, before the error handler
 	 * is called. (when rc != 0 and atapi request sense is needed)
author	Tejun Heo <htejun@gmail.com>	2006-05-15 20:57:32 +0900
committer	Tejun Heo <htejun@gmail.com>	2006-05-15 20:57:32 +0900
commit	7401abf2f44695ef44eef47d5deba1c20214a063 (patch)
tree	582a02c76d1d975846bd779923d715cb617efef9
parent	f8c2c4202d86e14ca03b7adc7ebcb30fc74b24e1 (diff)