[SCSI] scsi_lib: only call scsi_unprep_request() under queue lock
authorJames Bottomley <James.Bottomley@HansenPartnership.com>
Fri, 12 Dec 2008 19:28:29 +0000 (13:28 -0600)
committerJames Bottomley <James.Bottomley@HansenPartnership.com>
Sat, 13 Dec 2008 20:31:03 +0000 (14:31 -0600)
commit02bd3499a3be984f1e88821c3ed252c8c49c498e
treec71e88075895d9b5f46d880e64b7e702acbea87d
parent57458036af75c6dbb62bee04b3982e92261eddb1
[SCSI] scsi_lib: only call scsi_unprep_request() under queue lock

It's called under that lock everywhere else and it does alter the
request state, so it should be.

This one occurance in scsi_requeue_command() could open a window where
req->special is set to NULL while the requests is going through either
timeout or completion processing leading to NULL pointer derefs of the
sort complained of in bugzillas 12020 and 12195.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
drivers/scsi/scsi_lib.c