[libata] fix PIO completion race

 *

 *	LOCKING:

 *	None.  (executing in kernel thread context)

 *

 *	RETURNS:

 *	Non-zero if qc completed, zero otherwise.

 */

static void ata_pio_complete (struct ata_port *ap)

static int ata_pio_complete (struct ata_port *ap)

{

	struct ata_queued_cmd *qc;

	u8 drv_stat;

		if (drv_stat & (ATA_BUSY | ATA_DRQ)) {

			ap->pio_task_state = PIO_ST_LAST_POLL;

			ap->pio_task_timeout = jiffies + ATA_TMOUT_PIO;

			return;

			return 0;

		}

	}

	drv_stat = ata_wait_idle(ap);

	if (!ata_ok(drv_stat)) {

		ap->pio_task_state = PIO_ST_ERR;

		return;

		return 0;

	}

	qc = ata_qc_from_tag(ap, ap->active_tag);

	ap->pio_task_state = PIO_ST_IDLE;

	ata_poll_qc_complete(qc, drv_stat);

	/* another command may start at this point */

	return 1;

}

	if (is_atapi_taskfile(&qc->tf)) {

		/* no more data to transfer or unsupported ATAPI command */

		if ((status & ATA_DRQ) == 0) {

			ap->pio_task_state = PIO_ST_IDLE;

			ata_poll_qc_complete(qc, status);

			ap->pio_task_state = PIO_ST_LAST;

			return;

		}

static void ata_pio_task(void *_data)

{

	struct ata_port *ap = _data;

	unsigned long timeout = 0;

	unsigned long timeout;

	int qc_completed;

fsm_start:

	timeout = 0;

	qc_completed = 0;

	switch (ap->pio_task_state) {

	case PIO_ST_IDLE:

		break;

	case PIO_ST_LAST:

		ata_pio_complete(ap);

		qc_completed = ata_pio_complete(ap);

		break;

	case PIO_ST_POLL:

	}

	if (timeout)

		queue_delayed_work(ata_wq, &ap->pio_task,

				   timeout);

	else

		queue_work(ata_wq, &ap->pio_task);

		queue_delayed_work(ata_wq, &ap->pio_task, timeout);

	else if (!qc_completed)

		goto fsm_start;

}

static void atapi_request_sense(struct ata_port *ap, struct ata_device *dev,