From: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>

Signed-off-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/kernel/futex.c |   11 +++++------
 1 files changed, 5 insertions(+), 6 deletions(-)

diff -puN kernel/futex.c~futex_wait-fix kernel/futex.c
--- 25/kernel/futex.c~futex_wait-fix	2004-11-08 18:40:13.663428624 -0800
+++ 25-akpm/kernel/futex.c	2004-11-08 19:10:41.607538880 -0800
@@ -486,8 +486,6 @@ static int futex_wait(unsigned long uadd
 	if (unlikely(ret != 0))
 		goto out_release_sem;
 
-	queue_me(&q, -1, NULL);
-
 	/*
 	 * Access the page after the futex is queued.
 	 * We hold the mmap semaphore, so the mapping cannot have changed
@@ -495,13 +493,15 @@ static int futex_wait(unsigned long uadd
 	 */
 	if (get_user(curval, (int __user *)uaddr) != 0) {
 		ret = -EFAULT;
-		goto out_unqueue;
+		goto out_release_sem;
 	}
 	if (curval != val) {
 		ret = -EWOULDBLOCK;
-		goto out_unqueue;
+		goto out_release_sem;
 	}
 
+	queue_me(&q, -1, NULL);
+
 	/*
 	 * Now the futex is queued and we have checked the data, we
 	 * don't want to hold mmap_sem while we sleep.
@@ -542,11 +542,10 @@ static int futex_wait(unsigned long uadd
 	WARN_ON(!signal_pending(current));
 	return -EINTR;
 
- out_unqueue:
 	/* If we were woken (and unqueued), we succeeded, whatever. */
 	if (!unqueue_me(&q))
 		ret = 0;
- out_release_sem:
+out_release_sem:
 	up_read(&current->mm->mmap_sem);
 	return ret;
 }
_