diff --git a/block/cfq-iosched.c b/block/cfq-iosched.c
index f26da2b..1e23e4d 100644
--- a/block/cfq-iosched.c
+++ b/block/cfq-iosched.c
@@ -1180,6 +1180,9 @@ static void cic_free_func(struct io_context *ioc, struct cfq_io_context *cic)
 {
 	unsigned long flags;
 
+	/* ioc_data leak: the cache is surviving the cic */
+	BUG_ON(cic == ioc->ioc_data);
+
 	BUG_ON(!cic->dead_key);
 
 	spin_lock_irqsave(&ioc->lock, flags);
@@ -1474,6 +1477,9 @@ cfq_drop_dead_cic(struct cfq_data *cfqd, struct io_context *ioc,
 {
 	unsigned long flags;
 
+	/* ioc_data leak: the cache is surviving the cic */
+	BUG_ON(cic == ioc->ioc_data);
+
 	WARN_ON(!list_empty(&cic->queue_list));
 
 	spin_lock_irqsave(&ioc->lock, flags);
@@ -1501,8 +1507,11 @@ cfq_cic_lookup(struct cfq_data *cfqd, struct io_context *ioc)
 	 * we maintain a last-hit cache, to avoid browsing over the tree
 	 */
 	cic = rcu_dereference(ioc->ioc_data);
-	if (cic && cic->key == cfqd)
+	if (cic && cic->key == cfqd) {
+		/* check if cic belongs to ioc */
+		BUG_ON(cic->ioc != ioc);
 		return cic;
+	}
 
 	do {
 		rcu_read_lock();