• Guoju Fang's avatar
    bcache: fix crashes stopping bcache device before read miss done · 1568ee7e
    Guoju Fang authored
    The bio from upper layer is considered completed when bio_complete()
    returns. In most scenarios bio_complete() is called in search_free(),
    but when read miss happens, the bio_compete() is called when backing
    device reading completed, while the struct search is still in use until
    cache inserting finished.
    
    If someone stops the bcache device just then, the device may be closed
    and released, but after cache inserting finished the struct search will
    access a freed struct cached_dev.
    
    This patch add the reference of bcache device before bio_complete() when
    read miss happens, and put it after the search is not used.
    Signed-off-by: default avatarGuoju Fang <fangguoju@gmail.com>
    Signed-off-by: default avatarColy Li <colyli@suse.de>
    Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
    1568ee7e
request.c 35 KB