Running AIO is pinning inode in memory using file reference. Once AIO is completed using aio_complete(), file reference is put and inode can be freed from memory. So we have to be sure that calling aio_complete() is the last thing we do with the inode.
CC: Christoph Hellwig <[email protected]> CC: Jens Axboe <[email protected]> CC: Jeff Moyer <[email protected]> CC: [email protected] Signed-off-by: Jan Kara <[email protected]> --- fs/direct-io.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/fs/direct-io.c b/fs/direct-io.c index cf5b44b..f853263 100644 --- a/fs/direct-io.c +++ b/fs/direct-io.c @@ -261,9 +261,9 @@ static ssize_t dio_complete(struct dio *dio, loff_t offset, ssize_t ret, bool is dio->end_io(dio->iocb, offset, transferred, dio->private, ret, is_async); } else { + inode_dio_done(dio->inode); if (is_async) aio_complete(dio->iocb, ret, 0); - inode_dio_done(dio->inode); } return ret; -- 1.7.1 -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
