diff --git a/unreleased_history/bug_fixes/fsbuffer_bug_fix.md b/unreleased_history/bug_fixes/fsbuffer_bug_fix.md new file mode 100644 index 000000000..bec91bc4f --- /dev/null +++ b/unreleased_history/bug_fixes/fsbuffer_bug_fix.md @@ -0,0 +1 @@ +Fix use_after_free bug in async_io MultiReads when underlying FS enabled kFSBuffer. kFSBuffer is when underlying FS pass their own buffer instead of using RocksDB scratch in FSReadRequest. Right now it's an experimental feature. diff --git a/util/async_file_reader.cc b/util/async_file_reader.cc index 080c1ae96..9ce13b99f 100644 --- a/util/async_file_reader.cc +++ b/util/async_file_reader.cc @@ -26,6 +26,11 @@ bool AsyncFileReader::MultiReadAsyncImpl(ReadAwaiter* awaiter) { FSReadRequest* read_req = static_cast(cb_arg); read_req->status = req.status; read_req->result = req.result; + if (req.fs_scratch != nullptr) { + // TODO akanksha: Revisit to remove the const in the callback. + FSReadRequest& req_tmp = const_cast(req); + read_req->fs_scratch = std::move(req_tmp.fs_scratch); + } }, &awaiter->read_reqs_[i], &awaiter->io_handle_[i], &awaiter->del_fn_[i], /*aligned_buf=*/nullptr);