scsi: fix refcounting for reads

Recently introduced FUA support also gave us a use-after-free
of the BlockAcctCookie within a SCSIDiskReq, due to unbalanced
reference counting.

The patch fixes this by making scsi_do_read look like a combination
of scsi_*_complete + scsi_*_data.  It does both a ref (like
scsi_read_data) and an unref (like scsi_flush_complete).

Reported-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

0 files changed, 0 insertions, 0 deletions