On Mon, Jul 30, 2018 at 09:15:42AM +0200, Christoph Hellwig wrote:
> This is needed to prevent races caused by the way the ->poll API works.
> To avoid introducing overhead for other users of the iocbs we initialize
> it to zero and only do refcount operations if it is non-zero in the
> completion path.
refcount_t looks like a bad match - you, AFAICS, have count 0 for everything
except poll, while for poll you start with 2. That looks like
if (iocb->shared && test_and_clear_bit(0, &iocb->shared))
return;
kill the sucker
in your iocb_put() and initializing it to 1 in poll. No?
