On 10/9/2019 5:54 AM, Jens Axboe wrote: >>>>>> BTW, is there a reason for ref-counting in struct io_kiocb? I understand >>>>>> the idea behind submission reference, but don't see any actual part >>>>>> needing it. >>>>> >>>>> In short, it's to prevent the completion running before we're done with >>>>> the iocb on the submission side. >>>> >>>> Yep, that's what I expected. Perhaps I missed something, but what I've >>>> seen following code paths all the way down, it either >>>> 1. gets error / completes synchronously and then frees req locally >>>> 2. or passes it further (e.g. async list) and never accesses it after >>> >>> As soon as the IO is passed on, it can complete. In fact, it can complete >>> even _before_ that call returns. That's the issue. Obviously this isn't >>> true for purely polled IO, but it is true for IRQ based IO. >> >> And the idea was to not use io_kiocb after submission. Except when we know, >> that it won't complete asynchronously (e.g. error), that could be checked >> with return code, I guess. > > I think you're still missing the point. During the submission it can go > away, it can be deep in a call chain. So it's not enough to say "we > won't touch it after completion returns", we need to hold a reference to > ensure it doesn't go away WHILE being submitted. > > Hope that helps! Now I get it, thanks Jens! -- Yours sincerely, Pavel Begunkov
