Re: recvmsg() "short receive" after FIONREAD

From: Mark Johnston <markj_at_freebsd.org>
Date: Fri, 10 Sep 2021 19:35:58 UTC
On Fri, Sep 10, 2021 at 10:15:37PM +0300, Andriy Gapon wrote:
> On 10/09/2021 21:51, Andriy Gapon wrote:
> > 
> > 
> > I observe a problem with the code that can be seen here:
> > https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/blob/master/src/modules/rtp/sap.c#L142 
> > 
> > 
> > The code uses ioctl(FIONREAD) to check the size of available data in a socket.
> > Does / should this work?
> > 
> > Then the code calls recvmsg() on the socket with single vector with iov_len 
> > equal to the size obtained earlier.
> > 
> > But the return value from recvmsg() is smaller than the iov_len value.
> > In my test I see 215 vs expected 263 (so, the difference is 48).
> > 
> > Does this ring a bell to anyone?
> > I see this on a month old 14.0-CURRENT arm64.
> > 
> 
>  From a quick look at soreceive_dgram() and some dtrace-ing, it seems that each 
> time recvmsg() is called soreceive_dgram() gets an mbuf chain where the first 
> mbuf is MT_SONAME (8), the second one is MT_CONTROL (14) and only the third one 
> is MT_DATA.
> 
> Could it be that data in the first two mbuf-s (especially the MT_CONTROL one) is 
> reported by FIONREAD?  Or, in other words, accounted in sb_acc?
> But then it's not actually returned, of course, in recvmsg() ?

Indeed, I suspect that this is the problem.  Note that for
kevent(EVFILT_READ) we subtract the number of control message bytes from
the returned value, see filt_soread().  I wonder if FIONREAD should do
the same thing.