svn commit: r358597 - head/sys/kern

Mark Johnston markj at freebsd.org
Mon Mar 16 23:53:09 UTC 2020 

On Sun, Mar 15, 2020 at 10:13:29PM -0700, Chuck Silvers wrote:
> On Fri, Mar 13, 2020 at 07:48:17PM -0400, Mark Johnston wrote:
> > On Wed, Mar 04, 2020 at 12:22:51AM +0000, Chuck Silvers wrote:
> > > Author: chs
> > > Date: Wed Mar  4 00:22:50 2020
> > > New Revision: 358597
> > > URL: https://svnweb.freebsd.org/changeset/base/358597
> > > 
> > > Log:
> > >   if vm_pager_get_pages_async() returns an error, release the sfio->nios
> > >   refcount that we took earlier that represents the I/O that ended up
> > >   not being started.
> > 
> > I think a larger bug is that getpages_async is not consistent about
> > whether it invokes the completion callback in synchronous error cases.
> > For instance, vop_stdgetpages_async() always calls it, as does
> > ffs_getpages_async() when the filesystem fragment size is larger than
> > the page size.  But vnode_pager_generic_getpages() does not.  So if one
> > is using sendfile on a filesystem that does not implement
> > getpages_async, an error will cause sendfile_swapin() to unbusy the
> > input pages multiple times, and release the sfio refcount twice when it
> > should be done just once.
> 
> 
> ah yes, you're right.  I was only looking at the path we actually hit.
> 
> I think the simplest way to resolve this would be to change
> vnode_pager_generic_getpages() in the async case to always
> call the iodone callback and always return 0.  (in the sync case
> vnode_pager_generic_getpages() would continue to return an error code
> if an error is encountered.)  vm_pager_get_pages_async() could then
> be changed to return void since after the avoid changes it would
> always return 0.  swap_pager_getpages_async() already always calls
> the iodone callback but it would return void too after the above changes.

Looking at the existing error handling in sendfile, I think there is a
complication: in the case of a synchronous error, vn_sendfile() has to
unwire the input pages; in the case of an asynchronous error,
vn_sendfile() will have bound the pages to mbufs in the socket's send
buffer, and the unwiring will happen in sendfile_free_mext() when the
buffer is drained as a result of a connection abort.

In other words, sendfile_iodone() has to be able to distinguish between
synchronous and asynchronous error cases in order to correctly release
resources, so the proposed solution doesn't seem quite sufficient.

> If that is agreeable to you and Gleb then I'll make the changes.
> 
> -Chuck

More information about the svn-src-all mailing list