xref: /freebsd/sys/vm/vnode_pager.c (revision 7ad2a82da2b51b8c803c82a460e513f58f5a1737)
1 /*-
2  * SPDX-License-Identifier: BSD-4-Clause
3  *
4  * Copyright (c) 1990 University of Utah.
5  * Copyright (c) 1991 The Regents of the University of California.
6  * All rights reserved.
7  * Copyright (c) 1993, 1994 John S. Dyson
8  * Copyright (c) 1995, David Greenman
9  *
10  * This code is derived from software contributed to Berkeley by
11  * the Systems Programming Group of the University of Utah Computer
12  * Science Department.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  * 1. Redistributions of source code must retain the above copyright
18  *    notice, this list of conditions and the following disclaimer.
19  * 2. Redistributions in binary form must reproduce the above copyright
20  *    notice, this list of conditions and the following disclaimer in the
21  *    documentation and/or other materials provided with the distribution.
22  * 3. All advertising materials mentioning features or use of this software
23  *    must display the following acknowledgement:
24  *	This product includes software developed by the University of
25  *	California, Berkeley and its contributors.
26  * 4. Neither the name of the University nor the names of its contributors
27  *    may be used to endorse or promote products derived from this software
28  *    without specific prior written permission.
29  *
30  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
31  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
32  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
33  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
34  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
35  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
36  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
37  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
38  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
39  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
40  * SUCH DAMAGE.
41  *
42  *	from: @(#)vnode_pager.c	7.5 (Berkeley) 4/20/91
43  */
44 
45 /*
46  * Page to/from files (vnodes).
47  */
48 
49 /*
50  * TODO:
51  *	Implement VOP_GETPAGES/PUTPAGES interface for filesystems. Will
52  *	greatly re-simplify the vnode_pager.
53  */
54 
55 #include <sys/cdefs.h>
56 __FBSDID("$FreeBSD$");
57 
58 #include "opt_vm.h"
59 
60 #include <sys/param.h>
61 #include <sys/kernel.h>
62 #include <sys/systm.h>
63 #include <sys/sysctl.h>
64 #include <sys/proc.h>
65 #include <sys/vnode.h>
66 #include <sys/mount.h>
67 #include <sys/bio.h>
68 #include <sys/buf.h>
69 #include <sys/vmmeter.h>
70 #include <sys/ktr.h>
71 #include <sys/limits.h>
72 #include <sys/conf.h>
73 #include <sys/refcount.h>
74 #include <sys/rwlock.h>
75 #include <sys/sf_buf.h>
76 #include <sys/domainset.h>
77 
78 #include <machine/atomic.h>
79 
80 #include <vm/vm.h>
81 #include <vm/vm_param.h>
82 #include <vm/vm_object.h>
83 #include <vm/vm_page.h>
84 #include <vm/vm_pager.h>
85 #include <vm/vm_map.h>
86 #include <vm/vnode_pager.h>
87 #include <vm/vm_extern.h>
88 #include <vm/uma.h>
89 
90 static int vnode_pager_addr(struct vnode *vp, vm_ooffset_t address,
91     daddr_t *rtaddress, int *run);
92 static int vnode_pager_input_smlfs(vm_object_t object, vm_page_t m);
93 static int vnode_pager_input_old(vm_object_t object, vm_page_t m);
94 static void vnode_pager_dealloc(vm_object_t);
95 static int vnode_pager_getpages(vm_object_t, vm_page_t *, int, int *, int *);
96 static int vnode_pager_getpages_async(vm_object_t, vm_page_t *, int, int *,
97     int *, vop_getpages_iodone_t, void *);
98 static void vnode_pager_putpages(vm_object_t, vm_page_t *, int, int, int *);
99 static boolean_t vnode_pager_haspage(vm_object_t, vm_pindex_t, int *, int *);
100 static vm_object_t vnode_pager_alloc(void *, vm_ooffset_t, vm_prot_t,
101     vm_ooffset_t, struct ucred *cred);
102 static int vnode_pager_generic_getpages_done(struct buf *);
103 static void vnode_pager_generic_getpages_done_async(struct buf *);
104 static void vnode_pager_update_writecount(vm_object_t, vm_offset_t,
105     vm_offset_t);
106 static void vnode_pager_release_writecount(vm_object_t, vm_offset_t,
107     vm_offset_t);
108 
109 struct pagerops vnodepagerops = {
110 	.pgo_alloc =	vnode_pager_alloc,
111 	.pgo_dealloc =	vnode_pager_dealloc,
112 	.pgo_getpages =	vnode_pager_getpages,
113 	.pgo_getpages_async = vnode_pager_getpages_async,
114 	.pgo_putpages =	vnode_pager_putpages,
115 	.pgo_haspage =	vnode_pager_haspage,
116 	.pgo_update_writecount = vnode_pager_update_writecount,
117 	.pgo_release_writecount = vnode_pager_release_writecount,
118 };
119 
120 static struct domainset *vnode_domainset = NULL;
121 
122 SYSCTL_PROC(_debug, OID_AUTO, vnode_domainset,
123     CTLTYPE_STRING | CTLFLAG_MPSAFE | CTLFLAG_RW, &vnode_domainset, 0,
124     sysctl_handle_domainset, "A", "Default vnode NUMA policy");
125 
126 static int nvnpbufs;
127 SYSCTL_INT(_vm, OID_AUTO, vnode_pbufs, CTLFLAG_RDTUN | CTLFLAG_NOFETCH,
128     &nvnpbufs, 0, "number of physical buffers allocated for vnode pager");
129 
130 static uma_zone_t vnode_pbuf_zone;
131 
132 static void
133 vnode_pager_init(void *dummy)
134 {
135 
136 #ifdef __LP64__
137 	nvnpbufs = nswbuf * 2;
138 #else
139 	nvnpbufs = nswbuf / 2;
140 #endif
141 	TUNABLE_INT_FETCH("vm.vnode_pbufs", &nvnpbufs);
142 	vnode_pbuf_zone = pbuf_zsecond_create("vnpbuf", nvnpbufs);
143 }
144 SYSINIT(vnode_pager, SI_SUB_CPU, SI_ORDER_ANY, vnode_pager_init, NULL);
145 
146 /* Create the VM system backing object for this vnode */
147 int
148 vnode_create_vobject(struct vnode *vp, off_t isize, struct thread *td)
149 {
150 	vm_object_t object;
151 	vm_ooffset_t size = isize;
152 	struct vattr va;
153 	bool last;
154 
155 	if (!vn_isdisk(vp) && vn_canvmio(vp) == FALSE)
156 		return (0);
157 
158 	object = vp->v_object;
159 	if (object != NULL)
160 		return (0);
161 
162 	if (size == 0) {
163 		if (vn_isdisk(vp)) {
164 			size = IDX_TO_OFF(INT_MAX);
165 		} else {
166 			if (VOP_GETATTR(vp, &va, td->td_ucred))
167 				return (0);
168 			size = va.va_size;
169 		}
170 	}
171 
172 	object = vnode_pager_alloc(vp, size, 0, 0, td->td_ucred);
173 	/*
174 	 * Dereference the reference we just created.  This assumes
175 	 * that the object is associated with the vp.  We still have
176 	 * to serialize with vnode_pager_dealloc() for the last
177 	 * potential reference.
178 	 */
179 	VM_OBJECT_RLOCK(object);
180 	last = refcount_release(&object->ref_count);
181 	VM_OBJECT_RUNLOCK(object);
182 	if (last)
183 		vrele(vp);
184 
185 	KASSERT(vp->v_object != NULL, ("vnode_create_vobject: NULL object"));
186 
187 	return (0);
188 }
189 
190 void
191 vnode_destroy_vobject(struct vnode *vp)
192 {
193 	struct vm_object *obj;
194 
195 	obj = vp->v_object;
196 	if (obj == NULL || obj->handle != vp)
197 		return;
198 	ASSERT_VOP_ELOCKED(vp, "vnode_destroy_vobject");
199 	VM_OBJECT_WLOCK(obj);
200 	MPASS(obj->type == OBJT_VNODE);
201 	umtx_shm_object_terminated(obj);
202 	if (obj->ref_count == 0) {
203 		KASSERT((obj->flags & OBJ_DEAD) == 0,
204 		   ("vnode_destroy_vobject: Terminating dead object"));
205 		vm_object_set_flag(obj, OBJ_DEAD);
206 
207 		/*
208 		 * Clean pages and flush buffers.
209 		 */
210 		vm_object_page_clean(obj, 0, 0, OBJPC_SYNC);
211 		VM_OBJECT_WUNLOCK(obj);
212 
213 		vinvalbuf(vp, V_SAVE, 0, 0);
214 
215 		BO_LOCK(&vp->v_bufobj);
216 		vp->v_bufobj.bo_flag |= BO_DEAD;
217 		BO_UNLOCK(&vp->v_bufobj);
218 
219 		VM_OBJECT_WLOCK(obj);
220 		vm_object_terminate(obj);
221 	} else {
222 		/*
223 		 * Woe to the process that tries to page now :-).
224 		 */
225 		vm_pager_deallocate(obj);
226 		VM_OBJECT_WUNLOCK(obj);
227 	}
228 	KASSERT(vp->v_object == NULL, ("vp %p obj %p", vp, vp->v_object));
229 }
230 
231 
232 /*
233  * Allocate (or lookup) pager for a vnode.
234  * Handle is a vnode pointer.
235  */
236 vm_object_t
237 vnode_pager_alloc(void *handle, vm_ooffset_t size, vm_prot_t prot,
238     vm_ooffset_t offset, struct ucred *cred)
239 {
240 	vm_object_t object;
241 	struct vnode *vp;
242 
243 	/*
244 	 * Pageout to vnode, no can do yet.
245 	 */
246 	if (handle == NULL)
247 		return (NULL);
248 
249 	vp = (struct vnode *)handle;
250 	ASSERT_VOP_LOCKED(vp, "vnode_pager_alloc");
251 	VNPASS(vp->v_usecount > 0, vp);
252 retry:
253 	object = vp->v_object;
254 
255 	if (object == NULL) {
256 		/*
257 		 * Add an object of the appropriate size
258 		 */
259 		object = vm_object_allocate(OBJT_VNODE,
260 		    OFF_TO_IDX(round_page(size)));
261 
262 		object->un_pager.vnp.vnp_size = size;
263 		object->un_pager.vnp.writemappings = 0;
264 		object->domain.dr_policy = vnode_domainset;
265 		object->handle = handle;
266 		if ((vp->v_vflag & VV_VMSIZEVNLOCK) != 0) {
267 			VM_OBJECT_WLOCK(object);
268 			vm_object_set_flag(object, OBJ_SIZEVNLOCK);
269 			VM_OBJECT_WUNLOCK(object);
270 		}
271 		VI_LOCK(vp);
272 		if (vp->v_object != NULL) {
273 			/*
274 			 * Object has been created while we were allocating.
275 			 */
276 			VI_UNLOCK(vp);
277 			VM_OBJECT_WLOCK(object);
278 			KASSERT(object->ref_count == 1,
279 			    ("leaked ref %p %d", object, object->ref_count));
280 			object->type = OBJT_DEAD;
281 			refcount_init(&object->ref_count, 0);
282 			VM_OBJECT_WUNLOCK(object);
283 			vm_object_destroy(object);
284 			goto retry;
285 		}
286 		vp->v_object = object;
287 		VI_UNLOCK(vp);
288 		vrefact(vp);
289 	} else {
290 		vm_object_reference(object);
291 #if VM_NRESERVLEVEL > 0
292 		if ((object->flags & OBJ_COLORED) == 0) {
293 			VM_OBJECT_WLOCK(object);
294 			vm_object_color(object, 0);
295 			VM_OBJECT_WUNLOCK(object);
296 		}
297 #endif
298 	}
299 	return (object);
300 }
301 
302 /*
303  *	The object must be locked.
304  */
305 static void
306 vnode_pager_dealloc(vm_object_t object)
307 {
308 	struct vnode *vp;
309 	int refs;
310 
311 	vp = object->handle;
312 	if (vp == NULL)
313 		panic("vnode_pager_dealloc: pager already dealloced");
314 
315 	VM_OBJECT_ASSERT_WLOCKED(object);
316 	vm_object_pip_wait(object, "vnpdea");
317 	refs = object->ref_count;
318 
319 	object->handle = NULL;
320 	object->type = OBJT_DEAD;
321 	ASSERT_VOP_ELOCKED(vp, "vnode_pager_dealloc");
322 	if (object->un_pager.vnp.writemappings > 0) {
323 		object->un_pager.vnp.writemappings = 0;
324 		VOP_ADD_WRITECOUNT_CHECKED(vp, -1);
325 		CTR3(KTR_VFS, "%s: vp %p v_writecount decreased to %d",
326 		    __func__, vp, vp->v_writecount);
327 	}
328 	vp->v_object = NULL;
329 	VI_LOCK(vp);
330 
331 	/*
332 	 * vm_map_entry_set_vnode_text() cannot reach this vnode by
333 	 * following object->handle.  Clear all text references now.
334 	 * This also clears the transient references from
335 	 * kern_execve(), which is fine because dead_vnodeops uses nop
336 	 * for VOP_UNSET_TEXT().
337 	 */
338 	if (vp->v_writecount < 0)
339 		vp->v_writecount = 0;
340 	VI_UNLOCK(vp);
341 	VM_OBJECT_WUNLOCK(object);
342 	if (refs > 0)
343 		vunref(vp);
344 	VM_OBJECT_WLOCK(object);
345 }
346 
347 static boolean_t
348 vnode_pager_haspage(vm_object_t object, vm_pindex_t pindex, int *before,
349     int *after)
350 {
351 	struct vnode *vp = object->handle;
352 	daddr_t bn;
353 	uintptr_t lockstate;
354 	int err;
355 	daddr_t reqblock;
356 	int poff;
357 	int bsize;
358 	int pagesperblock, blocksperpage;
359 
360 	VM_OBJECT_ASSERT_LOCKED(object);
361 	/*
362 	 * If no vp or vp is doomed or marked transparent to VM, we do not
363 	 * have the page.
364 	 */
365 	if (vp == NULL || VN_IS_DOOMED(vp))
366 		return FALSE;
367 	/*
368 	 * If the offset is beyond end of file we do
369 	 * not have the page.
370 	 */
371 	if (IDX_TO_OFF(pindex) >= object->un_pager.vnp.vnp_size)
372 		return FALSE;
373 
374 	bsize = vp->v_mount->mnt_stat.f_iosize;
375 	pagesperblock = bsize / PAGE_SIZE;
376 	blocksperpage = 0;
377 	if (pagesperblock > 0) {
378 		reqblock = pindex / pagesperblock;
379 	} else {
380 		blocksperpage = (PAGE_SIZE / bsize);
381 		reqblock = pindex * blocksperpage;
382 	}
383 	lockstate = VM_OBJECT_DROP(object);
384 	err = VOP_BMAP(vp, reqblock, NULL, &bn, after, before);
385 	VM_OBJECT_PICKUP(object, lockstate);
386 	if (err)
387 		return TRUE;
388 	if (bn == -1)
389 		return FALSE;
390 	if (pagesperblock > 0) {
391 		poff = pindex - (reqblock * pagesperblock);
392 		if (before) {
393 			*before *= pagesperblock;
394 			*before += poff;
395 		}
396 		if (after) {
397 			/*
398 			 * The BMAP vop can report a partial block in the
399 			 * 'after', but must not report blocks after EOF.
400 			 * Assert the latter, and truncate 'after' in case
401 			 * of the former.
402 			 */
403 			KASSERT((reqblock + *after) * pagesperblock <
404 			    roundup2(object->size, pagesperblock),
405 			    ("%s: reqblock %jd after %d size %ju", __func__,
406 			    (intmax_t )reqblock, *after,
407 			    (uintmax_t )object->size));
408 			*after *= pagesperblock;
409 			*after += pagesperblock - (poff + 1);
410 			if (pindex + *after >= object->size)
411 				*after = object->size - 1 - pindex;
412 		}
413 	} else {
414 		if (before) {
415 			*before /= blocksperpage;
416 		}
417 
418 		if (after) {
419 			*after /= blocksperpage;
420 		}
421 	}
422 	return TRUE;
423 }
424 
425 /*
426  * Lets the VM system know about a change in size for a file.
427  * We adjust our own internal size and flush any cached pages in
428  * the associated object that are affected by the size change.
429  *
430  * Note: this routine may be invoked as a result of a pager put
431  * operation (possibly at object termination time), so we must be careful.
432  */
433 void
434 vnode_pager_setsize(struct vnode *vp, vm_ooffset_t nsize)
435 {
436 	vm_object_t object;
437 	vm_page_t m;
438 	vm_pindex_t nobjsize;
439 
440 	if ((object = vp->v_object) == NULL)
441 		return;
442 #ifdef DEBUG_VFS_LOCKS
443 	{
444 		struct mount *mp;
445 
446 		mp = vp->v_mount;
447 		if (mp != NULL && (mp->mnt_kern_flag & MNTK_VMSETSIZE_BUG) == 0)
448 			assert_vop_elocked(vp,
449 			    "vnode_pager_setsize and not locked vnode");
450 	}
451 #endif
452 	VM_OBJECT_WLOCK(object);
453 	if (object->type == OBJT_DEAD) {
454 		VM_OBJECT_WUNLOCK(object);
455 		return;
456 	}
457 	KASSERT(object->type == OBJT_VNODE,
458 	    ("not vnode-backed object %p", object));
459 	if (nsize == object->un_pager.vnp.vnp_size) {
460 		/*
461 		 * Hasn't changed size
462 		 */
463 		VM_OBJECT_WUNLOCK(object);
464 		return;
465 	}
466 	nobjsize = OFF_TO_IDX(nsize + PAGE_MASK);
467 	if (nsize < object->un_pager.vnp.vnp_size) {
468 		/*
469 		 * File has shrunk. Toss any cached pages beyond the new EOF.
470 		 */
471 		if (nobjsize < object->size)
472 			vm_object_page_remove(object, nobjsize, object->size,
473 			    0);
474 		/*
475 		 * this gets rid of garbage at the end of a page that is now
476 		 * only partially backed by the vnode.
477 		 *
478 		 * XXX for some reason (I don't know yet), if we take a
479 		 * completely invalid page and mark it partially valid
480 		 * it can screw up NFS reads, so we don't allow the case.
481 		 */
482 		if (!(nsize & PAGE_MASK))
483 			goto out;
484 		m = vm_page_grab(object, OFF_TO_IDX(nsize), VM_ALLOC_NOCREAT);
485 		if (m == NULL)
486 			goto out;
487 		if (!vm_page_none_valid(m)) {
488 			int base = (int)nsize & PAGE_MASK;
489 			int size = PAGE_SIZE - base;
490 
491 			/*
492 			 * Clear out partial-page garbage in case
493 			 * the page has been mapped.
494 			 */
495 			pmap_zero_page_area(m, base, size);
496 
497 			/*
498 			 * Update the valid bits to reflect the blocks that
499 			 * have been zeroed.  Some of these valid bits may
500 			 * have already been set.
501 			 */
502 			vm_page_set_valid_range(m, base, size);
503 
504 			/*
505 			 * Round "base" to the next block boundary so that the
506 			 * dirty bit for a partially zeroed block is not
507 			 * cleared.
508 			 */
509 			base = roundup2(base, DEV_BSIZE);
510 
511 			/*
512 			 * Clear out partial-page dirty bits.
513 			 *
514 			 * note that we do not clear out the valid
515 			 * bits.  This would prevent bogus_page
516 			 * replacement from working properly.
517 			 */
518 			vm_page_clear_dirty(m, base, PAGE_SIZE - base);
519 		}
520 		vm_page_xunbusy(m);
521 	}
522 out:
523 #if defined(__powerpc__) && !defined(__powerpc64__)
524 	object->un_pager.vnp.vnp_size = nsize;
525 #else
526 	atomic_store_64(&object->un_pager.vnp.vnp_size, nsize);
527 #endif
528 	object->size = nobjsize;
529 	VM_OBJECT_WUNLOCK(object);
530 }
531 
532 /*
533  * calculate the linear (byte) disk address of specified virtual
534  * file address
535  */
536 static int
537 vnode_pager_addr(struct vnode *vp, vm_ooffset_t address, daddr_t *rtaddress,
538     int *run)
539 {
540 	int bsize;
541 	int err;
542 	daddr_t vblock;
543 	daddr_t voffset;
544 
545 	if (address < 0)
546 		return -1;
547 
548 	if (VN_IS_DOOMED(vp))
549 		return -1;
550 
551 	bsize = vp->v_mount->mnt_stat.f_iosize;
552 	vblock = address / bsize;
553 	voffset = address % bsize;
554 
555 	err = VOP_BMAP(vp, vblock, NULL, rtaddress, run, NULL);
556 	if (err == 0) {
557 		if (*rtaddress != -1)
558 			*rtaddress += voffset / DEV_BSIZE;
559 		if (run) {
560 			*run += 1;
561 			*run *= bsize / PAGE_SIZE;
562 			*run -= voffset / PAGE_SIZE;
563 		}
564 	}
565 
566 	return (err);
567 }
568 
569 /*
570  * small block filesystem vnode pager input
571  */
572 static int
573 vnode_pager_input_smlfs(vm_object_t object, vm_page_t m)
574 {
575 	struct vnode *vp;
576 	struct bufobj *bo;
577 	struct buf *bp;
578 	struct sf_buf *sf;
579 	daddr_t fileaddr;
580 	vm_offset_t bsize;
581 	vm_page_bits_t bits;
582 	int error, i;
583 
584 	error = 0;
585 	vp = object->handle;
586 	if (VN_IS_DOOMED(vp))
587 		return VM_PAGER_BAD;
588 
589 	bsize = vp->v_mount->mnt_stat.f_iosize;
590 
591 	VOP_BMAP(vp, 0, &bo, 0, NULL, NULL);
592 
593 	sf = sf_buf_alloc(m, 0);
594 
595 	for (i = 0; i < PAGE_SIZE / bsize; i++) {
596 		vm_ooffset_t address;
597 
598 		bits = vm_page_bits(i * bsize, bsize);
599 		if (m->valid & bits)
600 			continue;
601 
602 		address = IDX_TO_OFF(m->pindex) + i * bsize;
603 		if (address >= object->un_pager.vnp.vnp_size) {
604 			fileaddr = -1;
605 		} else {
606 			error = vnode_pager_addr(vp, address, &fileaddr, NULL);
607 			if (error)
608 				break;
609 		}
610 		if (fileaddr != -1) {
611 			bp = uma_zalloc(vnode_pbuf_zone, M_WAITOK);
612 
613 			/* build a minimal buffer header */
614 			bp->b_iocmd = BIO_READ;
615 			bp->b_iodone = bdone;
616 			KASSERT(bp->b_rcred == NOCRED, ("leaking read ucred"));
617 			KASSERT(bp->b_wcred == NOCRED, ("leaking write ucred"));
618 			bp->b_rcred = crhold(curthread->td_ucred);
619 			bp->b_wcred = crhold(curthread->td_ucred);
620 			bp->b_data = (caddr_t)sf_buf_kva(sf) + i * bsize;
621 			bp->b_blkno = fileaddr;
622 			pbgetbo(bo, bp);
623 			bp->b_vp = vp;
624 			bp->b_bcount = bsize;
625 			bp->b_bufsize = bsize;
626 			bp->b_runningbufspace = bp->b_bufsize;
627 			atomic_add_long(&runningbufspace, bp->b_runningbufspace);
628 
629 			/* do the input */
630 			bp->b_iooffset = dbtob(bp->b_blkno);
631 			bstrategy(bp);
632 
633 			bwait(bp, PVM, "vnsrd");
634 
635 			if ((bp->b_ioflags & BIO_ERROR) != 0) {
636 				KASSERT(bp->b_error != 0,
637 				    ("%s: buf error but b_error == 0\n", __func__));
638 				error = bp->b_error;
639 			}
640 
641 			/*
642 			 * free the buffer header back to the swap buffer pool
643 			 */
644 			bp->b_vp = NULL;
645 			pbrelbo(bp);
646 			uma_zfree(vnode_pbuf_zone, bp);
647 			if (error)
648 				break;
649 		} else
650 			bzero((caddr_t)sf_buf_kva(sf) + i * bsize, bsize);
651 		KASSERT((m->dirty & bits) == 0,
652 		    ("vnode_pager_input_smlfs: page %p is dirty", m));
653 		vm_page_bits_set(m, &m->valid, bits);
654 	}
655 	sf_buf_free(sf);
656 	if (error) {
657 		return VM_PAGER_ERROR;
658 	}
659 	return VM_PAGER_OK;
660 }
661 
662 /*
663  * old style vnode pager input routine
664  */
665 static int
666 vnode_pager_input_old(vm_object_t object, vm_page_t m)
667 {
668 	struct uio auio;
669 	struct iovec aiov;
670 	int error;
671 	int size;
672 	struct sf_buf *sf;
673 	struct vnode *vp;
674 
675 	VM_OBJECT_ASSERT_WLOCKED(object);
676 	error = 0;
677 
678 	/*
679 	 * Return failure if beyond current EOF
680 	 */
681 	if (IDX_TO_OFF(m->pindex) >= object->un_pager.vnp.vnp_size) {
682 		return VM_PAGER_BAD;
683 	} else {
684 		size = PAGE_SIZE;
685 		if (IDX_TO_OFF(m->pindex) + size > object->un_pager.vnp.vnp_size)
686 			size = object->un_pager.vnp.vnp_size - IDX_TO_OFF(m->pindex);
687 		vp = object->handle;
688 		VM_OBJECT_WUNLOCK(object);
689 
690 		/*
691 		 * Allocate a kernel virtual address and initialize so that
692 		 * we can use VOP_READ/WRITE routines.
693 		 */
694 		sf = sf_buf_alloc(m, 0);
695 
696 		aiov.iov_base = (caddr_t)sf_buf_kva(sf);
697 		aiov.iov_len = size;
698 		auio.uio_iov = &aiov;
699 		auio.uio_iovcnt = 1;
700 		auio.uio_offset = IDX_TO_OFF(m->pindex);
701 		auio.uio_segflg = UIO_SYSSPACE;
702 		auio.uio_rw = UIO_READ;
703 		auio.uio_resid = size;
704 		auio.uio_td = curthread;
705 
706 		error = VOP_READ(vp, &auio, 0, curthread->td_ucred);
707 		if (!error) {
708 			int count = size - auio.uio_resid;
709 
710 			if (count == 0)
711 				error = EINVAL;
712 			else if (count != PAGE_SIZE)
713 				bzero((caddr_t)sf_buf_kva(sf) + count,
714 				    PAGE_SIZE - count);
715 		}
716 		sf_buf_free(sf);
717 
718 		VM_OBJECT_WLOCK(object);
719 	}
720 	KASSERT(m->dirty == 0, ("vnode_pager_input_old: page %p is dirty", m));
721 	if (!error)
722 		vm_page_valid(m);
723 	return error ? VM_PAGER_ERROR : VM_PAGER_OK;
724 }
725 
726 /*
727  * generic vnode pager input routine
728  */
729 
730 /*
731  * Local media VFS's that do not implement their own VOP_GETPAGES
732  * should have their VOP_GETPAGES call to vnode_pager_generic_getpages()
733  * to implement the previous behaviour.
734  *
735  * All other FS's should use the bypass to get to the local media
736  * backing vp's VOP_GETPAGES.
737  */
738 static int
739 vnode_pager_getpages(vm_object_t object, vm_page_t *m, int count, int *rbehind,
740     int *rahead)
741 {
742 	struct vnode *vp;
743 	int rtval;
744 
745 	/* Handle is stable with paging in progress. */
746 	vp = object->handle;
747 	rtval = VOP_GETPAGES(vp, m, count, rbehind, rahead);
748 	KASSERT(rtval != EOPNOTSUPP,
749 	    ("vnode_pager: FS getpages not implemented\n"));
750 	return rtval;
751 }
752 
753 static int
754 vnode_pager_getpages_async(vm_object_t object, vm_page_t *m, int count,
755     int *rbehind, int *rahead, vop_getpages_iodone_t iodone, void *arg)
756 {
757 	struct vnode *vp;
758 	int rtval;
759 
760 	vp = object->handle;
761 	rtval = VOP_GETPAGES_ASYNC(vp, m, count, rbehind, rahead, iodone, arg);
762 	KASSERT(rtval != EOPNOTSUPP,
763 	    ("vnode_pager: FS getpages_async not implemented\n"));
764 	return (rtval);
765 }
766 
767 /*
768  * The implementation of VOP_GETPAGES() and VOP_GETPAGES_ASYNC() for
769  * local filesystems, where partially valid pages can only occur at
770  * the end of file.
771  */
772 int
773 vnode_pager_local_getpages(struct vop_getpages_args *ap)
774 {
775 
776 	return (vnode_pager_generic_getpages(ap->a_vp, ap->a_m, ap->a_count,
777 	    ap->a_rbehind, ap->a_rahead, NULL, NULL));
778 }
779 
780 int
781 vnode_pager_local_getpages_async(struct vop_getpages_async_args *ap)
782 {
783 	int error;
784 
785 	error = vnode_pager_generic_getpages(ap->a_vp, ap->a_m, ap->a_count,
786 	    ap->a_rbehind, ap->a_rahead, ap->a_iodone, ap->a_arg);
787 	if (error != 0 && ap->a_iodone != NULL)
788 		ap->a_iodone(ap->a_arg, ap->a_m, ap->a_count, error);
789 	return (error);
790 }
791 
792 /*
793  * This is now called from local media FS's to operate against their
794  * own vnodes if they fail to implement VOP_GETPAGES.
795  */
796 int
797 vnode_pager_generic_getpages(struct vnode *vp, vm_page_t *m, int count,
798     int *a_rbehind, int *a_rahead, vop_getpages_iodone_t iodone, void *arg)
799 {
800 	vm_object_t object;
801 	struct bufobj *bo;
802 	struct buf *bp;
803 	off_t foff;
804 #ifdef INVARIANTS
805 	off_t blkno0;
806 #endif
807 	int bsize, pagesperblock;
808 	int error, before, after, rbehind, rahead, poff, i;
809 	int bytecount, secmask;
810 
811 	KASSERT(vp->v_type != VCHR && vp->v_type != VBLK,
812 	    ("%s does not support devices", __func__));
813 
814 	if (VN_IS_DOOMED(vp))
815 		return (VM_PAGER_BAD);
816 
817 	object = vp->v_object;
818 	foff = IDX_TO_OFF(m[0]->pindex);
819 	bsize = vp->v_mount->mnt_stat.f_iosize;
820 	pagesperblock = bsize / PAGE_SIZE;
821 
822 	KASSERT(foff < object->un_pager.vnp.vnp_size,
823 	    ("%s: page %p offset beyond vp %p size", __func__, m[0], vp));
824 	KASSERT(count <= nitems(bp->b_pages),
825 	    ("%s: requested %d pages", __func__, count));
826 
827 	/*
828 	 * The last page has valid blocks.  Invalid part can only
829 	 * exist at the end of file, and the page is made fully valid
830 	 * by zeroing in vm_pager_get_pages().
831 	 */
832 	if (!vm_page_none_valid(m[count - 1]) && --count == 0) {
833 		if (iodone != NULL)
834 			iodone(arg, m, 1, 0);
835 		return (VM_PAGER_OK);
836 	}
837 
838 	bp = uma_zalloc(vnode_pbuf_zone, M_WAITOK);
839 
840 	/*
841 	 * Get the underlying device blocks for the file with VOP_BMAP().
842 	 * If the file system doesn't support VOP_BMAP, use old way of
843 	 * getting pages via VOP_READ.
844 	 */
845 	error = VOP_BMAP(vp, foff / bsize, &bo, &bp->b_blkno, &after, &before);
846 	if (error == EOPNOTSUPP) {
847 		uma_zfree(vnode_pbuf_zone, bp);
848 		VM_OBJECT_WLOCK(object);
849 		for (i = 0; i < count; i++) {
850 			VM_CNT_INC(v_vnodein);
851 			VM_CNT_INC(v_vnodepgsin);
852 			error = vnode_pager_input_old(object, m[i]);
853 			if (error)
854 				break;
855 		}
856 		VM_OBJECT_WUNLOCK(object);
857 		return (error);
858 	} else if (error != 0) {
859 		uma_zfree(vnode_pbuf_zone, bp);
860 		return (VM_PAGER_ERROR);
861 	}
862 
863 	/*
864 	 * If the file system supports BMAP, but blocksize is smaller
865 	 * than a page size, then use special small filesystem code.
866 	 */
867 	if (pagesperblock == 0) {
868 		uma_zfree(vnode_pbuf_zone, bp);
869 		for (i = 0; i < count; i++) {
870 			VM_CNT_INC(v_vnodein);
871 			VM_CNT_INC(v_vnodepgsin);
872 			error = vnode_pager_input_smlfs(object, m[i]);
873 			if (error)
874 				break;
875 		}
876 		return (error);
877 	}
878 
879 	/*
880 	 * A sparse file can be encountered only for a single page request,
881 	 * which may not be preceded by call to vm_pager_haspage().
882 	 */
883 	if (bp->b_blkno == -1) {
884 		KASSERT(count == 1,
885 		    ("%s: array[%d] request to a sparse file %p", __func__,
886 		    count, vp));
887 		uma_zfree(vnode_pbuf_zone, bp);
888 		pmap_zero_page(m[0]);
889 		KASSERT(m[0]->dirty == 0, ("%s: page %p is dirty",
890 		    __func__, m[0]));
891 		vm_page_valid(m[0]);
892 		return (VM_PAGER_OK);
893 	}
894 
895 #ifdef INVARIANTS
896 	blkno0 = bp->b_blkno;
897 #endif
898 	bp->b_blkno += (foff % bsize) / DEV_BSIZE;
899 
900 	/* Recalculate blocks available after/before to pages. */
901 	poff = (foff % bsize) / PAGE_SIZE;
902 	before *= pagesperblock;
903 	before += poff;
904 	after *= pagesperblock;
905 	after += pagesperblock - (poff + 1);
906 	if (m[0]->pindex + after >= object->size)
907 		after = object->size - 1 - m[0]->pindex;
908 	KASSERT(count <= after + 1, ("%s: %d pages asked, can do only %d",
909 	    __func__, count, after + 1));
910 	after -= count - 1;
911 
912 	/* Trim requested rbehind/rahead to possible values. */
913 	rbehind = a_rbehind ? *a_rbehind : 0;
914 	rahead = a_rahead ? *a_rahead : 0;
915 	rbehind = min(rbehind, before);
916 	rbehind = min(rbehind, m[0]->pindex);
917 	rahead = min(rahead, after);
918 	rahead = min(rahead, object->size - m[count - 1]->pindex);
919 	/*
920 	 * Check that total amount of pages fit into buf.  Trim rbehind and
921 	 * rahead evenly if not.
922 	 */
923 	if (rbehind + rahead + count > nitems(bp->b_pages)) {
924 		int trim, sum;
925 
926 		trim = rbehind + rahead + count - nitems(bp->b_pages) + 1;
927 		sum = rbehind + rahead;
928 		if (rbehind == before) {
929 			/* Roundup rbehind trim to block size. */
930 			rbehind -= roundup(trim * rbehind / sum, pagesperblock);
931 			if (rbehind < 0)
932 				rbehind = 0;
933 		} else
934 			rbehind -= trim * rbehind / sum;
935 		rahead -= trim * rahead / sum;
936 	}
937 	KASSERT(rbehind + rahead + count <= nitems(bp->b_pages),
938 	    ("%s: behind %d ahead %d count %d", __func__,
939 	    rbehind, rahead, count));
940 
941 	/*
942 	 * Fill in the bp->b_pages[] array with requested and optional
943 	 * read behind or read ahead pages.  Read behind pages are looked
944 	 * up in a backward direction, down to a first cached page.  Same
945 	 * for read ahead pages, but there is no need to shift the array
946 	 * in case of encountering a cached page.
947 	 */
948 	i = bp->b_npages = 0;
949 	if (rbehind) {
950 		vm_pindex_t startpindex, tpindex;
951 		vm_page_t p;
952 
953 		VM_OBJECT_WLOCK(object);
954 		startpindex = m[0]->pindex - rbehind;
955 		if ((p = TAILQ_PREV(m[0], pglist, listq)) != NULL &&
956 		    p->pindex >= startpindex)
957 			startpindex = p->pindex + 1;
958 
959 		/* tpindex is unsigned; beware of numeric underflow. */
960 		for (tpindex = m[0]->pindex - 1;
961 		    tpindex >= startpindex && tpindex < m[0]->pindex;
962 		    tpindex--, i++) {
963 			p = vm_page_alloc(object, tpindex, VM_ALLOC_NORMAL);
964 			if (p == NULL) {
965 				/* Shift the array. */
966 				for (int j = 0; j < i; j++)
967 					bp->b_pages[j] = bp->b_pages[j +
968 					    tpindex + 1 - startpindex];
969 				break;
970 			}
971 			bp->b_pages[tpindex - startpindex] = p;
972 		}
973 
974 		bp->b_pgbefore = i;
975 		bp->b_npages += i;
976 		bp->b_blkno -= IDX_TO_OFF(i) / DEV_BSIZE;
977 	} else
978 		bp->b_pgbefore = 0;
979 
980 	/* Requested pages. */
981 	for (int j = 0; j < count; j++, i++)
982 		bp->b_pages[i] = m[j];
983 	bp->b_npages += count;
984 
985 	if (rahead) {
986 		vm_pindex_t endpindex, tpindex;
987 		vm_page_t p;
988 
989 		if (!VM_OBJECT_WOWNED(object))
990 			VM_OBJECT_WLOCK(object);
991 		endpindex = m[count - 1]->pindex + rahead + 1;
992 		if ((p = TAILQ_NEXT(m[count - 1], listq)) != NULL &&
993 		    p->pindex < endpindex)
994 			endpindex = p->pindex;
995 		if (endpindex > object->size)
996 			endpindex = object->size;
997 
998 		for (tpindex = m[count - 1]->pindex + 1;
999 		    tpindex < endpindex; i++, tpindex++) {
1000 			p = vm_page_alloc(object, tpindex, VM_ALLOC_NORMAL);
1001 			if (p == NULL)
1002 				break;
1003 			bp->b_pages[i] = p;
1004 		}
1005 
1006 		bp->b_pgafter = i - bp->b_npages;
1007 		bp->b_npages = i;
1008 	} else
1009 		bp->b_pgafter = 0;
1010 
1011 	if (VM_OBJECT_WOWNED(object))
1012 		VM_OBJECT_WUNLOCK(object);
1013 
1014 	/* Report back actual behind/ahead read. */
1015 	if (a_rbehind)
1016 		*a_rbehind = bp->b_pgbefore;
1017 	if (a_rahead)
1018 		*a_rahead = bp->b_pgafter;
1019 
1020 #ifdef INVARIANTS
1021 	KASSERT(bp->b_npages <= nitems(bp->b_pages),
1022 	    ("%s: buf %p overflowed", __func__, bp));
1023 	for (int j = 1, prev = 0; j < bp->b_npages; j++) {
1024 		if (bp->b_pages[j] == bogus_page)
1025 			continue;
1026 		KASSERT(bp->b_pages[j]->pindex - bp->b_pages[prev]->pindex ==
1027 		    j - prev, ("%s: pages array not consecutive, bp %p",
1028 		     __func__, bp));
1029 		prev = j;
1030 	}
1031 #endif
1032 
1033 	/*
1034 	 * Recalculate first offset and bytecount with regards to read behind.
1035 	 * Truncate bytecount to vnode real size and round up physical size
1036 	 * for real devices.
1037 	 */
1038 	foff = IDX_TO_OFF(bp->b_pages[0]->pindex);
1039 	bytecount = bp->b_npages << PAGE_SHIFT;
1040 	if ((foff + bytecount) > object->un_pager.vnp.vnp_size)
1041 		bytecount = object->un_pager.vnp.vnp_size - foff;
1042 	secmask = bo->bo_bsize - 1;
1043 	KASSERT(secmask < PAGE_SIZE && secmask > 0,
1044 	    ("%s: sector size %d too large", __func__, secmask + 1));
1045 	bytecount = (bytecount + secmask) & ~secmask;
1046 
1047 	/*
1048 	 * And map the pages to be read into the kva, if the filesystem
1049 	 * requires mapped buffers.
1050 	 */
1051 	if ((vp->v_mount->mnt_kern_flag & MNTK_UNMAPPED_BUFS) != 0 &&
1052 	    unmapped_buf_allowed) {
1053 		bp->b_data = unmapped_buf;
1054 		bp->b_offset = 0;
1055 	} else {
1056 		bp->b_data = bp->b_kvabase;
1057 		pmap_qenter((vm_offset_t)bp->b_data, bp->b_pages, bp->b_npages);
1058 	}
1059 
1060 	/* Build a minimal buffer header. */
1061 	bp->b_iocmd = BIO_READ;
1062 	KASSERT(bp->b_rcred == NOCRED, ("leaking read ucred"));
1063 	KASSERT(bp->b_wcred == NOCRED, ("leaking write ucred"));
1064 	bp->b_rcred = crhold(curthread->td_ucred);
1065 	bp->b_wcred = crhold(curthread->td_ucred);
1066 	pbgetbo(bo, bp);
1067 	bp->b_vp = vp;
1068 	bp->b_bcount = bp->b_bufsize = bp->b_runningbufspace = bytecount;
1069 	bp->b_iooffset = dbtob(bp->b_blkno);
1070 	KASSERT(IDX_TO_OFF(m[0]->pindex - bp->b_pages[0]->pindex) ==
1071 	    (blkno0 - bp->b_blkno) * DEV_BSIZE +
1072 	    IDX_TO_OFF(m[0]->pindex) % bsize,
1073 	    ("wrong offsets bsize %d m[0] %ju b_pages[0] %ju "
1074 	    "blkno0 %ju b_blkno %ju", bsize,
1075 	    (uintmax_t)m[0]->pindex, (uintmax_t)bp->b_pages[0]->pindex,
1076 	    (uintmax_t)blkno0, (uintmax_t)bp->b_blkno));
1077 
1078 	atomic_add_long(&runningbufspace, bp->b_runningbufspace);
1079 	VM_CNT_INC(v_vnodein);
1080 	VM_CNT_ADD(v_vnodepgsin, bp->b_npages);
1081 
1082 	if (iodone != NULL) { /* async */
1083 		bp->b_pgiodone = iodone;
1084 		bp->b_caller1 = arg;
1085 		bp->b_iodone = vnode_pager_generic_getpages_done_async;
1086 		bp->b_flags |= B_ASYNC;
1087 		BUF_KERNPROC(bp);
1088 		bstrategy(bp);
1089 		return (VM_PAGER_OK);
1090 	} else {
1091 		bp->b_iodone = bdone;
1092 		bstrategy(bp);
1093 		bwait(bp, PVM, "vnread");
1094 		error = vnode_pager_generic_getpages_done(bp);
1095 		for (i = 0; i < bp->b_npages; i++)
1096 			bp->b_pages[i] = NULL;
1097 		bp->b_vp = NULL;
1098 		pbrelbo(bp);
1099 		uma_zfree(vnode_pbuf_zone, bp);
1100 		return (error != 0 ? VM_PAGER_ERROR : VM_PAGER_OK);
1101 	}
1102 }
1103 
1104 static void
1105 vnode_pager_generic_getpages_done_async(struct buf *bp)
1106 {
1107 	int error;
1108 
1109 	error = vnode_pager_generic_getpages_done(bp);
1110 	/* Run the iodone upon the requested range. */
1111 	bp->b_pgiodone(bp->b_caller1, bp->b_pages + bp->b_pgbefore,
1112 	    bp->b_npages - bp->b_pgbefore - bp->b_pgafter, error);
1113 	for (int i = 0; i < bp->b_npages; i++)
1114 		bp->b_pages[i] = NULL;
1115 	bp->b_vp = NULL;
1116 	pbrelbo(bp);
1117 	uma_zfree(vnode_pbuf_zone, bp);
1118 }
1119 
1120 static int
1121 vnode_pager_generic_getpages_done(struct buf *bp)
1122 {
1123 	vm_object_t object;
1124 	off_t tfoff, nextoff;
1125 	int i, error;
1126 
1127 	KASSERT((bp->b_ioflags & BIO_ERROR) == 0 || bp->b_error != 0,
1128 	    ("%s: buf error but b_error == 0\n", __func__));
1129 	error = (bp->b_ioflags & BIO_ERROR) != 0 ? bp->b_error : 0;
1130 	object = bp->b_vp->v_object;
1131 
1132 	if (error == 0 && bp->b_bcount != bp->b_npages * PAGE_SIZE) {
1133 		if (!buf_mapped(bp)) {
1134 			bp->b_data = bp->b_kvabase;
1135 			pmap_qenter((vm_offset_t)bp->b_data, bp->b_pages,
1136 			    bp->b_npages);
1137 		}
1138 		bzero(bp->b_data + bp->b_bcount,
1139 		    PAGE_SIZE * bp->b_npages - bp->b_bcount);
1140 	}
1141 	if (buf_mapped(bp)) {
1142 		pmap_qremove((vm_offset_t)bp->b_data, bp->b_npages);
1143 		bp->b_data = unmapped_buf;
1144 	}
1145 
1146 	/*
1147 	 * If the read failed, we must free any read ahead/behind pages here.
1148 	 * The requested pages are freed by the caller (for sync requests)
1149 	 * or by the bp->b_pgiodone callback (for async requests).
1150 	 */
1151 	if (error != 0) {
1152 		VM_OBJECT_WLOCK(object);
1153 		for (i = 0; i < bp->b_pgbefore; i++)
1154 			vm_page_free_invalid(bp->b_pages[i]);
1155 		for (i = bp->b_npages - bp->b_pgafter; i < bp->b_npages; i++)
1156 			vm_page_free_invalid(bp->b_pages[i]);
1157 		VM_OBJECT_WUNLOCK(object);
1158 		return (error);
1159 	}
1160 
1161 	/* Read lock to protect size. */
1162 	VM_OBJECT_RLOCK(object);
1163 	for (i = 0, tfoff = IDX_TO_OFF(bp->b_pages[0]->pindex);
1164 	    i < bp->b_npages; i++, tfoff = nextoff) {
1165 		vm_page_t mt;
1166 
1167 		nextoff = tfoff + PAGE_SIZE;
1168 		mt = bp->b_pages[i];
1169 		if (mt == bogus_page)
1170 			continue;
1171 
1172 		if (nextoff <= object->un_pager.vnp.vnp_size) {
1173 			/*
1174 			 * Read filled up entire page.
1175 			 */
1176 			vm_page_valid(mt);
1177 			KASSERT(mt->dirty == 0,
1178 			    ("%s: page %p is dirty", __func__, mt));
1179 			KASSERT(!pmap_page_is_mapped(mt),
1180 			    ("%s: page %p is mapped", __func__, mt));
1181 		} else {
1182 			/*
1183 			 * Read did not fill up entire page.
1184 			 *
1185 			 * Currently we do not set the entire page valid,
1186 			 * we just try to clear the piece that we couldn't
1187 			 * read.
1188 			 */
1189 			vm_page_set_valid_range(mt, 0,
1190 			    object->un_pager.vnp.vnp_size - tfoff);
1191 			KASSERT((mt->dirty & vm_page_bits(0,
1192 			    object->un_pager.vnp.vnp_size - tfoff)) == 0,
1193 			    ("%s: page %p is dirty", __func__, mt));
1194 		}
1195 
1196 		if (i < bp->b_pgbefore || i >= bp->b_npages - bp->b_pgafter)
1197 			vm_page_readahead_finish(mt);
1198 	}
1199 	VM_OBJECT_RUNLOCK(object);
1200 
1201 	return (error);
1202 }
1203 
1204 /*
1205  * EOPNOTSUPP is no longer legal.  For local media VFS's that do not
1206  * implement their own VOP_PUTPAGES, their VOP_PUTPAGES should call to
1207  * vnode_pager_generic_putpages() to implement the previous behaviour.
1208  *
1209  * All other FS's should use the bypass to get to the local media
1210  * backing vp's VOP_PUTPAGES.
1211  */
1212 static void
1213 vnode_pager_putpages(vm_object_t object, vm_page_t *m, int count,
1214     int flags, int *rtvals)
1215 {
1216 	int rtval;
1217 	struct vnode *vp;
1218 	int bytes = count * PAGE_SIZE;
1219 
1220 	/*
1221 	 * Force synchronous operation if we are extremely low on memory
1222 	 * to prevent a low-memory deadlock.  VOP operations often need to
1223 	 * allocate more memory to initiate the I/O ( i.e. do a BMAP
1224 	 * operation ).  The swapper handles the case by limiting the amount
1225 	 * of asynchronous I/O, but that sort of solution doesn't scale well
1226 	 * for the vnode pager without a lot of work.
1227 	 *
1228 	 * Also, the backing vnode's iodone routine may not wake the pageout
1229 	 * daemon up.  This should be probably be addressed XXX.
1230 	 */
1231 
1232 	if (vm_page_count_min())
1233 		flags |= VM_PAGER_PUT_SYNC;
1234 
1235 	/*
1236 	 * Call device-specific putpages function
1237 	 */
1238 	vp = object->handle;
1239 	VM_OBJECT_WUNLOCK(object);
1240 	rtval = VOP_PUTPAGES(vp, m, bytes, flags, rtvals);
1241 	KASSERT(rtval != EOPNOTSUPP,
1242 	    ("vnode_pager: stale FS putpages\n"));
1243 	VM_OBJECT_WLOCK(object);
1244 }
1245 
1246 static int
1247 vn_off2bidx(vm_ooffset_t offset)
1248 {
1249 
1250 	return ((offset & PAGE_MASK) / DEV_BSIZE);
1251 }
1252 
1253 static bool
1254 vn_dirty_blk(vm_page_t m, vm_ooffset_t offset)
1255 {
1256 
1257 	KASSERT(IDX_TO_OFF(m->pindex) <= offset &&
1258 	    offset < IDX_TO_OFF(m->pindex + 1),
1259 	    ("page %p pidx %ju offset %ju", m, (uintmax_t)m->pindex,
1260 	    (uintmax_t)offset));
1261 	return ((m->dirty & ((vm_page_bits_t)1 << vn_off2bidx(offset))) != 0);
1262 }
1263 
1264 /*
1265  * This is now called from local media FS's to operate against their
1266  * own vnodes if they fail to implement VOP_PUTPAGES.
1267  *
1268  * This is typically called indirectly via the pageout daemon and
1269  * clustering has already typically occurred, so in general we ask the
1270  * underlying filesystem to write the data out asynchronously rather
1271  * then delayed.
1272  */
1273 int
1274 vnode_pager_generic_putpages(struct vnode *vp, vm_page_t *ma, int bytecount,
1275     int flags, int *rtvals)
1276 {
1277 	vm_object_t object;
1278 	vm_page_t m;
1279 	vm_ooffset_t maxblksz, next_offset, poffset, prev_offset;
1280 	struct uio auio;
1281 	struct iovec aiov;
1282 	off_t prev_resid, wrsz;
1283 	int count, error, i, maxsize, ncount, pgoff, ppscheck;
1284 	bool in_hole;
1285 	static struct timeval lastfail;
1286 	static int curfail;
1287 
1288 	object = vp->v_object;
1289 	count = bytecount / PAGE_SIZE;
1290 
1291 	for (i = 0; i < count; i++)
1292 		rtvals[i] = VM_PAGER_ERROR;
1293 
1294 	if ((int64_t)ma[0]->pindex < 0) {
1295 		printf("vnode_pager_generic_putpages: "
1296 		    "attempt to write meta-data 0x%jx(%lx)\n",
1297 		    (uintmax_t)ma[0]->pindex, (u_long)ma[0]->dirty);
1298 		rtvals[0] = VM_PAGER_BAD;
1299 		return (VM_PAGER_BAD);
1300 	}
1301 
1302 	maxsize = count * PAGE_SIZE;
1303 	ncount = count;
1304 
1305 	poffset = IDX_TO_OFF(ma[0]->pindex);
1306 
1307 	/*
1308 	 * If the page-aligned write is larger then the actual file we
1309 	 * have to invalidate pages occurring beyond the file EOF.  However,
1310 	 * there is an edge case where a file may not be page-aligned where
1311 	 * the last page is partially invalid.  In this case the filesystem
1312 	 * may not properly clear the dirty bits for the entire page (which
1313 	 * could be VM_PAGE_BITS_ALL due to the page having been mmap()d).
1314 	 * With the page busied we are free to fix up the dirty bits here.
1315 	 *
1316 	 * We do not under any circumstances truncate the valid bits, as
1317 	 * this will screw up bogus page replacement.
1318 	 */
1319 	VM_OBJECT_RLOCK(object);
1320 	if (maxsize + poffset > object->un_pager.vnp.vnp_size) {
1321 		if (object->un_pager.vnp.vnp_size > poffset) {
1322 			maxsize = object->un_pager.vnp.vnp_size - poffset;
1323 			ncount = btoc(maxsize);
1324 			if ((pgoff = (int)maxsize & PAGE_MASK) != 0) {
1325 				pgoff = roundup2(pgoff, DEV_BSIZE);
1326 
1327 				/*
1328 				 * If the page is busy and the following
1329 				 * conditions hold, then the page's dirty
1330 				 * field cannot be concurrently changed by a
1331 				 * pmap operation.
1332 				 */
1333 				m = ma[ncount - 1];
1334 				vm_page_assert_sbusied(m);
1335 				KASSERT(!pmap_page_is_write_mapped(m),
1336 		("vnode_pager_generic_putpages: page %p is not read-only", m));
1337 				MPASS(m->dirty != 0);
1338 				vm_page_clear_dirty(m, pgoff, PAGE_SIZE -
1339 				    pgoff);
1340 			}
1341 		} else {
1342 			maxsize = 0;
1343 			ncount = 0;
1344 		}
1345 		for (i = ncount; i < count; i++)
1346 			rtvals[i] = VM_PAGER_BAD;
1347 	}
1348 	VM_OBJECT_RUNLOCK(object);
1349 
1350 	auio.uio_iov = &aiov;
1351 	auio.uio_segflg = UIO_NOCOPY;
1352 	auio.uio_rw = UIO_WRITE;
1353 	auio.uio_td = NULL;
1354 	maxblksz = roundup2(poffset + maxsize, DEV_BSIZE);
1355 
1356 	for (prev_offset = poffset; prev_offset < maxblksz;) {
1357 		/* Skip clean blocks. */
1358 		for (in_hole = true; in_hole && prev_offset < maxblksz;) {
1359 			m = ma[OFF_TO_IDX(prev_offset - poffset)];
1360 			for (i = vn_off2bidx(prev_offset);
1361 			    i < sizeof(vm_page_bits_t) * NBBY &&
1362 			    prev_offset < maxblksz; i++) {
1363 				if (vn_dirty_blk(m, prev_offset)) {
1364 					in_hole = false;
1365 					break;
1366 				}
1367 				prev_offset += DEV_BSIZE;
1368 			}
1369 		}
1370 		if (in_hole)
1371 			goto write_done;
1372 
1373 		/* Find longest run of dirty blocks. */
1374 		for (next_offset = prev_offset; next_offset < maxblksz;) {
1375 			m = ma[OFF_TO_IDX(next_offset - poffset)];
1376 			for (i = vn_off2bidx(next_offset);
1377 			    i < sizeof(vm_page_bits_t) * NBBY &&
1378 			    next_offset < maxblksz; i++) {
1379 				if (!vn_dirty_blk(m, next_offset))
1380 					goto start_write;
1381 				next_offset += DEV_BSIZE;
1382 			}
1383 		}
1384 start_write:
1385 		if (next_offset > poffset + maxsize)
1386 			next_offset = poffset + maxsize;
1387 
1388 		/*
1389 		 * Getting here requires finding a dirty block in the
1390 		 * 'skip clean blocks' loop.
1391 		 */
1392 		MPASS(prev_offset < next_offset);
1393 
1394 		aiov.iov_base = NULL;
1395 		auio.uio_iovcnt = 1;
1396 		auio.uio_offset = prev_offset;
1397 		prev_resid = auio.uio_resid = aiov.iov_len = next_offset -
1398 		    prev_offset;
1399 		error = VOP_WRITE(vp, &auio,
1400 		    vnode_pager_putpages_ioflags(flags), curthread->td_ucred);
1401 
1402 		wrsz = prev_resid - auio.uio_resid;
1403 		if (wrsz == 0) {
1404 			if (ppsratecheck(&lastfail, &curfail, 1) != 0) {
1405 				vn_printf(vp, "vnode_pager_putpages: "
1406 				    "zero-length write at %ju resid %zd\n",
1407 				    auio.uio_offset, auio.uio_resid);
1408 			}
1409 			break;
1410 		}
1411 
1412 		/* Adjust the starting offset for next iteration. */
1413 		prev_offset += wrsz;
1414 		MPASS(auio.uio_offset == prev_offset);
1415 
1416 		ppscheck = 0;
1417 		if (error != 0 && (ppscheck = ppsratecheck(&lastfail,
1418 		    &curfail, 1)) != 0)
1419 			vn_printf(vp, "vnode_pager_putpages: I/O error %d\n",
1420 			    error);
1421 		if (auio.uio_resid != 0 && (ppscheck != 0 ||
1422 		    ppsratecheck(&lastfail, &curfail, 1) != 0))
1423 			vn_printf(vp, "vnode_pager_putpages: residual I/O %zd "
1424 			    "at %ju\n", auio.uio_resid,
1425 			    (uintmax_t)ma[0]->pindex);
1426 		if (error != 0 || auio.uio_resid != 0)
1427 			break;
1428 	}
1429 write_done:
1430 	/* Mark completely processed pages. */
1431 	for (i = 0; i < OFF_TO_IDX(prev_offset - poffset); i++)
1432 		rtvals[i] = VM_PAGER_OK;
1433 	/* Mark partial EOF page. */
1434 	if (prev_offset == poffset + maxsize && (prev_offset & PAGE_MASK) != 0)
1435 		rtvals[i++] = VM_PAGER_OK;
1436 	/* Unwritten pages in range, free bonus if the page is clean. */
1437 	for (; i < ncount; i++)
1438 		rtvals[i] = ma[i]->dirty == 0 ? VM_PAGER_OK : VM_PAGER_ERROR;
1439 	VM_CNT_ADD(v_vnodepgsout, i);
1440 	VM_CNT_INC(v_vnodeout);
1441 	return (rtvals[0]);
1442 }
1443 
1444 int
1445 vnode_pager_putpages_ioflags(int pager_flags)
1446 {
1447 	int ioflags;
1448 
1449 	/*
1450 	 * Pageouts are already clustered, use IO_ASYNC to force a
1451 	 * bawrite() rather then a bdwrite() to prevent paging I/O
1452 	 * from saturating the buffer cache.  Dummy-up the sequential
1453 	 * heuristic to cause large ranges to cluster.  If neither
1454 	 * IO_SYNC or IO_ASYNC is set, the system decides how to
1455 	 * cluster.
1456 	 */
1457 	ioflags = IO_VMIO;
1458 	if ((pager_flags & (VM_PAGER_PUT_SYNC | VM_PAGER_PUT_INVAL)) != 0)
1459 		ioflags |= IO_SYNC;
1460 	else if ((pager_flags & VM_PAGER_CLUSTER_OK) == 0)
1461 		ioflags |= IO_ASYNC;
1462 	ioflags |= (pager_flags & VM_PAGER_PUT_INVAL) != 0 ? IO_INVAL: 0;
1463 	ioflags |= (pager_flags & VM_PAGER_PUT_NOREUSE) != 0 ? IO_NOREUSE : 0;
1464 	ioflags |= IO_SEQMAX << IO_SEQSHIFT;
1465 	return (ioflags);
1466 }
1467 
1468 /*
1469  * vnode_pager_undirty_pages().
1470  *
1471  * A helper to mark pages as clean after pageout that was possibly
1472  * done with a short write.  The lpos argument specifies the page run
1473  * length in bytes, and the written argument specifies how many bytes
1474  * were actually written.  eof is the offset past the last valid byte
1475  * in the vnode using the absolute file position of the first byte in
1476  * the run as the base from which it is computed.
1477  */
1478 void
1479 vnode_pager_undirty_pages(vm_page_t *ma, int *rtvals, int written, off_t eof,
1480     int lpos)
1481 {
1482 	vm_object_t obj;
1483 	int i, pos, pos_devb;
1484 
1485 	if (written == 0 && eof >= lpos)
1486 		return;
1487 	obj = ma[0]->object;
1488 	for (i = 0, pos = 0; pos < written; i++, pos += PAGE_SIZE) {
1489 		if (pos < trunc_page(written)) {
1490 			rtvals[i] = VM_PAGER_OK;
1491 			vm_page_undirty(ma[i]);
1492 		} else {
1493 			/* Partially written page. */
1494 			rtvals[i] = VM_PAGER_AGAIN;
1495 			vm_page_clear_dirty(ma[i], 0, written & PAGE_MASK);
1496 		}
1497 	}
1498 	if (eof >= lpos) /* avoid truncation */
1499 		return;
1500 	for (pos = eof, i = OFF_TO_IDX(trunc_page(pos)); pos < lpos; i++) {
1501 		if (pos != trunc_page(pos)) {
1502 			/*
1503 			 * The page contains the last valid byte in
1504 			 * the vnode, mark the rest of the page as
1505 			 * clean, potentially making the whole page
1506 			 * clean.
1507 			 */
1508 			pos_devb = roundup2(pos & PAGE_MASK, DEV_BSIZE);
1509 			vm_page_clear_dirty(ma[i], pos_devb, PAGE_SIZE -
1510 			    pos_devb);
1511 
1512 			/*
1513 			 * If the page was cleaned, report the pageout
1514 			 * on it as successful.  msync() no longer
1515 			 * needs to write out the page, endlessly
1516 			 * creating write requests and dirty buffers.
1517 			 */
1518 			if (ma[i]->dirty == 0)
1519 				rtvals[i] = VM_PAGER_OK;
1520 
1521 			pos = round_page(pos);
1522 		} else {
1523 			/* vm_pageout_flush() clears dirty */
1524 			rtvals[i] = VM_PAGER_BAD;
1525 			pos += PAGE_SIZE;
1526 		}
1527 	}
1528 }
1529 
1530 static void
1531 vnode_pager_update_writecount(vm_object_t object, vm_offset_t start,
1532     vm_offset_t end)
1533 {
1534 	struct vnode *vp;
1535 	vm_ooffset_t old_wm;
1536 
1537 	VM_OBJECT_WLOCK(object);
1538 	if (object->type != OBJT_VNODE) {
1539 		VM_OBJECT_WUNLOCK(object);
1540 		return;
1541 	}
1542 	old_wm = object->un_pager.vnp.writemappings;
1543 	object->un_pager.vnp.writemappings += (vm_ooffset_t)end - start;
1544 	vp = object->handle;
1545 	if (old_wm == 0 && object->un_pager.vnp.writemappings != 0) {
1546 		ASSERT_VOP_LOCKED(vp, "v_writecount inc");
1547 		VOP_ADD_WRITECOUNT_CHECKED(vp, 1);
1548 		CTR3(KTR_VFS, "%s: vp %p v_writecount increased to %d",
1549 		    __func__, vp, vp->v_writecount);
1550 	} else if (old_wm != 0 && object->un_pager.vnp.writemappings == 0) {
1551 		ASSERT_VOP_LOCKED(vp, "v_writecount dec");
1552 		VOP_ADD_WRITECOUNT_CHECKED(vp, -1);
1553 		CTR3(KTR_VFS, "%s: vp %p v_writecount decreased to %d",
1554 		    __func__, vp, vp->v_writecount);
1555 	}
1556 	VM_OBJECT_WUNLOCK(object);
1557 }
1558 
1559 static void
1560 vnode_pager_release_writecount(vm_object_t object, vm_offset_t start,
1561     vm_offset_t end)
1562 {
1563 	struct vnode *vp;
1564 	struct mount *mp;
1565 	vm_offset_t inc;
1566 
1567 	VM_OBJECT_WLOCK(object);
1568 
1569 	/*
1570 	 * First, recheck the object type to account for the race when
1571 	 * the vnode is reclaimed.
1572 	 */
1573 	if (object->type != OBJT_VNODE) {
1574 		VM_OBJECT_WUNLOCK(object);
1575 		return;
1576 	}
1577 
1578 	/*
1579 	 * Optimize for the case when writemappings is not going to
1580 	 * zero.
1581 	 */
1582 	inc = end - start;
1583 	if (object->un_pager.vnp.writemappings != inc) {
1584 		object->un_pager.vnp.writemappings -= inc;
1585 		VM_OBJECT_WUNLOCK(object);
1586 		return;
1587 	}
1588 
1589 	vp = object->handle;
1590 	vhold(vp);
1591 	VM_OBJECT_WUNLOCK(object);
1592 	mp = NULL;
1593 	vn_start_write(vp, &mp, V_WAIT);
1594 	vn_lock(vp, LK_SHARED | LK_RETRY);
1595 
1596 	/*
1597 	 * Decrement the object's writemappings, by swapping the start
1598 	 * and end arguments for vnode_pager_update_writecount().  If
1599 	 * there was not a race with vnode reclaimation, then the
1600 	 * vnode's v_writecount is decremented.
1601 	 */
1602 	vnode_pager_update_writecount(object, end, start);
1603 	VOP_UNLOCK(vp);
1604 	vdrop(vp);
1605 	if (mp != NULL)
1606 		vn_finished_write(mp);
1607 }
1608