1. 06 Jul, 2017 1 commit
    • Kirill Smelkov's avatar
      bigfile/virtmem: Don't forget to release fileh->writeout_inprogress on storeblk error · 87bf4908
      Kirill Smelkov authored
      Commit fb4bfb32 (bigfile/virtmem: Do storeblk() with virtmem lock
      released) added bug-protection to fileh_dirty_writeout() so that it could
      not be called twice at the same time or in parallel with other functions
      which modify pages.
      
      However it missed the code path when storeblk() call returned with error
      and whole writeout was thus erroring out, but with fileh->writeout_inprogress
      still left set to 1 incorrectly.
      
      This was leading to things like
      
          bigfile/virtmem.c:419: fileh_dirty_discard: Assertion `!(fileh->writeout_inprogress)' failed.
      
      and crashes.
      
      Fix it.
      87bf4908
  2. 28 Mar, 2017 1 commit
  3. 24 Mar, 2017 1 commit
  4. 16 Mar, 2017 2 commits
  5. 10 Mar, 2017 1 commit
    • Kirill Smelkov's avatar
      bigarray: Explicitly reject dtypes with object inside · e44bd761
      Kirill Smelkov authored
      From time to time people keep trying to use wendelin.core with
      dtype=object arrays and get segfaults without anything in logs or
      whatever else.
      
      Wendelin.core does not support it, because in case of dtype=object elements are
      really pointers and data for each object is stored in separate place in RAM
      with different per-object size.
      
      As we are memory-mapping arrays this won't work. It also does not
      essentially work for numpy.memmap for the same reason:
      
          (z4+numpy) kirr@mini:~/src/wendelin$ dd if=/dev/zero of=zero.dat bs=128 count=1
          1+0 records in
          1+0 records out
          128 bytes copied, 0.000209873 s, 610 kB/s
          (z4+numpy) kirr@mini:~/src/wendelin$ dd if=/dev/urandom of=random.dat bs=128 count=1
          1+0 records in
          1+0 records out
          128 bytes copied, 0.000225726 s, 567 kB/s
          (z4+numpy) kirr@mini:~/src/wendelin$ ipython
          ...
      
          In [1]: import numpy as np
      
          In [2]: np.memmap('zero.dat', dtype=np.object)
          Out[2]:
          memmap([None, None, None, None, None, None, None, None, None, None, None,
                 None, None, None, None, None], dtype=object)
      
          In [3]: np.memmap('random.dat', dtype=np.object)
          Out[3]: Segmentation fault
      
      So let's clarify this to users via explicitly raising exception when
      BigArray with non-appropriate dtype is trying to be created with
      descriptive explanation also logged.
      
      /reviewed-on nexedi/wendelin.core!4
      e44bd761
  6. 17 Jan, 2017 4 commits
  7. 16 Jan, 2017 4 commits
    • Kirill Smelkov's avatar
      bigfile/py/loadblk: Resort to pybuf unpinninf, if nothing helps · 024c246c
      Kirill Smelkov authored
      There are situations possible when both exc_traceback and frame objects are
      garbage-collected, but frame's f_locals remains not collected because e.g. it
      was explicitly added to somewhere. We cannot detect such cases (dicts are not
      listed in referrers).
      
      So if nothing helped, as a last resort, unpin pybuf from its original
      memory and make it point to zero-sized NULL.
      
      In general this is not strictly correct to do as other buffers &
      memoryview objects created from pybuf, copy its pointer on
      initialization and thus pybuf unpinning won't adjust them.
      
      However we require BigFile implementations to make sure not to use
      such-created objects, if any, after return from loadblk().
      
      Finally fixes #7
      024c246c
    • Kirill Smelkov's avatar
      bigfile/py: Factor out code to "unpin" a buffer to separate functions · 3a8e1beb
      Kirill Smelkov authored
      This code was added in 6da5172e (bigfile/py: Teach storeblk() how to
      correctly propagate traceback on error) to unpin a storeblk pybuf to not
      care whether its refcount == 1 - this way to be able to propagate python
      error upper not caring whether pybuf is still referenced or not.
      
      9aa6a5d7 (bigfile/py: Teach loadblk() to automatically break reference
      cycles to pybuf) adds a note that such unpinning is not strictly
      correct: becuase of other buffer objects were created from pybuf - they
      are copying pointers on initialization and unpinning pybuf won't adjust
      them.
      
      However for loadblk codepath it turned out (see next patch) it is not
      completely possible to unreference pybuf in all cases. For this reason
      loadblk will be falling back to unpinning too.
      
      As a preparatory step move common code to shared functions.
      3a8e1beb
    • Kirill Smelkov's avatar
      bigfile/py/loadblk: Replace pybuf with a stub object in calling frame in case it stays alive · 61b18a40
      Kirill Smelkov authored
      It turns out some code wants to store tracebacks e.g. for further
      logging/whatever. This way GC won't help to free up references to pybuf.
      However if pybuf remain referenced only from calling frames, we can
      change there reference to pybuf to a stub object "<pybuf>" and this way
      remove the reference.
      
      With added test but without loadblk changes the failure would be as:
      
          pybigfile_loadblk WARN: pybuf->ob_refcnt != 1 even after GC:
          pybuf (ob_refcnt=2):    <read-write buffer ptr 0x7fae4911f000, size 2097152 at 0x7fae4998cef0>
          pybuf referrers:        [<frame object at 0x556daff41aa0>]		<-- NOTE
          bigfile/_bigfile.c:613 pybigfile_loadblk        BUG!
      61b18a40
    • Kirill Smelkov's avatar
      bigfile/py/test_basic: Rework exception testing codepath so it is active on py3 also · f01b27d2
      Kirill Smelkov authored
      As comments being removed states "on python3 exception state is cleared
      upon exiting from `except`" - so let's move exc_* fetching under except
      clause - this way we'll get correct exception objects on both py2 and py3.
      f01b27d2
  8. 12 Jan, 2017 2 commits
    • Kirill Smelkov's avatar
      bigfile/py: Factor outcode to get list of objects that refer to obj to XPyObject_GetReferrers() · ca7c1b6d
      Kirill Smelkov authored
      We'll need it in next patch to get and analyze this list.
      ca7c1b6d
    • Kirill Smelkov's avatar
      bigfile/py: Dump pybuf referrers if pybuf->ob_refcnt != 1 before dying in loadblk epilogue · 20b41a5a
      Kirill Smelkov authored
      Instead of only printing "BUG" let's print information about objects
      which still refer to pybuf - to help debugging.
      
      For example with the following artificial pybuf leak
      
      ```
      diff --git a/bigfile/tests/test_basic.py b/bigfile/tests/test_basic.py
      index c737621..f5e057a 100644
      --- a/bigfile/tests/test_basic.py
      +++ b/bigfile/tests/test_basic.py
      @@ -126,6 +126,7 @@ def test_basic():
      
       # test that python exception state is preserved across pagefaulting
       def test_pagefault_savestate():
      +    zzz = []
           class BadFile(BigFile):
               def loadblk(self, blk, buf):
                   # simulate some errors in-between to overwrite thread exception
      @@ -154,6 +155,7 @@ def loadblk(self, blk, buf):
                   # which result in holding additional ref to buf, but loadblk caller
                   # will detect and handle this situation via garbage-collecting
                   # above cycle.
      +            zzz.append(buf)
      
                   self.loadblk_run = 1
      ```
      
      it dies this way:
      
          bigfile/_bigfile.c:567 pybigfile_loadblk WARN: pybuf->ob_refcnt != 1 even after GC:
          pybuf (ob_refcnt=2):    <read-write buffer ptr 0x7f08d3e88000, size 2097152 at 0x7f08d48b7070>
          pybuf referrers:        [[<read-write buffer ptr 0x7f08d3e88000, size 2097152 at 0x7f08d48b7070>]]
          bigfile/_bigfile.c:573 pybigfile_loadblk        BUG!
      20b41a5a
  9. 11 Jan, 2017 2 commits
    • Kirill Smelkov's avatar
      bigfile/py: Teach loadblk() to automatically break reference cycles to pybuf · 9aa6a5d7
      Kirill Smelkov authored
      Because otherwise we bug on pybuf->ob_refcnt != 1.
      
      Such cycles might happen if inside loadblk implementation an exception
      is internally raised and then caught even in deeply internal function
      which does not receive pybuf as argument or by some other way:
      
      After
      
      	_, _, exc_traceback = sys.exc_info()
      
      there is a reference loop created:
      
      	exc_traceback
      	  |        ^
      	  |        |
      	  v     .f_localsplus
      	 frame
      
      and since exc_traceback object holds reference to deepest frame, which via f_back
      will be holding reference to frames up to frame with pybuf argument, it
      will result in additional reference to pybuf being held until the above
      cycle is garbage collected.
      
      So to solve the problem while leaving loadblk, if pybuf->ob_refcnt !=
      let's first do garbage-collection, and only then recheck left
      references. After GC reference-loops created by exceptions should go
      away.
      
      NOTE PyGC_Collect() (C way to call gc.collect()) always performs
          GC - it is not affected by gc.disable() which disables only
          _automatic_ garbage collection.
      
      NOTE it turned out out storeblk logic to unpin pybuf (see
          6da5172e "bigfile/py: Teach storeblk() how to correctly propagate
          traceback on error") is flawed, because when e.g. creating memoryview
          from pybuf internal pointer is copied and then clearing original buf
          does not result in clearing the copy.
      
      NOTE it is ok to do gc.collect() from under sighandler - at least we are
          already doing it for a long time via running non-trivial python code
          which for sure triggers automatic GC from time to time (see also
          786d418d "bigfile: Simple test that we can handle GC from-under
          sighandler" for the reference)
      
      Fixes: nexedi/wendelin.core#7
      9aa6a5d7
    • Kirill Smelkov's avatar
      bigfile/py: Factor exception state clearing code to XPyErr_FullClear() · b4c269eb
      Kirill Smelkov authored
      In the next patch we will need to use this from several places.
      b4c269eb
  10. 10 Jan, 2017 3 commits
    • Kirill Smelkov's avatar
      bigfile/virtmem: Do storeblk() with virtmem lock released · fb4bfb32
      Kirill Smelkov authored
      Like with loadblk (see f49c11a3 "bigfile/virtmem: Do loadblk() with
      virtmem lock released" for the reference) storeblk() calls are
      potentially slow and external code that serves the call can take other
      locks in addition to virtmem lock taken by virtmem subsystem.
      If that "other locks" are also taken before external code calls e.g.
      with fileh_invalidate_page() in different codepath - a deadlock can happen:
      
            T1                  T2
      
            commit              invalidation-from-server received
            V -> storeblk
                                Z   <- ClientStorage.invalidateTransaction()
            Z -> zeo.store
                                V   <- fileh_invalidate_page (of unrelated page)
      
      The solution to avoid deadlock, like for loadblk case, is to call storeblk()
      with virtmem lock released.
      
      However unlike loadblk which can be invoked at any time, storeblk is
      invoked at commit time only so for storeblk case we handle rules for making
      sure virtmem stays consistent after virtmem lock is retaken differently:
      
      1. We disallow several parallel writeouts for one fileh. This way dirty
         pages handling logic can not mess up. This restriction is also
         consistent with ZODB 2 phase commit protocol where for a transaction
         commit logic is invoked/handled from only 1 thread.
      
      2. For the same reason we disallow discard while writeout is in
         progress. This is also consistent with ZODB 2 phase commit protocol
         where txn.tpc_abort() is not expected to be called at the same time
         with txn.commit().
      
      3. While writeout is in progress, for that fileh we disallow pages
         modifications and pages invalidations - because both operations would
         change at least fileh dirty pages list which is iterated over by
         writeout code with releasing/retaking the virtmem lock. By
         disallowing them we make sure fileh dirty pages list stays constant
         during whole fileh writeout.
      
         This restrictions are also consistent with ZODB commit semantics:
      
         - while an object is being stored into ZODB it is not expected it
           will be further modified or explicitly invalidated by client via
           ._p_invalidate()
      
         - server initiated invalidations come into effect only at transaction
           boundaries - when new transaction is started, not during commit time.
      
      Also since now storeblk is called with virtmem lock released, for buffer
      to store we no longer can use present page mapping in some vma directly,
      because while virtmem lock is released that mappings can go away.
      
      Fixes: nexedi/wendelin.core#6
      fb4bfb32
    • Kirill Smelkov's avatar
      bigfile/tests/thread: Don't invalidate exactly same page to test general... · b0d1e540
      Kirill Smelkov authored
      bigfile/tests/thread: Don't invalidate exactly same page to test general virtmem deadlock on loadblk
      
      The main deadlock described in f49c11a3 (bigfile/virtmem: Do loadblk()
      with virtmem lock released) (V,Z in T1; Z,V in T2) can happen if in T2 V
      is taken for whatever reason - e.g. for invalidating completely
      unrelated page to what is being loaded in T1.
      
      For invalidation of the same page we have explicit separate
      test_thread_load_vs_invalidate() which verifies how loadblk handles this
      situation.
      
      This patch prepares general test_thread_lock_vs_virtmem_lock() to also
      test V vs Z deadlock for storeblk() case - when it will be called with
      virtmem lock released: for storeblk it will be forbidden by virtmem
      rules to invalidate pages of fileh for which writeout is in progress.
      
      Updates: nexedi/wendelin.core#6
      b0d1e540
    • Kirill Smelkov's avatar
      bigfile/virtmem: Maintain dirty pages list for a fileh · 8bb7f2f2
      Kirill Smelkov authored
      This allows writeout code not to scan whole pagemap to find dirty pages
      to write out, which should be faster.
      
      But more importantly iterating whole pagemap on writeout would become
      unsafe, when in upcoming patch storeblk() will be called with virt_lock
      released: because there pagemap could be modified e.g. due to processing
      other read accesses.
      
      So maintain fileh->dirty_pages list and use it when we need to go
      through dirtied pages.
      
      Updates: nexedi/wendelin.core#6
      8bb7f2f2
  11. 09 Jan, 2017 1 commit
    • Kirill Smelkov's avatar
      bigfile/virtmem: Make sure pages are emitted to store in order · 43b6fdbc
      Kirill Smelkov authored
      Currently fileh_dirty_writeout() writes page via storeblk() in order -
      - those with lower ->f_pgoffset are stored first.
      
      This happens because current fileh_dirty_writeout() iterates whole
      pagemap to find dirty pages and pagemap iteration is ordered by
      f_pgoffset.
      
      In upcoming patch we'll rework writeout code not to iterate through
      whole pagemap, but only through dirty pages. However the property that
      pages are emitted in canonical order is useful, so let's make sure via
      tests this will stay preserved:
      
      In mkdirty2() we modify pages in 2, 0 order, but the latter code checks
      (via storeblk_trace()) they were actually stored in 0, 2 order.
      43b6fdbc
  12. 28 Sep, 2016 2 commits
  13. 14 Aug, 2016 1 commit
    • Kirill Smelkov's avatar
      bigfile/zodb/ZBlk1: Don't miss to deactivate/free internal .chunktab buckets in loadblkdata() · 542917d1
      Kirill Smelkov authored
      13c0c17c (bigfile/zodb: Format #1 which is optimized for small changes)
      used BTree to organize ZBlk1 block's chunks and for loadblkdata() added
      "TODO we are missing to free internal BTree structures on data load".
      
      #3 besides other
      things showed that even when we deactivate ZData objects, we are still
      keeping them as ghosts occupying memory and the same for IOBucket
      objects.
      
      This all happens because there is no proper way to deactivate whole
      btree - including internal buckets objects. And since internal buckets
      are not deactivated, they stay in picklecache and thus hold a reference
      to ZData objects and ZData objects in turn, even if explicitly
      deactivated, stay in memory.
      
      We can fix this all via implementing whole-btree deactivation procedure.
      
      To do so we need to iterate over all btree buckets recursively, but
      unfortunately there is no BTree API to access/iterate btree's buckets.
      We can however still get reference to first top-level buckets via
      gc.get_referents(btree) and then scan buckets further without hacks.
      
      gc.get_referents(btree) is a hack, but
      
      - it works in O(1)  (we only get pointers from btree, not scanning all
        gcable objects and deducing them)
      - it works reliable if we filter out non-interesting objects.
      
      So in the end it works.
      
      Before the patch loading more and more ZBlk1 data with objgraph
      instrumentation was showing itself like
      
          #                                    Nobj        δ
          wendelin.bigfile.file_zodb.ZData     7168      +512
          BTrees.IOBTree.IOBucket               238       +17
          BTrees.IOBTree.IOBTree                 14        +1
      
      and after this patch we now have
      
          BTrees.IOBTree.IOBTree                 14        +1
      
      we cannot remove that "IOBTree + 1", since ZBlk1 is holding direct
      reference on it (via .chunktab) and we have to keep ZBlk1 live with
      ._v_zfile and ._v_zblk set for invalidation to work. "+1 IOBtree" is
      however small - 144 bytes per 2M (= 0.006%) so we can neglect that the
      same way we neglect keeping ZBlk1 staying live for each block.
      542917d1
  14. 14 Jul, 2016 4 commits
    • Kirill Smelkov's avatar
      wendelin.core v0.7 · f7803634
      Kirill Smelkov authored
      f7803634
    • Kirill Smelkov's avatar
      bigfile/virtmem: usleep() needs unistd.h · d9d6409f
      Kirill Smelkov authored
      The following started to appear after recent gcc upgrade on my host:
      
      bigfile/virtmem.c: In function `vma_on_pagefault':
      bigfile/virtmem.c:696:9: warning: implicit declaration of function `usleep' [-Wimplicit-function-declaration]
               usleep(10000);  // XXX with 1000 uslepp still busywaits
      d9d6409f
    • Kirill Smelkov's avatar
      setup: Propagate only setuptools, not whole sys.path · 8f624957
      Kirill Smelkov authored
      This updates and fixes 487e5226 (setup: specify setuptools location
      explicitly when calling make.) to use @kazuhiko original idea to
      propagate only setuptools location. The reason is - when propagating
      whole sys.path things break under tox tests:
      
      ---- 8< ----
      ========================================================================== test session starts ===========================================================================
      platform linux2 -- Python 2.7.12, pytest-2.9.2, py-1.4.31, pluggy-0.3.1
      rootdir: /home/kirr/src/wendelin/release/wendelin.core, inifile:
      collected 33 items
      
      bigarray/tests/test_arrayzodb.py .......
      bigarray/tests/test_basic.py ........
      bigfile/tests/test_basic.py ....
      bigfile/tests/test_filefile.py .
      bigfile/tests/test_filezodb.py ........
      bigfile/tests/test_thread.py ....
      lib/tests/test_calc.py .
      
      ======================================================================= 33 passed in 14.14 seconds =======================================================================
      x86_64-linux-gnu-gcc -pthread -g -Wall -D_GNU_SOURCE -std=gnu99 -fplan9-extensions -Wno-declaration-after-statement -Wno-error=declaration-after-statement  -Iinclude -I3rdparty/ccan -I3rdparty/include   bigfile/tests/tfault.c lib/bug.c lib/utils.c 3rdparty/ccan/ccan/tap/tap.c  -o bigfile/tests/tfault.t
      t/tfault-run bigfile/tests/tfault.t faultr on_pagefault
      ok 1 - !pagefault_init()
      Fatal Python error: Py_Initialize: Unable to get the locale encoding
        File ".../wendelin.core/.tox/py27-ZODB3-zblk0-fs-numpy110/lib/python2.7/encodings/__init__.py", line 123
          raise CodecRegistryError,\
                                  ^
      SyntaxError: invalid syntax
      
      Current thread 0x00007f9b80024780 (most recent call first):
      t/tfault-run: line 28: 21521 Аварийный останов         (core dumped) gdb -q -batch $tfault core > core.info
      E: can't gdb(core)
      Makefile:189: ошибка выполнения рецепта для цели «faultr.tfault»
      make: *** [faultr.tfault] Ошибка 1
      rm bigfile/tests/test_virtmem.t bigfile/tests/test_ram.t bigfile/tests/tfault.t bigfile/tests/test_pagemap.t
      error: Failed to execute `make test`
      ERROR: InvocationError: '.../wendelin.core/.tox/py27-ZODB3-zblk0-fs-numpy110/bin/python setup.py test'
      ________________________________________________________________________________ summary _________________________________________________________________________________
      ERROR:   py27-ZODB3-zblk0-fs-numpy110: commands failed
      ---- 8< ----
      
      What happens here is:
      
      - gdb is used in automated tests
      - gdb is linked with libpython3.5
      - tox is currently running tests with python27
      - setup.py sets PYTHONPATH to whole path from python27
      - gdb, upon starting, initializes python runtime, which tries to load
        py27 modules under py35 -> oops.
      
      So propagating only setuptools location practically solves the issue for
      now, but still there is potential risk that in future, there will be
      other modules put in the same location as setuptools (location is parent
      dir of a module/package) which python tries to load on startup and which
      might be incompatible between 2 & 3.
      
      Thus not setting PYTHONPATH at all - e.g. creating environments
      virtualenv way - would be better, but buildout fundamentally works the
      other way. We can not also use -c 'buildout sys.path hack' in $PYTHON
      itself, as $PYTHON is used in general way inside Makefile.
      
      So let the hack with setuptools location in PYTHONPATH stay there until
      it practically works.
      8f624957
    • Kazuhiko's avatar
      setup: specify setuptools location explicitly when calling make. · 487e5226
      Kazuhiko authored
      If wendelin.core is built under buildout and setuptools exists only in
      buildout environment, 'python setup.py' called inside make will fail
      without this change.
      
          Building 'wendelin.core'
          Running easy_install:
          "/path/to/python2.7" "-c" "import sys; sys.path[0:0] = ['/path/to/setuptools-19.6.2-py2.7.egg']; from setuptools.command.easy_install import main; main()"...
          path_list=['/path/to/setuptools-19.6.2-py2.7.egg']
          ...
          <<< setup.py: os.system('make %s PYTHON="%s"' % (target, sys.executable))
          ...
          make[1]: Leaving directory '/tmp/xxx/wendelin.core-0.6/3rdparty/ccan'
          /path/to/python2.7 setup.py ll_build_ext --inplace
          Traceback (most recent call last):
            File "setup.py", line 18, in <module>
              from setuptools import setup, Extension, Command, find_packages
          ImportError: No module named setuptools
          Makefile:40: recipe for target 'bigfile/_bigfile.so' failed
          make: *** [bigfile/_bigfile.so] Error 1
          error: Setup script exited with error: Failed to execute `make all`
      
      [ @kirr: as a solution we are propagating whole python path via make.
      
        This should cover both setuptools case, and any other future potential
        "preloaded-by-buildout" egg. ]
      
      /reviewed-on !1
      487e5226
  15. 06 Jul, 2016 1 commit
    • Kirill Smelkov's avatar
      Fix build for Python 3.5 · e6beab19
      Kirill Smelkov authored
      @kazuhiko reports that wendelin.core build is currently broken on Python 3.5.
      Indeed it was:
      
          In file included from bigfile/_bigfile.c:37:0:
          ./include/wendelin/compat_py2.h: In function ‘_PyThreadState_UncheckedGetx’:
          ./include/wendelin/compat_py2.h:66:28: warning: implicit declaration of function ‘_Py_atomic_load_relaxed’ [-Wimplicit-function-declaration]
               return (PyThreadState*)_Py_atomic_load_relaxed(&_PyThreadState_Current);
                                      ^
          ./include/wendelin/compat_py2.h:66:53: error: ‘_PyThreadState_Current’ undeclared (first use in this function)
               return (PyThreadState*)_Py_atomic_load_relaxed(&_PyThreadState_Current);
                                                               ^
          ./include/wendelin/compat_py2.h:66:53: note: each undeclared identifier is reported only once for each function it appears in
          ./include/wendelin/compat_py2.h:67:1: warning: control reaches end of non-void function [-Wreturn-type]
           }
           ^
      
      The story here is that in 3.5 they decided to remove direct access to
      _PyThreadState_Current and atomic implementations - because that might
      semantically conflict with other headers implementing atomics - and
      provide only access by function.
      
      Starting from Python 3.5.2rc1 the function to get current thread state
      without asserting it is !NULL - _PyThreadState_UncheckedGet() - was added:
      
          https://github.com/python/cpython/commit/df858591
      
      so for those python versions we can directly use it.
      
      After the fix wendelin.core tox tests pass under all python2.7, python3.4 and python3.5.
      
      More context here:
      
          https://bugs.python.org/issue26154
          https://bugs.python.org/issue25150
      
      Fixes: #1
      e6beab19
  16. 01 Jul, 2016 2 commits
  17. 27 Jun, 2016 2 commits
  18. 24 Jun, 2016 1 commit
    • Kirill Smelkov's avatar
      bigfile/pagemap: Fix non-leaf page iteration · ee9bcd00
      Kirill Smelkov authored
      Since the beginning of pagemap (45af76e6 "bigfile/pagemap: specialized
      {} uint64 -> void * mapping") we had a bug sitting in
      __pagemap_for_each_leaftab() (non-leaf iterating logic behind
      pagemap_for_each):
      
      After entry to stack-down was found, we did not updated tailv[l]
      accordingly. Thus if there are non-adjacent entries an entry could be
      e.g. emitted many times:
      
           l 3  __down 0x7f79da1ee000
           tailv[4]: 0x7f79da1ee000
            -> tailv[4] 0x7f79da1ee000  __down 0x7f79da1ed000
      
           l 4  __down 0x7f79da1ed000
           tailv[5]: 0x7f79da1ed000
           h 5  l 5  leaftab: 0x7f79da1ed000      <--
            lvl 5  idx 169  page 0x55aa
          ok 9 - pagemap_for_each(0) == 21930
      
           l 5  __down (nil)
           tailv[4]: 0x7f79da1ee008
            -> tailv[4] 0x7f79da1ee008  __down 0x7f79da1ed000
      
           l 4  __down 0x7f79da1ed000
           tailv[5]: 0x7f79da1ed000
           h 5  l 5  leaftab: 0x7f79da1ed000      <--
            lvl 5  idx 169  page 0x55aa
          not ok 10 - pagemap_for_each(1) == 140724106500272
      
      And many-time-emitted entries are not only incorrect, but can also lead
      to not-handled segmentation faults in e.g. fileh_close():
      
          https://lab.nexedi.com/nexedi/wendelin.core/blob/v0.6-1-gb0b2c52/bigfile/virtmem.c#L179
      
          /* drop all pages (dirty or not) associated with this fileh */
          pagemap_for_each(page, &fileh->pagemap) {
              /* it's an error to close fileh to mapping of which an access is
               * currently being done in another thread */
              BUG_ON(page->state == PAGE_LOADING);
              page_drop_memory(page);
              list_del(&page->lru);                           <-- HERE
              bzero(page, sizeof(*page)); /* just in case */
              free(page);
          }
      
      ( because after first bzero of a page, the page is all 0 bytes including
        page->lru{.next,.prev} so on the second time when the same page is
        emitted by pagemap_for_each, list_del(&page->lru) will try to set
        page->lru.next = ... which will segfault. )
      
      So fix it by properly updating tailv[l] while we scan/iterate current level.
      
      NOTE
      
      This applies only to non-leaf pagemap levels, as leaf level is scanned
      with separate loop in pagemap_for_each. That's why we probably did not
      noticed this earlier - up until now our usual workloads was to change
      data in adjacent batches and that means adjacent pages.
      
      Though today @Tyagov was playing with wendelin.core in some other way and
      it uncovered the bug.
      ee9bcd00
  19. 13 Jun, 2016 5 commits