Fallback to read/write if pread/pwrite fails

[jozkee]

Fixes the scenario in #59754 for main (7.0).
cc @am11

[ghost]

Tagging subscribers to this area: @dotnet/area-system-io
See info in area-owners.md if you want to be subscribed.

Issue Details

---

Fixes #59754
cc @am11

Author:	Jozkee
Assignees:	Jozkee
Labels:	area-System.IO
Milestone:	6.0.0

[jozkee]

I thought the reason of getting ENXIO was because we were using a character device. I tried to repro with /dev/null and /dev/zero but I couldn't so I don't know what's special about this vs the other two character devices.

Also, this prints in console what you write to it, not sure if that may be an issue for testing.

[am11]

It was the issue with /dev/tty (aka text/input environment) and /dev/console (aka physical terminal).
/dev/null has special handling https://man7.org/linux/man-pages/man4/null.4.html, I think that's why it bails early as a no-op.

[am11]

Can we pass devicePath as param and test /dev/tty, /dev/console and /dev/null? They are available in test environments AFAICT.

[jozkee]

Done, I also included /dev/zero just in case.

[stephentoub]

The issue we're facing is that CanSeek returns true but PRead fails. However, is there ever a situation where CanSeek would be false but PRead at arbitrary offsets would succeed? Seems like we should continue using Read always if CanSeek is false; otherwise we're going to be paying for a PRead that's always going to fail.

Similar question/comment for the write path.

[tmds]

+1

CanSeek was added to the handle pread/pwrite support. I think we should replace it by something like MaybeCanRandomAccess which optimistically defaults to true, and gets set to false in the error path.

[jozkee]

There is an almost-approved api proposal to expose SafeFileHandle.CanSeek #58370 so I don't think we should remove it.
I added another field that caches "supports random access" and its initial value is set to CanSeek.

[jozkee]

Seems like we should continue using Read always if CanSeek is false

Done, for read and for write as well.

[tmds]

There is an almost-approved api proposal to expose SafeFileHandle.CanSeek #58370 so I don't think we should remove it.

I've added a comment to that proposal: #58370 (comment).

I think we should remove CanSeek in this PR or when implementing #58381.
It makes sense to cache it as part of FileStream then.

[tmds]

Can this be part of the ctor_* tests that gets run from different APIs?

[jozkee]

It was hard to figure out exacty how much is covered by those clases and I didn't want to end up with a ton of duplication (caused by the inheritance).
I would prefer to wait for @adamsitnik to come back to refactor the tests since he is more familiar with them.

[tmds]

This needs ESPIPE also.

[jozkee]

Can you describe in which case we can get ESPIPE?

[tmds]

When the path you pass in is a pipe/socket.

[tmds]

for example, EPIPE when using pwrite on socket:

socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0
pwrite64(3, "hello", 5, 0)              = -1 ESPIPE (Illegal seek)

[jozkee]

CanSeek reports false for a FileStream opening a socket so in theory we will never call pwrite for that case (unless there's another distro that unexpectedly reports true).

I'm trying to add a unit test that covers this.
At least I can see that there is no issue with macOS in such case.

[tmds]

As part of #58381, we'll be able to remove the syscall that is made for CanSeek, which will require adding ESPIPE here.

It's safer to add it, and there is no real cost to it.

[jozkee]

@tmds @stephentoub @adamsitnik @carlossanlop this is ready for review.

[tmds]

nit: This setter should only be used to set to false. Maybe we should add an Assert?

[tmds]

LGTM, thanks!

[adamsitnik]

The tests are excellent, the implementation is valid but I wonder if we could simplify it (please see my comment). Thank you @jozkee !

[adamsitnik]

just an opinion: when reviewing this file, the first thing I had to do was to scroll down and find DevicePath_FileOptions_TestData. If it was at the top, I would not need to do that.

[adamsitnik]

another great idea to test non-seekable files! 👍

[adamsitnik]

these consts are used in more than one method, they could be declared in the type or you could move the socketpair-related logic to a separate method:

private static unsafe (FileStream read, FileStream write) CreateSocketPair()
{
    int* ptr = stackalloc int[2];
    Assert.Equal(0, socketpair(1, 1, 0, ptr));
 
    return (new FileStream(new SafeFileHandle((IntPtr)ptr[0], ownsHandle: true), FileAccess.Read), 
            new FileStream(new SafeFileHandle((IntPtr)ptr[1], ownsHandle: true), FileAccess.Write));
}

[adamsitnik]

LGTM, thank you @jozkee

[jozkee]

/backport to release/6.0

[github-actions]

Started backporting to release/6.0: https://github.com/dotnet/runtime/actions/runs/1331368776

[stephentoub]

It might be worth adding a comment here about benign race conditions. It's possible two threads could interleave in such a way that one thread fails an I/O and sets _supportsRandomAccess to false and then another thread that was in the process of initializing _supportsRandomAccess overwrites it with true based on CanSeek. It's currently benign, however, because it'll get set to false again the next time I/O fails.