The lock state should go into faultstate.

It's better to handle this in unlock_and_deallocate().

If the lock upgrade fails, then we just retry the lookup. Why not keep vm_fault_object() intact and retry the lookup within that function?

this would require patching all other callers of the routine, or reworking it internally to wrap a vriant which grabs objlocked argument. i explicitly did not do that to avoid extra changes in the area given the entire thing will need to be refactored down the road.

I suggested to put the objlock state in the faultstate structure and handle it without passing around an extra parameter. Why not do it? That way, vm_fault_lock_vnode() can be simplified as well, and you don't have to modify every caller.

The patch as implemented confines rlock to the loop, without affecting other code. Most notably everything outside of it will only ever see a write lock, just like without the patch. Moving the lock state to the faultstate struct would require patching *all* places which unlock and it's just a lot of churn for no benefit that I see.

I don't think this bit is pretty, but given unlocked operation later I suspect this will require a dedicated variant anyway.

I don't expect this to ever be a real problem -- the page has to go invalid in-between the initial check and xbusy, which I strongly suspect will be rare. leaving the code like this avoids modifying vm_fault_object.

i moved this and the same assert in vm_fault_object up, i dn't understand why they were pushed below. this can be a separate commit.

You can do lockless lookup for the page (and may be checking its validity), only to select rlock vs. wlock there, probably eliminating almost all lock upgrades.

Is it time to finally have VM_OBJECT_UNLOCK() ?

Why did you omitted the checks for dead object flag and state?

This should be a separate commit.

Is this change of the comment style needed?

what is rlock for in this case if the page was found and validated locklessly?

how about something of this sort, with failing case wlocking the object

static enum fault_status
vm_fault_object_unlocked(struct faultstate *fs)
{

        VM_OBJECT_ASSERT_UNLOCKED(fs->object);

        fs->m = vm_page_lookup_unlocked(fs->object, fs->pindex);
        if (fs->m == NULL)
                return (FAULT_CONTINUE);

        if (!vm_page_all_valid(fs->m))
                return (FAULT_CONTINUE);

        if (!vm_page_tryxbusy(fs->m)) {
                vm_fault_busy_sleep_unlocked(fs);
                return (FAULT_RESTART);
        }

        if (fs->m->object != fs->object || fs->m->pindex != fs->pindex ||
            !vm_page_all_valid(fs->m)) {
                vm_page_xunbusy(fs->m);
                fs->m = NULL;
                return (FAULT_CONTINUE);
        }

        /*
         * Finally make sure the object is still alive.
         */
        if ((fs->object->flags & OBJ_DEAD) != 0) {
                vm_page_xunbusy(fs->m);
                fs->m = NULL;
                return (FAULT_CONTINUE);
        }

        return (FAULT_SOFT);
}

We already have VM_OBJECT_DROP(), BTW. I think VM_OBJECT_UNLOCK() makes more sense as a name though.

_DROP() calls the lock class method, which at least gives more overhead than plain rw_unlock(). It also intended to be used in pair with _PICKUP.

This would make things slower multi-threaded. write unlock does not pre-read the lock and adding that would require an extra transaction. read unlock happens to read upfront, but that's only a current artifact of the implementation

no, but it matches other comments in the file and since I'm moving the code around I don't see why not