On Tue, Jun 22, 2021 at 10:26 AM Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote: > > On Tue, Jun 22, 2021 at 03:36:22PM +0000, Al Viro wrote: > > > > Note that the revert you propose is going to do fault-in anyway; we really can't > > avoid it. The only thing it does is optimistically trying without that the > > first time around, which is going to be an overall loss exactly in "slow > > write_begin" case. If source pages are absent, you'll get copyin fail; > > iov_iter_copy_from_user_atomic() (or its replacement) is disabling pagefaults > > itself. > > Let's not overstate the case. I think for the vast majority of write() > calls, the data being written has recently been accessed. So this > userspace access is unnecessary. Note that the fault_in_readable is very much necessary - the only question is whether it happens before the actual access, or after it in the "oh, it failed, need to retry" case. There are two cases: (a) the user page is there and accessible, and fault_in_readable isn't necessary (b) not and as you say, case (a) is generally the common one by far, although it will depend on the exact load (iow, (b) *could* be the common case: you can have situations where you mmap() things only to then write the mapping out, and then accesses will fault a lot). But if it's case (a), then the fault_in_readable is going to be pretty cheap. We're talking "tens of CPU cycles", unlikely to really be an issue. If the case is (b), then the cost is not actually the access at all, it's the *fault* and the retry. Now we're talking easily thousands of cycles. And that's where it matters whether the fault_in_readable is before or after. If it's before the actual access, then you'll have just _one_ fault, and it will handle the fault. If the fault_in_readable is only done in the allegedly unlikely faulting case and is _after_ the actual user space atomic access, you'll have *two* faults. First the copy_from_user_atomic() will fault, and return a partial result. But the page won't actually be populated, so then the fault_in_readable will have to fault _again_, in order to finally populate the page. And then we retry (successfully, except for the unbelievably rare case of racing with pageout) the actual copy_from_user_atomic(). End result: doing the fault_in_readable "unnecessarily" at the beginning is likely the better optimization. It's basically free when it's not necessary, and it avoids an extra fault (and extra lock/unlock and retry) when it does end up faulting pages in. Linus