On Sun, Jul 25, 2021 at 12:06:41AM +0200, Andreas Gruenbacher wrote: > On Sat, Jul 24, 2021 at 11:57 PM Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote: > > On Sat, Jul 24, 2021 at 11:38:20PM +0200, Andreas Gruenbacher wrote: > > > > > Hmm, how could we have sub-page failure areas when this is about if > > > and how pages are mapped? If we return the number of bytes that are > > > accessible, then users will know if they got nothing, something, or > > > everything, and they can act accordingly. > > > > What I'm saying is that in situation when you have cacheline-sized > > poisoned areas, there's no way to get an accurate count of readable > > area other than try and copy it out. > > > > What's more, "something" is essentially useless information - the > > pages might get unmapped right as your function returns; the caller > > still needs to deal with partial copies. And that's a slow path > > by definition, so informing them of a partial fault-in is not > > going to be useful. > > > > As far as callers are concerned, it's "nothing suitable in the > > beginning of the area" vs. "something might be accessible". > > Yes, and the third case would be "something might be accessible, but > not all of it". There probably are callers that give up when they > don't have it all. Who cares? Again, 1) those callers *still* have to cope with copyin/copyout failures halfway through. Fully successful fault-in does not guarantee anything whatsoever. IOW, you won't get rid of any complexity that way. 2) earlier bailout in rare error case is not worth bothering with. If you'd been given an iov_iter spanning an unmapped/unreadable/unwritable area of user memory, it's either a fucking rare race with truncate() of an mmapped file or a pilot error. Neither case is worth optimizing for. The difference between partially accessible and completely accessible at the fault-in time is useless for callers. Really.