Re: 4.9.0 regression in pipe-backed iov_iter with systemd-nspawn

[Linus Torvalds]

On Fri, Jan 13, 2017 at 5:24 PM, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>
> Why would advance by 0 change ->iov_offset here?

That's not my worry. Advancing by zero obviously doesn't change the position.

But the _truncation_ of the rest requires iov_offset to be zero in
order to actually truncate everything.

So I was worrying about something updating it, and then wanting to
truncate things on error.

But you bring up the kinds of cases I worried about:

> On error it does use iov_iter_advance(), pretty much as a way to
> trigger pipe_truncate().  There we directly reset ->iov_offset to 0
> and ->idx to its original value.

Ok, this was the part I worried about. And this

> However, theoretically it is possible that ->read_iter() instance does
> successful copy_to_iter() and then decides to return an error.  This
>         } else if (ret < 0) {
>                 to.idx = idx;
>                 to.iov_offset = 0;
>                 iov_iter_advance(&to, 0); /* to free what was emitted */
> in generic_file_splice_read() catches any such cases.

So I'm happy with that last patch then, and my worries are laid to rest.

                Linus