Re: [PATCH v3 7/9] dax: report bytes remaining in dax_iomap_actor()

From: Ross Zwisler
Date: Wed May 23 2018 - 11:53:52 EST


On Wed, May 23, 2018 at 09:39:04AM -0700, Dan Williams wrote:
> On Wed, May 23, 2018 at 9:34 AM, Ross Zwisler
> <ross.zwisler@xxxxxxxxxxxxxxx> wrote:
> > On Thu, May 03, 2018 at 05:06:42PM -0700, Dan Williams wrote:
> >> In preparation for protecting the dax read(2) path from media errors
> >> with copy_to_iter_mcsafe() (via dax_copy_to_iter()), convert the
> >> implementation to report the bytes successfully transferred.
> >>
> >> Cc: <x86@xxxxxxxxxx>
> >> Cc: Ingo Molnar <mingo@xxxxxxxxxx>
> >> Cc: Borislav Petkov <bp@xxxxxxxxx>
> >> Cc: Tony Luck <tony.luck@xxxxxxxxx>
> >> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> >> Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> >> Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
> >> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
> >> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> >> Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> >> Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx>
> >> ---
> >> fs/dax.c | 20 +++++++++++---------
> >> 1 file changed, 11 insertions(+), 9 deletions(-)
> >>
> >> diff --git a/fs/dax.c b/fs/dax.c
> >> index a64afdf7ec0d..34a2d435ae4b 100644
> >> --- a/fs/dax.c
> >> +++ b/fs/dax.c
> >> @@ -991,6 +991,7 @@ dax_iomap_actor(struct inode *inode, loff_t pos, loff_t length, void *data,
> >> struct iov_iter *iter = data;
> >> loff_t end = pos + length, done = 0;
> >> ssize_t ret = 0;
> >> + size_t xfer;
> >> int id;
> >>
> >> if (iov_iter_rw(iter) == READ) {
> >> @@ -1054,19 +1055,20 @@ dax_iomap_actor(struct inode *inode, loff_t pos, loff_t length, void *data,
> >> * vfs_write(), depending on which operation we are doing.
> >> */
> >> if (iov_iter_rw(iter) == WRITE)
> >> - map_len = dax_copy_from_iter(dax_dev, pgoff, kaddr,
> >> + xfer = dax_copy_from_iter(dax_dev, pgoff, kaddr,
> >> map_len, iter);
> >> else
> >> - map_len = dax_copy_to_iter(dax_dev, pgoff, kaddr,
> >> + xfer = dax_copy_to_iter(dax_dev, pgoff, kaddr,
> >> map_len, iter);
> >> - if (map_len <= 0) {
> >> - ret = map_len ? map_len : -EFAULT;
> >> - break;
> >> - }
> >>
> >> - pos += map_len;
> >> - length -= map_len;
> >> - done += map_len;
> >> + pos += xfer;
> >> + length -= xfer;
> >> + done += xfer;
> >> +
> >> + if (xfer == 0)
> >> + ret = -EFAULT;
> >> + if (xfer < map_len)
> >> + break;
> >
> > I'm confused by this error handling. So if we hit an error on a given iov and
> > we don't transfer the expected number of bytes, we have two cases:
> >
> > 1) We transferred *something* on this iov but not everything - return success.
> > 2) We didn't transfer anything on this iov - return -EFAULT.
> >
> > Both of these are true regardless of data transferred on previous iovs.
> >
> > Why the distinction? If a given iov is interrupted, regardless of whether it
> > transferred 0 bytes or 1, shouldn't the error path be the same?
>
> This is is the semantics of read(2) / write(2). Quoting the pwrite man page:
>
> Note that is not an error for a successful call to
> transfer fewer bytes than
> requested (see read(2) and write(2)).

Consider this case:

I have 4 IOVs, each of a full page. The first three transfer their full page,
but on the third we hit an error.

If we transferred 0 bytes in the fourth page, we'll return -EFAULT.

If we transferred 1 byte in the fourth page, we'll return the total length
transferred, so 3 pages + 1 byte.

Why? pwrite(2) says it returns the number of bytes written, which can be less
than the total requested. Why not just return the length transferred in both
cases, instead of returning -EFAULT for one of them?