Fixes: 8cefc107ca54 ("pipe: Use head and tail pointers for the ring, not
cursor and length")
Commit 8cefc107ca54 ("pipe: Use head and tail pointers for the ring, not
cursor and length") changed the way buffer occupancy is computed. During
the refactor an early-return check in opipe_prep() was inverted, and it
no longer waits for a reader to drain the full pipe buffer. When
splicing 2 pipes (via the splice() syscall, SPLICE_F_NONBLOCK unset, and
opipe full), this causes splice_pipe_to_pipe() to busy-wait.
This bug can be reproduced by running the following command:
$ yes | ./bug | pv -qL 1 >/dev/null
where "./bug" is the following C program:
int main() {
while (splice(STDIN_FILENO, 0, STDOUT_FILENO, 0, 65536, 0));
return 0;
}
The above program will spend the majority of its time in the splice()
syscall, and will not return with ERESTARTSYS in the event of a
pending_signal(). Meanwhile busy-waiting causes high power usage.
Signed-off-by: Liam Dana <azurecrimson@xxxxxxxxxxxxxxxx>
---
fs/splice.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/splice.c b/fs/splice.c
index 3009652a41c8..06a21449e030 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1503,7 +1503,7 @@ static int opipe_prep(struct pipe_inode_info *pipe, unsigned int flags)
* Check pipe occupancy without the inode lock first. This function
* is speculative anyways, so missing one is ok.
*/
- if (pipe_full(pipe->head, pipe->tail, pipe->max_usage))
+ if (!pipe_full(pipe->head, pipe->tail, pipe->max_usage))
return 0;
ret = 0;
--
2.24.1
