[PATCH] splice(): fix interaction with readahead
Fengguang Wu [Tue, 8 May 2007 06:44:36 +0000 (08:44 +0200)]
Eric Dumazet, thank you for disclosing this bug.

Readahead logic somehow fails to populate the page range with data.
It can be because

1) the readahead routine is not always called in the following lines of

fs/splice.c:
        if (!loff || nr_pages > 1)
                page_cache_readahead(mapping, &in->f_ra, in, index, nr_pages);

2) even called, page_cache_readahead() wont guarantee the pages are there.
It wont submit readahead I/O for pages already in the radix tree, or when
(ra_pages == 0), or after 256 cache hits.

In your case, it should be because of the retried reads, which lead to
excessive cache hits, and disables readahead at some time.

And that _one_ failure of readahead blocks the whole read process.
The application receives EAGAIN and retries the read, but
__generic_file_splice_read() refuse to make progress:

- in the previous invocation, it has allocated a blank page and inserted it
  into the radix tree, but never has the chance to start I/O for it: the test
  of SPLICE_F_NONBLOCK goes before that.

- in the retried invocation, the readahead code will neither get out of the
  cache hit mode, nor will it submit I/O for an already existing page.

Cc: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>

fs/splice.c

index 5428b0f..2282650 100644 (file)
@@ -378,10 +378,11 @@ __generic_file_splice_read(struct file *in, loff_t *ppos,
                         * If in nonblock mode then dont block on waiting
                         * for an in-flight io page
                         */
-                       if (flags & SPLICE_F_NONBLOCK)
-                               break;
-
-                       lock_page(page);
+                       if (flags & SPLICE_F_NONBLOCK) {
+                               if (TestSetPageLocked(page))
+                                       break;
+                       } else
+                               lock_page(page);
 
                        /*
                         * page was truncated, stop here. if this isn't the