From: Kevin Wolf <kwolf@redhat.com>
To: "Benoît Canet" <benoit.canet@irqsave.net>
Cc: Benoit Canet <benoit@irqsave.net>,
qemu-devel@nongnu.org, stefanha@redhat.com, mreitz@redhat.com
Subject: Re: [Qemu-devel] [PATCH v10 3/4] block: Add replaces argument to drive-mirror
Date: Fri, 27 Jun 2014 13:57:02 +0200 [thread overview]
Message-ID: <20140627115702.GD5223@noname.redhat.com> (raw)
In-Reply-To: <1402912857-10509-4-git-send-email-benoit.canet@irqsave.net>
Am 16.06.2014 um 12:00 hat Benoît Canet geschrieben:
> drive-mirror will bdrv_swap the new BDS named node-name with the one
> pointed by replaces when the mirroring is finished.
>
> Signed-off-by: Benoit Canet <benoit@irqsave.net>
> Reviewed-by: Max Reitz <mreitz@redhat.com>
> ---
> block.c | 17 ++++++++++++++
> block/mirror.c | 60 +++++++++++++++++++++++++++++++++++++----------
> blockdev.c | 30 +++++++++++++++++++++++-
> hmp.c | 2 +-
> include/block/block.h | 4 ++++
> include/block/block_int.h | 3 +++
> qapi/block-core.json | 6 ++++-
> qmp-commands.hx | 4 +++-
> 8 files changed, 109 insertions(+), 17 deletions(-)
>
> diff --git a/block.c b/block.c
> index 17f763d..318f1e6 100644
> --- a/block.c
> +++ b/block.c
> @@ -5795,3 +5795,20 @@ bool bdrv_is_first_non_filter(BlockDriverState *candidate)
>
> return false;
> }
> +
> +BlockDriverState *check_to_replace_node(const char *node_name, Error **errp)
> +{
> + BlockDriverState *to_replace_bs = bdrv_find_node(node_name);
> + if (!to_replace_bs) {
> + error_setg(errp, "Node name '%s' not found",
> + node_name);
Unnecessary line break.
> + return NULL;
> + }
> +
> + if (bdrv_op_is_blocked(to_replace_bs, BLOCK_OP_TYPE_REPLACE, errp)) {
> + return NULL;
> + }
> +
> + return to_replace_bs;
> +}
> +
Empty line before EOF.
> diff --git a/block/mirror.c b/block/mirror.c
> index 94c8661..151167e 100644
> --- a/block/mirror.c
> +++ b/block/mirror.c
> @@ -32,6 +32,12 @@ typedef struct MirrorBlockJob {
> RateLimit limit;
> BlockDriverState *target;
> BlockDriverState *base;
> + /* The name of the graph node to replace */
> + char *replaces;
> + /* The BDS to replace */
> + BlockDriverState *to_replace;
> + /* Used to block operations on the drive-mirror-replace target */
> + Error *replace_blocker;
> bool is_none_mode;
> BlockdevOnError on_source_error, on_target_error;
> bool synced;
> @@ -490,10 +496,14 @@ immediate_exit:
> bdrv_release_dirty_bitmap(bs, s->dirty_bitmap);
> bdrv_iostatus_disable(s->target);
> if (s->should_complete && ret == 0) {
> - if (bdrv_get_flags(s->target) != bdrv_get_flags(s->common.bs)) {
> - bdrv_reopen(s->target, bdrv_get_flags(s->common.bs), NULL);
> + BlockDriverState *to_replace = s->common.bs;
> + if (s->to_replace) {
> + to_replace = s->to_replace;
> }
> - bdrv_swap(s->target, s->common.bs);
> + if (bdrv_get_flags(s->target) != bdrv_get_flags(to_replace)) {
> + bdrv_reopen(s->target, bdrv_get_flags(to_replace), NULL);
> + }
> + bdrv_swap(s->target, to_replace);
> if (s->common.driver->job_type == BLOCK_JOB_TYPE_COMMIT) {
> /* drop the bs loop chain formed by the swap: break the loop then
> * trigger the unref from the top one */
> @@ -502,6 +512,12 @@ immediate_exit:
> bdrv_unref(p);
> }
> }
> + if (s->to_replace) {
> + bdrv_op_unblock_all(s->to_replace, s->replace_blocker);
> + error_free(s->replace_blocker);
> + bdrv_unref(s->to_replace);
> + }
> + g_free(s->replaces);
> bdrv_unref(s->target);
> block_job_completed(&s->common, ret);
> }
> @@ -540,6 +556,20 @@ static void mirror_complete(BlockJob *job, Error **errp)
> return;
> }
>
> + /* check the target bs is not blocked and block all operations on it */
> + if (s->replaces) {
> + s->to_replace = check_to_replace_node(s->replaces, errp);
> +
This empty line looks unusual.
> + if (!s->to_replace) {
> + return;
> + }
So here is the thing that I really wanted to comment on. In the case of
a REPLACE blocker being set, this is a silent failure. The completion
command will return success, but s->should_complete won't actually be
set, so the completion doesn't happen. The only thing that actually
happens is the bdrv_open_backing_file(s->target) (which looks somewhat
questionable, too...)
Now I would expect that the REPLACE blocker is actually set for any
backing file, because that is what bdrv_set_backing_hd() does. For
quorum it does work as expected because quorum children don't get any
backing_blocker (we need to check whether they should get something
similar from the quorum BDS), so this is probably why it escaped your
testing. We'll need a test case that tries replacing some ordinary
backing file.
Now I think the (accidental?) restriction to only replacing quorum nodes
actually makes this patch pretty safe, so maybe it would be nice to keep
this behaviour; but we need to fix it to not fail silently but return an
explicit error.
> + error_setg(&s->replace_blocker,
> + "block device is in use by block-job-complete");
> + bdrv_op_block_all(s->to_replace, s->replace_blocker);
> + bdrv_ref(s->to_replace);
> + }
> +
> s->should_complete = true;
> block_job_resume(job);
> }
> @@ -562,14 +592,15 @@ static const BlockJobDriver commit_active_job_driver = {
> };
>
> static void mirror_start_job(BlockDriverState *bs, BlockDriverState *target,
> - int64_t speed, int64_t granularity,
> - int64_t buf_size,
> - BlockdevOnError on_source_error,
> - BlockdevOnError on_target_error,
> - BlockDriverCompletionFunc *cb,
> - void *opaque, Error **errp,
> - const BlockJobDriver *driver,
> - bool is_none_mode, BlockDriverState *base)
> + const char *replaces,
> + int64_t speed, int64_t granularity,
> + int64_t buf_size,
> + BlockdevOnError on_source_error,
> + BlockdevOnError on_target_error,
> + BlockDriverCompletionFunc *cb,
> + void *opaque, Error **errp,
> + const BlockJobDriver *driver,
> + bool is_none_mode, BlockDriverState *base)
> {
> MirrorBlockJob *s;
>
> @@ -600,6 +631,7 @@ static void mirror_start_job(BlockDriverState *bs, BlockDriverState *target,
> return;
> }
>
> + s->replaces = g_strdup(replaces);
> s->on_source_error = on_source_error;
> s->on_target_error = on_target_error;
> s->target = target;
One design question that isn't quite clear to me yet is why you resolve
the device name only in mirror_complete() and not here. This means that
the drive-mirror QMP command can refer to one BDS with node-name foo,
which then gets removed and another BDS with node-name foo is added, and
then it would refer to the new BDS on completion time.
I would find it less surprising if we took a reference to the old BDS
here so that you can't remove it. Perhaps setting the replace_blocker
here already would be safer, too.
> @@ -621,6 +653,7 @@ static void mirror_start_job(BlockDriverState *bs, BlockDriverState *target,
> }
>
> void mirror_start(BlockDriverState *bs, BlockDriverState *target,
> + const char *replaces,
> int64_t speed, int64_t granularity, int64_t buf_size,
> MirrorSyncMode mode, BlockdevOnError on_source_error,
> BlockdevOnError on_target_error,
> @@ -632,7 +665,8 @@ void mirror_start(BlockDriverState *bs, BlockDriverState *target,
>
> is_none_mode = mode == MIRROR_SYNC_MODE_NONE;
> base = mode == MIRROR_SYNC_MODE_TOP ? bs->backing_hd : NULL;
> - mirror_start_job(bs, target, speed, granularity, buf_size,
> + mirror_start_job(bs, target, replaces,
> + speed, granularity, buf_size,
> on_source_error, on_target_error, cb, opaque, errp,
> &mirror_job_driver, is_none_mode, base);
> }
> @@ -680,7 +714,7 @@ void commit_active_start(BlockDriverState *bs, BlockDriverState *base,
> }
>
> bdrv_ref(base);
> - mirror_start_job(bs, base, speed, 0, 0,
> + mirror_start_job(bs, base, NULL, speed, 0, 0,
> on_error, on_error, cb, opaque, &local_err,
> &commit_active_job_driver, false, base);
> if (local_err) {
> diff --git a/blockdev.c b/blockdev.c
> index 06b14f2..237a548 100644
> --- a/blockdev.c
> +++ b/blockdev.c
> @@ -2107,6 +2107,7 @@ BlockDeviceInfoList *qmp_query_named_block_nodes(Error **errp)
> void qmp_drive_mirror(const char *device, const char *target,
> bool has_format, const char *format,
> bool has_node_name, const char *node_name,
> + bool has_replaces, const char *replaces,
> enum MirrorSyncMode sync,
> bool has_mode, enum NewImageMode mode,
> bool has_speed, int64_t speed,
> @@ -2194,6 +2195,28 @@ void qmp_drive_mirror(const char *device, const char *target,
> return;
> }
>
> + if (has_replaces) {
> + BlockDriverState *to_replace_bs;
> +
> + if (!has_node_name) {
> + error_setg(errp, "a node-name must be provided when replacing a"
> + " named node of the graph");
> + return;
> + }
> +
> + to_replace_bs = check_to_replace_node(replaces, errp);
> +
> + if (!to_replace_bs) {
> + return;
> + }
> +
> + if (size != bdrv_getlength(to_replace_bs)) {
> + error_setg(errp, "cannot replace image with a mirror image of "
> + "different size");
> + return;
> + }
We may want to loosen some of these restrictions later, but it's good to
start with more restrictions if in doubt.
> + }
> +
> if ((sync == MIRROR_SYNC_MODE_FULL || !source)
> && mode != NEW_IMAGE_MODE_EXISTING)
> {
Kevin
next prev parent reply other threads:[~2014-06-27 11:57 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-16 10:00 [Qemu-devel] [PATCH v10 0/4] Quorum maintainance operations Benoît Canet
2014-06-16 10:00 ` [Qemu-devel] [PATCH v10 1/4] quorum: Add the rewrite-corrupted parameter to quorum Benoît Canet
2014-06-16 10:00 ` [Qemu-devel] [PATCH v10 2/4] block: Add node-name argument to drive-mirror Benoît Canet
2014-06-16 10:00 ` [Qemu-devel] [PATCH v10 3/4] block: Add replaces " Benoît Canet
2014-06-19 9:19 ` Stefan Hajnoczi
2014-06-27 11:57 ` Kevin Wolf [this message]
2014-06-27 12:03 ` Benoît Canet
2014-06-27 12:53 ` Benoît Canet
2014-06-27 13:37 ` Kevin Wolf
2014-06-27 14:30 ` Benoît Canet
2014-06-16 10:00 ` [Qemu-devel] [PATCH v10 4/4] qemu-iotests: Add TestRepairQuorum to 041 to test drive-mirror node-name mode Benoît Canet
2014-06-17 16:17 ` Max Reitz
2014-06-17 18:19 ` Benoît Canet
2014-06-17 18:20 ` Max Reitz
2014-06-17 18:21 ` Max Reitz
2014-06-19 4:46 ` [Qemu-devel] [PATCH v10 0/4] Quorum maintainance operations Stefan Hajnoczi
2014-06-27 12:19 ` Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140627115702.GD5223@noname.redhat.com \
--to=kwolf@redhat.com \
--cc=benoit.canet@irqsave.net \
--cc=benoit@irqsave.net \
--cc=mreitz@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).