From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
To: qemu-block@nongnu.org
Cc: qemu-devel@nongnu.org, mreitz@redhat.com, kwolf@redhat.com,
vsementsov@virtuozzo.com, den@openvz.org
Subject: [PATCH v2 3/3] block/qcow2: introduce inflight writes counters: fix discard
Date: Thu, 25 Feb 2021 14:52:05 +0300 [thread overview]
Message-ID: <20210225115205.249923-4-vsementsov@virtuozzo.com> (raw)
In-Reply-To: <20210225115205.249923-1-vsementsov@virtuozzo.com>
There is a bug in qcow2: host cluster can be discarded (refcount
becomes 0) and reused during data write. In this case data write may
pollute another cluster (recently allocated) or even metadata.
To fix the issue introduce rw-lock: take read-lock on data writing and
write-lock on discard.
Enable qcow2-discard-during-rewrite as it is fixed.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
---
block/qcow2.h | 2 ++
block/qcow2-cluster.c | 4 ++++
block/qcow2.c | 18 +++++++++++++++++-
.../tests/qcow2-discard-during-rewrite | 2 +-
4 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/block/qcow2.h b/block/qcow2.h
index 0678073b74..7ebb6e2677 100644
--- a/block/qcow2.h
+++ b/block/qcow2.h
@@ -420,6 +420,8 @@ typedef struct BDRVQcow2State {
* is to convert the image with the desired compression type set.
*/
Qcow2CompressionType compression_type;
+
+ CoRwlock discard_rw_lock;
} BDRVQcow2State;
typedef struct Qcow2COWRegion {
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index bd0597842f..e16775dd59 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -1938,6 +1938,8 @@ int qcow2_cluster_discard(BlockDriverState *bs, uint64_t offset,
int64_t cleared;
int ret;
+ qemu_co_rwlock_wrlock(&s->discard_rw_lock);
+
/* Caller must pass aligned values, except at image end */
assert(QEMU_IS_ALIGNED(offset, s->cluster_size));
assert(QEMU_IS_ALIGNED(end_offset, s->cluster_size) ||
@@ -1965,6 +1967,8 @@ fail:
s->cache_discards = false;
qcow2_process_discards(bs, ret);
+ qemu_co_rwlock_unlock(&s->discard_rw_lock);
+
return ret;
}
diff --git a/block/qcow2.c b/block/qcow2.c
index d9f49a52e7..e1a5d89aa1 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -1897,6 +1897,7 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags,
/* Initialise locks */
qemu_co_mutex_init(&s->lock);
+ qemu_co_rwlock_init(&s->discard_rw_lock);
if (qemu_in_coroutine()) {
/* From bdrv_co_create. */
@@ -2536,12 +2537,14 @@ static coroutine_fn int qcow2_co_pwritev_task(BlockDriverState *bs,
}
}
+ qemu_co_rwlock_unlock(&s->discard_rw_lock);
qemu_co_mutex_lock(&s->lock);
ret = qcow2_handle_l2meta(bs, &l2meta, true);
goto out_locked;
out_unlocked:
+ qemu_co_rwlock_unlock(&s->discard_rw_lock);
qemu_co_mutex_lock(&s->lock);
out_locked:
@@ -2605,6 +2608,8 @@ static coroutine_fn int qcow2_co_pwritev_part(
goto out_locked;
}
+ qemu_co_rwlock_rdlock(&s->discard_rw_lock);
+
qemu_co_mutex_unlock(&s->lock);
if (!aio && cur_bytes != bytes) {
@@ -4097,10 +4102,15 @@ qcow2_co_copy_range_to(BlockDriverState *bs,
goto fail;
}
+ qemu_co_rwlock_rdlock(&s->discard_rw_lock);
qemu_co_mutex_unlock(&s->lock);
+
ret = bdrv_co_copy_range_to(src, src_offset, s->data_file, host_offset,
cur_bytes, read_flags, write_flags);
+
+ qemu_co_rwlock_unlock(&s->discard_rw_lock);
qemu_co_mutex_lock(&s->lock);
+
if (ret < 0) {
goto fail;
}
@@ -4536,13 +4546,19 @@ qcow2_co_pwritev_compressed_task(BlockDriverState *bs,
}
ret = qcow2_pre_write_overlap_check(bs, 0, cluster_offset, out_len, true);
- qemu_co_mutex_unlock(&s->lock);
if (ret < 0) {
+ qemu_co_mutex_unlock(&s->lock);
goto fail;
}
+ qemu_co_rwlock_rdlock(&s->discard_rw_lock);
+ qemu_co_mutex_unlock(&s->lock);
+
BLKDBG_EVENT(s->data_file, BLKDBG_WRITE_COMPRESSED);
ret = bdrv_co_pwrite(s->data_file, cluster_offset, out_len, out_buf, 0);
+
+ qemu_co_rwlock_unlock(&s->discard_rw_lock);
+
if (ret < 0) {
goto fail;
}
diff --git a/tests/qemu-iotests/tests/qcow2-discard-during-rewrite b/tests/qemu-iotests/tests/qcow2-discard-during-rewrite
index dd9964ef3f..5df0048757 100755
--- a/tests/qemu-iotests/tests/qcow2-discard-during-rewrite
+++ b/tests/qemu-iotests/tests/qcow2-discard-during-rewrite
@@ -1,5 +1,5 @@
#!/usr/bin/env bash
-# group: quick disabled
+# group: quick
#
# Test discarding (and reusing) host cluster during writing data to it.
#
--
2.29.2
next prev parent reply other threads:[~2021-02-25 11:54 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-25 11:52 [PATCH v2(RFC) 0/3] qcow2: fix parallel rewrite and discard Vladimir Sementsov-Ogievskiy
2021-02-25 11:52 ` [PATCH v2 1/3] qemu-io: add aio_discard Vladimir Sementsov-Ogievskiy
2021-02-25 11:52 ` [PATCH v2 2/3] iotests: add qcow2-discard-during-rewrite Vladimir Sementsov-Ogievskiy
2021-02-25 11:52 ` Vladimir Sementsov-Ogievskiy [this message]
2021-03-12 15:24 ` [PATCH v2(RFC) 0/3] qcow2: fix parallel rewrite and discard Kevin Wolf
2021-03-12 15:54 ` Vladimir Sementsov-Ogievskiy
2021-03-18 15:37 ` Vladimir Sementsov-Ogievskiy
2021-03-18 15:51 ` Vladimir Sementsov-Ogievskiy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210225115205.249923-4-vsementsov@virtuozzo.com \
--to=vsementsov@virtuozzo.com \
--cc=den@openvz.org \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).