From: Stefan Hajnoczi <stefanha@gmail.com>
To: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Cc: Kevin Wolf <kwolf@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
qemu-devel@nongnu.org,
Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Subject: Re: [Qemu-devel] [PATCH 1/2 v7] block: add-cow file format
Date: Tue, 6 Mar 2012 16:59:56 +0000 [thread overview]
Message-ID: <CAJSP0QXoNic1gyj2TTDP1urJVEHFay5V5u-vGG2B8xADiRfj3w@mail.gmail.com> (raw)
In-Reply-To: <1330570610-8523-1-git-send-email-wdongxu@linux.vnet.ibm.com>
On Thu, Mar 1, 2012 at 2:56 AM, Dong Xu Wang <wdongxu@linux.vnet.ibm.com> wrote:
> diff --git a/block/add-cow-cache.c b/block/add-cow-cache.c
> new file mode 100644
> index 0000000..6be02ff
> --- /dev/null
> +++ b/block/add-cow-cache.c
> @@ -0,0 +1,171 @@
> +/*
> + * Cache For QEMU ADD-COW Disk Format
> + *
> + * Copyright IBM, Corp. 2012
> + *
> + * Authors:
> + * Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
> + * This work is licensed under the terms of the GNU LGPL, version 2 or later.
> + * See the COPYING.LIB file in the top-level directory.
> + *
> + */
> +
> +#include "block_int.h"
> +#include "qemu-common.h"
> +#include "add-cow.h"
This patch is missing add-cow.h.
> diff --git a/block/add-cow.c b/block/add-cow.c
> new file mode 100644
> index 0000000..6897a52
> --- /dev/null
> +++ b/block/add-cow.c
> @@ -0,0 +1,402 @@
> +/*
> + * QEMU ADD-COW Disk Format
> + *
> + * Copyright IBM, Corp. 2012
> + *
> + * Authors:
> + * Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
> + * This work is licensed under the terms of the GNU LGPL, version 2 or later.
> + * See the COPYING.LIB file in the top-level directory.
> + *
> + */
> +
> +#include "qemu-common.h"
> +#include "block_int.h"
> +#include "module.h"
> +#include "add-cow.h"
> +
> +static int add_cow_probe(const uint8_t *buf, int buf_size, const char *filename)
> +{
> + const AddCowHeader *header = (const void *)buf;
Minor coding style comment: please cast to const AddCowHeader* instead of void.
> +
> + if (be64_to_cpu(header->magic) == ADD_COW_MAGIC &&
> + be32_to_cpu(header->version) == ADD_COW_VERSION) {
> + return 100;
> + } else {
> + return 0;
> + }
> +}
> +
> +static int add_cow_open(BlockDriverState *bs, int flags)
> +{
> + AddCowHeader header;
> + char image_filename[ADD_COW_FILE_LEN];
> + BlockDriver *image_drv = NULL;
> + int ret;
> + BDRVAddCowState *s = bs->opaque;
> +
> + ret = bdrv_pread(bs->file, 0, &header, sizeof(header));
> + if (ret != sizeof(header)) {
> + goto fail;
> + }
> +
> + if (be64_to_cpu(header.magic) != ADD_COW_MAGIC) {
> + ret = -EINVAL;
> + goto fail;
> + }
> + if (be32_to_cpu(header.version) != ADD_COW_VERSION) {
> + char version[64];
> + snprintf(version, sizeof(version), "ADD-COW version %d", header.version);
be32_to_cpu(header.version)
> + qerror_report(QERR_UNKNOWN_BLOCK_FORMAT_FEATURE,
> + bs->device_name, "add-cow", version);
> + ret = -ENOTSUP;
> + goto fail;
> + }
> +
> + QEMU_BUILD_BUG_ON(sizeof(bs->backing_file) != sizeof(header.backing_file));
> + strncpy(bs->backing_file, header.backing_file,
> + sizeof(bs->backing_file));
Please use pstrcpy() - it always NUL-terminates the string. strncpy()
only stores a '\0' when the source string is *shorter than* max
length, so a max length string results in bs->backing_file missing the
'\0'.
> +
> + if (header.image_file[0] == '\0') {
> + ret = -ENOENT;
> + goto fail;
> + }
> + s->image_hd = bdrv_new("");
> + if (path_has_protocol(header.image_file)) {
Please safely copy in header.image_file before treating it as a
NUL-terminated string.
> + strncpy(image_filename, header.image_file, sizeof(image_filename));
> + } else {
> + path_combine(image_filename, sizeof(image_filename),
> + bs->filename, header.image_file);
> + }
> +
> + image_drv = bdrv_find_format("raw");
> + ret = bdrv_open(s->image_hd, image_filename, flags, image_drv);
> + if (ret < 0) {
> + bdrv_delete(s->image_hd);
> + goto fail;
> + }
> + bs->total_sectors = s->image_hd->total_sectors;
> + s->cluster_size = ADD_COW_CLUSTER_SIZE;
> + s->bitmap_cache = add_cow_cache_create(bs, ADD_COW_CACHE_SIZE);
> + qemu_co_mutex_init(&s->lock);
> + return 0;
> + fail:
> + return ret;
> +}
> +
> +static inline bool is_bit_set(BlockDriverState *bs, int64_t bitnum)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + uint64_t offset = bitnum >> 3;
> + uint8_t *bitmap;
> + int ret = add_cow_cache_get(bs, s->bitmap_cache,
> + offset & ~(ADD_COW_CLUSTER_SIZE - 1), (void **)&bitmap);
(void **) should not be necessary.
> + if (ret < 0) {
> + abort();
> + }
> +
> + return *(bitmap + (offset & (ADD_COW_CLUSTER_SIZE - 1))) & (1 << (bitnum % 8));
The cluster concept confuses me. Normally the point of a cluster is
to reduce metadata size, so you would not index using bitnum % 8.
> +}
> +
> +static coroutine_fn int add_cow_is_allocated(BlockDriverState *bs,
> + int64_t sector_num, int nb_sectors, int *num_same)
> +{
> + int changed;
> +
> + if (nb_sectors == 0) {
> + *num_same = nb_sectors;
> + return 0;
> + }
> +
> + changed = is_bit_set(bs, sector_num);
> + for (*num_same = 1; *num_same < nb_sectors; (*num_same)++) {
> + if (is_bit_set(bs, sector_num + *num_same) != changed) {
> + break;
> + }
> + }
> +
> + return changed;
> +}
> +
> +static int add_cow_update_bitmap(BlockDriverState *bs, int64_t sector_num,
> + int nb_sectors)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + uint8_t *bitmap;
> +
> + int i, ret = 0;
> + for (i = 0; i < nb_sectors; i++) {
> + int ret = add_cow_cache_get(bs, s->bitmap_cache,
> + (sector_num + i) / 8 & ~(ADD_COW_CLUSTER_SIZE - 1), (void **)&bitmap);
> + if (ret < 0) {
> + abort();
> + }
> + *(bitmap + ((sector_num + i) / 8 & (ADD_COW_CLUSTER_SIZE - 1))) |=
> + (1 << ((sector_num + i) % 8));
> + add_cow_cache_entry_mark_dirty(s->bitmap_cache, bitmap);
> +
> + }
> + ret = add_cow_cache_flush(bs, s->bitmap_cache);
Data must be flushed to the cow file before writing metadata updates,
otherwise a crash in between could result in zero sectors instead of
backing file sectors.
> +static int add_cow_backing_read(BlockDriverState *bs, QEMUIOVector *qiov,
> + int64_t sector_num, int nb_sectors)
This function name is confusing because we don't actually perform a read here.
I'm also not sure why we need to handle the case where a request spans
the end of the device. bdrv_check_byte_request, called from
bdrv_co_do_readv() should prevent such requests?
> +{
> + int n1;
> + if ((sector_num + nb_sectors) <= bs->total_sectors) {
> + return nb_sectors;
> + }
> + if (sector_num >= bs->total_sectors) {
> + n1 = 0;
> + } else {
> + n1 = bs->total_sectors - sector_num;
> + }
> +
> + qemu_iovec_memset_skip(qiov, 0, BDRV_SECTOR_SIZE * (nb_sectors - n1),
> + BDRV_SECTOR_SIZE * n1);
> + return n1;
> +}
> +
> +static coroutine_fn int add_cow_co_readv(BlockDriverState *bs, int64_t sector_num,
> + int remaining_sectors, QEMUIOVector *qiov)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + int cur_nr_sectors;
> + uint64_t bytes_done = 0;
> + QEMUIOVector hd_qiov;
> + int n, n1, ret = 0;
> +
> + qemu_iovec_init(&hd_qiov, qiov->niov);
> + qemu_co_mutex_lock(&s->lock);
> + while (remaining_sectors != 0) {
> + cur_nr_sectors = remaining_sectors;
> + if (add_cow_is_allocated(bs, sector_num, cur_nr_sectors, &n)) {
> + cur_nr_sectors = n;
> + qemu_iovec_reset(&hd_qiov);
> + qemu_iovec_copy(&hd_qiov, qiov, bytes_done,
> + cur_nr_sectors * BDRV_SECTOR_SIZE);
> + ret = bdrv_co_readv(s->image_hd, sector_num, n, &hd_qiov);
During the read it seems safe to unlock s->lock. We need to acquire
it again immediately afterwards, but it allows other requests to
access the cow cache in the meantime.
> + if (ret < 0) {
> + goto fail;
> + }
> + } else {
> + cur_nr_sectors = n;
> + if (bs->backing_hd) {
> + n1 = add_cow_backing_read(bs->backing_hd, &hd_qiov,
> + sector_num, cur_nr_sectors);
> + if (n1 > 0) {
> + qemu_iovec_reset(&hd_qiov);
> + qemu_iovec_copy(&hd_qiov, qiov, bytes_done,
> + cur_nr_sectors * BDRV_SECTOR_SIZE);
> + ret = bdrv_co_readv(bs->backing_hd, sector_num,
> + n, &hd_qiov);
> + if (ret < 0) {
> + goto fail;
> + }
> + }
> + } else {
> + qemu_iovec_reset(&hd_qiov);
We need to zero bytes, otherwise qiov will contain uninitialized bytes
instead of zeroes read when there is no backing file.
> + }
> + }
> + remaining_sectors -= cur_nr_sectors;
> + sector_num += cur_nr_sectors;
> + bytes_done += cur_nr_sectors * BDRV_SECTOR_SIZE;
> + }
> +fail:
> + qemu_co_mutex_unlock(&s->lock);
> + qemu_iovec_destroy(&hd_qiov);
> + return ret;
> +}
> +
> +static coroutine_fn int add_cow_co_writev(BlockDriverState *bs, int64_t sector_num,
> + int remaining_sectors, QEMUIOVector *qiov)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + int ret = 0;
> + QEMUIOVector hd_qiov;
> + qemu_iovec_init(&hd_qiov, qiov->niov);
> + qemu_co_mutex_lock(&s->lock);
> + qemu_iovec_reset(&hd_qiov);
> + qemu_iovec_copy(&hd_qiov, qiov, 0, remaining_sectors * BDRV_SECTOR_SIZE);
Why use hd_qiov? It should be possible to use qiov directly, I think.
> + ret = bdrv_co_writev(s->image_hd,
> + sector_num,
> + remaining_sectors, &hd_qiov);
> + if (ret < 0) {
> + goto fail;
> + }
> +
> + ret = add_cow_update_bitmap(bs, sector_num, remaining_sectors);
> + if (ret < 0) {
> + goto fail;
> + }
> +fail:
> + qemu_co_mutex_unlock(&s->lock);
> + qemu_iovec_destroy(&hd_qiov);
> + return ret;
> +}
> +
> +static int bdrv_add_cow_truncate(BlockDriverState *bs, int64_t offset)
> +{
> + int ret = 0;
> + int64_t image_sectors = offset / BDRV_SECTOR_SIZE;
> + BDRVAddCowState *s = bs->opaque;
> + int64_t old_image_sector = s->image_hd->total_sectors;
> +
> + ret = bdrv_truncate(bs->file, sizeof(AddCowHeader) + ((image_sectors + 7) >> 3));
> + if (ret < 0) {
> + bdrv_truncate(s->image_hd, old_image_sector * BDRV_SECTOR_SIZE);
> + return ret;
> + }
> + return ret;
> +}
I'm surprised that we truncate the image file...but only in the error case.
Also, do we need to resize the cow cache?
> +
> +static coroutine_fn int add_cow_co_flush(BlockDriverState *bs)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + int ret = bdrv_co_flush(s->image_hd);
> + if (ret < 0) {
> + return ret;
> + }
> +
> + qemu_co_mutex_lock(&s->lock);
> + ret = add_cow_cache_flush(bs, s->bitmap_cache);
I suggest moving qemu_co_mutex_unlock(&s->lock) here so you don't need
to duplicate it in the success and error cases.
> + if (ret < 0) {
> + qemu_co_mutex_unlock(&s->lock);
> + return ret;
> + }
> + qemu_co_mutex_unlock(&s->lock);
> + return bdrv_co_flush(bs->file);
> +}
> +
> +static QEMUOptionParameter add_cow_create_options[] = {
> + {
> + .name = BLOCK_OPT_SIZE,
> + .type = OPT_SIZE,
> + .help = "Virtual disk size"
> + },
> + {
> + .name = BLOCK_OPT_BACKING_FILE,
> + .type = OPT_STRING,
> + .help = "File name of a base image"
> + },
> + {
> + .name = BLOCK_OPT_IMAGE_FILE,
> + .type = OPT_STRING,
> + .help = "File name of a image file"
> + },
> + {
> + .name = BLOCK_OPT_BACKING_FMT,
> + .type = OPT_STRING,
> + .help = "Image format of the base image"
> + },
> + { NULL }
> +};
> +
> +static BlockDriver bdrv_add_cow = {
> + .format_name = "add-cow",
> + .instance_size = sizeof(BDRVAddCowState),
> + .bdrv_probe = add_cow_probe,
> + .bdrv_open = add_cow_open,
> + .bdrv_close = add_cow_close,
> + .bdrv_create = add_cow_create,
> + .bdrv_co_is_allocated = add_cow_is_allocated,
> +
> + .bdrv_co_readv = add_cow_co_readv,
> + .bdrv_co_writev = add_cow_co_writev,
> + .bdrv_truncate = bdrv_add_cow_truncate,
> +
> + .create_options = add_cow_create_options,
> + .bdrv_co_flush_to_disk = add_cow_co_flush,
> +};
> +
> +static void bdrv_add_cow_init(void)
> +{
> + bdrv_register(&bdrv_add_cow);
> +}
> +
> +block_init(bdrv_add_cow_init);
> diff --git a/block_int.h b/block_int.h
> index b460c36..8126f27 100644
> --- a/block_int.h
> +++ b/block_int.h
> @@ -50,6 +50,7 @@
> #define BLOCK_OPT_TABLE_SIZE "table_size"
> #define BLOCK_OPT_PREALLOC "preallocation"
> #define BLOCK_OPT_SUBFMT "subformat"
> +#define BLOCK_OPT_IMAGE_FILE "image_file"
>
> typedef struct BdrvTrackedRequest BdrvTrackedRequest;
>
> diff --git a/docs/specs/add-cow.txt b/docs/specs/add-cow.txt
> new file mode 100644
> index 0000000..db992a4
> --- /dev/null
> +++ b/docs/specs/add-cow.txt
> @@ -0,0 +1,68 @@
> +== General ==
> +
> +Raw file format does not support backing_file and copy on write feature.
> +The add-cow image format makes it possible to use backing files with raw
> +image by keeping a separate .add-cow metadata file. Once all sectors
> +have been written to in the raw image it is safe to discard the .add-cow
> +and backing files and instead use the raw image directly.
> +
> +When using add-cow, procedures may like this:
> +(ubuntu.img is a disk image which has been installed OS.)
> + 1) Create a raw image with the same size of ubuntu.img
> + qemu-img create -f raw test.raw 8G
> + 2) Create a add-cow image which will store dirty bitmap
> + qemu-img create -f add-cow test.add-cow -o backing_file=ubuntu.img,image_file=test.raw
> + 3) Run qemu with add-cow image
> + qemu -drive if=virtio,file=test.add-cow
> +
> +=Specification=
> +
> +The file format looks like this:
> +
> + +---------------+--------------------------+
> + | Header | Data |
> + +---------------+--------------------------+
> +
> +All numbers in add-cow are stored in Big Endian byte order.
> +
> +== Header ==
> +
> +The Header is included in the first bytes:
> +
> + Byte 0 - 7: magic
> + add-cow magic string ("ADD_COW\xff")
> +
> + 8 - 11: version
> + Version number (only valid value is 1 now)
> +
> + 12 - 1035: backing_file
> + backing_file file name related to add-cow file. All
> + unused bytes are padded with zeros. Must not be longer
> + than 1023 bytes.
> +
> + 1036 - 2059: image_file
> + image_file is a raw file. All unused bytes are padded
> + with zeros. Must not be longer than 1023 bytes.
> +
> + 2060 - 2559: The Reserved field is used to make sure Data field starts
> + at the multiple of 512, not used currently. All bytes are
> + filled with 0.
> +
> +== Data ==
> +
> +The Data field starts at the 2560th byte, stores a bitmap related to backing_file
> +and image_file. The bitmap will track whether the sector in backing_file is dirty
> +or not.
Cluster size is not mentioned and not documented in the add-cow header
structure.
I didn't look closely at how the cache and clusters are supposed to
work but I think they don't really work. What I would expect is:
1. The bitmap operates at ADD_COW_CLUSTER_SIZE granularity. This
means the bits in the add-cow file actually represent
ADD_COW_CLUSTER_SIZE sectors of data allocation, not just 1 sector.
2. Code that accesses the bitmap first divides by ADD_COW_CLUSTER_SIZE
to operate on an entire cluster. Right now the lookup code seems to
do it *during* the bitmap lookup instead of before.
Sorry, this isn't a good explanation but I've run out of time to
really understand how this works in your patch. I suggest looking
carefully at the is_allocated lookup and the cache to see if you're
really maintaining the bitmap at cluster granularity.
Stefan
next prev parent reply other threads:[~2012-03-06 17:00 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-01 2:56 [Qemu-devel] [PATCH 1/2 v7] block: add-cow file format Dong Xu Wang
2012-03-06 16:59 ` Stefan Hajnoczi [this message]
2012-03-08 2:27 ` Dong Xu Wang
2012-03-08 10:50 ` Stefan Hajnoczi
-- strict thread matches above, loose matches on Subject: below --
2012-03-01 2:49 Dong Xu Wang
2012-03-01 2:58 ` Dong Xu Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJSP0QXoNic1gyj2TTDP1urJVEHFay5V5u-vGG2B8xADiRfj3w@mail.gmail.com \
--to=stefanha@gmail.com \
--cc=kwolf@redhat.com \
--cc=mtosatti@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@linux.vnet.ibm.com \
--cc=wdongxu@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).