Max Reitz <mre...@redhat.com> writes:
> On 2014-11-12 at 20:27, Markus Armbruster wrote:
>> Commit 5500316 (May 2012) implemented raw_co_is_allocated() as
>> follows:
>>
>> 1. If defined(CONFIG_FIEMAP), use the FS_IOC_FIEMAP ioctl
>>
>> 2. Else if defined(SEEK_HOLE) && defined(SEEK_DATA), use lseek()
>>
>> 3. Else pretend there are no holes
>>
>> Later on, raw_co_is_allocated() was generalized to
>> raw_co_get_block_status().
>>
>> Commit 4f11aa8 (May 2014) changed it to try the three methods in order
>> until success, because "there may be implementations which support
>> [SEEK_HOLE/SEEK_DATA] but not [FIEMAP] (e.g., NFSv4.2) as well as vice
>> versa."
>>
>> Unfortunately, we used FIEMAP incorrectly: we lacked FIEMAP_FLAG_SYNC.
>> Commit 38c4d0a (Sep 2014) added it. Because that's a significant
>> speed hit, the next commit 38c4d0a put SEEK_HOLE/SEEK_DATA first.
>>
>> As you see, the obvious use of FIEMAP is wrong, and the correct use is
>> slow. I guess this puts it somewhere between -7 "The obvious use is
>> wrong" and -10 "It's impossible to get right" on Rusty Russel's Hard
>> to Misuse scale[*].
>>
>> "Fortunately", the FIEMAP code is used only when
>>
>> * SEEK_HOLE/SEEK_DATA arent't defined, but CONFIG_FIEMAP is
>>
>> Uncommon. SEEK_HOLE had no XFS implementation between 2011 (when it
>> was introduced for ext4 and btrfs) and 2012.
>>
>> * SEEK_HOLE/SEEK_DATA and CONFIG_FIEMAP are defined, but lseek() fails
>>
>> Unlikely.
>>
>> Thus, the FIEMAP code executes rarely. Makes it a nice hidey-hole for
>> bugs. Worse, bugs hiding there can theoretically bite even on a host
>> that has SEEK_HOLE/SEEK_DATA.
>>
>> I don't want to worry about this crap, not even theoretically. Get
>> rid of it, then clean up the mess, including spotty error checking.
>>
>> [*] http://ozlabs.org/~rusty/index.cgi/tech/2008-04-01.html
>>
>> Signed-off-by: Markus Armbruster <arm...@redhat.com>
>> ---
>> block/raw-posix.c | 128
>> ++++++++++++++++++++----------------------------------
>> 1 file changed, 47 insertions(+), 81 deletions(-)
>>
>> diff --git a/block/raw-posix.c b/block/raw-posix.c
>> index 706d3c0..d16764c 100644
>> --- a/block/raw-posix.c
>> +++ b/block/raw-posix.c
>> @@ -60,9 +60,6 @@
>> #define FS_NOCOW_FL 0x00800000 /* Do not cow file */
>> #endif
>> #endif
>> -#ifdef CONFIG_FIEMAP
>> -#include <linux/fiemap.h>
>> -#endif
>> #ifdef CONFIG_FALLOCATE_PUNCH_HOLE
>> #include <linux/falloc.h>
>> #endif
>> @@ -1481,77 +1478,56 @@ out:
>> return result;
>> }
>> -static int try_fiemap(BlockDriverState *bs, off_t start, off_t
>> *data,
>> - off_t *hole, int nb_sectors)
>> +/*
>> + * Find allocation range in @bs around offset @start.
>> + * If @start is in a hole, store @start in @hole and the end of the
>> + * hole in @data.
>> + * If @start is in a data, store @start to @data, and the end of the
>> + * data to @hole.
>> + * If we can't find out, pretend there are no holes.
>> + */
>> +static void find_allocation(BlockDriverState *bs, off_t start,
>> + off_t *data, off_t *hole)
>> {
>> -#ifdef CONFIG_FIEMAP
>> +#if defined(SEEK_DATA) && defined(SEEK_HOLE)
>> BDRVRawState *s = bs->opaque;
>> - int ret = 0;
>> - struct {
>> - struct fiemap fm;
>> - struct fiemap_extent fe;
>> - } f;
>> + off_t offs;
>> - if (s->skip_fiemap) {
>> - return -ENOTSUP;
>> + offs = lseek(s->fd, start, SEEK_HOLE);
>> + if (offs < 0) {
>> + goto dunno;
>> }
>> + assert(offs >= start);
>> - f.fm.fm_start = start;
>> - f.fm.fm_length = (int64_t)nb_sectors * BDRV_SECTOR_SIZE;
>> - f.fm.fm_flags = FIEMAP_FLAG_SYNC;
>> - f.fm.fm_extent_count = 1;
>> - f.fm.fm_reserved = 0;
>> - if (ioctl(s->fd, FS_IOC_FIEMAP, &f) == -1) {
>> - s->skip_fiemap = true;
>> - return -errno;
>> - }
>> -
>> - if (f.fm.fm_mapped_extents == 0) {
>> - /* No extents found, data is beyond f.fm.fm_start + f.fm.fm_length.
>> - * f.fm.fm_start + f.fm.fm_length must be clamped to the file size!
>> - */
>> - off_t length = lseek(s->fd, 0, SEEK_END);
>> - *hole = f.fm.fm_start;
>> - *data = MIN(f.fm.fm_start + f.fm.fm_length, length);
>> - } else {
>> - *data = f.fe.fe_logical;
>> - *hole = f.fe.fe_logical + f.fe.fe_length;
>> - if (f.fe.fe_flags & FIEMAP_EXTENT_UNWRITTEN) {
>> - ret |= BDRV_BLOCK_ZERO;
>> - }
>> - }
>> -
>> - return ret;
>> -#else
>> - return -ENOTSUP;
>> -#endif
>> -}
>> -
>> -static int try_seek_hole(BlockDriverState *bs, off_t start, off_t *data,
>> - off_t *hole)
>> -{
>> -#if defined SEEK_HOLE && defined SEEK_DATA
>> - BDRVRawState *s = bs->opaque;
>> -
>> - *hole = lseek(s->fd, start, SEEK_HOLE);
>> - if (*hole == -1) {
>> - return -errno;
>> - }
>> -
>> - if (*hole > start) {
>> + if (offs > start) {
>> + /* in data, next hole at offs */
>> *data = start;
>> - } else {
>> - /* On a hole. We need another syscall to find its end. */
>> - *data = lseek(s->fd, start, SEEK_DATA);
>> - if (*data == -1) {
>> - *data = lseek(s->fd, 0, SEEK_END);
>> - }
>> + *hole = offs;
>> + return;
>> }
>> - return 0;
>> -#else
>> - return -ENOTSUP;
>> + /* in hole, end not yet known */
>> + offs = lseek(s->fd, start, SEEK_DATA);
>> + if (offs < 0) {
>> + /* no idea where the hole ends, give up (unlikely to happen) */
>> + goto dunno;
>> + }
>> + assert(offs >= start);
>> + *hole = start;
>> + *data = offs;
>> + return;
>> +
>> +dunno:
>> #endif
>> + /* assume all data */
>> + offs = lseek(s->fd, 0, SEEK_END);
>
> Why are you calling lseek() here at all? Just set offs to the maximum
> value and let the MIN() in the caller handle the rest.
You're right.
Furthermore, making up a value for *hole here that the caller will clamp
to nb_sectors feels stupid. I'll simplify in v2.
>> + if (offs < 0) {
>> + /* now that's *really* unexpected */
>> + offs = (off_t)1 << (sizeof(off_t) * 8 - 1);
>> + offs += offs - 1;
>> + }
>> + *data = start;
>> + *hole = offs;
>> }
>> /*
>> @@ -1591,28 +1567,18 @@ static int64_t coroutine_fn
>> raw_co_get_block_status(BlockDriverState *bs,
>> nb_sectors = DIV_ROUND_UP(total_size - start, BDRV_SECTOR_SIZE);
>> }
>> - ret = try_seek_hole(bs, start, &data, &hole);
>> - if (ret < 0) {
>> - ret = try_fiemap(bs, start, &data, &hole, nb_sectors);
>> - if (ret < 0) {
>> - /* Assume everything is allocated. */
>> - data = 0;
>> - hole = start + nb_sectors * BDRV_SECTOR_SIZE;
>> - ret = 0;
>> - }
>> - }
>> -
>> - assert(ret >= 0);
>> -
>> - if (data <= start) {
>> + ret = BDRV_BLOCK_DATA | BDRV_BLOCK_OFFSET_VALID | start;
>> + find_allocation(bs, start, &data, &hole);
>> + if (data == start) {
>> /* On a data extent, compute sectors to the end of the extent. */
>> *pnum = MIN(nb_sectors, (hole - start) / BDRV_SECTOR_SIZE);
>> - return ret | BDRV_BLOCK_DATA | BDRV_BLOCK_OFFSET_VALID | start;
>> } else {
>> /* On a hole, compute sectors to the beginning of the next extent.
>> */
>> + assert(hole == start);
>> *pnum = MIN(nb_sectors, (data - start) / BDRV_SECTOR_SIZE);
>> - return ret | BDRV_BLOCK_ZERO | BDRV_BLOCK_OFFSET_VALID | start;
>> + ret |= BDRV_BLOCK_ZERO;
>
> As Eric already said, this changes the behavior (might even break some
> tests, I'm not sure). It seems fine to me, though. Whether DATA should
> be included on holes in the file or not is a question which I don't
> have an answer to, so I'm with either; but you may want to mention it
> in the commit message.
See my reply to Eric.
>> }
>> + return ret;
>> }
>> static coroutine_fn BlockAIOCB *raw_aio_discard(BlockDriverState
>> *bs,
>
> Because nothing is strictly* wrong (except the ID in the commit
> message), have another R-b (there seem to be plenty of them today):
>
> Reviewed-by: Max Reitz <mre...@redhat.com>
>
> *with "not strictly wrong" I'm referring to the DATA+ZERO change.
Thanks!
