[v5,09/31] block: introduce assert_bdrv_graph_writable

Message ID	20211124064418.3120601-10-eesposit@redhat.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: Emanuele Giuseppe Esposito <eesposit@redhat.com> To: qemu-block@nongnu.org Subject: [PATCH v5 09/31] block: introduce assert_bdrv_graph_writable Date: Wed, 24 Nov 2021 01:43:56 -0500 Message-Id: <20211124064418.3120601-10-eesposit@redhat.com> In-Reply-To: <20211124064418.3120601-1-eesposit@redhat.com> References: <20211124064418.3120601-1-eesposit@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Received-SPF: pass client-ip=170.10.133.124; envelope-from=eesposit@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -34 X-Spam_score: -3.5 X-Spam_bar: --- X-Spam_report: (-3.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.7, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: Kevin Wolf <kwolf@redhat.com>, Fam Zheng <fam@euphon.net>, Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>, =?utf-8?q?Daniel_P?= =?utf-8?q?=2E_Berrang=C3=A9?= <berrange@redhat.com>, Eduardo Habkost <ehabkost@redhat.com>, Juan Quintela <quintela@redhat.com>, qemu-devel@nongnu.org, John Snow <jsnow@redhat.com>, Emanuele Giuseppe Esposito <eesposit@redhat.com>, Richard Henderson <richard.henderson@linaro.org>, Markus Armbruster <armbru@redhat.com>, "Dr. David Alan Gilbert" <dgilbert@redhat.com>, Hanna Reitz <hreitz@redhat.com>, Stefan Hajnoczi <stefanha@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>, Eric Blake <eblake@redhat.com> Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	block layer: split block APIs in global state and I/O \| expand [v5,00/31] block layer: split block APIs in global state and I/O [v5,01/31] main-loop.h: introduce qemu_in_main_thread() [v5,02/31] include/block/block: split header into I/O and global state API [v5,03/31] assertions for block global state API [v5,04/31] include/sysemu/block-backend: split header into I/O and global state (GS) API [v5,05/31] block-backend: special comments for blk_set/get_perm due to fuse [v5,06/31] block/block-backend.c: assertions for block-backend [v5,07/31] include/block/block_int: split header into I/O and global state API [v5,08/31] assertions for block_int global state API [v5,09/31] block: introduce assert_bdrv_graph_writable [v5,10/31] block.c: modify .attach and .detach callbacks of child_of_bds [v5,11/31] include/block/blockjob_int.h: split header into I/O and GS API [v5,12/31] assertions for blockjob_int.h [v5,13/31] block.c: add assertions to static functions [v5,14/31] include/block/blockjob.h: global state API [v5,15/31] assertions for blockjob.h global state API [v5,16/31] include/sysemu/blockdev.h: global state API [v5,17/31] assertions for blockdev.h global state API [v5,18/31] include/block/snapshot: global state API + assertions [v5,19/31] block/copy-before-write.h: global state API + assertions [v5,20/31] block/coroutines: I/O API [v5,21/31] block_int-common.h: split function pointers in BlockDriver [v5,22/31] block_int-common.h: assertion in the callers of BlockDriver function pointers [v5,23/31] block_int-common.h: split function pointers in BdrvChildClass [v5,24/31] block_int-common.h: assertions in the callers of BdrvChildClass function pointers [v5,25/31] block-backend-common.h: split function pointers in BlockDevOps [v5,26/31] job.h: split function pointers in JobDriver [v5,27/31] job.h: assertions in the callers of JobDriver funcion pointers [v5,28/31] block.c: assert BQL lock held in bdrv_co_invalidate_cache [v5,29/31] jobs: introduce pre_run function in JobDriver [v5,30/31] crypto: delegate permission functions to JobDriver .pre_run [v5,31/31] block.c: assertions to the block layer permissions API

Message ID

20211124064418.3120601-10-eesposit@redhat.com (mailing list archive)

State

New, archived

Headers

From: Emanuele Giuseppe Esposito <eesposit@redhat.com>
To: qemu-block@nongnu.org
Subject: [PATCH v5 09/31] block: introduce assert_bdrv_graph_writable
Date: Wed, 24 Nov 2021 01:43:56 -0500
Message-Id: <20211124064418.3120601-10-eesposit@redhat.com>
In-Reply-To: <20211124064418.3120601-1-eesposit@redhat.com>
References: <20211124064418.3120601-1-eesposit@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=eesposit@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -34
X-Spam_score: -3.5
X-Spam_bar: ---
X-Spam_report: (-3.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.7,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Kevin Wolf <kwolf@redhat.com>, Fam Zheng <fam@euphon.net>,
 Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>, =?utf-8?q?Daniel_P?=
	=?utf-8?q?=2E_Berrang=C3=A9?= <berrange@redhat.com>,
 Eduardo Habkost <ehabkost@redhat.com>, Juan Quintela <quintela@redhat.com>,
 qemu-devel@nongnu.org, John Snow <jsnow@redhat.com>,
 Emanuele Giuseppe Esposito <eesposit@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Markus Armbruster <armbru@redhat.com>,
 "Dr. David Alan Gilbert" <dgilbert@redhat.com>,
 Hanna Reitz <hreitz@redhat.com>, Stefan Hajnoczi <stefanha@redhat.com>,
 Paolo Bonzini <pbonzini@redhat.com>, Eric Blake <eblake@redhat.com>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

block layer: split block APIs in global state and I/O | expand

Commit Message

Emanuele Giuseppe Esposito Nov. 24, 2021, 6:43 a.m. UTC

We want to be sure that the functions that write the child and
parent list of a bs are under BQL and drain.

BQL prevents from concurrent writings from the GS API, while
drains protect from I/O.

TODO: drains are missing in some functions using this assert.
Therefore a proper assertion will fail. Because adding drains
requires additional discussions, they will be added in future
series.

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
---
 include/block/block_int-global-state.h | 10 +++++++++-
 block.c                                |  4 ++++
 block/io.c                             | 11 +++++++++++
 3 files changed, 24 insertions(+), 1 deletion(-)

Comments

Hanna Czenczek Dec. 10, 2021, 5:43 p.m. UTC | #1

On 24.11.21 07:43, Emanuele Giuseppe Esposito wrote:
> We want to be sure that the functions that write the child and
> parent list of a bs are under BQL and drain.
>
> BQL prevents from concurrent writings from the GS API, while
> drains protect from I/O.
>
> TODO: drains are missing in some functions using this assert.
> Therefore a proper assertion will fail. Because adding drains
> requires additional discussions, they will be added in future
> series.
>
> Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
> ---
>   include/block/block_int-global-state.h | 10 +++++++++-
>   block.c                                |  4 ++++
>   block/io.c                             | 11 +++++++++++
>   3 files changed, 24 insertions(+), 1 deletion(-)
>
> diff --git a/include/block/block_int-global-state.h b/include/block/block_int-global-state.h
> index a1b7d0579d..fa96e8b449 100644
> --- a/include/block/block_int-global-state.h
> +++ b/include/block/block_int-global-state.h
> @@ -312,4 +312,12 @@ void bdrv_remove_aio_context_notifier(BlockDriverState *bs,
>    */
>   void bdrv_drain_all_end_quiesce(BlockDriverState *bs);
>   
> -#endif /* BLOCK_INT_GLOBAL_STATE*/

This looks like it should be squashed into patch 7, sorry I missed this 
in v4...

(Rest of this patch looks good to me, for the record – and while I’m at 
it, for patches I didn’t reply to so far, I planned to send an R-b 
later.  But then there’s things like patches 2/3 looking good to me, but 
it turned out in my review for patch 4 that bdrv_lock_medium() is used 
in an I/O path, so I can’t really send an R-b now anymore...)

Hanna

> +/**
> + * Make sure that the function is running under both drain and BQL.
> + * The latter protects from concurrent writings
> + * from the GS API, while the former prevents concurrent reads
> + * from I/O.
> + */
> +void assert_bdrv_graph_writable(BlockDriverState *bs);
> +
> +#endif /* BLOCK_INT_GLOBAL_STATE */
> diff --git a/block.c b/block.c
> index 198ec636ff..522a273140 100644
> --- a/block.c
> +++ b/block.c
> @@ -1416,6 +1416,7 @@ static void bdrv_child_cb_attach(BdrvChild *child)
>   {
>       BlockDriverState *bs = child->opaque;
>   
> +    assert_bdrv_graph_writable(bs);
>       QLIST_INSERT_HEAD(&bs->children, child, next);
>   
>       if (child->role & BDRV_CHILD_COW) {
> @@ -1435,6 +1436,7 @@ static void bdrv_child_cb_detach(BdrvChild *child)
>   
>       bdrv_unapply_subtree_drain(child, bs);
>   
> +    assert_bdrv_graph_writable(bs);
>       QLIST_REMOVE(child, next);
>   }
>   
> @@ -2818,6 +2820,7 @@ static void bdrv_replace_child_noperm(BdrvChild **childp,
>           if (child->klass->detach) {
>               child->klass->detach(child);
>           }
> +        assert_bdrv_graph_writable(old_bs);
>           QLIST_REMOVE(child, next_parent);
>       }
>   
> @@ -2827,6 +2830,7 @@ static void bdrv_replace_child_noperm(BdrvChild **childp,
>       }
>   
>       if (new_bs) {
> +        assert_bdrv_graph_writable(new_bs);
>           QLIST_INSERT_HEAD(&new_bs->parents, child, next_parent);
>   
>           /*
> diff --git a/block/io.c b/block/io.c
> index cb095deeec..3be08cad29 100644
> --- a/block/io.c
> +++ b/block/io.c
> @@ -734,6 +734,17 @@ void bdrv_drain_all(void)
>       bdrv_drain_all_end();
>   }
>   
> +void assert_bdrv_graph_writable(BlockDriverState *bs)
> +{
> +    /*
> +     * TODO: this function is incomplete. Because the users of this
> +     * assert lack the necessary drains, check only for BQL.
> +     * Once the necessary drains are added,
> +     * assert also for qatomic_read(&bs->quiesce_counter) > 0
> +     */
> +    assert(qemu_in_main_thread());
> +}
> +
>   /**
>    * Remove an active request from the tracked requests list
>    *

Emanuele Giuseppe Esposito Dec. 14, 2021, 7:48 p.m. UTC | #2

On 10/12/2021 18:43, Hanna Reitz wrote:
> On 24.11.21 07:43, Emanuele Giuseppe Esposito wrote:
>> We want to be sure that the functions that write the child and
>> parent list of a bs are under BQL and drain.
>>
>> BQL prevents from concurrent writings from the GS API, while
>> drains protect from I/O.
>>
>> TODO: drains are missing in some functions using this assert.
>> Therefore a proper assertion will fail. Because adding drains
>> requires additional discussions, they will be added in future
>> series.
>>
>> Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
>> ---
>>   include/block/block_int-global-state.h | 10 +++++++++-
>>   block.c                                |  4 ++++
>>   block/io.c                             | 11 +++++++++++
>>   3 files changed, 24 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/block/block_int-global-state.h 
>> b/include/block/block_int-global-state.h
>> index a1b7d0579d..fa96e8b449 100644
>> --- a/include/block/block_int-global-state.h
>> +++ b/include/block/block_int-global-state.h
>> @@ -312,4 +312,12 @@ void 
>> bdrv_remove_aio_context_notifier(BlockDriverState *bs,
>>    */
>>   void bdrv_drain_all_end_quiesce(BlockDriverState *bs);
>> -#endif /* BLOCK_INT_GLOBAL_STATE*/
> 
> This looks like it should be squashed into patch 7, sorry I missed this 
> in v4...
> 
> (Rest of this patch looks good to me, for the record – and while I’m at 
> it, for patches I didn’t reply to so far, I planned to send an R-b 
> later.  But then there’s things like patches 2/3 looking good to me, but 
> it turned out in my review for patch 4 that bdrv_lock_medium() is used 
> in an I/O path, so I can’t really send an R-b now anymore...)
> 
Sorry I don't understand this, what should be squashed into patch 7? The 
assertion? If so, why?

Thank you,
Emanuele

Hanna Czenczek Dec. 16, 2021, 2:01 p.m. UTC | #3

On 14.12.21 20:48, Emanuele Giuseppe Esposito wrote:
>
>
> On 10/12/2021 18:43, Hanna Reitz wrote:
>> On 24.11.21 07:43, Emanuele Giuseppe Esposito wrote:
>>> We want to be sure that the functions that write the child and
>>> parent list of a bs are under BQL and drain.
>>>
>>> BQL prevents from concurrent writings from the GS API, while
>>> drains protect from I/O.
>>>
>>> TODO: drains are missing in some functions using this assert.
>>> Therefore a proper assertion will fail. Because adding drains
>>> requires additional discussions, they will be added in future
>>> series.
>>>
>>> Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
>>> ---
>>>   include/block/block_int-global-state.h | 10 +++++++++-
>>>   block.c                                |  4 ++++
>>>   block/io.c                             | 11 +++++++++++
>>>   3 files changed, 24 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/include/block/block_int-global-state.h 
>>> b/include/block/block_int-global-state.h
>>> index a1b7d0579d..fa96e8b449 100644
>>> --- a/include/block/block_int-global-state.h
>>> +++ b/include/block/block_int-global-state.h
>>> @@ -312,4 +312,12 @@ void 
>>> bdrv_remove_aio_context_notifier(BlockDriverState *bs,
>>>    */
>>>   void bdrv_drain_all_end_quiesce(BlockDriverState *bs);
>>> -#endif /* BLOCK_INT_GLOBAL_STATE*/
>>
>> This looks like it should be squashed into patch 7, sorry I missed 
>> this in v4...
>>
>> (Rest of this patch looks good to me, for the record – and while I’m 
>> at it, for patches I didn’t reply to so far, I planned to send an R-b 
>> later.  But then there’s things like patches 2/3 looking good to me, 
>> but it turned out in my review for patch 4 that bdrv_lock_medium() is 
>> used in an I/O path, so I can’t really send an R-b now anymore...)
>>
> Sorry I don't understand this, what should be squashed into patch 7? 
> The assertion? If so, why?

No, the

-#endif /* BLOCK_INT_GLOBAL_STATE*/
+#endif /* BLOCK_INT_GLOBAL_STATE */

part of the hunk.

Hanna

diff --git a/include/block/block_int-global-state.h b/include/block/block_int-global-state.h
index a1b7d0579d..fa96e8b449 100644
--- a/include/block/block_int-global-state.h
+++ b/include/block/block_int-global-state.h
@@ -312,4 +312,12 @@  void bdrv_remove_aio_context_notifier(BlockDriverState *bs,
  */
 void bdrv_drain_all_end_quiesce(BlockDriverState *bs);
 
-#endif /* BLOCK_INT_GLOBAL_STATE*/
+/**
+ * Make sure that the function is running under both drain and BQL.
+ * The latter protects from concurrent writings
+ * from the GS API, while the former prevents concurrent reads
+ * from I/O.
+ */
+void assert_bdrv_graph_writable(BlockDriverState *bs);
+
+#endif /* BLOCK_INT_GLOBAL_STATE */
diff --git a/block.c b/block.c
index 198ec636ff..522a273140 100644
--- a/block.c
+++ b/block.c
@@ -1416,6 +1416,7 @@  static void bdrv_child_cb_attach(BdrvChild *child)
 {
     BlockDriverState *bs = child->opaque;
 
+    assert_bdrv_graph_writable(bs);
     QLIST_INSERT_HEAD(&bs->children, child, next);
 
     if (child->role & BDRV_CHILD_COW) {
@@ -1435,6 +1436,7 @@  static void bdrv_child_cb_detach(BdrvChild *child)
 
     bdrv_unapply_subtree_drain(child, bs);
 
+    assert_bdrv_graph_writable(bs);
     QLIST_REMOVE(child, next);
 }
 
@@ -2818,6 +2820,7 @@  static void bdrv_replace_child_noperm(BdrvChild **childp,
         if (child->klass->detach) {
             child->klass->detach(child);
         }
+        assert_bdrv_graph_writable(old_bs);
         QLIST_REMOVE(child, next_parent);
     }
 
@@ -2827,6 +2830,7 @@  static void bdrv_replace_child_noperm(BdrvChild **childp,
     }
 
     if (new_bs) {
+        assert_bdrv_graph_writable(new_bs);
         QLIST_INSERT_HEAD(&new_bs->parents, child, next_parent);
 
         /*
diff --git a/block/io.c b/block/io.c
index cb095deeec..3be08cad29 100644
--- a/block/io.c
+++ b/block/io.c
@@ -734,6 +734,17 @@  void bdrv_drain_all(void)
     bdrv_drain_all_end();
 }
 
+void assert_bdrv_graph_writable(BlockDriverState *bs)
+{
+    /*
+     * TODO: this function is incomplete. Because the users of this
+     * assert lack the necessary drains, check only for BQL.
+     * Once the necessary drains are added,
+     * assert also for qatomic_read(&bs->quiesce_counter) > 0
+     */
+    assert(qemu_in_main_thread());
+}
+
 /**
  * Remove an active request from the tracked requests list
  *

[v5,09/31] block: introduce assert_bdrv_graph_writable

Commit Message

Comments

Patch