Commit 2a6cdd6d authored by Paolo Bonzini's avatar Paolo Bonzini Committed by Stefan Hajnoczi
Browse files

virtio-blk: correctly dirty guest memory 



After qemu_iovec_destroy, the QEMUIOVector's size is zeroed and
the zero size ultimately is used to compute virtqueue_push's len
argument.  Therefore, reads from virtio-blk devices did not
migrate their results correctly.  (Writes were okay).

Save the size in virtio_blk_handle_request, and use it when the request
is completed.

Based on a patch by Wen Congyang.

Signed-off-by: default avatarWen Congyang <wency@cn.fujitsu.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
Reviewed-by: default avatarStefan Hajnoczi <stefanha@redhat.com>
Tested-by: default avatarLi Zhijian <lizhijian@cn.fujitsu.com>
Message-id: 1427997044-392-1-git-send-email-pbonzini@redhat.com
Signed-off-by: default avatarStefan Hajnoczi <stefanha@redhat.com>
parent e4603fe1

hw/block/dataplane/virtio-blk.c

+1 −2
Original line number Diff line number Diff line
@@ -77,8 +77,7 @@ static void complete_request_vring(VirtIOBlockReq *req, unsigned char status) 
    VirtIOBlockDataPlane *s = req->dev->dataplane;

    stb_p(&req->in->status, status);



    vring_push(s->vdev, &req->dev->dataplane->vring, &req->elem,

               req->qiov.size + sizeof(*req->in));

    vring_push(s->vdev, &req->dev->dataplane->vring, &req->elem, req->in_len);



    /* Suppress notification to guest by BH and its scheduled

     * flag because requests are completed as a batch after io

hw/block/virtio-blk.c

+12 −1
Original line number Diff line number Diff line
@@ -33,6 +33,7 @@ VirtIOBlockReq *virtio_blk_alloc_request(VirtIOBlock *s) 
    VirtIOBlockReq *req = g_slice_new(VirtIOBlockReq);

    req->dev = s;

    req->qiov.size = 0;

    req->in_len = 0;

    req->next = NULL;

    req->mr_next = NULL;

    return req;
@@ -54,7 +55,7 @@ static void virtio_blk_complete_request(VirtIOBlockReq *req, 
    trace_virtio_blk_req_complete(req, status);



    stb_p(&req->in->status, status);

    virtqueue_push(s->vq, &req->elem, req->qiov.size + sizeof(*req->in));

    virtqueue_push(s->vq, &req->elem, req->in_len);

    virtio_notify(vdev, s->vq);

}
@@ -102,6 +103,14 @@ static void virtio_blk_rw_complete(void *opaque, int ret) 
        if (ret) {

            int p = virtio_ldl_p(VIRTIO_DEVICE(req->dev), &req->out.type);

            bool is_read = !(p & VIRTIO_BLK_T_OUT);

            /* Note that memory may be dirtied on read failure.  If the

             * virtio request is not completed here, as is the case for

             * BLOCK_ERROR_ACTION_STOP, the memory may not be copied

             * correctly during live migration.  While this is ugly,

             * it is acceptable because the device is free to write to

             * the memory until the request is completed (which will

             * happen on the other side of the migration).

             */

            if (virtio_blk_handle_rw_error(req, -ret, is_read)) {

                continue;

            }
@@ -496,6 +505,8 @@ void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb) 
        exit(1);

    }



    /* We always touch the last byte, so just see how big in_iov is.  */

    req->in_len = iov_size(in_iov, in_num);

    req->in = (void *)in_iov[in_num - 1].iov_base

              + in_iov[in_num - 1].iov_len

              - sizeof(struct virtio_blk_inhdr);

include/hw/virtio/virtio-blk.h

+1 −0
Original line number Diff line number Diff line
@@ -67,6 +67,7 @@ typedef struct VirtIOBlockReq { 
    struct virtio_blk_inhdr *in;

    struct virtio_blk_outhdr out;

    QEMUIOVector qiov;

    size_t in_len;

    struct VirtIOBlockReq *next;

    struct VirtIOBlockReq *mr_next;

    BlockAcctCookie acct;