hw/core: Add TCGCPUOps.record_sigsegv
[qemu.git] / block / linux-aio.c
blob0dab507b717bf7ceed1174d2773f7b57dec66854
1 /*
2 * Linux native AIO support.
4 * Copyright (C) 2009 IBM, Corp.
5 * Copyright (C) 2009 Red Hat, Inc.
7 * This work is licensed under the terms of the GNU GPL, version 2 or later.
8 * See the COPYING file in the top-level directory.
9 */
10 #include "qemu/osdep.h"
11 #include "block/aio.h"
12 #include "qemu/queue.h"
13 #include "block/block.h"
14 #include "block/raw-aio.h"
15 #include "qemu/event_notifier.h"
16 #include "qemu/coroutine.h"
17 #include "qapi/error.h"
19 #include <libaio.h>
22 * Queue size (per-device).
24 * XXX: eventually we need to communicate this to the guest and/or make it
25 * tunable by the guest. If we get more outstanding requests at a time
26 * than this we will get EAGAIN from io_submit which is communicated to
27 * the guest as an I/O error.
29 #define MAX_EVENTS 1024
31 /* Maximum number of requests in a batch. (default value) */
32 #define DEFAULT_MAX_BATCH 32
34 struct qemu_laiocb {
35 Coroutine *co;
36 LinuxAioState *ctx;
37 struct iocb iocb;
38 ssize_t ret;
39 size_t nbytes;
40 QEMUIOVector *qiov;
41 bool is_read;
42 QSIMPLEQ_ENTRY(qemu_laiocb) next;
45 typedef struct {
46 int plugged;
47 unsigned int in_queue;
48 unsigned int in_flight;
49 bool blocked;
50 QSIMPLEQ_HEAD(, qemu_laiocb) pending;
51 } LaioQueue;
53 struct LinuxAioState {
54 AioContext *aio_context;
56 io_context_t ctx;
57 EventNotifier e;
59 /* io queue for submit at batch. Protected by AioContext lock. */
60 LaioQueue io_q;
62 /* I/O completion processing. Only runs in I/O thread. */
63 QEMUBH *completion_bh;
64 int event_idx;
65 int event_max;
68 static void ioq_submit(LinuxAioState *s);
70 static inline ssize_t io_event_ret(struct io_event *ev)
72 return (ssize_t)(((uint64_t)ev->res2 << 32) | ev->res);
76 * Completes an AIO request.
78 static void qemu_laio_process_completion(struct qemu_laiocb *laiocb)
80 int ret;
82 ret = laiocb->ret;
83 if (ret != -ECANCELED) {
84 if (ret == laiocb->nbytes) {
85 ret = 0;
86 } else if (ret >= 0) {
87 /* Short reads mean EOF, pad with zeros. */
88 if (laiocb->is_read) {
89 qemu_iovec_memset(laiocb->qiov, ret, 0,
90 laiocb->qiov->size - ret);
91 } else {
92 ret = -ENOSPC;
97 laiocb->ret = ret;
100 * If the coroutine is already entered it must be in ioq_submit() and
101 * will notice laio->ret has been filled in when it eventually runs
102 * later. Coroutines cannot be entered recursively so avoid doing
103 * that!
105 if (!qemu_coroutine_entered(laiocb->co)) {
106 aio_co_wake(laiocb->co);
111 * aio_ring buffer which is shared between userspace and kernel.
113 * This copied from linux/fs/aio.c, common header does not exist
114 * but AIO exists for ages so we assume ABI is stable.
116 struct aio_ring {
117 unsigned id; /* kernel internal index number */
118 unsigned nr; /* number of io_events */
119 unsigned head; /* Written to by userland or by kernel. */
120 unsigned tail;
122 unsigned magic;
123 unsigned compat_features;
124 unsigned incompat_features;
125 unsigned header_length; /* size of aio_ring */
127 struct io_event io_events[];
131 * io_getevents_peek:
132 * @ctx: AIO context
133 * @events: pointer on events array, output value
135 * Returns the number of completed events and sets a pointer
136 * on events array. This function does not update the internal
137 * ring buffer, only reads head and tail. When @events has been
138 * processed io_getevents_commit() must be called.
140 static inline unsigned int io_getevents_peek(io_context_t ctx,
141 struct io_event **events)
143 struct aio_ring *ring = (struct aio_ring *)ctx;
144 unsigned int head = ring->head, tail = ring->tail;
145 unsigned int nr;
147 nr = tail >= head ? tail - head : ring->nr - head;
148 *events = ring->io_events + head;
149 /* To avoid speculative loads of s->events[i] before observing tail.
150 Paired with smp_wmb() inside linux/fs/aio.c: aio_complete(). */
151 smp_rmb();
153 return nr;
157 * io_getevents_commit:
158 * @ctx: AIO context
159 * @nr: the number of events on which head should be advanced
161 * Advances head of a ring buffer.
163 static inline void io_getevents_commit(io_context_t ctx, unsigned int nr)
165 struct aio_ring *ring = (struct aio_ring *)ctx;
167 if (nr) {
168 ring->head = (ring->head + nr) % ring->nr;
173 * io_getevents_advance_and_peek:
174 * @ctx: AIO context
175 * @events: pointer on events array, output value
176 * @nr: the number of events on which head should be advanced
178 * Advances head of a ring buffer and returns number of elements left.
180 static inline unsigned int
181 io_getevents_advance_and_peek(io_context_t ctx,
182 struct io_event **events,
183 unsigned int nr)
185 io_getevents_commit(ctx, nr);
186 return io_getevents_peek(ctx, events);
190 * qemu_laio_process_completions:
191 * @s: AIO state
193 * Fetches completed I/O requests and invokes their callbacks.
195 * The function is somewhat tricky because it supports nested event loops, for
196 * example when a request callback invokes aio_poll(). In order to do this,
197 * indices are kept in LinuxAioState. Function schedules BH completion so it
198 * can be called again in a nested event loop. When there are no events left
199 * to complete the BH is being canceled.
201 static void qemu_laio_process_completions(LinuxAioState *s)
203 struct io_event *events;
205 /* Reschedule so nested event loops see currently pending completions */
206 qemu_bh_schedule(s->completion_bh);
208 while ((s->event_max = io_getevents_advance_and_peek(s->ctx, &events,
209 s->event_idx))) {
210 for (s->event_idx = 0; s->event_idx < s->event_max; ) {
211 struct iocb *iocb = events[s->event_idx].obj;
212 struct qemu_laiocb *laiocb =
213 container_of(iocb, struct qemu_laiocb, iocb);
215 laiocb->ret = io_event_ret(&events[s->event_idx]);
217 /* Change counters one-by-one because we can be nested. */
218 s->io_q.in_flight--;
219 s->event_idx++;
220 qemu_laio_process_completion(laiocb);
224 qemu_bh_cancel(s->completion_bh);
226 /* If we are nested we have to notify the level above that we are done
227 * by setting event_max to zero, upper level will then jump out of it's
228 * own `for` loop. If we are the last all counters droped to zero. */
229 s->event_max = 0;
230 s->event_idx = 0;
233 static void qemu_laio_process_completions_and_submit(LinuxAioState *s)
235 aio_context_acquire(s->aio_context);
236 qemu_laio_process_completions(s);
238 if (!s->io_q.plugged && !QSIMPLEQ_EMPTY(&s->io_q.pending)) {
239 ioq_submit(s);
241 aio_context_release(s->aio_context);
244 static void qemu_laio_completion_bh(void *opaque)
246 LinuxAioState *s = opaque;
248 qemu_laio_process_completions_and_submit(s);
251 static void qemu_laio_completion_cb(EventNotifier *e)
253 LinuxAioState *s = container_of(e, LinuxAioState, e);
255 if (event_notifier_test_and_clear(&s->e)) {
256 qemu_laio_process_completions_and_submit(s);
260 static bool qemu_laio_poll_cb(void *opaque)
262 EventNotifier *e = opaque;
263 LinuxAioState *s = container_of(e, LinuxAioState, e);
264 struct io_event *events;
266 if (!io_getevents_peek(s->ctx, &events)) {
267 return false;
270 qemu_laio_process_completions_and_submit(s);
271 return true;
274 static void ioq_init(LaioQueue *io_q)
276 QSIMPLEQ_INIT(&io_q->pending);
277 io_q->plugged = 0;
278 io_q->in_queue = 0;
279 io_q->in_flight = 0;
280 io_q->blocked = false;
283 static void ioq_submit(LinuxAioState *s)
285 int ret, len;
286 struct qemu_laiocb *aiocb;
287 struct iocb *iocbs[MAX_EVENTS];
288 QSIMPLEQ_HEAD(, qemu_laiocb) completed;
290 do {
291 if (s->io_q.in_flight >= MAX_EVENTS) {
292 break;
294 len = 0;
295 QSIMPLEQ_FOREACH(aiocb, &s->io_q.pending, next) {
296 iocbs[len++] = &aiocb->iocb;
297 if (s->io_q.in_flight + len >= MAX_EVENTS) {
298 break;
302 ret = io_submit(s->ctx, len, iocbs);
303 if (ret == -EAGAIN) {
304 break;
306 if (ret < 0) {
307 /* Fail the first request, retry the rest */
308 aiocb = QSIMPLEQ_FIRST(&s->io_q.pending);
309 QSIMPLEQ_REMOVE_HEAD(&s->io_q.pending, next);
310 s->io_q.in_queue--;
311 aiocb->ret = ret;
312 qemu_laio_process_completion(aiocb);
313 continue;
316 s->io_q.in_flight += ret;
317 s->io_q.in_queue -= ret;
318 aiocb = container_of(iocbs[ret - 1], struct qemu_laiocb, iocb);
319 QSIMPLEQ_SPLIT_AFTER(&s->io_q.pending, aiocb, next, &completed);
320 } while (ret == len && !QSIMPLEQ_EMPTY(&s->io_q.pending));
321 s->io_q.blocked = (s->io_q.in_queue > 0);
323 if (s->io_q.in_flight) {
324 /* We can try to complete something just right away if there are
325 * still requests in-flight. */
326 qemu_laio_process_completions(s);
328 * Even we have completed everything (in_flight == 0), the queue can
329 * have still pended requests (in_queue > 0). We do not attempt to
330 * repeat submission to avoid IO hang. The reason is simple: s->e is
331 * still set and completion callback will be called shortly and all
332 * pended requests will be submitted from there.
337 void laio_io_plug(BlockDriverState *bs, LinuxAioState *s)
339 s->io_q.plugged++;
342 void laio_io_unplug(BlockDriverState *bs, LinuxAioState *s)
344 assert(s->io_q.plugged);
345 if (--s->io_q.plugged == 0 &&
346 !s->io_q.blocked && !QSIMPLEQ_EMPTY(&s->io_q.pending)) {
347 ioq_submit(s);
351 static int laio_do_submit(int fd, struct qemu_laiocb *laiocb, off_t offset,
352 int type)
354 LinuxAioState *s = laiocb->ctx;
355 struct iocb *iocbs = &laiocb->iocb;
356 QEMUIOVector *qiov = laiocb->qiov;
357 int64_t max_batch = s->aio_context->aio_max_batch ?: DEFAULT_MAX_BATCH;
359 /* limit the batch with the number of available events */
360 max_batch = MIN_NON_ZERO(MAX_EVENTS - s->io_q.in_flight, max_batch);
362 switch (type) {
363 case QEMU_AIO_WRITE:
364 io_prep_pwritev(iocbs, fd, qiov->iov, qiov->niov, offset);
365 break;
366 case QEMU_AIO_READ:
367 io_prep_preadv(iocbs, fd, qiov->iov, qiov->niov, offset);
368 break;
369 /* Currently Linux kernel does not support other operations */
370 default:
371 fprintf(stderr, "%s: invalid AIO request type 0x%x.\n",
372 __func__, type);
373 return -EIO;
375 io_set_eventfd(&laiocb->iocb, event_notifier_get_fd(&s->e));
377 QSIMPLEQ_INSERT_TAIL(&s->io_q.pending, laiocb, next);
378 s->io_q.in_queue++;
379 if (!s->io_q.blocked &&
380 (!s->io_q.plugged ||
381 s->io_q.in_queue >= max_batch)) {
382 ioq_submit(s);
385 return 0;
388 int coroutine_fn laio_co_submit(BlockDriverState *bs, LinuxAioState *s, int fd,
389 uint64_t offset, QEMUIOVector *qiov, int type)
391 int ret;
392 struct qemu_laiocb laiocb = {
393 .co = qemu_coroutine_self(),
394 .nbytes = qiov->size,
395 .ctx = s,
396 .ret = -EINPROGRESS,
397 .is_read = (type == QEMU_AIO_READ),
398 .qiov = qiov,
401 ret = laio_do_submit(fd, &laiocb, offset, type);
402 if (ret < 0) {
403 return ret;
406 if (laiocb.ret == -EINPROGRESS) {
407 qemu_coroutine_yield();
409 return laiocb.ret;
412 void laio_detach_aio_context(LinuxAioState *s, AioContext *old_context)
414 aio_set_event_notifier(old_context, &s->e, false, NULL, NULL);
415 qemu_bh_delete(s->completion_bh);
416 s->aio_context = NULL;
419 void laio_attach_aio_context(LinuxAioState *s, AioContext *new_context)
421 s->aio_context = new_context;
422 s->completion_bh = aio_bh_new(new_context, qemu_laio_completion_bh, s);
423 aio_set_event_notifier(new_context, &s->e, false,
424 qemu_laio_completion_cb,
425 qemu_laio_poll_cb);
428 LinuxAioState *laio_init(Error **errp)
430 int rc;
431 LinuxAioState *s;
433 s = g_malloc0(sizeof(*s));
434 rc = event_notifier_init(&s->e, false);
435 if (rc < 0) {
436 error_setg_errno(errp, -rc, "failed to to initialize event notifier");
437 goto out_free_state;
440 rc = io_setup(MAX_EVENTS, &s->ctx);
441 if (rc < 0) {
442 error_setg_errno(errp, -rc, "failed to create linux AIO context");
443 goto out_close_efd;
446 ioq_init(&s->io_q);
448 return s;
450 out_close_efd:
451 event_notifier_cleanup(&s->e);
452 out_free_state:
453 g_free(s);
454 return NULL;
457 void laio_cleanup(LinuxAioState *s)
459 event_notifier_cleanup(&s->e);
461 if (io_destroy(s->ctx) != 0) {
462 fprintf(stderr, "%s: destroy AIO context %p failed\n",
463 __func__, &s->ctx);
465 g_free(s);