"Derrick Stolee via GitGitGadget" <gitgitgadget@xxxxxxxxx> writes: > We are re-using the anonymous 'struct chunkfile' data, as it is internal > to the chunk-format API. This gives it essentially two modes: write and > read. If the same struct instance was used for both reads and writes, > then there would be failures. Writing it here won't help future developers very much. I think that belongs to API/function doc for init_chunkfile(). > diff --git a/chunk-format.c b/chunk-format.c > index ab914c55856..74501084cf8 100644 > --- a/chunk-format.c > +++ b/chunk-format.c > @@ -12,6 +12,8 @@ struct chunk_info { > uint32_t id; > uint64_t size; > chunk_write_fn write_fn; > + > + const void *start; > }; > > struct chunkfile { > @@ -89,3 +91,81 @@ int write_chunkfile(struct chunkfile *cf, void *data) > > return 0; > } > + > +int read_table_of_contents(struct chunkfile *cf, > + const unsigned char *mfile, > + size_t mfile_size, > + uint64_t toc_offset, > + int toc_length) It's a bit of mystery, having seen how the table-of-contents is laid out by reading the writing side of the code, how toc_offset and toc_length are discovered by the caller. IIRC, the size to cover everything from the beginning of the file to the end of the table-of-contents was recorded as the length of a non-existent chunk with id 0, but we need to be able to somehow find it to use that as a way to get to the (end of) table-of-contents from the beginning of the file. I guess we'll learn enough when we get to read the code that calls this function. > +{ > + uint32_t chunk_id; > + const unsigned char *table_of_contents = mfile + toc_offset; > + > + ALLOC_GROW(cf->chunks, toc_length, cf->chunks_alloc); > + > + while (toc_length--) { > + uint64_t chunk_offset, next_chunk_offset; > + > + chunk_id = get_be32(table_of_contents); > + chunk_offset = get_be64(table_of_contents + 4); > + > + if (!chunk_id) { > + error(_("terminating chunk id appears earlier than expected")); > + return 1; > + } > + > + table_of_contents += CHUNK_LOOKUP_WIDTH; > + next_chunk_offset = get_be64(table_of_contents + 4); > + > + if (next_chunk_offset < chunk_offset || > + next_chunk_offset > mfile_size - the_hash_algo->rawsz) { The chunks have to be recorded in toc in the order they appear, and there must be enough room to store the hashfile trailer checksum after the last chunk. OK. > + error(_("improper chunk offset(s) %"PRIx64" and %"PRIx64""), > + chunk_offset, next_chunk_offset); > + return -1; > + } > + > + cf->chunks[cf->chunks_nr].id = chunk_id; > + cf->chunks[cf->chunks_nr].start = mfile + chunk_offset; > + cf->chunks[cf->chunks_nr].size = next_chunk_offset - chunk_offset; > + cf->chunks_nr++; > + } > + > + chunk_id = get_be32(table_of_contents); > + if (chunk_id) { > + error(_("final chunk has non-zero id %"PRIx32""), chunk_id); > + return -1; > + } Shouldn't we be validating the size component associated with this "id=0" fake chunk that appears at the end as well? IIRC, the size field should be pointing at the byte immediately after the TOC entry for the last true chunk, immediately before this zero chunk id? > +int pair_chunk(struct chunkfile *cf, > + uint32_t chunk_id, > + const unsigned char **p) > +{ > + int i; > + > + for (i = 0; i < cf->chunks_nr; i++) { > + if (cf->chunks[i].id == chunk_id) { > + *p = cf->chunks[i].start; > + return 0; > + } OK, the assumption here is that there will be at most one chunk that has the chunk_id we seek to find (or putting it differently, second and subsequent chunks with the same ID are ignored). We may want to write it down somewhere. > + } > + > + return CHUNK_NOT_FOUND; > +} > + > +int read_chunk(struct chunkfile *cf, > + uint32_t chunk_id, > + chunk_read_fn fn, > + void *data) > +{ > + int i; > + > + for (i = 0; i < cf->chunks_nr; i++) { > + if (cf->chunks[i].id == chunk_id) > + return fn(cf->chunks[i].start, cf->chunks[i].size, data); It is curious why pair_chunk() exists in the first place. With something like this: int pair_chunk_fn(const unsigned char *chunk_start, size_t chunk_size, void *data) { const unsigned char **p = data; *p = chunk_start; return 0; } instead of const unsigned char *location; pair_chunk(cf, chunk_id, &location); we can write const unsigned char *location; read_chunk(cf, chunk_id, pair_chunk_fn, &location); no? That would allow us to reorganize the in-core TOC more easily if it turns out to be necessary in the future. > diff --git a/chunk-format.h b/chunk-format.h > index bfaed672813..b62c9bf8ba1 100644 > --- a/chunk-format.h > +++ b/chunk-format.h > @@ -17,4 +17,37 @@ void add_chunk(struct chunkfile *cf, > size_t size); > int write_chunkfile(struct chunkfile *cf, void *data); > > +int read_table_of_contents(struct chunkfile *cf, > + const unsigned char *mfile, > + size_t mfile_size, > + uint64_t toc_offset, > + int toc_length); > + > +#define CHUNK_NOT_FOUND (-2) > + > +/* > + * Find 'chunk_id' in the given chunkfile and assign the > + * given pointer to the position in the mmap'd file where > + * that chunk begins. > + * > + * Returns CHUNK_NOT_FOUND if the chunk does not exist. > + */ > +int pair_chunk(struct chunkfile *cf, > + uint32_t chunk_id, > + const unsigned char **p); > + > +typedef int (*chunk_read_fn)(const unsigned char *chunk_start, > + size_t chunk_size, void *data); Is the assumption throughout the chunked file API that reading is actually not done as a "seek+read+process", but as a normal memory access over mmapped region? The reason I ask is because the answer affects the choice of the right type for the offset. The function signature of read_table_of_contents() uses size_t to represent the length of the entire mmapped region that holds the data from the file, and that is better than off_t, especially if size_t were smaller than off_t (i.e. we may not be able to mmap a huge size that filesystem can handle and let us access with seek+read). But the assumption that the whole mfile can be mmapped in as a whole is only in read_table_of_contents(), and users of read_chunk() API can be oblivious, I think---IOW, we could "page in" the chunk's data in read_chunk() while the callback function works on it in-core, and then discard it, if we wanted to change the implementation [*]. Side note: for that to work, the API must say that the callback function MUST NOT assume that the memory region starting at chunk_start it is given will stay in memory after it returns. Otherwise, we cannot "page in" and "page out". I am not advocating that we should not assume the entire file can be mapped in. I would however advocate to be explicit in documenting what the users of API can and cannot do (e.g. if we want the "read" callbacks to take advantage of the fact that mfile will stay mapped until the chunkfile is discarded, we should say so, so that they will not make unnecessary copies out of the mmapped region). > +/* > + * Find 'chunk_id' in the given chunkfile and call the > + * given chunk_read_fn method with the information for > + * that chunk. > + * > + * Returns CHUNK_NOT_FOUND if the chunk does not exist. > + */ > +int read_chunk(struct chunkfile *cf, > + uint32_t chunk_id, > + chunk_read_fn fn, > + void *data); Did I miss an update to free_chunkfile() to release resources used to read this file? For some reason, unlike the writing side, the reading side of this API feels a bit incomplete to me. Thanks.