|
From: | Anthony Liguori |
Subject: | Re: [Qemu-devel] [PATCH] report read/write errors to IDE guest driver as ECC errors |
Date: | Mon, 11 Aug 2008 12:05:16 -0500 |
User-agent: | Thunderbird 2.0.0.14 (X11/20080501) |
Ian Jackson wrote:
Daniel P. Berrange writes ("Re: [Qemu-devel] [PATCH] report read/write errors to IDE guest driver as ECC errors"):Unless someone wants to implement the ENOSPC handling right now, I'd like to see this patch just committed as is, so we at least getincremental benefit over current behaviour, which definitely *does* corrupt guest filesystems by silently pretending the write succeeed.Absolutely.Special ENOSPC handling can be added on top. I agree that pausing the guest is probably best option in that scenario,I disagree. Most reasonable guests will have special handling for write failures on their disks. For example, Linux will (in the default setup) remount the fs readonly precisely to prevent corruption.
But corruption isn't the issue. The issue is that you're out of disk space. If using qcow, an attempt to remount the fs may result in even more errors if the qcow file has to expand (due to CoW).
Consider the case of guest RAID. Once the ECC errors are detected, the guest will start trying to rebuild the failed drive and since we're already out of space, this is going to be catastrophic. This is why ENOSPC should be handled differently than EIO.
Pausing the guest denies the guest the ability to take whatever action it really wants to.
I agree for EIO, but a guest cannot take any actions when ENOSPC occurs because it has no concept that such a thing can occur.
Regards, Anthony Liguori
Ian.
[Prev in Thread] | Current Thread | [Next in Thread] |