From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=34491 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1OoFiC-00082K-4m for qemu-devel@nongnu.org; Wed, 25 Aug 2010 09:08:19 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1OoFi7-0002w0-FX for qemu-devel@nongnu.org; Wed, 25 Aug 2010 09:08:15 -0400 Received: from mx1.redhat.com ([209.132.183.28]:9012) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1OoFi7-0002vt-9K for qemu-devel@nongnu.org; Wed, 25 Aug 2010 09:08:11 -0400 Message-ID: <4C7515AE.9020808@redhat.com> Date: Wed, 25 Aug 2010 16:07:58 +0300 From: Avi Kivity MIME-Version: 1.0 References: <1282646430-5777-1-git-send-email-kwolf@redhat.com> <4C73C2BF.8050300@codemonkey.ws> <4C73C622.7080808@redhat.com> <4C73C926.3010901@codemonkey.ws> <4C73C9CF.7090800@redhat.com> <4C73CAA9.2060104@codemonkey.ws> <4C73CB85.9010306@redhat.com> <4C73CBD6.7000900@codemonkey.ws> <4C73CCCB.6050704@redhat.com> <4C73CF8D.5060405@codemonkey.ws> <4C74C2F3.9050506@redhat.com> <4C7510C1.8080305@codemonkey.ws> In-Reply-To: <4C7510C1.8080305@codemonkey.ws> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] Re: [RFC][STABLE 0.13] Revert "qcow2: Use bdrv_(p)write_sync for metadata writes" List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Anthony Liguori Cc: Kevin Wolf , stefanha@gmail.com, mjt@tls.msk.ru, qemu-devel@nongnu.org, hch@lst.de On 08/25/2010 03:46 PM, Anthony Liguori wrote: > On 08/25/2010 02:14 AM, Avi Kivity wrote: >>> If (c) happens before (b), then we've created an extent that's >>> attached to a table with a zero reference count. This is a corrupt >>> image. >>> >> >> >> If the only issue is new block allocation, it can be easily solved. > > Technically, I believe there are similar issues around creating > snapshots but I don't think we care. > >> Instead of allocating exactly the needed amount of blocks, allocate >> a large extent and hold them in memory. > > So you're suggesting that we allocate a bunch of blocks, update the > ref count table so that they are seen as allocated even though they > aren't attached to an l1 table? Yes. Like malloc() will ask the OS for more memory that the 20-byte allocation you've requested. > >> The next allocation can then be filled from memory, so the >> allocation sync is amortized over many blocks. A power fail will >> leak the preallocated blocks, losing some megabytes of address space, >> but not real disk space. > > It's a clever idea, but it would lose real disk space which is > probably not a huge issue. Not real disk space since no pwrite() would ever touch the disk. If the image were copied, _then_ we'd lose the disk space, if the copy command and filesystem don't optimize zeros away. >>> >>> And that's it. There is no scenario where the disk is corrupted. >> >> _if_ that's the only failure mode. > > If we had another disk format that only supported growth and metadata > for a backing file, can you think of another failure scenario? > I can't think of one, but that's not saying much. -- I have a truly marvellous patch that fixes the bug which this signature is too narrow to contain.