From: Paul Brook <paul@codesourcery.com>
To: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] Crash: When Host HDD is full
Date: Thu, 12 Jul 2007 18:03:48 +0100 [thread overview]
Message-ID: <200707121803.50105.paul@codesourcery.com> (raw)
In-Reply-To: <46965902.6030305@qumranet.com>
> >> Qemu might freeze the guest when it gets -ENOSPC, and say, retry every
> >> second or wait for user input on the monitor.
> >
> > Better would IMHO be to report an IO error to the guest and allow that to
> > decide what to do. If you're bothered about robustness and reliability
> > then arbitrarily stopping the guest is not acceptable behaviour. There's
> > no guarantee that space will become available in a finite timeframe.
>
> I've considered that, and I'm not sure. You will likely get a storm of
> I/O errors on ENOSPC; with several ways for disaster to strike:
> - the guest doesn't handle I/O errors well, and keeps writing. some of
> the writes are overwrites so they hit the disk and data is corrupted
If an guest OS ignores IO write errors it's just plain broken.
> - the guest decides the disk is bad because it has too many errors and
> initiates some recovery procedure
>
> Stopping the guest at least guarantees nothing unexpected happens. If
> it's part of a managed solution we can output a message to the monitor
> which eventually finds its way to the operator.
I don't buy this argument. If you don't want "unexpected" things to happen
then the solution is simple: Make sure you never run out of disk space.
The fact is that your (virtual) disk *is* broken at this point. The guest OS
is in a much better position to decide on an appropriate course of action,
either by retrying or some other recovery mechanism.
There are various error contitions that could be used, for example
write-protect.
Paul
next prev parent reply other threads:[~2007-07-12 17:04 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-11 15:19 [Qemu-devel] Crash: When Host HDD is full Alexey Eremenko
2007-07-12 15:07 ` Mike Swanson
2007-07-12 16:12 ` Avi Kivity
2007-07-12 16:17 ` Paul Brook
2007-07-12 16:38 ` Avi Kivity
2007-07-12 17:03 ` Paul Brook [this message]
2007-07-12 17:13 ` Avi Kivity
2007-07-12 16:22 ` Daniel P. Berrange
2007-07-12 16:40 ` Avi Kivity
2007-07-12 18:36 ` andrzej zaborowski
2007-07-12 20:39 ` Alexey Eremenko
2007-07-19 7:25 ` Adam Bolte
2007-07-19 11:10 ` Andreas Färber
2007-07-19 11:35 ` Alexey Eremenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200707121803.50105.paul@codesourcery.com \
--to=paul@codesourcery.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.