From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1KL3mI-0007aQ-BZ
	for qemu-devel@nongnu.org; Mon, 21 Jul 2008 18:22:46 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1KL3mG-0007XB-Ef
	for qemu-devel@nongnu.org; Mon, 21 Jul 2008 18:22:45 -0400
Received: from [199.232.76.173] (port=55538 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1KL3mG-0007Wg-7e
	for qemu-devel@nongnu.org; Mon, 21 Jul 2008 18:22:44 -0400
Received: from wf-out-1314.google.com ([209.85.200.169]:16851)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <dbarrett@quinthar.com>) id 1KL3mG-0004xW-1X
	for qemu-devel@nongnu.org; Mon, 21 Jul 2008 18:22:44 -0400
Received: by wf-out-1314.google.com with SMTP id 27so1831254wfd.4
	for <qemu-devel@nongnu.org>; Mon, 21 Jul 2008 15:22:43 -0700 (PDT)
Message-ID: <48850C22.1000801@quinthar.com>
Date: Mon, 21 Jul 2008 15:22:26 -0700
From: David Barrett <dbarrett@quinthar.com>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] qcow2 - safe on kill?  safe on power fail?
References: <47CF0E0C.9030807@quinthar.com>	<47CF16C5.6040102@codemonkey.ws>	<20080721181031.GA31773@shareable.org>	<4884E6F1.5020205@codemonkey.ws>	<jeabgagaoc.fsf@sykes.suse.de>
	<48850A99.7070005@codemonkey.ws>
In-Reply-To: <48850A99.7070005@codemonkey.ws>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Anthony Liguori wrote:
> Andreas Schwab wrote:
>> Anthony Liguori <anthony@codemonkey.ws> writes:
>>  
>>> The only ways that you can cause corruption is if the QCOW2 sector
>>> allocation code is faulty (and you would be screwed no matter what here)
>>> or if you issue a SIGTERM/SIGKILL that interrupts the code while it's
>>> allocating a new sector.
>>
>> Blocking SIGTERM until the allocation is finished could close that hole.
> 
> Seems like a band-aid to me as SIGKILL is still an issue.  Plus it would 
> involve modifying all disk formats, not just QCOW2.  I'd rather see 
> proper journal support added to QCOW2 myself.

Well, SIGKILL is a bit more of an extreme case.  SIGTERM seems like a 
reasonable way to trigger a graceful shutdown (at least, I know I 
assumed it did for a long time, whereas I'd never assume SIGKILL was 
graceful).

-david