Richard W.M. Jones wrote:
On Mon, Dec 07, 2009 at 07:39:11AM -0600, Anthony Liguori wrote:
Richard W.M. Jones wrote:
Also if we only acquire the lock during the commit operation then
we'll end up with disk corruption.
Why do we end up with disk corruption?
Forget about locking for a minute, I don't think this is safe
currently. If you have two VMs set up like:
qemu-img create -b backing.img foo.img
qemu-img create -b backing.img bar.img
qemu -drive file=foo.img # VM1
qemu -drive file=bar.img # VM2
If VM1 does a commit to the backing image, then VM2 may be caching (in
its kernel memory) bits of the old backing image, and will
subsequently fetch bits of the new backing image, so it'll see a
mixture of old and new data. How is VM2 supposed to cope with this?
It sounds like massive disk corruption to me ...
Yes, this will cause corruption. Implementing locking in the fashion
I've previously described will prevent 'commit' from being run (since
you can't upgrade the lock since someone else is holding a read-lock).
Regards,
Anthony Liguori
