> On 05/11/2010 10:53 AM, Paul Brook wrote: > >>> I disagree. We should not be removing or rejecting features just > >>> because they allow you to shoot yourself in the foot. We probably > >>> shouldn't be enabling them by default, but that's a whole different > >>> question. > >> > >> I disagree and think the mentality severely hurts usability. QEMU's > >> role should be to enable features, not to simplify every obscure > >> feature. In general, if someone wants to accomplish something, we > >> should try to provide a mechanism to accomplish it. > >> cache=none|writeback|writethrough is an example of this. No one other > >> than QEMU can control how we open a file descriptor so we need to > >> provide a knob for it. > > > > Doesn't the same argument apply to the existing cache=writethrough? > > i.e. if you want to avoid data loss you should make sure your guest > > issues flushes properly, and it's not something qemu should be trying to > > hack round be adding an implicit flushe after every write. > > cache is the host page cache acting as an extended disk cache. In > writethrough mode, the behavior is identical to writethrough on a normal > disk cache in that all operations are completed only when sent down to > the next storage layer.
IMO this is a bug. Making host pagecache writethrough but still having a volatile writeback disk cache seems like a complete waste of time. I can see the advantage of disabling host pagecache (avoid double caching in host RAM), but having different levels of cache be writethrough/writeback seems extremely suspect. It's also occurred to me that you're also basing your arguments on the assumption that host pagecache is volatile. On a machine with a good UPS this is not true. In the even of external power failure the UPS will flush the host page cache and cleanly shut the machine down. As with battery-backed RAID cards, it's entirely reasonable to consider the cache to be non-volatile storage and ignore the flush requests. If you don't trust your host OS in this situation then you're into a whole different level of pain, and raises obvious questions about the firmware running on your storage subsystem. Paul