|
| From: | Wenchao Xia |
| Subject: | Re: [Qemu-devel] [PATCH V7 4/6] qcow2: cancel the modification on fail in qcow2_snapshot_create() |
| Date: | Mon, 23 Dec 2013 14:12:56 +0800 |
| User-agent: | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 |
于 2013/12/23 10:57, Wenchao Xia 写道:
于 2013/12/20 22:20, Stefan Hajnoczi 写道:On Thu, Dec 05, 2013 at 08:02:50PM +0800, Wenchao Xia wrote:+restore_refcount: + if (qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, -1) + < 0 && errp) { + /* Nothing can be done now, need image check later */ + error_setg(&err, "%s\nqcow2: Error in restoring refcount in snapshot", + error_get_pretty(*errp)); + error_free(*errp); + *errp = NULL; + error_propagate(errp, err); + }We get here if writing the new snapshot list failed. If qcow2_update_snapshot_refcount(..., -1) also fails I think we should skip qcow2_free_clusters() below. We don't know the exact state of the disk image anymore - better to leak clusters than to have a dangling reference.Make sense, dangling point should be avoid in any case, will fix, Thanks for reviewing!+dealloc_cluster: + qcow2_free_clusters(bs, sn->l1_table_offset, + sn->l1_size * sizeof(uint64_t), + QCOW2_DISCARD_ALWAYS); + fail: g_free(sn->id_str); g_free(sn->name); -- 1.7.1
Hi, Stefan I have reconsidered the roll back process, there is many case we should take care, so it is better to summarize a general rule to do such cancel operations. I suggest: do a series of roll back operations, when one fail, skip following roll back operation. For snapshot create, the create action is: allocate new L1 -> refcount+1 -> allocate sn_list -> update header The mirrored rollback action can be: deallocate L1 <- refcount-1 <- deallocate sn_list <- restore header When fail happens in rollback action, simply stop following ones. If you agree, I'd like to reorganize the patch as above.
| [Prev in Thread] | Current Thread | [Next in Thread] |