From 6c7bc9277a08045a4ff6096d25d1c99e14ebe3a7 Mon Sep 17 00:00:00 2001 Message-Id: <6c7bc9277a08045a4ff6096d25d1c99e14ebe3a7.1368098699.git.minovotn@redhat.com> In-Reply-To: <618a4b91ddb04b21f9dc0c1defe7693fb7cc1748.1368098699.git.minovotn@redhat.com> References: <618a4b91ddb04b21f9dc0c1defe7693fb7cc1748.1368098699.git.minovotn@redhat.com> From: Kevin Wolf Date: Fri, 5 Apr 2013 19:44:49 +0200 Subject: [PATCH 10/24] qcow2: Fix order in qcow2_snapshot_delete RH-Author: Kevin Wolf Message-id: <1365191091-25631-11-git-send-email-kwolf@redhat.com> Patchwork-id: 50170 O-Subject: [RHEL-6.5 qemu-kvm PATCH 10/12] qcow2: Fix order in qcow2_snapshot_delete Bugzilla: 796011 RH-Acked-by: Stefan Hajnoczi RH-Acked-by: Laszlo Ersek RH-Acked-by: Fam Zheng Bugzilla: 796011 First the snapshot must be deleted and only then the refcounts can be decreased. Signed-off-by: Kevin Wolf Reviewed-by: Stefan Hajnoczi (cherry picked from commit 9a4767809fe9ac184806bef38be2e2a84e451a65) Signed-off-by: Kevin Wolf --- block/qcow2-snapshot.c | 48 +++++++++++++++++++++++++++++++++--------------- 1 file changed, 33 insertions(+), 15 deletions(-) Signed-off-by: Michal Novotny --- block/qcow2-snapshot.c | 48 +++++++++++++++++++++++++++++++++--------------- 1 file changed, 33 insertions(+), 15 deletions(-) diff --git a/block/qcow2-snapshot.c b/block/qcow2-snapshot.c index da60e9f..bf0f20d 100644 --- a/block/qcow2-snapshot.c +++ b/block/qcow2-snapshot.c @@ -483,32 +483,50 @@ fail: int qcow2_snapshot_delete(BlockDriverState *bs, const char *snapshot_id) { BDRVQcowState *s = bs->opaque; - QCowSnapshot *sn; + QCowSnapshot sn; int snapshot_index, ret; + /* Search the snapshot */ snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_id); - if (snapshot_index < 0) + if (snapshot_index < 0) { return -ENOENT; - sn = &s->snapshots[snapshot_index]; + } + sn = s->snapshots[snapshot_index]; - ret = qcow2_update_snapshot_refcount(bs, sn->l1_table_offset, sn->l1_size, -1); - if (ret < 0) + /* Remove it from the snapshot list */ + memmove(s->snapshots + snapshot_index, + s->snapshots + snapshot_index + 1, + (s->nb_snapshots - snapshot_index - 1) * sizeof(sn)); + s->nb_snapshots--; + ret = qcow2_write_snapshots(bs); + if (ret < 0) { return ret; - /* must update the copied flag on the current cluster offsets */ - ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); - if (ret < 0) + } + + /* + * The snapshot is now unused, clean up. If we fail after this point, we + * won't recover but just leak clusters. + */ + g_free(sn.id_str); + g_free(sn.name); + + /* + * Now decrease the refcounts of clusters referenced by the snapshot and + * free the L1 table. + */ + ret = qcow2_update_snapshot_refcount(bs, sn.l1_table_offset, + sn.l1_size, -1); + if (ret < 0) { return ret; - qcow2_free_clusters(bs, sn->l1_table_offset, sn->l1_size * sizeof(uint64_t)); + } + qcow2_free_clusters(bs, sn.l1_table_offset, sn.l1_size * sizeof(uint64_t)); - g_free(sn->id_str); - g_free(sn->name); - memmove(sn, sn + 1, (s->nb_snapshots - snapshot_index - 1) * sizeof(*sn)); - s->nb_snapshots--; - ret = qcow2_write_snapshots(bs); + /* must update the copied flag on the current cluster offsets */ + ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); if (ret < 0) { - /* XXX: restore snapshot if error ? */ return ret; } + #ifdef DEBUG_ALLOC qcow2_check_refcounts(bs); #endif -- 1.7.11.7