[BUG] Qcow2 corruption on snapshot revert

[Philipp Hahn]

Hello,

it seems like I have discovered a bug in qemu-0.14.1 which corrupts Qcow2 
image files when using internal snapshots.
I tied this both on an amd64 host running our Debian bases UCS distribution 
(using pure qemu-kvm_0.14 and pure qemu-kvm_0.14.1) and also on a pure Debian 
i386 sid installation (patched qemu-kvm_0.14.1).
I can reproducte this every time doing the following steps:
0. Create and install VM
1. Shut down VM
2. Create offline snapshot using qemu-img snapshot -c Off image.qcow2
3. Start VM
4. Create online snapshot using savevm On
5. Shut down VM
6. Revert to snapshot using qemu-img snapshot -a Off image.qcow2
Repeat step 6 three or more times and the Image is destroyed.

My guess is that this is a but in qemu-img, which is related to having an 
online snapshot (VM running) while reverting to an offline snapshot (VM 
stopped), because I wasn't able to reproduce this using only offline 
snapshots or only online snapshots.

I have attached a shell script to reproduce this bug on all my runs.
* It both happens with kvm-0.14.1 and also with qemu-0.14.1.
* The cache stragtegy writethrough vs. writeback is irrelevant.

The script needs an image nameded pmh_squeeze-0.qcow.bak2 of an VM where you 
can login via serial console using root for login and univention for 
password. You can use other images as well, as long as you modify the block 
device from within the VM. You get get it from 
http://download.univention.de/download/temp/qemu-0.14-qcow2/

There you will also find the beginning of a small Python program 
called qcow2.py which can be used to dump the structure of an qcow2 file in 
some more human readable format with some consistency checking.

Related links:
http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=e11480db7ff15a9e878f6b3cc1199b439bf7c825
http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=f0aa7a8b2d518c54430e4382309281b93e51981a
http://lists.gnu.org/archive/html/qemu-devel/2011-04/msg01376.html
https://forge.univention.org/bugzilla/show_bug.cgi?id=1

Any help is appreciated.

Sincerely
Philipp Hahn
-- 
Philipp Hahn   Open Source Software Engineer  h...@univention.de
Univention GmbHLinux for Your Businessfon: +49 421 22 232- 0
Mary-Somerville-Str.1  D-28359 Bremen fax: +49 421 22 232-99
   http://www.univention.de/


1_qemu_qcow2_bug.test
Description: application/shellscript


signature.asc
Description: This is a digitally signed message part.

Re: [BUG] Qcow2 corruption on snapshot revert

[Kevin Wolf]

Am 04.08.2011 16:20, schrieb Philipp Hahn:
 Hello,
 
 it seems like I have discovered a bug in qemu-0.14.1 which corrupts Qcow2 
 image files when using internal snapshots.
 I tied this both on an amd64 host running our Debian bases UCS distribution 
 (using pure qemu-kvm_0.14 and pure qemu-kvm_0.14.1) and also on a pure Debian 
 i386 sid installation (patched qemu-kvm_0.14.1).
 I can reproducte this every time doing the following steps:
 0. Create and install VM
 1. Shut down VM
 2. Create offline snapshot using qemu-img snapshot -c Off image.qcow2
 3. Start VM
 4. Create online snapshot using savevm On
 5. Shut down VM
 6. Revert to snapshot using qemu-img snapshot -a Off image.qcow2
 Repeat step 6 three or more times and the Image is destroyed.
 
 My guess is that this is a but in qemu-img, which is related to having an 
 online snapshot (VM running) while reverting to an offline snapshot (VM 
 stopped), because I wasn't able to reproduce this using only offline 
 snapshots or only online snapshots.
 
 I have attached a shell script to reproduce this bug on all my runs.
 * It both happens with kvm-0.14.1 and also with qemu-0.14.1.
 * The cache stragtegy writethrough vs. writeback is irrelevant.
 
 The script needs an image nameded pmh_squeeze-0.qcow.bak2 of an VM where 
 you 
 can login via serial console using root for login and univention for 
 password. You can use other images as well, as long as you modify the block 
 device from within the VM. You get get it from 
 http://download.univention.de/download/temp/qemu-0.14-qcow2/
 
 There you will also find the beginning of a small Python program 
 called qcow2.py which can be used to dump the structure of an qcow2 file in 
 some more human readable format with some consistency checking.
 
 Related links:
 http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=e11480db7ff15a9e878f6b3cc1199b439bf7c825
 http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=f0aa7a8b2d518c54430e4382309281b93e51981a
 http://lists.gnu.org/archive/html/qemu-devel/2011-04/msg01376.html
 https://forge.univention.org/bugzilla/show_bug.cgi?id=1
 
 Any help is appreciated.

Thanks for the report. This small script seems to be enough to reproduce
the corruption:

qemu-img create -f qcow2 /tmp/sn.qcow2 64M
qemu-img snapshot -c foo /tmp/sn.qcow2
qemu-io -c 'write -b 0 4M' /tmp/sn.qcow2
qemu-img snapshot -a foo /tmp/sn.qcow2

I'll look into the details tomorrow.

Kevin
--
To unsubscribe from this list: send the line unsubscribe kvm in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html