[libvirt] [RFC] Add a new feild to qemud_save_header to tell if the saved image is corrupt

Daniel P. Berrange berrange at redhat.com
Wed Aug 17 16:01:37 UTC 2011 

On Wed, Aug 17, 2011 at 08:12:03AM -0600, Eric Blake wrote:
> On 08/17/2011 07:10 AM, Osier Yang wrote:
> >If one tries to restore a domain from a corrupt save image, we blindly
> >goes forward to restore from it, this can cause many different errors,
> >depending on how much the image is saved. E.g.
> >
> >https://bugzilla.redhat.com/show_bug.cgi?id=730750
> >
> >So I'm thinking if we can introduce a new feild to struct qemud_save_header,
> >such as "bool complete;", and set it true if succeeded to save the image,
> >false if not. So that could do some checking while trying to open the image
> >(qemuDomainSaveImageOpen), and quit early if "complete" is false, with
> >a sensiable error message.
> 
> Almost.  I think we can reuse one of the existing spare fields in
> the header (that is, change unused[15] to instead be unused[14] and
> make the new field a uint32_t), and I also think we need to have a
> tri-state value:
> 
> 0 - save image was created with older libvirt, no idea if image is sane
> 1 - save image created by current libvirt, but not yet marked
> complete; attempts to restore from this image should fail with
> sensible message suggesting nuking the save image since it is broken
> - value written at start of save process
> 2 - save image created by current libvirt and completed - value
> written at end of save process
> 
> And of course, we have to update the bswap_header routine to treat
> it with the same endianness as the rest of the header.

The downside to adding a new header field, is that old libvirt
won't look for it. A slightly more evil approach is to

  1. Write header, but with 'magic' set to all zerso
  2. do migration
  3. Re-write header to set correct 'magic'


On the plus side old livirt will refuse to restore from this. On the
downside new libvirt will give less good errors "not a known save
file" instad of "save file is corrupt"

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list