[libvirt] [PATCH] snapshot: make quiesce a bit safer

Eric Blake eblake at redhat.com
Sat Mar 17 12:38:18 UTC 2012 

On 03/16/2012 02:49 PM, Eric Blake wrote:
> If a guest is paused, we were silently ignoring the quiesce flag,
> which results in unclean snapshots, contrary to the intent of the
> flag.  Since we can't quiesce without guest agent support, we should
> instead fail if the guest is not running.
> 
> Meanwhile, if we attempt a quiesce command, but the guest agent
> doesn't respond, and we time out, we may have left the command
> pending on the guest's queue, and when the guest resumes parsing
> commands, it will freeze even though our command is no longer
> around to issue a thaw.  To be safe, we must _always_ pair every
> quiesce call with a counterpart thaw, even if the quiesce call
> failed due to a timeout, so that if a guest wakes up and starts
> processing a command backlog, it will not get stuck in a frozen
> state.
> 
> * src/qemu/qemu_driver.c (qemuDomainSnapshotCreateDiskActive):
> Always issue thaw after a quiesce, even if quiesce failed.
> (qemuDomainSnapshotFSThaw): Add a parameter.
> ---

This needs one tweak.  If the user calls virDomainSnapshotCreate(...,
VIR_DOMAIN_SNAPSHOT_CREATE_HALT | VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE),
they are specifically requesting that the file system be stabilized then
abandon the current running VM, with the intention of doing a fresh boot
using the stable disks.  In that case, it's okay to do a quiesce with no
matching thaw; particularly since the vm will be halted so a thaw would
fail here:

>  endjob:
> +    if (vm && thaw != 0 &&
> +        qemuDomainSnapshotFSThaw(driver, vm, thaw > 0) < 0) {
> +        /* helper reported the error, if it was needed */
> +        if (thaw > 0)
> +            ret = -1;
> +    }
>      if (vm && (qemuDomainObjEndJob(driver, vm) == 0)) {
>              /* Only possible if a transient vm quit while our locks were down,
>               * in which case we don't want to save snapshot metadata.  */

I will be squashing this in:

diff --git i/src/qemu/qemu_driver.c w/src/qemu/qemu_driver.c
index a46ce10..b661290 100644
--- i/src/qemu/qemu_driver.c
+++ w/src/qemu/qemu_driver.c
@@ -10018,6 +10018,7 @@ qemuDomainSnapshotCreateDiskActive(virConnectPtr
conn,
          * only, so this end job never drops the last reference.  */
         ignore_value(qemuDomainObjEndJob(driver, vm));
         resume = false;
+        thaw = 0;
         vm = NULL;
         if (event)
             qemuDomainEventQueue(driver, event);

-- 
Eric Blake   eblake at redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120317/ea5c5389/attachment-0001.sig>

More information about the libvir-list mailing list