[Qemu-devel] PATCH: qcow2 image corruption

[Juergen Keil <jk@tools.de>]

[-- Attachment #1: Type: TEXT/plain, Size: 1178 bytes --]


There have been several reports recently that qemu qcow2 images get
corrupted when they grow to ~ 4 gbytes.

I've been able to reproduce this using an opensolaris (build 60) install
into an 8GB qcow2 image.  Installing from dvd works and fills the qcow2
image to ~ 4GB; fsck of the installed qcow2 hdd is OK; but during
the first boot from the newly installed hdd there are all sorts of 
file system corruption messages by the solaris kernel. And with the
second boot attempt the qcow2 image has become unbootable.


As far as I understand it, the corruption happens when the qcow2
"refcount_table" needs to grow, in function grow_refcount_table().
The qcow2 on-disk position of the grown refcount_table is updated,
but the in-core offset of the new refcount_table isn't !

Apparently this results in qcow2 image corruption when
update_cluster_refcount() is used the next time, and it
writes the offset of a newly allocated refount cluster to the *old*
location of the refcount_table.


I've tried to fix this with the attached patch.  I've repeated the
opensolaris (build 60) install experiment with a fresh 8G qcow2 image,
and so far, there's no more qcow2 image corruption.

[-- Attachment #2: qcow2.patch --]
[-- Type: TEXT/plain, Size: 561 bytes --]

Index: block-qcow2.c
===================================================================
RCS file: /cvsroot/qemu/qemu/block-qcow2.c,v
retrieving revision 1.4
diff -u -B -r1.4 block-qcow2.c
--- block-qcow2.c       7 Aug 2006 02:38:06 -0000       1.4
+++ block-qcow2.c       30 Mar 2007 19:19:41 -0000
@@ -1933,6 +1941,7 @@
     qemu_free(s->refcount_table);
     s->refcount_table = new_table;
     s->refcount_table_size = new_table_size;
+    s->refcount_table_offset = table_offset;

     update_refcount(bs, table_offset, new_table_size2, 1);
     return 0;