From nobody Wed Nov 5 18:45:22 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=gmail.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1536232421173313.7094696356477; Thu, 6 Sep 2018 04:13:41 -0700 (PDT) Received: from localhost ([::1]:60818 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fxsEA-0008PC-06 for importer@patchew.org; Thu, 06 Sep 2018 07:13:34 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53423) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fxsCF-0007F3-HD for qemu-devel@nongnu.org; Thu, 06 Sep 2018 07:11:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fxsCB-0001nf-HB for qemu-devel@nongnu.org; Thu, 06 Sep 2018 07:11:33 -0400 Received: from mail-qt0-x22a.google.com ([2607:f8b0:400d:c0d::22a]:38485) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fxsCB-0001md-A9 for qemu-devel@nongnu.org; Thu, 06 Sep 2018 07:11:31 -0400 Received: by mail-qt0-x22a.google.com with SMTP id x7-v6so11708929qtk.5 for ; Thu, 06 Sep 2018 04:11:30 -0700 (PDT) Received: from localhost.localdomain ([2804:431:f701:4c04:a888:3548:cd61:60d5]) by smtp.gmail.com with ESMTPSA id x26-v6sm3180169qth.15.2018.09.06.04.11.27 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 06 Sep 2018 04:11:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=TiBSSKeSdoCfXwE5rt8NI5+zqvFidn2NKqyrgCn7tqo=; b=dmK8JYBxzhTMu0g0HeKnq/T6jMoiCcFjXmJgZZov1DY9B+HwRXQhC0GVhMcydm3gEM 2LRMk3OBrKa+35U83kixUimUH3kMpt3Z/B8gqqYTvuicgJwX5wfgw8kTJB26ERwsYQFR bMOuohDuesVTSyQqdm7hcRaSIpRiHAqAETNUcdTHz7HzBvpFcjJuW9swgj6ndwELW1dO Rtf9P4wy+UPHCuYpcUdvshn+VvGJg8opSjZ3rXOJmIAMHtYxHSgaupIyfN62tn28GHXW 9JaOE1eByNxCuAxBdu48i1FtqDkPfBJGCvFJhWSh2DUWk0tJddBuiu132sBX+Ofk48ow n6fg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=TiBSSKeSdoCfXwE5rt8NI5+zqvFidn2NKqyrgCn7tqo=; b=kHLyy5ZjnSF4DCE1zAD17+9jp5j6hj80nZZMHlgs1gQdGIySpfPENsfo0repGTOpH6 t3Wd/ue09y5S0ZsWUgSVUM9dOWRQnjLJWMcPq8U9x369MiBibM7PnwPpYjeP44KGwttC REcw8x0rUUSo1HKefpvbnwy/GpWmcBzFA3AnViJCMT8W9nqnuBWSplGZ+hmBH1wiB5kQ GbjCd5HxskNZjnbvg7D6pIh5aehwnq2eY7iylsWVXRiZN1vnD8rQL2tZmzSVL+juXb6z 7vVIPvL3lAKkJgT+mZuENZg5vGChX6BKwwVJcFYfoa7o3wvnEST/WDc6jjG9B8QAZ91b sMZg== X-Gm-Message-State: APzg51AU5l1DpR7uoWcAKTwpqteMDdSgZHvzQOvD0mpNZF9nZ10lYObl qtkQtLfqWnEjOxfqdcf6HgA6G/2Gyfg= X-Google-Smtp-Source: ANB0VdYM5duPwbJ3kXYO6OO44f4kVe5/Ldd34Q/IxJTFavUhiW7UH1T9s05KChttYzB+IcjN3sJHNw== X-Received: by 2002:ac8:35d9:: with SMTP id l25-v6mr1630233qtb.84.1536232289951; Thu, 06 Sep 2018 04:11:29 -0700 (PDT) From: Daniel Henrique Barboza To: qemu-devel@nongnu.org Date: Thu, 6 Sep 2018 08:11:05 -0300 Message-Id: <20180906111107.30684-2-danielhb413@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180906111107.30684-1-danielhb413@gmail.com> References: <20180906111107.30684-1-danielhb413@gmail.com> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:400d:c0d::22a Subject: [Qemu-devel] [PATCH v2 1/3] block/snapshot.c: eliminate use of ID input in snapshot operations X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: kwolf@redhat.com, Daniel Henrique Barboza , armbru@redhat.com, dgilbert@redhat.com, muriloo@linux.ibm.com, mreitz@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDMRC_1 RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" At this moment, QEMU attempts to create/load/delete snapshots by using either an ID (id_str) or a name. The problem is that the code isn't consistent of whether the entered argument is an ID or a name, causing unexpected behaviors. For example, when creating snapshots via savevm , what happens is that "arg" is treated as both name and id_str. In a guest without snapshots, cre= ate a single snapshot via savevm: (qemu) savevm 0 (qemu) info snapshots List of snapshots present on all disks: ID TAG VM SIZE DATE VM CLOCK -- 0 741M 2018-07-31 13:39:56 00:41:25.313 A snapshot with name "0" is created. ID is hidden from the user, but the ID is a non-zero integer that starts at "1". Thus, this snapshot has id_str=3D1, TAG=3D"0". Creating a second snapshot with arg =3D 1, the first= one is deleted: (qemu) savevm 1 (qemu) info snapshots List of snapshots present on all disks: ID TAG VM SIZE DATE VM CLOCK -- 1 741M 2018-07-31 13:42:14 00:41:55.252 What happened? - when creating the second snapshot, a verification is done inside bdrv_all_delete_snapshot to delete any existing snapshots that matches an string argument. Here, the code calls bdrv_all_delete_snapshot("1", ...); - bdrv_all_delete_snapshot calls bdrv_snapshot_find(..., "1") for each BlockDriverState of the guest. And this is where things goes tilting: bdrv_snapshot_find does a search by both id_str and name. It finds out that there is a snapshot that has id_str =3D 1, stores a reference to the snapshot in the sn_info pointer and then returns match found; - since a match was found, a call to bdrv_snapshot_delete_by_id_or_name() is made. This function ignores the pointer written by bdrv_snapshot_find. Inst= ead, it deletes the snapshot using bdrv_snapshot_delete() calling it first with id_str =3D 1. If it fails to delete, then it calls it again with name =3D 1. - after all that, QEMU creates the new snapshot, that has id_str =3D 1 and name =3D 1. The user is left wondering that happened with the first snapshot created. Similar bugs can be triggered when using loadvm and delvm. Before contemplating discarding the use of ID input in these operations, I've searched the code of what would be the implications. My findings are: - the RBD and Sheepdog drivers don't care. Both uses the 'name' field as key in their logic, making id_str =3D name when appropriate. replay-snapshot.c does not make any special use of id_str; - qcow2 uses id_str as an unique identifier but it is automatically calculated, not being influenced by user input. Other than that, there are no distinguish operations made only with id_str; - in blockdev.c, the delete operation uses a match of both id_str AND name. Given that id_str is either a copy of 'name' or auto-generated, we're fine here. This gives motivation to not consider ID as a valid user input in HMP commands - sticking with 'name' input only is more consistent. To accomplish that, the following changes were made in this patch: - bdrv_snapshot_find() does not match for id_str anymore, only 'name'. The function is called in save_snapshot(), load_snapshot(), bdrv_all_delete_sna= pshot() and bdrv_all_find_snapshot(). This change makes the search function more predictable and does not change the behavior of any underlying code that us= es these affected functions, which are related to HMP (which is fine) and the main loop inside vl.c (which doesn't care about it anyways); - bdrv_all_delete_snapshot() does not call bdrv_snapshot_delete_by_id_or_na= me anymore. Instead, it uses the pointer returned by bdrv_snapshot_find to erase the snapshot with the exact match of id_str an name. This function is called in save_snapshot and hmp_delvm, thus this change produces the intended effect; - documentation changes to reflect the new behavior. I consider this to be an API fix instead of an API change - the user was already creating snapshots using 'name', but now he/she will also enjoy a consistent behavior. Libvirt does not care about this change either, as far as I've tested. Ideally we would get rid of the id_str field entirely, but this would have repercussions on existing snapshots. Another day perhaps. Signed-off-by: Daniel Henrique Barboza --- block/snapshot.c | 5 +++-- hmp-commands.hx | 24 ++++++++++++------------ 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/block/snapshot.c b/block/snapshot.c index 3218a542df..e371d2243d 100644 --- a/block/snapshot.c +++ b/block/snapshot.c @@ -63,7 +63,7 @@ int bdrv_snapshot_find(BlockDriverState *bs, QEMUSnapshot= Info *sn_info, } for (i =3D 0; i < nb_sns; i++) { sn =3D &sn_tab[i]; - if (!strcmp(sn->id_str, name) || !strcmp(sn->name, name)) { + if (!strcmp(sn->name, name)) { *sn_info =3D *sn; ret =3D 0; break; @@ -448,7 +448,8 @@ int bdrv_all_delete_snapshot(const char *name, BlockDri= verState **first_bad_bs, aio_context_acquire(ctx); if (bdrv_can_snapshot(bs) && bdrv_snapshot_find(bs, snapshot, name) >=3D 0) { - ret =3D bdrv_snapshot_delete_by_id_or_name(bs, name, err); + ret =3D bdrv_snapshot_delete(bs, snapshot->id_str, + snapshot->name, err); } aio_context_release(ctx); if (ret < 0) { diff --git a/hmp-commands.hx b/hmp-commands.hx index db0c681f74..5b4b8fbf2d 100644 --- a/hmp-commands.hx +++ b/hmp-commands.hx @@ -350,49 +350,49 @@ ETEXI { .name =3D "savevm", .args_type =3D "name:s?", - .params =3D "[tag|id]", - .help =3D "save a VM snapshot. If no tag or id are provided,= a new snapshot is created", + .params =3D "tag", + .help =3D "save a VM snapshot. If no tag is provided, a new = snapshot is created", .cmd =3D hmp_savevm, }, =20 STEXI -@item savevm [@var{tag}|@var{id}] +@item savevm @var{tag} @findex savevm Create a snapshot of the whole virtual machine. If @var{tag} is provided, it is used as human readable identifier. If there is already -a snapshot with the same tag or ID, it is replaced. More info at +a snapshot with the same tag, it is replaced. More info at @ref{vm_snapshots}. ETEXI =20 { .name =3D "loadvm", .args_type =3D "name:s", - .params =3D "tag|id", - .help =3D "restore a VM snapshot from its tag or id", + .params =3D "tag", + .help =3D "restore a VM snapshot from its tag", .cmd =3D hmp_loadvm, .command_completion =3D loadvm_completion, }, =20 STEXI -@item loadvm @var{tag}|@var{id} +@item loadvm @var{tag} @findex loadvm Set the whole virtual machine to the snapshot identified by the tag -@var{tag} or the unique snapshot ID @var{id}. +@var{tag}. ETEXI =20 { .name =3D "delvm", .args_type =3D "name:s", - .params =3D "tag|id", - .help =3D "delete a VM snapshot from its tag or id", + .params =3D "tag", + .help =3D "delete a VM snapshot from its tag", .cmd =3D hmp_delvm, .command_completion =3D delvm_completion, }, =20 STEXI -@item delvm @var{tag}|@var{id} +@item delvm @var{tag} @findex delvm -Delete the snapshot identified by @var{tag} or @var{id}. +Delete the snapshot identified by @var{tag}. ETEXI =20 { --=20 2.17.1