@@ -299,6 +299,14 @@ static int qcow2_write_snapshots(BlockDriverState *bs, Error **errp)
"Failed in update of image header at %d with size %d",
(int)offsetof(QCowHeader, nb_snapshots),
(int)sizeof(header_data));
+
+ /*
+ * If the snapshot data part has been updated on disk, then the
+ * clusters at snapshot_offset may be used in next snapshot operation.
+ * If we free those clusters in fail path, they may be allocated and
+ * made dirty causing damage, so skip cluster free to be safe.
+ */
+ snapshots_offset = 0;
goto fail;
}