From: Kevin Wolf <kwolf@redhat.com>
Date: Thu, 15 Oct 2009 15:31:01 +0000 (+0200)
Subject: qcow2: Fix grow_refcount_table error handling
X-Git-Tag: v0.12.0-rc0~595
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=c5baaa489f5557fa01431ba0c5de28b43fc9631e;p=users%2Fdwmw2%2Fqemu.git

qcow2: Fix grow_refcount_table error handling

In case of failure, we haven't increased the refcount for the newly allocated
cluster yet. Therefore we must not free the cluster or its refcount will become
negative (and endless recursion is possible).

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---

diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 609eee1891..30266786df 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -182,7 +182,6 @@ static int grow_refcount_table(BlockDriverState *bs, int min_size)
     qcow2_free_clusters(bs, old_table_offset, old_table_size * sizeof(uint64_t));
     return 0;
  fail:
-    qcow2_free_clusters(bs, table_offset, new_table_size2);
     qemu_free(new_table);
     return -EIO;
 }