From 1284c4abf3cdcf2b38d3c367549860ebbff1325a Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Thu, 15 Oct 2009 17:31:01 +0200
Subject: [PATCH] qcow2: Fix grow_refcount_table error handling

In case of failure, we haven't increased the refcount for the newly allocated
cluster yet. Therefore we must not free the cluster or its refcount will become
negative (and endless recursion is possible).

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
 block/qcow2-refcount.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 609eee1..3026678 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -182,7 +182,6 @@ static int grow_refcount_table(BlockDriverState *bs, int min_size)
     qcow2_free_clusters(bs, old_table_offset, old_table_size * sizeof(uint64_t));
     return 0;
  fail:
-    qcow2_free_clusters(bs, table_offset, new_table_size2);
     qemu_free(new_table);
     return -EIO;
 }
-- 
2.7.4