free_cluster_index is only correct if update_refcount() was called from
an allocation function, and even there it's brittle because it's used to
protect unfinished allocations which still have a refcount of 0 - if it
moves in the wrong place, the unfinished allocation can be corrupted.

So not using it any more seems to be a good idea. Instead, use the
first requested cluster to do the calculations. Return -EAGAIN if
unfinished allocations could become invalid and let the caller restart
its search for some free clusters.

The context of creating a snapsnot is one situation where
update_refcount() is called outside of a cluster allocation. For this
case, the change fixes a buffer overflow if a cluster is referenced in
an L2 table that cannot be represented by an existing refcount block.
(new_table[refcount_table_index] was out of bounds)

[Bump the qemu-iotests 026 refblock_alloc.write leak count from 10 to
11.
--Stefan]
Signed-off-by: NKevin Wolf <kwolf@redhat.com>
Reviewed-by: NMax Reitz <mreitz@redhat.com>
Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>

Because l2_allocate now frees the unused L2 cluster on error, the
according test cases in 026 don't result in one leaked cluster anymore.
Signed-off-by: NMax Reitz <mreitz@redhat.com>
Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>

The reference output for test case 026 hasn't been updated in a long
time and it's one of the "known failing" cases. This patch updates the
reference output so that unintentional changes can be reliably detected
again.

The problem with this test case is that it produces different output
depending on whether -nocache is used or not. The solution of this patch
is to actually have two different reference outputs. If nnn.out.nocache
exists, it is used as the reference output for -nocache; otherwise,
nnn.out stays valid for both cases.
Signed-off-by: NKevin Wolf <kwolf@redhat.com>
Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>

Some image formats do have a cluster size, others don't, but there are
tests that work with both sets of images and currently we get failures
because the qemu-img create output doesn't mention the cluster size for
some formats.
Signed-off-by: NKevin Wolf <kwolf@redhat.com>
Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com>

The error message for leaked clusters has changed. qemu-iotests needs to be
updated to pass 026 again.
Signed-off-by: NKevin Wolf <kwolf@redhat.com>
Signed-off-by: NChristoph Hellwig <hch@lst.de>

This adds test cases for qcow2 error paths (using blkdebug)
Signed-off-by: NKevin Wolf <kwolf@redhat.com>
Signed-off-by: NChristoph Hellwig <hch@lst.de>