qemu: Avoid crash in qemuStateShutdownPrepare() and qemuStateShutdownWait()

If QEMU driver fails to initialize for whatever reason (it can be as trivial as a typo on qemu.conf), the control jumps to error label in qemuStateInitialize() where qemuStateCleanup() is called which frees the driver. But the daemon then asks drivers to prepare for shutdown, which in case of QEMU driver is implemented in qemuStateShutdownPrepare(). In here, the driver is dereferenced but since it was freed earlier, the pointer is NULL which leads to instant crash. Solution is simple - just check if qemu_driver is not NULL. But doing so only in qemuStateShutdownPrepare() would push the problem down to virStateShutdownWait(), well qemuStateShutdownWait(). Therefore, duplicate the trick there too. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1895359#c14 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2024-10-05 22:05:47 +00:00 · 2021-01-22 10:25:45 +01:00 · 2021-01-22 10:25:45 +01:00 · 69977ff105
commit 69977ff105
parent 225c568378
1 changed files with 6 additions and 0 deletions
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@ -1075,6 +1075,9 @@ qemuStateStop(void)
 static int
 qemuStateShutdownPrepare(void)
 {
+    if (!qemu_driver)
+        return 0;
+
    virThreadPoolStop(qemu_driver->workerPool);
    return 0;
 }
@ -1094,6 +1097,9 @@ qemuDomainObjStopWorkerIter(virDomainObjPtr vm,
 static int
 qemuStateShutdownWait(void)
 {
+    if (!qemu_driver)
+        return 0;
+
    virDomainObjListForEach(qemu_driver->domains, false,
                            qemuDomainObjStopWorkerIter, NULL);
    virThreadPoolDrain(qemu_driver->workerPool);