From: Jiri Denemark <jdene...@redhat.com>
Since commit 28a06215280 (released in 11.2.0) resuming a failed
post-copy migration calls qemuProcessIncomingDefNew with fd == NULL
rather than -1. The function does not expect to be called with NULL file
descriptor and tries to dereference it causing virtqemud on the
destination host to crash.
Fixes: 28a06215280b99708ed8dc2d183f62ba7b34ccf8
Signed-off-by: Jiri Denemark <jdene...@redhat.com>
---
src/qemu/qemu_migration.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 2a01ca58bd..1f91ad1117 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -3642,6 +3642,7 @@ qemuMigrationDstPrepareResume(virQEMUDriver *driver,
virDomainJobStatus status;
virDomainObj *vm;
int ret = -1;
+ int nofd = -1;
VIR_DEBUG("name=%s, origname=%s, protocol=%s, port=%hu, "
"listenAddress=%s, flags=0x%x",
@@ -3684,7 +3685,7 @@ qemuMigrationDstPrepareResume(virQEMUDriver *driver,
priv->origname = g_strdup(origname);
if (!(incoming = qemuMigrationDstPrepare(driver, vm, false, protocol,
- listenAddress, port, NULL)))
+ listenAddress, port, &nofd)))
goto cleanup;
if (qemuDomainObjEnterMonitorAsync(vm, VIR_ASYNC_JOB_MIGRATION_IN) < 0)
--
2.49.0
