qemu: Fix crash when resuming failed post-copy migration

Since commit 28a06215280 (released in 11.2.0) resuming a failed
post-copy migration calls qemuProcessIncomingDefNew with fd == NULL
rather than -1. The function does not expect to be called with NULL file
descriptor and tries to dereference it causing virtqemud on the
destination host to crash.

Fixes: 28a06215280b99708ed8dc2d183f62ba7b34ccf8
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>

diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 2a01ca58bd495f812c9d5e75fe7a4351b7a79aa8..1f91ad1117f25d3ea472d58e085a373a5cf37b7f 100644 (file)
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -3642,6 +3642,7 @@ qemuMigrationDstPrepareResume(virQEMUDriver *driver,
     virDomainJobStatus status;
     virDomainObj *vm;
     int ret = -1;
+    int nofd = -1;
 
     VIR_DEBUG("name=%s, origname=%s, protocol=%s, port=%hu, "
               "listenAddress=%s, flags=0x%x",
@@ -3684,7 +3685,7 @@ qemuMigrationDstPrepareResume(virQEMUDriver *driver,
     priv->origname = g_strdup(origname);
 
     if (!(incoming = qemuMigrationDstPrepare(driver, vm, false, protocol,
-                                             listenAddress, port, NULL)))
+                                             listenAddress, port, &nofd)))
         goto cleanup;
 
     if (qemuDomainObjEnterMonitorAsync(vm, VIR_ASYNC_JOB_MIGRATION_IN) < 0)