From 709c0e7616c56fe44dfd9bccc1df4d8506e334b7 Mon Sep 17 00:00:00 2001
From: Jim Fehlig <jfehlig@suse.com>
Date: Thu, 24 Sep 2020 10:39:13 -0600
Subject: [PATCH] libxl: Don't free def member of virDomainObj

The refactoring in commit de49d5bad3 accidentally dropped the statement
setting def to NULL after successfully adding it to the virDomainObjList,
causing it to be freed while still in use. The resulting memory
corruption caused unpredictable behavior, often resulting in a libvirtd
crash.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
---
 src/libxl/libxl_driver.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index 083738871d..571b70f982 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -627,6 +627,7 @@ libxlAddDom0(libxlDriverPrivatePtr driver)
                                        NULL)))
             goto cleanup;
 
+        def = NULL;
         vm->persistent = 1;
         virDomainObjSetState(vm, VIR_DOMAIN_RUNNING, VIR_DOMAIN_RUNNING_BOOTED);
     }
-- 
2.47.2