cpu_x86: fix libvirtd crash when host cpu vendor is not available

When starting a guest and copying host vendor cpuid to the guest
cpu, libvirtd would crash if the host cpu contained a NULL vendor
field. Avoid the crash by checking for a valid vendor in the host
cpu before copying the cpuid to the guest cpu.

For completeness, here is a backtrace from the crash

(gdb) bt
f0  0x00007ffff739bf33 in x86DataCpuid (cpuid=0x8, cpuid=0x8,
    data=data@entry=0x7fffb800ee78) at cpu/cpu_x86.c:287
f1  virCPUx86DataAddCPUID (data=data@entry=0x7fffb800ee78, cpuid=0x8)
    at cpu/cpu_x86.c:355
f2  0x00007ffff739ef47 in x86Compute (host=<optimized out>, cpu=0x7fffb8000cc0,
    guest=0x7fffecca7348, message=<optimized out>) at cpu/cpu_x86.c:1580
f3  0x00007fffd2b38e53 in qemuBuildCpuModelArgStr (migrating=false,
    hasHwVirt=<synthetic pointer>, qemuCaps=0x7fffb8001040, buf=0x7fffecca7360,
    def=0x7fffc400ce20, driver=0x1c) at qemu/qemu_command.c:6283
f4  qemuBuildCpuCommandLine (cmd=cmd@entry=0x7fffb8002f60,
    driver=driver@entry=0x7fffc80882c0, def=def@entry=0x7fffc400ce20,
    qemuCaps=qemuCaps@entry=0x7fffb8001040, migrating=<optimized out>)
    at qemu/qemu_command.c:6445
(gdb) f2
(gdb) p *host_model
$23 = {name = 0x7fffb800ec50 "qemu64", vendor = 0x0, signature = 0, data = {
    len = 2, data = 0x7fffb800e720}}

diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
index 670b02ed6df2e8bb181d2ac2622c7d0c187670d3..ee5b57d6fcdf45eec1a37e85db2768b0a1cb9ee0 100644 (file)
--- a/src/cpu/cpu_x86.c
+++ b/src/cpu/cpu_x86.c
@@ -1592,7 +1592,7 @@ x86Compute(virCPUDefPtr host,
         if (!(guest_model = x86ModelCopy(host_model)))
             goto error;
 
-        if (cpu->vendor &&
+        if (cpu->vendor && host_model->vendor &&
             virCPUx86DataAddCPUID(&guest_model->data,
                                   &host_model->vendor->cpuid) < 0)
             goto error;