qemu: Avoid crash in qemuStateShutdownPrepare() and qemuStateShutdownWait()

If QEMU driver fails to initialize for whatever reason (it can be
as trivial as a typo on qemu.conf), the control jumps to error
label in qemuStateInitialize() where qemuStateCleanup() is called
which frees the driver. But the daemon then asks drivers to
prepare for shutdown, which in case of QEMU driver is implemented
in qemuStateShutdownPrepare(). In here, the driver is
dereferenced but since it was freed earlier, the pointer is NULL
which leads to instant crash.

Solution is simple - just check if qemu_driver is not NULL. But
doing so only in qemuStateShutdownPrepare() would push the
problem down to virStateShutdownWait(), well
qemuStateShutdownWait(). Therefore, duplicate the trick there
too.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1895359#c14
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index b3e663c9d57efcceb7deb0365329ba55b3c0913e..85f230e5d53b092109266cf51b1eebe6dabb4e0f 100644 (file)
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -1075,6 +1075,9 @@ qemuStateStop(void)
 static int
 qemuStateShutdownPrepare(void)
 {
+    if (!qemu_driver)
+        return 0;
+
     virThreadPoolStop(qemu_driver->workerPool);
     return 0;
 }
@@ -1094,6 +1097,9 @@ qemuDomainObjStopWorkerIter(virDomainObjPtr vm,
 static int
 qemuStateShutdownWait(void)
 {
+    if (!qemu_driver)
+        return 0;
+
     virDomainObjListForEach(qemu_driver->domains, false,
                             qemuDomainObjStopWorkerIter, NULL);
     virThreadPoolDrain(qemu_driver->workerPool);