From b4423a753baa46993c4215a0f7480725b205bf44 Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 11 Jun 2024 15:50:52 +0200
Subject: [PATCH] qemuDomainDiskPrivateDispose: Prevent dangling 'disk' pointer
 in blockjob data

Clear the 'disk' member of 'blockjob' as we're freeing the disk object
at this point. While this should not normally happen it was observed
when other bug allowed the VM to be cleared while other threads didn't
yet finish.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_domain.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 7ba2ea4a5e..a39f361a64 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -798,7 +798,13 @@ qemuDomainDiskPrivateDispose(void *obj)
     virObjectUnref(priv->migrSource);
     g_free(priv->qomName);
     g_free(priv->nodeCopyOnRead);
-    virObjectUnref(priv->blockjob);
+    if (priv->blockjob) {
+        /* Prevent dangling 'disk' pointer, as the disk object will be freed
+         * right after this function returns if any of the blockjob instance
+         * outlives this for any reason. */
+        priv->blockjob->disk = NULL;
+        virObjectUnref(priv->blockjob);
+    }
 }
 
 static virClass *qemuDomainStorageSourcePrivateClass;
-- 
2.39.5