When a domain is killed on the source host while it is being migrated and libvirtd is waiting for the migration to finish (waiting for the domain condition in qemuMigrationSrcWaitForCompletion), the run-time state including priv->job.current may already be freed once virDomainObjWait returns with -1. Thus the priv->job.current pointer cached in jobInfo is no longer valid and setting jobInfo->status may crash the daemon. https://bugzilla.redhat.com/show_bug.cgi?id=1593137 Signed-off-by: Jiri Denemark <jdenemar@xxxxxxxxxx> --- src/qemu/qemu_migration.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 435cd174af..825a9d399b 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -1584,7 +1584,8 @@ qemuMigrationSrcWaitForCompletion(virQEMUDriverPtr driver, if (events) { if (virDomainObjWait(vm) < 0) { - jobInfo->status = QEMU_DOMAIN_JOB_STATUS_FAILED; + if (virDomainObjIsActive(vm)) + jobInfo->status = QEMU_DOMAIN_JOB_STATUS_FAILED; return -2; } } else { -- 2.18.0 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list