fix segfault in setting migration speed

Hi,

Whoever wrote this migrate_set_speed function is totally stupid.

Any failed or completed migration keeps its state to allow probing of
migration data, but has no associated file anymore. It is, thus,
possible to crash qemu by calling migrate_set_speed after a migration
is finished (or failed, or cancelled), but before another one starts.

This patch fixes it.

Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

diff --git a/savevm.c b/savevm.c
index 113f2207c7d39674f19fc9c3ad1e53c2fea697a3..181c0884940827ba2cc6be16c13de8aec0cad670 100644 (file)
--- a/savevm.c
+++ b/savevm.c
@@ -556,7 +556,9 @@ int qemu_file_rate_limit(QEMUFile *f)
 
 size_t qemu_file_set_rate_limit(QEMUFile *f, size_t new_rate)
 {
-    if (f->set_rate_limit)
+    /* any failed or completed migration keeps its state to allow probing of
+     * migration data, but has no associated file anymore */
+    if (f && f->set_rate_limit)
         return f->set_rate_limit(f->opaque, new_rate);
 
     return 0;