migration: Fix use of file after release

qemu_fclose frees the passed file structure, but do_migrate_set_speed
may access it later on. Fix it by setting file NULL in
migrate_fd_cleanup and checking for this.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>

diff --git a/migration.c b/migration.c
index 3ae0be86c8468d78e71493c0cd90469ee80e826e..dcde7c38da1547014b87aafc6581be159089547c 100644 (file)
--- a/migration.c
+++ b/migration.c
@@ -118,12 +118,11 @@ void do_migrate_set_speed(Monitor *mon, const QDict *qdict, QObject **ret_data)
     }
 
     max_throttle = (uint32_t)d;
-    s = migrate_to_fms(current_migration);
 
-    if (s) {
+    s = migrate_to_fms(current_migration);
+    if (s && s->file) {
         qemu_file_set_rate_limit(s->file, max_throttle);
     }
-    
 }
 
 /* amount of nanoseconds we are willing to wait for migration to be down.
@@ -209,6 +208,7 @@ void migrate_fd_cleanup(FdMigrationState *s)
     if (s->file) {
         dprintf("closing file\n");
         qemu_fclose(s->file);
+        s->file = NULL;
     }
 
     if (s->fd != -1)