From: Jason Wang <[email protected]> We delete without check whether it existed during exit. This will lead NULL pointer deference since it was created conditionally depends on guest driver status and features. So add a check of existence before trying to delete it.
Cc: [email protected] Signed-off-by: Jason Wang <[email protected]> Reviewed-by: Michael S. Tsirkin <[email protected]> Signed-off-by: Michael S. Tsirkin <[email protected]> --- hw/net/virtio-net.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c index 22dbd05..ae51d96 100644 --- a/hw/net/virtio-net.c +++ b/hw/net/virtio-net.c @@ -1601,7 +1601,7 @@ static int virtio_net_device_exit(DeviceState *qdev) if (q->tx_timer) { timer_del(q->tx_timer); timer_free(q->tx_timer); - } else { + } else if (q->tx_bh) { qemu_bh_delete(q->tx_bh); } } -- MST
