Il 06/11/2013 09:58, Jason Wang ha scritto:
> We delete without check whether it existed during exit. This will lead NULL
> pointer deference since it was created conditionally depends on guest driver
> status and features. So add a check of existence before trying to delete it.
>
> Cc: qemu-sta...@nongnu.org
> Signed-off-by: Jason Wang <jasow...@redhat.com>
> ---
> hw/net/virtio-net.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
> index 22dbd05..ae51d96 100644
> --- a/hw/net/virtio-net.c
> +++ b/hw/net/virtio-net.c
> @@ -1601,7 +1601,7 @@ static int virtio_net_device_exit(DeviceState *qdev)
> if (q->tx_timer) {
> timer_del(q->tx_timer);
> timer_free(q->tx_timer);
> - } else {
> + } else if (q->tx_bh) {
> qemu_bh_delete(q->tx_bh);
> }
> }
>
Please remember to add 1.7 in the subject at this time.
Paolo
