From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=36516 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1OyVN2-0005Nq-0a
	for qemu-devel@nongnu.org; Wed, 22 Sep 2010 15:52:49 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <alex.williamson@redhat.com>) id 1OyVN0-0006FQ-V5
	for qemu-devel@nongnu.org; Wed, 22 Sep 2010 15:52:47 -0400
Received: from mx1.redhat.com ([209.132.183.28]:34497)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <alex.williamson@redhat.com>) id 1OyVN0-0006F8-OP
	for qemu-devel@nongnu.org; Wed, 22 Sep 2010 15:52:46 -0400
Received: from int-mx08.intmail.prod.int.phx2.redhat.com
	(int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o8MJqjCV017197
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <qemu-devel@nongnu.org>; Wed, 22 Sep 2010 15:52:45 -0400
From: Alex Williamson <alex.williamson@redhat.com>
Date: Wed, 22 Sep 2010 13:52:44 -0600
Message-ID: <20100922195244.30890.93113.stgit@s20.home>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] [PATCH] virtio-net: Don't pass NULL peer to tap
	routines
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: alex.williamson@redhat.com, mst@redhat.com

During a hotplug, the netdev might be removed before the
connected virtio device.  When this happens, the guest might
be running cleanup operations that can trigger a segfault in
qemu.  Avoid one set of these by checking whether the peer
device is present before trying to do tap operations.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
---

 hw/virtio-net.c |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/hw/virtio-net.c b/hw/virtio-net.c
index 0a9cae2..2c758ad 100644
--- a/hw/virtio-net.c
+++ b/hw/virtio-net.c
@@ -216,6 +216,10 @@ static void virtio_net_set_features(VirtIODevice *vdev, uint32_t features)
 
     n->mergeable_rx_bufs = !!(features & (1 << VIRTIO_NET_F_MRG_RXBUF));
 
+    if (!n->nic->nc.peer ||
+        n->nic->nc.peer->info->type != NET_CLIENT_TYPE_TAP) {
+        return;
+    }
     if (n->has_vnet_hdr) {
         tap_set_offload(n->nic->nc.peer,
                         (features >> VIRTIO_NET_F_GUEST_CSUM) & 1,
@@ -224,10 +228,6 @@ static void virtio_net_set_features(VirtIODevice *vdev, uint32_t features)
                         (features >> VIRTIO_NET_F_GUEST_ECN)  & 1,
                         (features >> VIRTIO_NET_F_GUEST_UFO)  & 1);
     }
-    if (!n->nic->nc.peer ||
-        n->nic->nc.peer->info->type != NET_CLIENT_TYPE_TAP) {
-        return;
-    }
     if (!tap_get_vhost_net(n->nic->nc.peer)) {
         return;
     }
@@ -859,7 +859,7 @@ static int virtio_net_load(QEMUFile *f, void *opaque, int version_id)
             return -1;
         }
 
-        if (n->has_vnet_hdr) {
+        if (n->nic->nc.peer && n->has_vnet_hdr) {
             tap_using_vnet_hdr(n->nic->nc.peer, 1);
             tap_set_offload(n->nic->nc.peer,
                     (n->vdev.guest_features >> VIRTIO_NET_F_GUEST_CSUM) & 1,