aboutsummaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorJason Wang <jasowang@redhat.com>2020-05-11 12:04:53 +0800
committerJason Wang <jasowang@redhat.com>2020-06-18 21:05:52 +0800
commit5fe19fb81839ea42b592b409f725349cf3c73551 (patch)
tree1cc296f94dfec4fc475954f9fcf0f5f39a65aafe /net
parentfbc14a098d945dfa9c141423771db0122defa38c (diff)
downloadqemu-5fe19fb81839ea42b592b409f725349cf3c73551.zip
qemu-5fe19fb81839ea42b592b409f725349cf3c73551.tar.gz
qemu-5fe19fb81839ea42b592b409f725349cf3c73551.tar.bz2
net: use peer when purging queue in qemu_flush_or_purge_queue_packets()
The sender of packet will be checked in the qemu_net_queue_purge() but we use NetClientState not its peer when trying to purge the incoming queue in qemu_flush_or_purge_packets(). This will trigger the assert in virtio_net_reset since we can't pass the sender check: hw/net/virtio-net.c:533: void virtio_net_reset(VirtIODevice *): Assertion `!virtio_net_get_subqueue(nc)->async_tx.elem' failed. #9 0x55a33fa31b78 in virtio_net_reset hw/net/virtio-net.c:533:13 #10 0x55a33fc88412 in virtio_reset hw/virtio/virtio.c:1919:9 #11 0x55a341d82764 in virtio_bus_reset hw/virtio/virtio-bus.c:95:9 #12 0x55a341dba2de in virtio_pci_reset hw/virtio/virtio-pci.c:1824:5 #13 0x55a341db3e02 in virtio_pci_common_write hw/virtio/virtio-pci.c:1252:13 #14 0x55a33f62117b in memory_region_write_accessor memory.c:496:5 #15 0x55a33f6205e4 in access_with_adjusted_size memory.c:557:18 #16 0x55a33f61e177 in memory_region_dispatch_write memory.c:1488:16 Reproducer: https://www.mail-archive.com/qemu-devel@nongnu.org/msg701914.html Fix by using the peer. Reported-by: "Alexander Bulekov" <alxndr@bu.edu> Acked-by: Alexander Bulekov <alxndr@bu.edu> Fixes: ca77d85e1dbf9 ("net: complete all queued packets on VM stop") Cc: qemu-stable@nongnu.org Signed-off-by: Jason Wang <jasowang@redhat.com>
Diffstat (limited to 'net')
-rw-r--r--net/net.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/net.c b/net/net.c
index cbeeead..4c62b10 100644
--- a/net/net.c
+++ b/net/net.c
@@ -610,7 +610,7 @@ void qemu_flush_or_purge_queued_packets(NetClientState *nc, bool purge)
qemu_notify_event();
} else if (purge) {
/* Unable to empty the queue, purge remaining packets */
- qemu_net_queue_purge(nc->incoming_queue, nc);
+ qemu_net_queue_purge(nc->incoming_queue, nc->peer);
}
}