usb_packet_set_state: handle p->ep == NULL

usb_packet_set_state can be called with p->ep = NULL.  The tracepoint
there tries to log endpoint information, which leads to a segfault.
This patch makes usb_packet_set_state handle the NULL pointer properly.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

1 files changed, 11 insertions, 6 deletions

diff --git a/hw/usb/core.c b/hw/usb/core.c
index a4048fe3e0..9a14a53852 100644
--- a/hw/usb/core.c
+++ b/hw/usb/core.c
@@ -484,12 +484,17 @@ void usb_packet_check_state(USBPacket *p, USBPacketState expected)
 
 void usb_packet_set_state(USBPacket *p, USBPacketState state)
 {
-    USBDevice *dev = p->ep->dev;
-    USBBus *bus = usb_bus_from_device(dev);
-
-    trace_usb_packet_state_change(bus->busnr, dev->port->path, p->ep->nr, p,
-                                  usb_packet_state_name(p->state),
-                                  usb_packet_state_name(state));
+    if (p->ep) {
+        USBDevice *dev = p->ep->dev;
+        USBBus *bus = usb_bus_from_device(dev);
+        trace_usb_packet_state_change(bus->busnr, dev->port->path, p->ep->nr, p,
+                                      usb_packet_state_name(p->state),
+                                      usb_packet_state_name(state));
+    } else {
+        trace_usb_packet_state_change(-1, "", -1, p,
+                                      usb_packet_state_name(p->state),
+                                      usb_packet_state_name(state));
+    }
     p->state = state;
 }