qemu-system-aarch64 crash when issuing set_link net on in monitor
Description of problem:
Boot the guest. On the host, connect to the qemu monitor and issue the following commmands:
```
set_link net0 off
ethtool enp0s1 on the guest now shows the link going down
set_link net0 on
```

qemu crashes as follows (virtio net):
```
Thread 1 "qemu-system-aar" received signal SIGSEGV, Segmentation fault.
object_get_class (obj=obj@entry=0x0) at ../qemu/qom/object.c:1049
1049	    return obj->class;
(gdb) bt
#0  object_get_class (obj=obj@entry=0x0) at ../qemu/qom/object.c:1049
#1  0x000055555602dd0f in QIO_CHANNEL_GET_CLASS (obj=0x0)
    at /home/tsailer/src/daedalean/exp-bertcard-emu/qemu/include/io/channel.h:29
#2  qio_channel_writev_full
    (errp=0x0, flags=0, nfds=0, fds=0x0, niov=2, iov=0x7fffffff5190, ioc=0x0)
    at ../qemu/io/channel.c:87
#3  qio_channel_writev
    (ioc=0x0, iov=iov@entry=0x7fffffff5190, niov=2, errp=errp@entry=0x0)
    at ../qemu/io/channel.c:305
#4  0x0000555555c42a66 in net_stream_receive
    (nc=0x5555578477d0, buf=<optimized out>, size=90)
    at ../qemu/net/stream.c:98
#5  0x0000555555c3d327 in nc_sendv_compat
    (flags=<optimized out>, iovcnt=1, iov=0x7fffffff52f0, nc=0x5555578477d0)
    at ../qemu/net/net.c:784
#6  qemu_deliver_packet_iov
    (sender=<optimized out>, flags=<optimized out>, iov=0x7fffffff52f0, iovcnt=1, opaque=0x5555578477d0) at ../qemu/net/net.c:830
#7  0x0000555555c4106c in qemu_net_queue_deliver_iov
    (iovcnt=1, iov=0x7fffffff52f0, flags=0, sender=0x5555583049d8, queue=0x55555783c5e0) at ../qemu/net/queue.c:179
#8  qemu_net_queue_send_iov
    (queue=0x55555783c5e0, sender=0x5555583049d8, flags=flags@entry=0, iov=iov@entry=0x7fffffff52f0, iovcnt=iovcnt@entry=1, sent_cb=sent_cb@entry=0x555555f28fa0 <virtio_net_tx_complete>) at ../qemu/net/queue.c:235
#9  0x0000555555c3ed63 in qemu_sendv_packet_async
    (sent_cb=0x555555f28fa0 <virtio_net_tx_complete>, iovcnt=1, iov=0x7fffffff52f0, sender=<optimized out>) at ../qemu/net/net.c:875
#10 0x0000555555f28c1d in virtio_net_flush_tx (q=q@entry=0x5555582fcb00)
    at ../qemu/hw/net/virtio-net.c:2795
#11 0x0000555555f28f18 in virtio_net_tx_bh (opaque=0x5555582fcb00)
    at ../qemu/hw/net/virtio-net.c:2948
#12 0x00005555561c2f47 in aio_bh_call (bh=bh@entry=0x5555582d0b30)
    at ../qemu/util/async.c:172
#13 0x00005555561c311e in aio_bh_poll (ctx=ctx@entry=0x5555574c3c10)
    at ../qemu/util/async.c:219
#14 0x00005555561ab382 in aio_dispatch (ctx=0x5555574c3c10)
    at ../qemu/util/aio-posix.c:424
#15 0x00005555561c2d82 in aio_ctx_dispatch
    (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at ../qemu/util/async.c:361
#16 0x00007ffff7ad5d3b in g_main_context_dispatch ()
    at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#17 0x00005555561c45d8 in glib_pollfds_poll () at ../qemu/util/main-loop.c:287
#18 os_host_main_loop_wait (timeout=0) at ../qemu/util/main-loop.c:310
#19 main_loop_wait (nonblocking=nonblocking@entry=0)
    at ../qemu/util/main-loop.c:589
#20 0x0000555555bf2569 in qemu_main_loop () at ../qemu/system/runstate.c:835
#21 0x00005555561047fa in qemu_default_main () at ../qemu/system/main.c:37
#22 0x00007ffff7229d90 in __libc_start_call_main
     (main=main@entry=0x5555558e5080 <main>, argc=argc@entry=44, argv=argv@entry=0x7fffffffd6c8)
    at ../sysdeps/nptl/libc_start_call_main.h:58
#23 0x00007ffff7229e40 in __libc_start_main_impl
     (main=0x5555558e5080 <main>, argc=44, argv=0x7fffffffd6c8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffd6b8)
    at ../csu/libc-start.c:392
#24 0x00005555558e6095 in _start ()

Crash with e1000e:
[   16.846673] e1000e 0000:00:02.0 enp0s2: NIC Link is Down
[   18.495388] e1000e 0000:00:02.0 enp0s2: NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx

Thread 5 "qemu-system-aar" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffafe00640 (LWP 641377)]
object_get_class (obj=obj@entry=0x0) at ../qemu/qom/object.c:1049
1049	    return obj->class;
(gdb) bt
#0  object_get_class (obj=obj@entry=0x0) at ../qemu/qom/object.c:1049
#1  0x000055555602dd0f in QIO_CHANNEL_GET_CLASS (obj=0x0)
    at /home/tsailer/src/daedalean/exp-bertcard-emu/qemu/include/io/channel.h:29
#2  qio_channel_writev_full
    (errp=0x0, flags=0, nfds=0, fds=0x0, niov=2, iov=0x7fffafdfe9b0, ioc=0x0)
    at ../qemu/io/channel.c:87
#3  qio_channel_writev
    (ioc=0x0, iov=iov@entry=0x7fffafdfe9b0, niov=2, errp=errp@entry=0x0)
    at ../qemu/io/channel.c:305
#4  0x0000555555c42a66 in net_stream_receive
    (nc=0x5555578589b0, buf=<optimized out>, size=90)
    at ../qemu/net/stream.c:98
#5  0x0000555555c3d327 in nc_sendv_compat
    (flags=<optimized out>, iovcnt=3, iov=0x55555850b280, nc=0x5555578589b0)
    at ../qemu/net/net.c:784
#6  qemu_deliver_packet_iov
    (sender=<optimized out>, flags=<optimized out>, iov=0x55555850b280, iovcnt=3, opaque=0x5555578589b0) at ../qemu/net/net.c:830
#7  0x0000555555c4106c in qemu_net_queue_deliver_iov
    (iovcnt=3, iov=0x55555850b280, flags=0, sender=0x5555584facf8, queue=0x55555783c6d0) at ../qemu/net/queue.c:179
#8  qemu_net_queue_send_iov
    (queue=0x55555783c6d0, sender=0x5555584facf8, flags=0, iov=0x55555850b280, iovcnt=3, sent_cb=0x0) at ../qemu/net/queue.c:235
#9  0x0000555555a62737 in net_tx_pkt_send_custom
    (pkt=0x5555584fb200, offload=<optimized out>, callback=0x555555a61150 <net_tx_pkt_sendv>, context=0x5555584facf8) at ../qemu/hw/net/net_tx_pkt.c:847
#10 0x0000555555a62819 in net_tx_pkt_send
    (pkt=<optimized out>, nc=<optimized out>)
    at ../qemu/hw/net/net_tx_pkt.c:816
#11 0x0000555555a6dd2a in e1000e_tx_pkt_send
    (queue_index=<optimized out>, tx=0x555558480cc8, core=0x555558460a60)
    at ../qemu/hw/net/e1000e_core.c:654
#12 e1000e_process_tx_desc
    (queue_index=<optimized out>, dp=0x7fffafdfeb20, tx=0x555558480cc8, core=0x555558460a60) at ../qemu/hw/net/e1000e_core.c:731
#13 e1000e_start_xmit (core=0x555558460a60, txr=txr@entry=0x7fffafdfeb90)
    at ../qemu/hw/net/e1000e_core.c:921
#14 0x0000555555a6dfcc in e1000e_set_tdt
    (core=<optimized out>, index=<optimized out>, val=<optimized out>)
    at ../qemu/hw/net/e1000e_core.c:2432
#15 0x0000555555f72044 in memory_region_write_accessor
    (mr=0x555558460610, addr=14360, value=<optimized out>, size=4, shift=<optimized out>, mask=<optimized out>, attrs=...) at ../qemu/system/memory.c:497
#16 0x0000555555f7320e in access_with_adjusted_size
    (addr=addr@entry=14360, value=value@entry=0x7fffafdfece8, size=size@entry=4,
     access_size_min=<optimized out>, access_size_max=<optimized out>, access_fn=0x555555f71fc0 <memory_region_write_accessor>, mr=<optimized out>, attrs=...) at ../qemu/system/memory.c:573
#17 0x0000555555f743ad in memory_region_dispatch_write
    (mr=mr@entry=0x555558460610, addr=addr@entry=14360, data=<optimized out>, 
    data@entry=19, op=op@entry=MO_32, attrs=...)
    at ../qemu/system/memory.c:1560
#18 0x0000555555fc6cc9 in int_st_mmio_leN
    (cpu=cpu@entry=0x55555789a140, full=full@entry=0x7fffa47eab90, val_le=val_le@entry=19, addr=addr@entry=18446743801007585304, size=size@entry=4, mmu_idx=mmu_idx@entry=2, ra=140736286290890, mr=0x555558460610, mr_offset=14360)
    at ../qemu/accel/tcg/cputlb.c:2489
#19 0x0000555555fc6ec8 in do_st_mmio_leN
    (cpu=0x55555789a140, full=0x7fffa47eab90, val_le=19, addr=18446743801007585304, size=4, mmu_idx=2, ra=140736286290890) at ../qemu/accel/tcg/cputlb.c:2524
#20 0x0000555555fcb55a in do_st_4
    (ra=<optimized out>, memop=<optimized out>, mmu_idx=<optimized out>, val=19, p=<optimized out>, cpu=<optimized out>) at ../qemu/accel/tcg/cputlb.c:2694
#21 do_st4_mmu
    (cpu=0x55555789a140, addr=140736144075184, val=19, oi=2, ra=140736286290890) at ../qemu/accel/tcg/cputlb.c:2770
#22 0x00007fffb859f416 in code_gen_buffer ()
#23 0x0000555555fbb6a6 in cpu_tb_exec
    (cpu=cpu@entry=0x55555789a140, itb=itb@entry=0x7fffb859f2c0 <code_gen_buffer+140112531>, tb_exit=tb_exit@entry=0x7fffafdff444)
    at ../qemu/accel/tcg/cpu-exec.c:458
#24 0x0000555555fbbc2f in cpu_loop_exec_tb
    (tb_exit=0x7fffafdff444, last_tb=<synthetic pointer>, pc=<optimized out>, tb=0x7fffb859f2c0 <code_gen_buffer+140112531>, cpu=0x55555789a140)
    at ../qemu/accel/tcg/cpu-exec.c:908
#25 cpu_exec_loop (cpu=cpu@entry=0x55555789a140, sc=sc@entry=0x7fffafdff4f0)
    at ../qemu/accel/tcg/cpu-exec.c:1022
#26 0x0000555555fbc3d1 in cpu_exec_setjmp
    (cpu=cpu@entry=0x55555789a140, sc=sc@entry=0x7fffafdff4f0)
    at ../qemu/accel/tcg/cpu-exec.c:1039
#27 0x0000555555fbcb9d in cpu_exec (cpu=cpu@entry=0x55555789a140)
    at ../qemu/accel/tcg/cpu-exec.c:1065
#28 0x0000555555fd8123 in tcg_cpu_exec (cpu=cpu@entry=0x55555789a140)
    at ../qemu/accel/tcg/tcg-accel-ops.c:78
#29 0x0000555555fd8280 in mttcg_cpu_thread_fn (arg=arg@entry=0x55555789a140)
    at ../qemu/accel/tcg/tcg-accel-ops-mttcg.c:95
#30 0x00005555561ae740 in qemu_thread_start (args=0x555557883000)
    at ../qemu/util/qemu-thread-posix.c:541
#31 0x00007ffff7294ac3 in start_thread (arg=<optimized out>)
    at ./nptl/pthread_create.c:442
#32 0x00007ffff7326850 in clone3 ()
    at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
```
Steps to reproduce:
1. Boot guest
2. monitor: set_link net0 off
3. monitor: set_link net0 on
Additional information:
Same behaviour with d6430c17d7113d3c38480dc34e59d00b0504e2f7 (master as of 2025-01-19).