From nobody Wed Nov 5 05:11:00 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1533310465056533.0481105703276; Fri, 3 Aug 2018 08:34:25 -0700 (PDT) Received: from localhost ([::1]:51946 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1flc5m-0004VZ-68 for importer@patchew.org; Fri, 03 Aug 2018 11:34:14 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34525) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1flc4a-0003ks-G2 for qemu-devel@nongnu.org; Fri, 03 Aug 2018 11:33:01 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1flc4W-0003f6-G1 for qemu-devel@nongnu.org; Fri, 03 Aug 2018 11:33:00 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:34186 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1flc4W-0003eD-8y for qemu-devel@nongnu.org; Fri, 03 Aug 2018 11:32:56 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 024E681663FE; Fri, 3 Aug 2018 15:32:55 +0000 (UTC) Received: from localhost (ovpn-112-60.ams2.redhat.com [10.36.112.60]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1C6861007241; Fri, 3 Aug 2018 15:32:46 +0000 (UTC) From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= To: qemu-devel@nongnu.org Date: Fri, 3 Aug 2018 17:32:35 +0200 Message-Id: <20180803153235.4134-1-marcandre.lureau@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Fri, 03 Aug 2018 15:32:55 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Fri, 03 Aug 2018 15:32:55 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'marcandre.lureau@redhat.com' RCPT:'' Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH] virtio-gpu: fix crashes upon warm reboot with vga mode X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , "Michael S. Tsirkin" , kraxel@redhat.com, stefanb@linux.vnet.ibm.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" With vga=3D775 on the Linux command line a first boot of the VM running Linux works fine. After a warm reboot it crashes during Linux boot. Before that, valgrind points out bad memory write to console surface. The VGA code is not aware that virtio-gpu got a message surface scanout when the display is disabled. Let's reset VGA graphic mode when it is the case, so that a new display surface is created when doing further VGA operations. https://bugs.launchpad.net/qemu/+bug/1784900/ Reported-by: Stefan Berger Signed-off-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Gerd Hoffmann Reviewed-by: Michael S. Tsirkin Tested-by: Stefan Berger --- include/hw/virtio/virtio-gpu.h | 1 + hw/display/virtio-gpu.c | 5 +++++ hw/display/virtio-vga.c | 11 +++++++++++ 3 files changed, 17 insertions(+) diff --git a/include/hw/virtio/virtio-gpu.h b/include/hw/virtio/virtio-gpu.h index 9780f755ef..d0321672f4 100644 --- a/include/hw/virtio/virtio-gpu.h +++ b/include/hw/virtio/virtio-gpu.h @@ -125,6 +125,7 @@ typedef struct VirtIOGPU { uint32_t bytes_3d; } stats; =20 + void (*disable_scanout)(struct VirtIOGPU *g, int scanout_id); Error *migration_blocker; } VirtIOGPU; =20 diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c index ec366f4c35..3ddd29c0de 100644 --- a/hw/display/virtio-gpu.c +++ b/hw/display/virtio-gpu.c @@ -421,6 +421,11 @@ static void virtio_gpu_disable_scanout(VirtIOGPU *g, i= nt scanout_id) scanout->height ?: 480, "Guest disabled display."); } + + if (g->disable_scanout) { + g->disable_scanout(g, scanout_id); + } + dpy_gfx_replace_surface(scanout->con, ds); scanout->resource_id =3D 0; scanout->ds =3D NULL; diff --git a/hw/display/virtio-vga.c b/hw/display/virtio-vga.c index 2b36f2899a..672b7f9ce2 100644 --- a/hw/display/virtio-vga.c +++ b/hw/display/virtio-vga.c @@ -75,6 +75,16 @@ static void virtio_vga_gl_block(void *opaque, bool block) } } =20 +static void virtio_vga_disable_scanout(VirtIOGPU *g, int scanout_id) +{ + VirtIOVGA *vvga =3D container_of(g, VirtIOVGA, vdev); + + if (scanout_id =3D=3D 0) { + /* reset surface if needed */ + vvga->vga.graphic_mode =3D -1; + } +} + static const GraphicHwOps virtio_vga_ops =3D { .invalidate =3D virtio_vga_invalidate_display, .gfx_update =3D virtio_vga_update_display, @@ -156,6 +166,7 @@ static void virtio_vga_realize(VirtIOPCIProxy *vpci_dev= , Error **errp) vvga->vga_mrs, true); =20 vga->con =3D g->scanout[0].con; + g->disable_scanout =3D virtio_vga_disable_scanout; graphic_console_set_hwops(vga->con, &virtio_vga_ops, vvga); =20 for (i =3D 0; i < g->conf.max_outputs; i++) { --=20 2.18.0.547.g1d89318c48