From patchwork Fri Nov 10 04:39:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Binfeng Wu X-Patchwork-Id: 13452122 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B93B3C4332F for ; Fri, 10 Nov 2023 04:40:54 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1r1JJE-0007gh-Du; Thu, 09 Nov 2023 23:39:56 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r1JJ9-0007gM-Ri for qemu-devel@nongnu.org; Thu, 09 Nov 2023 23:39:51 -0500 Received: from szxga08-in.huawei.com ([45.249.212.255]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1r1JJ7-0007av-2o for qemu-devel@nongnu.org; Thu, 09 Nov 2023 23:39:51 -0500 Received: from kwepemm000016.china.huawei.com (unknown [172.30.72.54]) by szxga08-in.huawei.com (SkyGuard) with ESMTP id 4SRQxr1W1fz1P87X; Fri, 10 Nov 2023 12:36:16 +0800 (CST) Received: from huawei.com (10.174.187.88) by kwepemm000016.china.huawei.com (7.193.23.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Fri, 10 Nov 2023 12:39:28 +0800 To: , CC: , Subject: [PATCH] Fix segmentation fault when VM shutdown with virtio-gpu unplugged Date: Fri, 10 Nov 2023 12:39:16 +0800 Message-ID: <20231110043916.1116-1-wubinfeng@huawei.com> X-Mailer: git-send-email 2.26.2.windows.1 MIME-Version: 1.0 X-Originating-IP: [10.174.187.88] X-ClientProxiedBy: dggems702-chm.china.huawei.com (10.3.19.179) To kwepemm000016.china.huawei.com (7.193.23.210) X-CFilter-Loop: Reflected Received-SPF: pass client-ip=45.249.212.255; envelope-from=wubinfeng@huawei.com; helo=szxga08-in.huawei.com X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-to: Binfeng Wu X-Patchwork-Original-From: Binfeng Wu via From: Binfeng Wu Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org From: wangmeiling In the virtio-gpu unrealize process, the vdev structure has been cleaned up. However, vm_change_state_handler is not cleaned up yet, which is related to vdev. This handler will be cleaned up when VM shutdown, but the vdev is already a null pointer at this time, this will lead to segmentation fault. Signed-off-by: wangmeiling21@huawei.com Signed-off-by: wubinfeng@huawei.com Acked-by: Michael S. Tsirkin Signed-off-by: wangmeiling Signed-off-by: wubinfeng --- hw/display/virtio-gpu-base.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/display/virtio-gpu-base.c b/hw/display/virtio-gpu-base.c index 37af256219..b31b8d683f 100644 --- a/hw/display/virtio-gpu-base.c +++ b/hw/display/virtio-gpu-base.c @@ -252,6 +252,8 @@ virtio_gpu_base_device_unrealize(DeviceState *qdev) { VirtIOGPUBase *g = VIRTIO_GPU_BASE(qdev); + virtio_cleanup(VIRTIO_DEVICE(g)); + migrate_del_blocker(&g->migration_blocker); }