On Wed, Sep 27, 2023 at 05:45:25PM +0200, Laszlo Ersek wrote:
> On 9/19/23 15:19, Laszlo Ersek wrote:
> > The fw_cfg DMA write callback in ramfb prepares a new display surface in
> > QEMU; this new surface is put to use ("swapped in") upon the next display
> > update. At that time, the old surface (if any) is released.
> >
> > If the guest triggers the fw_cfg DMA write callback at least twice between
> > two adjacent display updates, then the second callback (and further such
> > callbacks) will leak the previously prepared (but not yet swapped in)
> > display surface.
[ ... ]
> > s->width = width;
> > s->height = height;
> > + qemu_free_displaysurface(s->ds);
> > s->ds = surface;
> > }
> >
>
> Ping.
Reviewed-by: Gerd Hoffmann <kra...@redhat.com>
take care,
Gerd
