QEMU 9.2.0 hangs with 100% CPU when using `-vnc` on Loongarch (3A6000 and 3C6000)
Description of problem:
When launching VMs with the `-vnc` parameter (generated by `<graphics type='vnc'>`) on a Loongarch (Loongson 3A6000 or Loongson 3C6000) machine. QEMU process hangs indefinitely with 100% CPU usage, no VNC output.
Steps to reproduce:
1. Create a VM using libvirt (Cockpit-Machines or virt-manager).
2. Configure VNC graphics as follows in libvirt XML, which is provided by Cockpit-Machines by default.
```xml
<graphics type='vnc' port='-1' autoport='yes' listen='127.0.0.1'>
  <listen type='address' address='127.0.0.1'/>
</graphics>
```
3. Start the VM: QEMU process hangs indefinitely with 100% CPU usage, no VNC output.
Additional information:
- Removing the `-vnc` parameter from the QEMU command line (via removing <graphics ... In libvirt XML) resolves the issue.
- The issue appears to stem from changes introduced after QEMU 9.0.1, as downgrading resolves the problem.
- Libvirtd log: https://aosc.io/paste/detail?id=da60d57c-5040-4326-a622-6a692eab488a
- QEMU command line: https://aosc.io/paste/detail?id=30c97bd5-e666-4578-adfd-236cc1fe02ef
- Full Libvirt VM XML: https://aosc.io/paste/detail?id=6bff0fed-d805-4c36-afb7-d14f29d6313b
- No activity in `strace` during the hang.
- GDB backtrace shows the process stuck in `ppoll` (full trace below):
```
(gdb) bt
 #0  0x00007ffff189cad0 in __GI_ppoll (fds=0x7fffa4068d00, nfds=10, timeout=<optimized out>, sigmask=0x0)
     at ../sysdeps/unix/sysv/linux/ppoll.c:42
 #1  0x0000555557e67320 in qemu_poll_ns ()
 #2  0x0000555557e636a4 in main_loop_wait ()
 #3  0x0000555557a0c4d4 in qemu_main_loop ()
 #4  0x0000555557d79cc8 in qemu_default_main ()
 #5  0x00007ffff17c8f30 in __libc_start_call_main
     (main=main@entry=0x5555577969c0 <main>, argc=argc@entry=119, argv=argv@entry=0x7ffffbad5508)
     at ../sysdeps/nptl/libc_start_call_main.h:58
 #6  0x00007ffff17c9020 in __libc_start_main_impl
     (main=0x5555577969c0 <main>, argc=119, argv=0x7ffffbad5508,  init=<optimized out>, fini=<optimized out>,  rtld_fini=<optimized out>, stack_end=<optimized out>) at  ../csu/libc-start.c:360
 #7  0x0000555557797b70 in _start ()
```
- Qemu full command line:
```
LC_ALL=C \
PATH=/usr/local/bin:/usr/bin \
USER=root \
HOME=/var/lib/libvirt/qemu/domain-5-buildbot-new \
XDG_DATA_HOME=/var/lib/libvirt/qemu/domain-5-buildbot-new/.local/share \
XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain-5-buildbot-new/.cache \
XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain-5-buildbot-new/.config \
/usr/bin/qemu-system-loongarch64 \
-name guest=buildbot-new,debug-threads=on \
-S \
-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain-5-buildbot-new/master-key.aes"}' \
-blockdev '{"driver":"file","filename":"/usr/share/qemu/edk2-loongarch64-code.fd","node-name":"libvirt-pflash0-storage","auto-read-only":true,"discard":"unmap"}' \
-blockdev '{"node-name":"libvirt-pflash0-format","read-only":true,"driver":"raw","file":"libvirt-pflash0-storage"}' \
-blockdev '{"driver":"file","filename":"/var/lib/libvirt/qemu/nvram/buildbot-new_VARS.fd","node-name":"libvirt-pflash1-storage","read-only":false}' \
-machine virt,usb=off,dump-guest-core=off,memory-backend=loongarch.ram,pflash0=libvirt-pflash0-format,pflash1=libvirt-pflash1-storage,acpi=on \
-accel kvm \
-cpu la464 \
-m size=1048576k \
-object '{"qom-type":"memory-backend-ram","id":"loongarch.ram","size":1073741824}' \
-overcommit mem-lock=off \
-smp 1,sockets=1,dies=1,clusters=1,cores=1,threads=1 \
-uuid c56a24b5-c539-4240-9c72-39fd0d0de860 \
-no-user-config \
-nodefaults \
-chardev socket,id=charmonitor,fd=33,server=on,wait=off \
-mon chardev=charmonitor,id=monitor,mode=control \
-rtc base=utc \
-no-shutdown \
-boot strict=on \
-device '{"driver":"pcie-root-port","port":8,"chassis":1,"id":"pci.1","bus":"pcie.0","multifunction":true,"addr":"0x1"}' \
-device '{"driver":"pcie-root-port","port":9,"chassis":2,"id":"pci.2","bus":"pcie.0","addr":"0x1.0x1"}' \
-device '{"driver":"pcie-root-port","port":10,"chassis":3,"id":"pci.3","bus":"pcie.0","addr":"0x1.0x2"}' \
-device '{"driver":"pcie-root-port","port":11,"chassis":4,"id":"pci.4","bus":"pcie.0","addr":"0x1.0x3"}' \
-device '{"driver":"pcie-root-port","port":12,"chassis":5,"id":"pci.5","bus":"pcie.0","addr":"0x1.0x4"}' \
-device '{"driver":"pcie-root-port","port":13,"chassis":6,"id":"pci.6","bus":"pcie.0","addr":"0x1.0x5"}' \
-device '{"driver":"pcie-root-port","port":14,"chassis":7,"id":"pci.7","bus":"pcie.0","addr":"0x1.0x6"}' \
-device '{"driver":"pcie-root-port","port":15,"chassis":8,"id":"pci.8","bus":"pcie.0","addr":"0x1.0x7"}' \
-device '{"driver":"pcie-root-port","port":16,"chassis":9,"id":"pci.9","bus":"pcie.0","multifunction":true,"addr":"0x2"}' \
-device '{"driver":"pcie-root-port","port":17,"chassis":10,"id":"pci.10","bus":"pcie.0","addr":"0x2.0x1"}' \
-device '{"driver":"pcie-root-port","port":18,"chassis":11,"id":"pci.11","bus":"pcie.0","addr":"0x2.0x2"}' \
-device '{"driver":"pcie-root-port","port":19,"chassis":12,"id":"pci.12","bus":"pcie.0","addr":"0x2.0x3"}' \
-device '{"driver":"pcie-root-port","port":20,"chassis":13,"id":"pci.13","bus":"pcie.0","addr":"0x2.0x4"}' \
-device '{"driver":"pcie-root-port","port":21,"chassis":14,"id":"pci.14","bus":"pcie.0","addr":"0x2.0x5"}' \
-device '{"driver":"pcie-root-port","port":22,"chassis":15,"id":"pci.15","bus":"pcie.0","addr":"0x2.0x6"}' \
-device '{"driver":"pcie-pci-bridge","id":"pci.16","bus":"pci.1","addr":"0x0"}' \
-device '{"driver":"qemu-xhci","p2":15,"p3":15,"id":"usb","bus":"pci.3","addr":"0x0"}' \
-device '{"driver":"virtio-scsi-pci","id":"scsi0","bus":"pci.8","addr":"0x0"}' \
-device '{"driver":"virtio-serial-pci","id":"virtio-serial0","bus":"pci.4","addr":"0x0"}' \
-blockdev '{"driver":"file","filename":"/mnt/data/aosc-os_installer_20241122_loongarch64.iso","node-name":"libvirt-1-storage","read-only":true}' \
-device '{"driver":"scsi-cd","bus":"scsi0.0","channel":0,"scsi-id":0,"lun":0,"device_id":"drive-scsi0-0-0-0","drive":"libvirt-1-storage","id":"scsi0-0-0-0"}' \
-chardev pty,id=charserial0 \
-serial chardev:charserial0 \
-chardev socket,id=charchannel0,fd=32,server=on,wait=off \
-device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":1,"chardev":"charchannel0","id":"channel0","name":"org.qemu.guest_agent.0"}' \
-chardev spicevmc,id=charchannel1,name=vdagent \
-device '{"driver":"virtserialport","bus":"virtio-serial0.0","nr":2,"chardev":"charchannel1","id":"channel1","name":"com.redhat.spice.0"}' \
-device '{"driver":"usb-tablet","id":"input0","bus":"usb.0","port":"1"}' \
-device '{"driver":"usb-kbd","id":"input1","bus":"usb.0","port":"2"}' \
-audiodev '{"id":"audio1","driver":"spice"}' \
-vnc 127.0.0.1:0,audiodev=audio1 \
-spice port=5901,addr=127.0.0.1,disable-ticketing=on,image-compression=off,seamless-migration=on \
-device '{"driver":"virtio-gpu-pci","id":"video0","max_outputs":1,"bus":"pci.7","addr":"0x0"}' \
-device '{"driver":"ich9-intel-hda","id":"sound0","bus":"pci.16","addr":"0x1"}' \
-device '{"driver":"hda-duplex","id":"sound0-codec0","bus":"sound0.0","cad":0,"audiodev":"audio1"}' \
-device '{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.5","addr":"0x0"}' \
-object '{"qom-type":"rng-random","id":"objrng0","filename":"/dev/urandom"}' \
-device '{"driver":"virtio-rng-pci","rng":"objrng0","id":"rng0","bus":"pci.6","addr":"0x0"}' \
-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
-msg timestamp=on
```
- I tried to reproduce the bug with a simple command but failed, not sure what is the real cause. Following commands works fine.
```
qemu-system-loongarch64 -m 2G \
  -cpu la464 \
  -machine virt \
  -smp 2 \
  -bios /usr/share/qemu/edk2-loongarch64-code.fd \
  -vnc 127.0.0.1:0 \
  -device virtio-gpu-pci
```