hw/i386/microvm: Fix crash that occurs when introspecting the microvm machine

QEMU currently crashes when you try to inspect the properties of the microvm machine: $ echo '{ "execute": "qmp_capabilities" } { "execute": "qom-list-properties","arguments": { "typename": "microvm-machine"}}' | \ ./qemu-system-x86_64 -qmp stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 2, "major": 9}, "package": "v9.2.0-1072-g60af367187-dirty"}, "capabilities": ["oob"]}} {"return": {}} qemu-system-x86_64: ../qemu/hw/i386/acpi-microvm.c:250: void acpi_setup_microvm(MicrovmMachineState *): Assertion `x86ms->fw_cfg' failed. Aborted (core dumped) This happens because the microvm machine adds a machine_done (and a powerdown_req) notifier in their instance_init function - however, the instance_init of machines are not only called for machines that are realized, but also for machines that are introspected, so in this case the listener is added for a microvm machine that is never realized. And since there is already a running machine, the listener function is triggered immediately, causing a crash since it was not for the right machine it was meant for. Such listener functions must never be installed from an instance_init function. Let's do it from microvm_machine_state_init() instead - this function is the MachineClass->init() function instead, i.e. guaranteed to be only called once in the lifetime of a QEMU process. Since the microvm_machine_done() and microvm_powerdown_req() were defined quite late in the microvm.c file, we have to move them now also earlier, so that we can get their function pointers from microvm_machine_state_init() without having to introduce a separate prototype for those functions earlier. Reviewed-by: Sergio Lopez <slp@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com> Message-Id: <20250123204708.1560305-1-thuth@redhat.com> Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2025-08-03 07:43:54 -06:00 · 2025-01-23 21:47:08 +01:00 · 2025-01-23 21:47:08 +01:00 · 38ef383073
commit 38ef383073
parent de538288e4
1 changed files with 33 additions and 33 deletions
--- a/hw/i386/microvm.c
+++ b/hw/i386/microvm.c
@ -451,11 +451,44 @@ static HotplugHandler *microvm_get_hotplug_handler(MachineState *machine,
    return NULL;
 }

+static void microvm_machine_done(Notifier *notifier, void *data)
+{
+    MicrovmMachineState *mms = container_of(notifier, MicrovmMachineState,
+                                            machine_done);
+    X86MachineState *x86ms = X86_MACHINE(mms);
+
+    acpi_setup_microvm(mms);
+    dt_setup_microvm(mms);
+    fw_cfg_add_e820(x86ms->fw_cfg);
+}
+
+static void microvm_powerdown_req(Notifier *notifier, void *data)
+{
+    MicrovmMachineState *mms = container_of(notifier, MicrovmMachineState,
+                                            powerdown_req);
+    X86MachineState *x86ms = X86_MACHINE(mms);
+
+    if (x86ms->acpi_dev) {
+        Object *obj = OBJECT(x86ms->acpi_dev);
+        AcpiDeviceIfClass *adevc = ACPI_DEVICE_IF_GET_CLASS(obj);
+        adevc->send_event(ACPI_DEVICE_IF(x86ms->acpi_dev),
+                          ACPI_POWER_DOWN_STATUS);
+    }
+}
+
 static void microvm_machine_state_init(MachineState *machine)
 {
    MicrovmMachineState *mms = MICROVM_MACHINE(machine);
    X86MachineState *x86ms = X86_MACHINE(machine);

+    /* State */
+    mms->kernel_cmdline_fixed = false;
+
+    mms->machine_done.notify = microvm_machine_done;
+    qemu_add_machine_init_done_notifier(&mms->machine_done);
+    mms->powerdown_req.notify = microvm_powerdown_req;
+    qemu_register_powerdown_notifier(&mms->powerdown_req);
+
    microvm_memory_init(mms);

    x86_cpus_init(x86ms, CPU_VERSION_LATEST);
@ -581,31 +614,6 @@ static void microvm_machine_set_auto_kernel_cmdline(Object *obj, bool value,
    mms->auto_kernel_cmdline = value;
 }

-static void microvm_machine_done(Notifier *notifier, void *data)
-{
-    MicrovmMachineState *mms = container_of(notifier, MicrovmMachineState,
-                                            machine_done);
-    X86MachineState *x86ms = X86_MACHINE(mms);
-
-    acpi_setup_microvm(mms);
-    dt_setup_microvm(mms);
-    fw_cfg_add_e820(x86ms->fw_cfg);
-}
-
-static void microvm_powerdown_req(Notifier *notifier, void *data)
-{
-    MicrovmMachineState *mms = container_of(notifier, MicrovmMachineState,
-                                            powerdown_req);
-    X86MachineState *x86ms = X86_MACHINE(mms);
-
-    if (x86ms->acpi_dev) {
-        Object *obj = OBJECT(x86ms->acpi_dev);
-        AcpiDeviceIfClass *adevc = ACPI_DEVICE_IF_GET_CLASS(obj);
-        adevc->send_event(ACPI_DEVICE_IF(x86ms->acpi_dev),
-                          ACPI_POWER_DOWN_STATUS);
-    }
-}
-
 static void microvm_machine_initfn(Object *obj)
 {
    MicrovmMachineState *mms = MICROVM_MACHINE(obj);
@ -617,14 +625,6 @@ static void microvm_machine_initfn(Object *obj)
    mms->isa_serial = true;
    mms->option_roms = true;
    mms->auto_kernel_cmdline = true;
-
-    /* State */
-    mms->kernel_cmdline_fixed = false;
-
-    mms->machine_done.notify = microvm_machine_done;
-    qemu_add_machine_init_done_notifier(&mms->machine_done);
-    mms->powerdown_req.notify = microvm_powerdown_req;
-    qemu_register_powerdown_notifier(&mms->powerdown_req);
 }

 GlobalProperty microvm_properties[] = {