While QEMU catches invalid -accel command line options:

    $ qemu-system-x86_64 -accel foo=bar
    Accelerators supported in QEMU binary:
    tcg
    xen
    kvm

the same is not true of configuration files, which instead crash.
Avoid a SIGSEGV and return an error instead.

Reported-by: Thomas Huth <thuth@redhat.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1439
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 softmmu/vl.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/softmmu/vl.c b/softmmu/vl.c
index 9bd0e52d016a..b6deaee52da4 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -2204,14 +2204,18 @@ static int do_configure_accelerator(void *opaque, QemuOpts *opts, Error **errp)
     int ret;
     bool qtest_with_kvm;
 
+    if (!acc) {
+        error_setg(&error_fatal, QERR_MISSING_PARAMETER, "accel");
+        goto bad;
+    }
+
     qtest_with_kvm = g_str_equal(acc, "kvm") && qtest_chrdev != NULL;
 
     if (!ac) {
-        *p_init_failed = true;
         if (!qtest_with_kvm) {
             error_report("invalid accelerator %s", acc);
         }
-        return 0;
+        goto bad;
     }
     accel = ACCEL(object_new_with_class(OBJECT_CLASS(ac)));
     object_apply_compat_props(OBJECT(accel));
@@ -2221,14 +2225,17 @@ static int do_configure_accelerator(void *opaque, QemuOpts *opts, Error **errp)
 
     ret = accel_init_machine(accel, current_machine);
     if (ret < 0) {
-        *p_init_failed = true;
         if (!qtest_with_kvm || ret != -ENOENT) {
             error_report("failed to initialize %s: %s", acc, strerror(-ret));
         }
-        return 0;
+        goto bad;
     }
 
     return 1;
+
+bad:
+    *p_init_failed = true;
+    return 0;
 }
 
 static void configure_accelerators(const char *progname)
-- 
2.38.1

On 17/1/23 09:07, Paolo Bonzini wrote:
> While QEMU catches invalid -accel command line options:
> 
>      $ qemu-system-x86_64 -accel foo=bar
>      Accelerators supported in QEMU binary:
>      tcg
>      xen
>      kvm
> 
> the same is not true of configuration files, which instead crash.
> Avoid a SIGSEGV and return an error instead.
> 
> Reported-by: Thomas Huth <thuth@redhat.com>
> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1439
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>   softmmu/vl.c | 15 +++++++++++----
>   1 file changed, 11 insertions(+), 4 deletions(-)
> 
> diff --git a/softmmu/vl.c b/softmmu/vl.c
> index 9bd0e52d016a..b6deaee52da4 100644
> --- a/softmmu/vl.c
> +++ b/softmmu/vl.c
> @@ -2204,14 +2204,18 @@ static int do_configure_accelerator(void *opaque, QemuOpts *opts, Error **errp)
>       int ret;
>       bool qtest_with_kvm;
>   
> +    if (!acc) {
> +        error_setg(&error_fatal, QERR_MISSING_PARAMETER, "accel");

s/&error_fatal/errp/ ?

> +        goto bad;
> +    }
> +
>       qtest_with_kvm = g_str_equal(acc, "kvm") && qtest_chrdev != NULL;
>   
>       if (!ac) {
> -        *p_init_failed = true;
>           if (!qtest_with_kvm) {
>               error_report("invalid accelerator %s", acc);
>           }
> -        return 0;
> +        goto bad;
>       }
>       accel = ACCEL(object_new_with_class(OBJECT_CLASS(ac)));
>       object_apply_compat_props(OBJECT(accel));
> @@ -2221,14 +2225,17 @@ static int do_configure_accelerator(void *opaque, QemuOpts *opts, Error **errp)
>   
>       ret = accel_init_machine(accel, current_machine);
>       if (ret < 0) {
> -        *p_init_failed = true;
>           if (!qtest_with_kvm || ret != -ENOENT) {
>               error_report("failed to initialize %s: %s", acc, strerror(-ret));
>           }
> -        return 0;
> +        goto bad;
>       }
>   
>       return 1;
> +
> +bad:
> +    *p_init_failed = true;
> +    return 0;
>   }