From: alloc <alloc.young@outlook.com>

kvm_dirty_ring_reaper_init is called much early than vcpu creation,
so it's possibe the reaper get a crash before vcpu mmap kvm_dirty_gfns.
Add a machine done notifier to ensure dirty reaper get run after vcpu
inited.

Signed-off-by: alloc <alloc.young@outlook.com>
---
 accel/kvm/kvm-all.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index d07f1ecbd3..5ae7e27a72 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -51,6 +51,7 @@
 
 #include "hw/boards.h"
 #include "sysemu/stats.h"
+#include "sysemu/sysemu.h"
 
 /* This check must be after config-host.h is included */
 #ifdef CONFIG_EVENTFD
@@ -133,6 +134,8 @@ static QLIST_HEAD(, KVMResampleFd) kvm_resample_fd_list =
 
 static QemuMutex kml_slots_lock;
 
+static Notifier dirty_ring_reaper_machine_done;
+
 #define kvm_slots_lock()    qemu_mutex_lock(&kml_slots_lock)
 #define kvm_slots_unlock()  qemu_mutex_unlock(&kml_slots_lock)
 
@@ -1454,8 +1457,9 @@ static void *kvm_dirty_ring_reaper_thread(void *data)
     return NULL;
 }
 
-static void kvm_dirty_ring_reaper_init(KVMState *s)
+static void kvm_dirty_ring_reaper_init(Notifier *n, void *unused)
 {
+    KVMState *s = kvm_state;
     struct KVMDirtyRingReaper *r = &s->reaper;
 
     qemu_thread_create(&r->reaper_thr, "kvm-reaper",
@@ -2742,7 +2746,8 @@ static int kvm_init(MachineState *ms)
     }
 
     if (s->kvm_dirty_ring_size) {
-        kvm_dirty_ring_reaper_init(s);
+        dirty_ring_reaper_machine_done.notify = kvm_dirty_ring_reaper_init;
+        qemu_add_machine_init_done_notifier(&dirty_ring_reaper_machine_done);
     }
 
     if (kvm_check_extension(kvm_state, KVM_CAP_BINARY_STATS_FD)) {
-- 
2.39.3