[Qemu-devel] [Bug 1835865] [NEW] piix crashes on mips when accessing acpi-pci-hotplug

[Qemu-devel] [Bug 1835865] [NEW] piix crashes on mips when accessing acpi-pci-hotplug

[Philippe Mathieu-Daudé]

Public bug reported:

$ qemu-system-mips --version
QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

$ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
(qemu) o 0xaf00 0
qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
Aborted (core dumped)

(gdb) bt
#0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
#1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
#2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
#3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
#4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
#5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
#6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
#7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
#8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
#9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
#10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
#11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
#12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
#13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
    at memory.c:569
#14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
#15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
#16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
#17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
#18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
#19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
#20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
#21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
#22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
#23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
#24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
#25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
#26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
#27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
#28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
#30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
#31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
#32 0x00005646d581d1a1 in main_loop () at vl.c:1791
#33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

** Affects: qemu
     Importance: Undecided
         Status: New


** Tags: acpi piix

** Summary changed:

- mips/malta crashes when accessing acpi-pci-hotplug
+ piix crashes on mips when accessing acpi-pci-hotplug

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  New

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions

[Bug 1835865] Re: piix crashes on mips when accessing acpi-pci-hotplug

[Aleksandar Markovic]

Philippe, is this fixed with your piix improvenents? Thanks, A. @philmd

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  New

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions

[Bug 1835865] Re: piix crashes on mips when accessing acpi-pci-hotplug

[Philippe Mathieu-Daudé]

As this is an ACPI bug, adding the acpi tag.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  New

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions

[Bug 1835865] Re: piix crashes on mips when accessing acpi-pci-hotplug

[Philippe Mathieu-Daudé]

Proposed fix:
https://lists.gnu.org/archive/html/qemu-devel/2020-03/msg06080.html

** Changed in: qemu
       Status: New => In Progress

** Changed in: qemu
     Assignee: (unassigned) => Philippe Mathieu-Daudé (philmd)

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  In Progress

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions

[Bug 1835865] Re: piix crashes on mips when accessing acpi-pci-hotplug

[Philippe Mathieu-Daudé]

** Changed in: qemu
     Assignee: Philippe Mathieu-Daudé (philmd) => (unassigned)

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  In Progress

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions

[Bug 1835865] Re: piix crashes on mips when accessing acpi-pci-hotplug

[John Snow]

** Changed in: qemu
       Status: In Progress => Confirmed

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  Confirmed

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions

[Bug 1835865] Re: piix crashes on mips when accessing acpi-pci-hotplug

[Thomas Huth]

The QEMU project is currently considering to move its bug tracking to
another system. For this we need to know which bugs are still valid
and which could be closed already. Thus we are setting older bugs to
"Incomplete" now.

If you still think this bug report here is valid, then please switch
the state back to "New" within the next 60 days, otherwise this report
will be marked as "Expired". Or please mark it as "Fix Released" if
the problem has been solved with a newer version of QEMU already.

Thank you and sorry for the inconvenience.


** Changed in: qemu
       Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  Incomplete

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions

[Bug 1835865] Re: piix crashes on mips when accessing acpi-pci-hotplug

[Philippe Mathieu-Daudé]

** Changed in: qemu
       Status: Incomplete => New

** Changed in: qemu
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  Confirmed

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions

[Bug 1835865] Re: piix crashes on mips when accessing acpi-pci-hotplug

[Thomas Huth]

Bug has been moved to the new issue tracker here:
https://gitlab.com/qemu-project/qemu/-/issues/221

** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #221
   https://gitlab.com/qemu-project/qemu/-/issues/221

** Changed in: qemu
       Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1835865

Title:
  piix crashes on mips when accessing acpi-pci-hotplug

Status in QEMU:
  Invalid

Bug description:
  $ qemu-system-mips --version
  QEMU emulator version 4.0.50 (v4.0.0-1975-gf34edbc760)

  $ qemu-system-mips -machine malta -bios /dev/null -nodefaults -monitor stdio -S
  (qemu) o 0xaf00 0
  qemu-system-mips: hw/acpi/cpu.c:197: cpu_hotplug_hw_init: Assertion `mc->possible_cpu_arch_ids' failed.
  Aborted (core dumped)

  (gdb) bt
  #0  0x00007f6fd748957f in raise () at /lib64/libc.so.6
  #1  0x00007f6fd7473895 in abort () at /lib64/libc.so.6
  #2  0x00007f6fd7473769 in _nl_load_domain.cold.0 () at /lib64/libc.so.6
  #3  0x00007f6fd7481a26 in .annobin_assert.c_end () at /lib64/libc.so.6
  #4  0x00005646d58ca7bd in cpu_hotplug_hw_init (as=0x5646d6ae3300, owner=0x5646d6fd5b10, state=0x5646d6fd7a30, base_addr=44800) at hw/acpi/cpu.c:197
  #5  0x00005646d58c5284 in acpi_switch_to_modern_cphp (gpe_cpu=0x5646d6fd7910, cpuhp_state=0x5646d6fd7a30, io_port=44800) at hw/acpi/cpu_hotplug.c:107
  #6  0x00005646d58c3431 in piix4_set_cpu_hotplug_legacy (obj=0x5646d6fd5b10, value=false, errp=0x5646d61cdb28 <error_abort>) at hw/acpi/piix4.c:617
  #7  0x00005646d5b00c70 in property_set_bool (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", opaque=0x5646d707d110, errp=0x5646d61cdb28 <error_abort>) at qom/object.c:2076
  #8  0x00005646d5afeee6 in object_property_set (obj=0x5646d6fd5b10, v=0x5646d7697d30, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1268
  #9  0x00005646d5b01fb8 in object_property_set_qobject (obj=0x5646d6fd5b10, value=0x5646d75b5450, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/qom-qobject.c:26
  #10 0x00005646d5aff1cb in object_property_set_bool (obj=0x5646d6fd5b10, value=false, name=0x5646d5cf3a90 "cpu-hotplug-legacy", errp=0x5646d61cdb28 <error_abort>) at qom/object.c:1334
  #11 0x00005646d58c4fce in cpu_status_write (opaque=0x5646d6fd7910, addr=0, data=0, size=1) at hw/acpi/cpu_hotplug.c:44
  #12 0x00005646d569c707 in memory_region_write_accessor (mr=0x5646d6fd7920, addr=0, value=0x7ffc18053068, size=1, shift=0, mask=255, attrs=...) at memory.c:503
  #13 0x00005646d569c917 in access_with_adjusted_size (addr=0, value=0x7ffc18053068, size=1, access_size_min=1, access_size_max=4, access_fn=0x5646d569c61e <memory_region_write_accessor>, mr=0x5646d6fd7920, attrs=...)
      at memory.c:569
  #14 0x00005646d569f8f3 in memory_region_dispatch_write (mr=0x5646d6fd7920, addr=0, data=0, size=1, attrs=...) at memory.c:1497
  #15 0x00005646d563e5c5 in flatview_write_continue (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4, addr1=0, l=1, mr=0x5646d6fd7920) at exec.c:3324
  #16 0x00005646d563e70a in flatview_write (fv=0x5646d751b000, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3363
  #17 0x00005646d563ea0f in address_space_write (as=0x5646d618abc0 <address_space_io>, addr=44800, attrs=..., buf=0x7ffc180531d4 "", len=4) at exec.c:3453
  #18 0x00005646d5696ee5 in cpu_outl (addr=44800, val=0) at ioport.c:80
  #19 0x00005646d57585d0 in hmp_ioport_write (mon=0x5646d6bc70e0, qdict=0x5646d6cf7140) at monitor/misc.c:1058
  #20 0x00005646d5a77b99 in handle_hmp_command (mon=0x5646d6bc70e0, cmdline=0x5646d6bc2542 "0xaf00 0") at monitor/hmp.c:1082
  #21 0x00005646d5a7540a in monitor_command_cb (opaque=0x5646d6bc70e0, cmdline=0x5646d6bc2540 "o 0xaf00 0", readline_opaque=0x0) at monitor/hmp.c:47
  #22 0x00005646d5c71450 in readline_handle_byte (rs=0x5646d6bc2540, ch=13) at util/readline.c:408
  #23 0x00005646d5a7858f in monitor_read (opaque=0x5646d6bc70e0, buf=0x7ffc180533d0 "\rtc\327FV", size=1) at monitor/hmp.c:1312
  #24 0x00005646d5bc8d17 in qemu_chr_be_write_impl (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:177
  #25 0x00005646d5bc8d7b in qemu_chr_be_write (s=0x5646d6add000, buf=0x7ffc180533d0 "\rtc\327FV", len=1) at chardev/char.c:189
  #26 0x00005646d5bcb6bf in fd_chr_read (chan=0x5646d6a80d60, cond=G_IO_IN, opaque=0x5646d6add000) at chardev/char-fd.c:68
  #27 0x00005646d5bec485 in qio_channel_fd_source_dispatch (source=0x5646d765a480, callback=0x5646d5bcb561 <fd_chr_read>, user_data=0x5646d6add000) at io/channel-watch.c:84
  #28 0x00007f6fd9c1606d in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
  #29 0x00005646d5c5323a in glib_pollfds_poll () at util/main-loop.c:213
  #30 0x00005646d5c532b4 in os_host_main_loop_wait (timeout=29821719) at util/main-loop.c:236
  #31 0x00005646d5c533b9 in main_loop_wait (nonblocking=0) at util/main-loop.c:512
  #32 0x00005646d581d1a1 in main_loop () at vl.c:1791
  #33 0x00005646d582485f in main (argc=11, argv=0x7ffc18054868, envp=0x7ffc180548c8) at vl.c:4473

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1835865/+subscriptions