Daniel P. Berrangé <berra...@redhat.com> wrote: >> I also saw this on aarch32 host (more precisely, on the >> aarch32-environment-in-aarch64-chroot setup I use for aarch32 build >> and test): >> >> malloc_consolidate(): invalid chunk size >> Broken pipe >> qemu-system-i386: check_section_footer: Read section footer failed: -5 >> qemu-system-i386: load of migration failed: Invalid argument >> /home/peter.maydell/qemu/tests/libqtest.c:140: kill_qemu() tried to >> terminate QEMU process but encountered exit status 1 (expected 0) >> Aborted >> ERROR - too few tests run (expected 14, got 13) >> >> The memory corruption is reproducible running just the >> /x86_64/migration/multifd/tcp subtest: >> >> (armhf)pmaydell@mustang-maydell:~/qemu/build/all-a32$ >> QTEST_QEMU_BINARY=x86_64-softmmu/qemu-system-x86_64 >> tests/migration-test -p /x86_64/migration/multifd/tcp >> /x86_64/migration/multifd/tcp: qemu-system-x86_64: -accel kvm: invalid >> accelerator kvm >> qemu-system-x86_64: falling back to tcg >> qemu-system-x86_64: -accel kvm: invalid accelerator kvm >> qemu-system-x86_64: falling back to tcg >> qemu-system-x86_64: multifd_send_sync_main: multifd_send_pages fail >> qemu-system-x86_64: failed to save SaveStateEntry with id(name): 3(ram) >> double free or corruption (!prev) >> Broken pipe >> qemu-system-x86_64: Unknown combination of migration flags: 0 >> qemu-system-x86_64: error while loading state section id 3(ram) >> qemu-system-x86_64: load of migration failed: Invalid argument >> /home/peter.maydell/qemu/tests/libqtest.c:140: kill_qemu() tried to >> terminate QEMU process but encountered exit status 1 (expected 0) >> Aborted >> >> Here's what a valgrind run in that aarch32 setup produces: >> > > Missing initialization of MultiFDInit_t msg; to all zeros
I *thought* it was in. Sorry. > >> ==12102== >> ==12102== Thread 6 multifdsend_1: >> ==12102== Invalid write of size 4 >> ==12102== at 0x25CC08: multifd_send_fill_packet (ram.c:806) >> ==12102== by 0x25CC08: multifd_send_thread (ram.c:1157) >> ==12102== by 0x557551: qemu_thread_start (qemu-thread-posix.c:519) >> ==12102== by 0x53BE613: start_thread (pthread_create.c:463) >> ==12102== by 0x54767FB: ??? (clone.S:73) >> ==12102== Address 0x1d89c470 is 0 bytes after a block of size 832 alloc'd >> ==12102== at 0x4841BC4: calloc (vg_replace_malloc.c:711) >> ==12102== by 0x49EE269: g_malloc0 (in >> /usr/lib/arm-linux-gnueabihf/libglib-2.0.so.0.5600.4) > > This is the same issue that was reported last time this mulitfd unit > test was proposed for merge. Back then I pointed out the likely cause. > We were allocating ram_addr_t sized quantity for an array which is > uint64_t, and ram_addr_t is probably 32-bit on this particular build. > > https://lists.gnu.org/archive/html/qemu-devel/2019-07/msg03428.html > > That suggested fix doesn't seem to have been included Thanks again. And sorry for the disturbance.