On Thu, 18 Sept 2025 at 10:41, Peter Maydell <peter.mayd...@linaro.org> wrote: > > On Wed, 17 Sept 2025 at 18:51, Richard Henderson > <richard.hender...@linaro.org> wrote: > > > > On 9/16/25 18:43, Richard Henderson wrote: > > > I don't understand why, but this causes failure on s390x host for hppa > > > guest: > > > > > > https://gitlab.com/qemu-project/qemu/-/jobs/11379271029 > > > > > > ... > > > # Testing device 'elroy-pcihost' > > > Broken pipe > > > ../alt/tests/qtest/libqtest.c:208: kill_qemu() detected QEMU death from > > > signal 11 > > > (Segmentation fault) (core dumped) > > > Aborted (core dumped) > > > > > > Even more bizzarely, the failure bisects to > > > > > > Author: Nicolin Chen <nicol...@nvidia.com> > > > Date: Fri Aug 29 09:25:27 2025 +0100 > > > > > > hw/arm/virt: Add an SMMU_IO_LEN macro > > > > > > This is useful as the subsequent support for new SMMUv3 dev will also > > > use the same. > > > > > > which makes no sense at all. But it's repeatable, so... > > > > Ho hum. It appears to be flaky. I now see it without this patch set at > > all: > > > > https://gitlab.com/qemu-project/qemu/-/jobs/11391070227 > > asan reports a heap-use-after-free in the dino PCI controller > when running the device-introspect-test, which may be relevant. > The subtest the segfault happens on is half a dozen or so > devices after the dino-pci one, so it's plausible that heap > corruption leads to the subsequent crash.
...and fixing that one shows that the elroy-pcihost device has the identical bug, so even more likely to be the culprit. -- PMM
