Stefan Berger <stef...@linux.ibm.com> writes: > On 10/15/24 3:57 PM, Fabiano Rosas wrote: >> Stefan Berger <stef...@linux.ibm.com> writes: >> > >>> >>> So this here is failing for you every time? >>> >>> QTEST_QEMU_BINARY=build/qemu-system-aarch64 >>> ./build/tests/qtest/tpm-tis-device-swtpm-test >> >> Sorry, I was unclear. No, that runs for about 30 iterations before it >> fails. I just ran each of these in a terminal window: >> >> $ for i in $(seq 1 999); do echo "$i ============="; >> QTEST_QEMU_BINARY=./qemu-system-aarch64 >> ./tests/qtest/tpm-tis-device-swtpm-test || break ; done > > On my Fedora 40 host this command line here alone has been running for > 250 loop iterations now and is still continuing. > >> $ make -j$(nproc) check > > So this needs to be run in parallel to the above command line to cause > the failure? >
Yes, I've been using that method to reproduce live migration race conditions as well. It's quite effective. If you don't think you'll be able to find the root cause due to the unreproducibility on your side, maybe we could at least add an assert that bcount is not larger than rsp_size. I think that would at least give an explicit error instead of a buffer overflow. I can also try to dig deeper into this when I get some time. At the moment I know nothing about the tpm device emulation.
