Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-103976

Find memory overflow in qemu10

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • No
    • Important
    • rhel-virt-storage
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      Use the Valgrind tool to check memory usage in qemu
      Find "Invalid read of size 8 " in valgind.log

      Red Hat Enterprise Linux release 10.1 Beta (Coughlan)
      6.12.0-103.el10.x86_64
      device-mapper-1.02.206-3.el10.x86_64
      device-mapper-multipath-0.9.9-10.el10.x86_64
      qemu-kvm-10.0.0-6.el10.x86_64
      seabios-bin-1.16.3-7.el10.noarch
      edk2-ovmf-20250523-2.el10.noarch
      libvirt-11.3.0-1.el10.x86_64
      dell-per750-17.lab.eng.pek2.redhat.com

      VM command line:
      valgrind \
      -s \
      --trace-children=yes \
      --track-origins=yes \
      --leak-check=full \
      --show-leak-kinds=definite \
      --log-file=/tmp/valgrind.log /usr/libexec/qemu-kvm \
      -S \
      -name 'avocado-vt-vm1' \
      -machine q35,memory-backend=mem-machine_mem \
      -device '

      {"id": "pcie-root-port-0", "driver": "pcie-root-port", "multifunction": true, "bus": "pcie.0", "addr": "0x1", "chassis": 1}

      ' \
      -device '

      {"id": "pcie-pci-bridge-0", "driver": "pcie-pci-bridge", "addr": "0x0", "bus": "pcie-root-port-0"}

      ' \
      -nodefaults \
      -device '

      {"driver": "VGA", "bus": "pcie.0", "addr": "0x2"}

      ' \
      -m 12288 \
      -object '

      {"size": 12884901888, "id": "mem-machine_mem", "qom-type": "memory-backend-ram"}

      ' \
      -smp 48,maxcpus=48,cores=24,threads=1,dies=1,sockets=2 \
      -cpu 'Haswell-noTSX-IBRS',+kvm_pv_unhalt \
      -chardev socket,wait=off,server=on,id=qmp_id_qmpmonitor1,path=/var/tmp/avocado__6ea1pg2/monitor-qmpmonitor1-20250716-040343-UWIEzpQ8 \
      -mon chardev=qmp_id_qmpmonitor1,mode=control \
      -chardev socket,wait=off,server=on,id=qmp_id_catch_monitor,path=/var/tmp/avocado__6ea1pg2/monitor-catch_monitor-20250716-040343-UWIEzpQ8 \
      -mon chardev=qmp_id_catch_monitor,mode=control \
      -device '

      {"ioport": 1285, "driver": "pvpanic", "id": "id0i7uyS"}

      ' \
      -chardev socket,wait=off,server=on,id=chardev_serial0,path=/var/tmp/avocado__6ea1pg2/serial-serial0-20250716-040343-UWIEzpQ8 \
      -device '

      {"id": "serial0", "driver": "isa-serial", "chardev": "chardev_serial0"}

      ' \
      -chardev socket,id=seabioslog_id_20250716-040343-UWIEzpQ8,path=/var/tmp/avocado__6ea1pg2/seabios-20250716-040343-UWIEzpQ8,server=on,wait=off \
      -device isa-debugcon,chardev=seabioslog_id_20250716-040343-UWIEzpQ8,iobase=0x402 \
      -device '

      {"id": "pcie-root-port-1", "port": 1, "driver": "pcie-root-port", "addr": "0x1.0x1", "bus": "pcie.0", "chassis": 2}

      ' \
      -device '

      {"driver": "qemu-xhci", "id": "usb1", "bus": "pcie-root-port-1", "addr": "0x0"}

      ' \
      -device '

      {"driver": "usb-tablet", "id": "usb-tablet1", "bus": "usb1.0", "port": "1"}

      ' \
      -object '

      {"id": "iothread0", "qom-type": "iothread"}

      ' \
      -object '

      {"id": "iothread1", "qom-type": "iothread"}

      ' \
      -blockdev '{"node-name": "file_image1", "driver": "file", "auto-read-only": true, "discard": "unmap", "aio": "native", "filename": "/home/kvm_autotest_root/images/rhel101-64-virtio.qcow2", "cache": {"direct": true, "no-flush": false}}' \
      -blockdev '{"node-name": "drive_image1", "driver": "qcow2", "read-only": false, "cache":

      {"direct": true, "no-flush": false}

      , "file": "file_image1"}' \
      -device '

      {"id": "pcie-root-port-2", "port": 2, "driver": "pcie-root-port", "addr": "0x1.0x2", "bus": "pcie.0", "chassis": 3}

      ' \
      -device '

      {"driver": "virtio-blk-pci", "id": "image1", "drive": "drive_image1", "bootindex": 0, "write-cache": "on", "bus": "pcie-root-port-2", "addr": "0x0", "iothread": "iothread0"}

      ' \
      -device '

      {"id": "virtio_scsi_pci0", "driver": "virtio-scsi-pci", "bus": "pcie-pci-bridge-0", "addr": "0x1", "iothread": "iothread1"}

      ' \
      -blockdev '{"node-name": "drive_stg1", "driver": "file", "read-only": false, "discard": "unmap", "aio": "native", "filename": "/home/kvm_autotest_root/images/stg1.raw", "cache": {"direct": true, "no-flush": false}}' \
      -device '

      {"driver": "scsi-hd", "id": "stg1", "drive": "drive_stg1", "bootindex": 1, "write-cache": "on", "rerror": "stop", "werror": "stop", "serial": "stg1"}

      ' \
      -blockdev '{"node-name": "file_stg2", "driver": "file", "auto-read-only": true, "discard": "unmap", "aio": "native", "filename": "/home/kvm_autotest_root/images/stg2.qcow2", "cache": {"direct": true, "no-flush": false}}' \
      -blockdev '{"node-name": "drive_stg2", "driver": "qcow2", "read-only": false, "cache":

      {"direct": true, "no-flush": false}

      , "file": "file_stg2"}' \
      -device '

      {"driver": "scsi-hd", "id": "stg2", "drive": "drive_stg2", "bootindex": 2, "write-cache": "on", "rerror": "stop", "werror": "stop", "serial": "stg2"}

      ' \
      -blockdev '{"node-name": "drive_stg3", "driver": "file", "read-only": false, "discard": "unmap", "aio": "native", "filename": "/home/kvm_autotest_root/images/stg3.raw", "cache": {"direct": true, "no-flush": false}}' \
      -device '

      {"id": "pcie-root-port-3", "port": 3, "driver": "pcie-root-port", "addr": "0x1.0x3", "bus": "pcie.0", "chassis": 4}

      ' \
      -device '

      {"driver": "virtio-blk-pci", "id": "stg3", "drive": "drive_stg3", "bootindex": 3, "write-cache": "on", "rerror": "stop", "werror": "stop", "serial": "stg3", "bus": "pcie-root-port-3", "addr": "0x0", "iothread": "iothread0"}

      ' \
      -blockdev '{"node-name": "file_stg4", "driver": "file", "auto-read-only": true, "discard": "unmap", "aio": "native", "filename": "/home/kvm_autotest_root/images/stg4.qcow2", "cache": {"direct": true, "no-flush": false}}' \
      -blockdev '{"node-name": "drive_stg4", "driver": "qcow2", "read-only": false, "cache":

      {"direct": true, "no-flush": false}

      , "file": "file_stg4"}' \
      -device '

      {"id": "pcie-root-port-4", "port": 4, "driver": "pcie-root-port", "addr": "0x1.0x4", "bus": "pcie.0", "chassis": 5}

      ' \
      -device '

      {"driver": "virtio-blk-pci", "id": "stg4", "drive": "drive_stg4", "bootindex": 4, "write-cache": "on", "rerror": "stop", "werror": "stop", "serial": "stg4", "bus": "pcie-root-port-4", "addr": "0x0", "iothread": "iothread1"}

      ' \
      -device '

      {"id": "pcie-root-port-5", "port": 5, "driver": "pcie-root-port", "addr": "0x1.0x5", "bus": "pcie.0", "chassis": 6}

      ' \
      -device '

      {"driver": "virtio-net-pci", "mac": "9a:47:a5:84:fb:bb", "id": "idJyZHC6", "netdev": "idfggMm7", "bus": "pcie-root-port-5", "addr": "0x0"}

      ' \
      -netdev '

      {"id": "idfggMm7", "type": "tap", "vhost": true, "vhostfd": "16", "fd": "12"}

      ' \
      -vnc :0 \
      -rtc base=utc,clock=host,driftfix=slew \
      -boot menu=off,order=cdn,once=c,strict=off \
      -enable-kvm \
      -device '

      {"id": "pcie_extra_root_port_0", "driver": "pcie-root-port", "multifunction": true, "bus": "pcie.0", "addr": "0x3", "chassis": 7}

      '

        1. valgrind.log
          636 kB

              virt-maint virt-maint
              qingwangrh qing wang
              virt-maint virt-maint
              qing wang qing wang
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: