From: Simon Glass <sjg@chromium.org> After many hours of debugging, it turns out that the PCI EA driver is mapping itself into RAM at 1MB. This happens to be where the kernel ends up, with the vbe_abrec_os bootmeth. Since measurement is enabled, bootm_measure() calls map_sysmem() on the kernel in order to measure it. easurement takes place, although of course using the wrong data. Then, through a strange sequence of events, which I have found very hard to narrow down, the malloc() heap is corrupted. This series provides a fix. To repeat this problem: NO_LTO=1 ./test/py/test.py --bd sandbox --build -k "(ut or vbe) and not efi and not slow and not dm" which dies when running vbe_test_abrec_oem_norun: ... => echo $? 0 => host bind 0 [...]/build-sandbox/persistent-data/vbe1.img => ut -f bootstd vbe_test_abrec_oem_norun Test: bootstd_setup_for_tests: bootstd_common.c common/dlmalloc.c:793: do_check_free_chunk: Assertion `next->prev_size == sz' failed. resetting ... With this series, the above now passes. Simon Glass (5): sandbox: Swap the wanted and got messages in map_physmem() sandbox: Move PCI EA space out of RAM sandbox: Use the exact mapping size for PCI in pmc test: pci: Use the exact mapping size for PCI EA tests sandbox: Abort if a partition memory map is detected arch/sandbox/cpu/mem.c | 13 +++++++++++-- arch/sandbox/include/asm/test.h | 8 ++++---- doc/arch/sandbox/sandbox.rst | 1 + drivers/power/acpi_pmc/sandbox.c | 2 +- test/dm/pci.c | 14 +++++++++----- 5 files changed, 26 insertions(+), 12 deletions(-) -- 2.43.0 base-commit: f85258951dfb3f818e19daeaaddf543ddfc433bc branch: maked