https://bugs.dpdk.org/show_bug.cgi?id=1712

            Bug ID: 1712
           Summary: secondary symmetric_mp startup failure with ASan
                    (stack-buffer-overflow)
           Product: DPDK
           Version: 25.03
          Hardware: ARM
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: Normal
         Component: examples
          Assignee: dev@dpdk.org
          Reporter: ahmedi@nvidia.com
  Target Milestone: ---

./build/examples/dpdk-symmetric_mp -n 4  -a 0000:03:00.0  -a 0000:03:00.1 -l 1
--proc-type=primary  -- -p 0xa --num-procs=7 --proc-id=0 
./build/examples/dpdk-symmetric_mp -n 4  -a 0000:03:00.0 -a 0000:03:00.1 -l 2
--proc-type=secondary  -- -p 0xa --num-procs=7 --proc-id=1


Attempt 1: Process exited with status None, output: EAL: Detected CPU lcores: 8
EAL: Detected NUMA nodes: 1
EAL: Detected static linkage of DPDK
EAL: Multi-process socket /var/run/dpdk/rte/mp_socket_486544_7286ede6c03
EAL: Selected IOVA mode 'VA'
EAL: Cannot get a virtual area at requested address: 0xfffb85e00000 (got
0xfffb790e0000)
EAL: Cannot reserve 17179869184 bytes at [0xfffb85e00000] - please use
'--base-virtaddr' option
EAL: Cannot preallocate VA space for hugepage memory
EAL: FATAL: Cannot init memory
EAL: Cannot init memory
EAL: Error - exiting with code: 1
  Cause: Cannot init EAL
=================================================================
==486544==ERROR: AddressSanitizer: stack-buffer-overflow on address
0xffff798ed4ac at pc 0xffff83ef2254 bp 0xffff798ecc00 sp 0xffff798ecc48
WRITE of size 24 at 0xffff798ed4ac thread T16777215
    #0 0xffff83ef2250 in __interceptor_sigaltstack
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:9986
    #1 0xffff83f68674 in __sanitizer::UnsetAlternateSignalStack()
../../../../src/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp:195
    #2 0xffff83f58f94 in __asan::AsanThread::Destroy()
../../../../src/libsanitizer/asan/asan_thread.cpp:104
    #3 0xffff836fa3c0 in __GI___nptl_deallocate_tsd
nptl/nptl_deallocate_tsd.c:73
    #4 0xffff836fd480 in start_thread nptl/pthread_create.c:453
    #5 0xffff83765ed8  (/lib/aarch64-linux-gnu/libc.so.6+0xe5ed8)

Address 0xffff798ed4ac is located in stack of thread T3 at offset 1100 in frame
    #0 0xaaaac8ce476c in mp_handle ([..]/examples/dpdk-symmetric_mp+0x70476c)

  This frame has 6 object(s):
    [32, 48) 'iov'
    [64, 120) 'msgh'
    [160, 270) 'sa' (line 392)
    [304, 664) 'dummy' (line 374)
    [736, 1100) 'msg' (line 391) <== Memory access at offset 1100 overflows
this variable
    [1168, 1216) 'control'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
Thread T3 created by T0 here:
    #0 0xffff83ef6188 in __interceptor_pthread_create
../../../../src/libsanitizer/asan/asan_interceptors.cpp:216
    #1 0xaaaac8cc86a0 in rte_ctrl_thread_create
([..]/examples/dpdk-symmetric_mp+0x6e86a0)
    #2 0xaaaac8ce685c in rte_mp_channel_init
([..]/examples/dpdk-symmetric_mp+0x70685c)
    #3 0xaaaac8cfc688 in rte_eal_init
([..]/examples/dpdk-symmetric_mp+0x71c688)
    #4 0xaaaac87a898c in main ([..]/examples/dpdk-symmetric_mp+0x1c898c)
    #5 0xffff836a73f8 in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58
    #6 0xffff836a74c8 in __libc_start_main_impl ../csu/libc-start.c:392
    #7 0xaaaac87b406c in _start ([..]/examples/dpdk-symmetric_mp+0x1d406c)

SUMMARY: AddressSanitizer: stack-buffer-overflow
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:9986
in __interceptor_sigaltstack
Shadow bytes around the buggy address:
  0x200fef31da40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fef31da50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f2
  0x200fef31da60: f2 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00 00
  0x200fef31da70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fef31da80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x200fef31da90: 00 00 00 00 00[04]f2 f2 f2 f2 f2 f2 f2 f2 00 00
  0x200fef31daa0: 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00
  0x200fef31dab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fef31dac0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fef31dad0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x200fef31dae0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==486544==ABORTING


Environment info:
OS: Ubuntu 22.04 (aarch64)
Kernel: Kernel: 5.15.0-1065-bluefield
Device: Bluefield-2
gcc: 11.2.0

-- 
You are receiving this mail because:
You are the assignee for the bug.