* [DPDK/examples Bug 1712] secondary symmetric_mp startup failure with ASan (stack-buffer-overflow)
@ 2025-05-27 9:06 bugzilla
0 siblings, 0 replies; only message in thread
From: bugzilla @ 2025-05-27 9:06 UTC (permalink / raw)
To: dev
[-- Attachment #1: Type: text/plain, Size: 5439 bytes --]
https://bugs.dpdk.org/show_bug.cgi?id=1712
Bug ID: 1712
Summary: secondary symmetric_mp startup failure with ASan
(stack-buffer-overflow)
Product: DPDK
Version: 25.03
Hardware: ARM
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: Normal
Component: examples
Assignee: dev@dpdk.org
Reporter: ahmedi@nvidia.com
Target Milestone: ---
./build/examples/dpdk-symmetric_mp -n 4 -a 0000:03:00.0 -a 0000:03:00.1 -l 1
--proc-type=primary -- -p 0xa --num-procs=7 --proc-id=0
./build/examples/dpdk-symmetric_mp -n 4 -a 0000:03:00.0 -a 0000:03:00.1 -l 2
--proc-type=secondary -- -p 0xa --num-procs=7 --proc-id=1
Attempt 1: Process exited with status None, output: EAL: Detected CPU lcores: 8
EAL: Detected NUMA nodes: 1
EAL: Detected static linkage of DPDK
EAL: Multi-process socket /var/run/dpdk/rte/mp_socket_486544_7286ede6c03
EAL: Selected IOVA mode 'VA'
EAL: Cannot get a virtual area at requested address: 0xfffb85e00000 (got
0xfffb790e0000)
EAL: Cannot reserve 17179869184 bytes at [0xfffb85e00000] - please use
'--base-virtaddr' option
EAL: Cannot preallocate VA space for hugepage memory
EAL: FATAL: Cannot init memory
EAL: Cannot init memory
EAL: Error - exiting with code: 1
Cause: Cannot init EAL
=================================================================
==486544==ERROR: AddressSanitizer: stack-buffer-overflow on address
0xffff798ed4ac at pc 0xffff83ef2254 bp 0xffff798ecc00 sp 0xffff798ecc48
WRITE of size 24 at 0xffff798ed4ac thread T16777215
#0 0xffff83ef2250 in __interceptor_sigaltstack
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:9986
#1 0xffff83f68674 in __sanitizer::UnsetAlternateSignalStack()
../../../../src/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp:195
#2 0xffff83f58f94 in __asan::AsanThread::Destroy()
../../../../src/libsanitizer/asan/asan_thread.cpp:104
#3 0xffff836fa3c0 in __GI___nptl_deallocate_tsd
nptl/nptl_deallocate_tsd.c:73
#4 0xffff836fd480 in start_thread nptl/pthread_create.c:453
#5 0xffff83765ed8 (/lib/aarch64-linux-gnu/libc.so.6+0xe5ed8)
Address 0xffff798ed4ac is located in stack of thread T3 at offset 1100 in frame
#0 0xaaaac8ce476c in mp_handle ([..]/examples/dpdk-symmetric_mp+0x70476c)
This frame has 6 object(s):
[32, 48) 'iov'
[64, 120) 'msgh'
[160, 270) 'sa' (line 392)
[304, 664) 'dummy' (line 374)
[736, 1100) 'msg' (line 391) <== Memory access at offset 1100 overflows
this variable
[1168, 1216) 'control'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
Thread T3 created by T0 here:
#0 0xffff83ef6188 in __interceptor_pthread_create
../../../../src/libsanitizer/asan/asan_interceptors.cpp:216
#1 0xaaaac8cc86a0 in rte_ctrl_thread_create
([..]/examples/dpdk-symmetric_mp+0x6e86a0)
#2 0xaaaac8ce685c in rte_mp_channel_init
([..]/examples/dpdk-symmetric_mp+0x70685c)
#3 0xaaaac8cfc688 in rte_eal_init
([..]/examples/dpdk-symmetric_mp+0x71c688)
#4 0xaaaac87a898c in main ([..]/examples/dpdk-symmetric_mp+0x1c898c)
#5 0xffff836a73f8 in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58
#6 0xffff836a74c8 in __libc_start_main_impl ../csu/libc-start.c:392
#7 0xaaaac87b406c in _start ([..]/examples/dpdk-symmetric_mp+0x1d406c)
SUMMARY: AddressSanitizer: stack-buffer-overflow
../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:9986
in __interceptor_sigaltstack
Shadow bytes around the buggy address:
0x200fef31da40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x200fef31da50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f2
0x200fef31da60: f2 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00 00
0x200fef31da70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x200fef31da80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x200fef31da90: 00 00 00 00 00[04]f2 f2 f2 f2 f2 f2 f2 f2 00 00
0x200fef31daa0: 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00
0x200fef31dab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x200fef31dac0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x200fef31dad0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x200fef31dae0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==486544==ABORTING
Environment info:
OS: Ubuntu 22.04 (aarch64)
Kernel: Kernel: 5.15.0-1065-bluefield
Device: Bluefield-2
gcc: 11.2.0
--
You are receiving this mail because:
You are the assignee for the bug.
[-- Attachment #2: Type: text/html, Size: 7324 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-05-27 9:06 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-05-27 9:06 [DPDK/examples Bug 1712] secondary symmetric_mp startup failure with ASan (stack-buffer-overflow) bugzilla
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).