From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id B6A0941E14;
	Fri, 10 Mar 2023 03:46:43 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 5ABBC40685;
	Fri, 10 Mar 2023 03:46:43 +0100 (CET)
Received: from inbox.dpdk.org (inbox.dpdk.org [95.142.172.178])
 by mails.dpdk.org (Postfix) with ESMTP id 4AE0740150
 for <dev@dpdk.org>; Fri, 10 Mar 2023 03:46:42 +0100 (CET)
Received: by inbox.dpdk.org (Postfix, from userid 33)
 id 1C62C41E28; Fri, 10 Mar 2023 03:46:42 +0100 (CET)
From: bugzilla@dpdk.org
To: dev@dpdk.org
Subject: [Bug 1175] [dpdk-23.03][meson test][asan] rawdev_autotest show
 AddressSanitizer: stack-buffer-overflow error
Date: Fri, 10 Mar 2023 02:46:42 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: DPDK
X-Bugzilla-Component: ethdev
X-Bugzilla-Version: 23.03
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: yux.jiang@intel.com
X-Bugzilla-Status: UNCONFIRMED
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: Normal
X-Bugzilla-Assigned-To: dev@dpdk.org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
 target_milestone
Message-ID: <bug-1175-3@http.bugs.dpdk.org/>
Content-Type: multipart/alternative; boundary=16784164010.afeD5eD9.3240588
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://bugs.dpdk.org/
Auto-Submitted: auto-generated
X-Auto-Response-Suppress: All
MIME-Version: 1.0
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org


--16784164010.afeD5eD9.3240588
Date: Fri, 10 Mar 2023 03:46:41 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://bugs.dpdk.org/
Auto-Submitted: auto-generated
X-Auto-Response-Suppress: All

https://bugs.dpdk.org/show_bug.cgi?id=3D1175

            Bug ID: 1175
           Summary: [dpdk-23.03][meson test][asan] rawdev_autotest show
                    AddressSanitizer: stack-buffer-overflow error
           Product: DPDK
           Version: 23.03
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: Normal
         Component: ethdev
          Assignee: dev@dpdk.org
          Reporter: yux.jiang@intel.com
  Target Milestone: ---

DPDK23.03

Reproduced Steps:
1, Build
rm -rf x86_64-native-linuxapp-gcc
CC=3Dgcc meson -Denable_kmods=3DTrue -Dlibdir=3Dlib  -Dbuildtype=3Ddebug
-Db_lundef=3Dfalse -Db_sanitize=3Daddress --default-library=3Dstatic
x86_64-native-linuxapp-gcc
ninja -C x86_64-native-linuxapp-gcc
2, launch test
DPDK_TEST=3D'rawdev_autotest'
/root/dpdk/x86_64-native-linuxapp-gcc/app/test/dpdk-test

3, Failed Logs:
RTE>>rawdev_autotest

### Test rawdev infrastructure using skeleton driver
skeleton_rawdev_probe(): Init rawdev_skeleton on NUMA node 0
rte_rawdev_socket_id(): Invalid dev_id=3D64
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=3D=3D2269565=3D=3DERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ffd7e110550 at pc 0x55a7216ed808 bp 0x7ffd7e110480 sp 0x7ffd7e110470
READ of size 4 at 0x7ffd7e110550 thread T0
    #0 0x55a7216ed807 in skeleton_rawdev_enqueue_bufs
../drivers/raw/skeleton/skeleton_rawdev.c:431
    #1 0x55a71af3eaab in rte_rawdev_enqueue_buffers
../lib/rawdev/rte_rawdev.c:230
    #2 0x55a7216f0cc8 in test_rawdev_enqdeq
../drivers/raw/skeleton/skeleton_rawdev_test.c:384
    #3 0x55a7216f0f5d in skeldev_test_run
../drivers/raw/skeleton/skeleton_rawdev_test.c:425
    #4 0x55a7216f11ec in test_rawdev_skeldev
../drivers/raw/skeleton/skeleton_rawdev_test.c:460
    #5 0x55a71af3fc0d in rte_rawdev_selftest ../lib/rawdev/rte_rawdev.c:397
    #6 0x55a71a2b9bdb in test_rawdev_selftest_impl ../app/test/test_rawdev.=
c:32
    #7 0x55a71a2b9c0a in test_rawdev_selftest_skeleton
../app/test/test_rawdev.c:40
    #8 0x55a71a2b9c2f in test_rawdev_selftests ../app/test/test_rawdev.c:51
    #9 0x55a719c6af02 in cmd_autotest_parsed ../app/test/commands.c:68
    #10 0x55a71b221ce0 in __cmdline_parse ../lib/cmdline/cmdline_parse.c:294
    #11 0x55a71b221dc8 in cmdline_parse ../lib/cmdline/cmdline_parse.c:302
    #12 0x55a71b21d1a0 in cmdline_valid_buffer ../lib/cmdline/cmdline.c:24
    #13 0x55a71b22906a in rdline_char_in ../lib/cmdline/cmdline_rdline.c:444
    #14 0x55a71b21da25 in cmdline_in ../lib/cmdline/cmdline.c:146
    #15 0x55a719c8ce0f in main ../app/test/test.c:208
    #16 0x7f85126a6082 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x24082)
    #17 0x55a719c6ac3d in _start
(/root/dpdk/x86_64-native-linuxapp-gcc/app/test/dpdk-test+0xce6c3d)

Address 0x7ffd7e110550 is located in stack of thread T0 at offset 48 in fra=
me
    #0 0x55a7216f0b11 in test_rawdev_enqdeq
../drivers/raw/skeleton/skeleton_rawdev_test.c:371

  This frame has 3 object(s):
    [48, 50) 'queue_id' (line 374) <=3D=3D Memory access at offset 48 parti=
ally
overflows this variable
    [64, 72) 'deq_buffers' (line 376)
    [96, 104) 'buffers' (line 375)
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow
../drivers/raw/skeleton/skeleton_rawdev.c:431 in skeleton_rawdev_enqueue_bu=
fs
Shadow bytes around the buggy address:
  0x10002fc1a050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=3D>0x10002fc1a0a0: 00 00 00 00 f1 f1 f1 f1 f1 f1[02]f2 00 f2 f2 f2
  0x10002fc1a0b0: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a0c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a0d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a0e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a0f0: 00 00 f1 f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
=3D=3D2269565=3D=3DABORTING

--=20
You are receiving this mail because:
You are the assignee for the bug.=

--16784164010.afeD5eD9.3240588
Date: Fri, 10 Mar 2023 03:46:41 +0100
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: http://bugs.dpdk.org/
Auto-Submitted: auto-generated
X-Auto-Response-Suppress: All

<html>
    <head>
      <base href=3D"https://bugs.dpdk.org/">
    </head>
    <body><table border=3D"1" cellspacing=3D"0" cellpadding=3D"8" class=3D"=
bz_new_table">
        <tr>
          <th>Bug ID</th>
          <td><a class=3D"bz_bug_link=20
          bz_status_UNCONFIRMED "
   title=3D"UNCONFIRMED - [dpdk-23.03][meson test][asan] rawdev_autotest sh=
ow AddressSanitizer: stack-buffer-overflow error"
   href=3D"https://bugs.dpdk.org/show_bug.cgi?id=3D1175">1175</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>[dpdk-23.03][meson test][asan] rawdev_autotest show AddressSa=
nitizer: stack-buffer-overflow error
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>DPDK
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>23.03
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>UNCONFIRMED
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>normal
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>Normal
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>ethdev
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>dev&#64;dpdk.org
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>yux.jiang&#64;intel.com
          </td>
        </tr>

        <tr>
          <th>Target Milestone</th>
          <td>---
          </td>
        </tr></table>
      <p>
        <div class=3D"bz_comment_block">
          <pre class=3D"bz_comment_text">DPDK23.03

Reproduced Steps:
1, Build
rm -rf x86_64-native-linuxapp-gcc
CC=3Dgcc meson -Denable_kmods=3DTrue -Dlibdir=3Dlib  -Dbuildtype=3Ddebug
-Db_lundef=3Dfalse -Db_sanitize=3Daddress --default-library=3Dstatic
x86_64-native-linuxapp-gcc
ninja -C x86_64-native-linuxapp-gcc
2, launch test
DPDK_TEST=3D'rawdev_autotest'
/root/dpdk/x86_64-native-linuxapp-gcc/app/test/dpdk-test

3, Failed Logs:
RTE&gt;&gt;rawdev_autotest

### Test rawdev infrastructure using skeleton driver
skeleton_rawdev_probe(): Init rawdev_skeleton on NUMA node 0
rte_rawdev_socket_id(): Invalid dev_id=3D64
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
=3D=3D2269565=3D=3DERROR: AddressSanitizer: stack-buffer-overflow on address
0x7ffd7e110550 at pc 0x55a7216ed808 bp 0x7ffd7e110480 sp 0x7ffd7e110470
READ of size 4 at 0x7ffd7e110550 thread T0
    #0 0x55a7216ed807 in skeleton_rawdev_enqueue_bufs
../drivers/raw/skeleton/skeleton_rawdev.c:431
    #1 0x55a71af3eaab in rte_rawdev_enqueue_buffers
../lib/rawdev/rte_rawdev.c:230
    #2 0x55a7216f0cc8 in test_rawdev_enqdeq
../drivers/raw/skeleton/skeleton_rawdev_test.c:384
    #3 0x55a7216f0f5d in skeldev_test_run
../drivers/raw/skeleton/skeleton_rawdev_test.c:425
    #4 0x55a7216f11ec in test_rawdev_skeldev
../drivers/raw/skeleton/skeleton_rawdev_test.c:460
    #5 0x55a71af3fc0d in rte_rawdev_selftest ../lib/rawdev/rte_rawdev.c:397
    #6 0x55a71a2b9bdb in test_rawdev_selftest_impl ../app/test/test_rawdev.=
c:32
    #7 0x55a71a2b9c0a in test_rawdev_selftest_skeleton
../app/test/test_rawdev.c:40
    #8 0x55a71a2b9c2f in test_rawdev_selftests ../app/test/test_rawdev.c:51
    #9 0x55a719c6af02 in cmd_autotest_parsed ../app/test/commands.c:68
    #10 0x55a71b221ce0 in __cmdline_parse ../lib/cmdline/cmdline_parse.c:294
    #11 0x55a71b221dc8 in cmdline_parse ../lib/cmdline/cmdline_parse.c:302
    #12 0x55a71b21d1a0 in cmdline_valid_buffer ../lib/cmdline/cmdline.c:24
    #13 0x55a71b22906a in rdline_char_in ../lib/cmdline/cmdline_rdline.c:444
    #14 0x55a71b21da25 in cmdline_in ../lib/cmdline/cmdline.c:146
    #15 0x55a719c8ce0f in main ../app/test/test.c:208
    #16 0x7f85126a6082 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x24082)
    #17 0x55a719c6ac3d in _start
(/root/dpdk/x86_64-native-linuxapp-gcc/app/test/dpdk-test+0xce6c3d)

Address 0x7ffd7e110550 is located in stack of thread T0 at offset 48 in fra=
me
    #0 0x55a7216f0b11 in test_rawdev_enqdeq
../drivers/raw/skeleton/skeleton_rawdev_test.c:371

  This frame has 3 object(s):
    [48, 50) 'queue_id' (line 374) &lt;=3D=3D Memory access at offset 48 pa=
rtially
overflows this variable
    [64, 72) 'deq_buffers' (line 376)
    [96, 104) 'buffers' (line 375)
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow
../drivers/raw/skeleton/skeleton_rawdev.c:431 in skeleton_rawdev_enqueue_bu=
fs
Shadow bytes around the buggy address:
  0x10002fc1a050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=3D&gt;0x10002fc1a0a0: 00 00 00 00 f1 f1 f1 f1 f1 f1[02]f2 00 f2 f2 f2
  0x10002fc1a0b0: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a0c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a0d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a0e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x10002fc1a0f0: 00 00 f1 f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
=3D=3D2269565=3D=3DABORTING
          </pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are the assignee for the bug.</li>
      </ul>
      <div itemscope itemtype=3D"http://schema.org/EmailMessage">
        <div itemprop=3D"action" itemscope itemtype=3D"http://schema.org/Vi=
ewAction">
=20=20=20=20=20=20=20=20=20=20
          <link itemprop=3D"url" href=3D"https://bugs.dpdk.org/show_bug.cgi=
?id=3D1175">
          <meta itemprop=3D"name" content=3D"View bug">
        </div>
        <meta itemprop=3D"description" content=3D"Bugzilla bug update notif=
ication">
      </div>
    </body>
</html>=

--16784164010.afeD5eD9.3240588--