Re: [dpdk-dev] [RFC v2] porting AddressSanitizer feature to DPDK
From: Stephen Hemminger <stephen@networkplumber.org>
Date: 2021-07-06 23:12:20
On Tue, 6 Jul 2021 13:40:56 -0700 David Christensen [off-list ref] wrote:
On 6/15/21 1:12 AM, zhihongx.peng@intel.com wrote:quoted
From: Zhihong Peng <redacted> AddressSanitizer (ASan) is a google memory error detect standard tool. It could help to detect use-after-free and {heap,stack,global}-buffer overflow bugs in C/C++ programs, print detailed error information when error happens, large improve debug efficiency. By referring to its implementation algorithm (https://github.com/google/sanitizers/wiki/AddressSanitizerAlgorithm), ported heap-buffer-overflow and use-after-freefunctions to dpdk. Here is an example of heap-buffer-overflow bug: ...... char *p = rte_zmalloc(NULL, 7, 0); p[7] = 'a'; ...... Here is an example of use-after-free bug: ...... char *p = rte_zmalloc(NULL, 7, 0); rte_free(p); *p = 'a'; ...... If you want to use this feature, you need to use the following compilation options: -Db_lundef=false -Db_sanitize=addressAny library dependencies here that might be architecture specific? I applied the patch to a POWER9 system with RHEL 8.3 and observed a SEGV: sudo /home/drc/src/dpdk/build/app/dpdk-testpmd -l 64-71 --vdev=net_memif0,role=server,id=0 --vdev=net_memif1,role=client,id=0 --no-pci -- -i --numa --port-numa-config=0,8,1,8 --ring-numa-config=0,3,8,1,3,8 --socket-num=8 EAL: Detected 128 lcore(s) EAL: Detected 2 NUMA nodes EAL: Detected static linkage of DPDK EAL: Multi-process socket /var/run/dpdk/rte/mp_socket EAL: Selected IOVA mode 'VA' EAL: No available 1048576 kB hugepages reported EAL: VFIO support initialized AddressSanitizer:DEADLYSIGNAL ================================================================= ==3011526==ERROR: AddressSanitizer: SEGV on unknown address 0x0002a0177bd0 (pc 0x000011411ce0 bp 0x7fffccd738b0 sp 0x7fffccd738b0 T0) ==3011526==The signal is caused by a UNKNOWN memory access. #0 0x11411cdc in asan_set_shadow.constprop.4 (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11411cdc) #1 0x114131ec in malloc_elem_alloc (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x114131ec) #2 0x11416adc in heap_alloc.isra.1 (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11416adc) #3 0x11419570 in malloc_heap_alloc_on_heap_id.isra.5 (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11419570) #4 0x1141977c in malloc_heap_alloc (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x1141977c) #5 0x11421794 in rte_malloc_socket (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11421794) #6 0x11421e14 in rte_zmalloc_socket (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11421e14) #7 0x11422250 in rte_zmalloc (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11422250) #8 0x114222f4 in rte_calloc (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x114222f4) #9 0x11428fa4 in rte_service_init (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11428fa4) #10 0x11433680 in rte_eal_init (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11433680) #11 0x1039a734 in main (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x1039a734) #12 0x7fffa3664074 in generic_start_main ../csu/libc-start.c:308 #13 0x7fffa3664260 in __libc_start_main ../sysdeps/unix/sysv/linux/powerpc/libc-start.c:102 AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/home/drc/src/dpdk/build/app/dpdk-testpmd+0x11411cdc) in asan_set_shadow.constprop.4 ==3011526==ABORTING Dave
ASAN says you should use -fno-omit-frame-pointer to get reasonable backtrace.