Hi Damjan Marion,
vector function: clib_mask_compare_u16_x64 has ASAN Issue,
>
> clib_mask_compare_u16_x64 (u16 v, u16 *a, u32 n_elts)
> {
> ...
> u16x32u *av = (u16x32u *) a;
> ...
>
> x = i8x32_pack (v16 == av[0], v16 == av[1]); <----- *av[0] will read 64
> bytes, but a[0] only have 2 bytes
> *
>
This function will lead to session node crash if ASAS enabled
>
> =================================================================
>
> Program received signal SIGSEGV, Segmentation fault.
> [Switching to Thread 0x7ff96f54d700 (LWP 113687)]
> 0x00007ffff73de5c1 in __asan::FakeStack::AddrIsInFakeStack(unsigned long,
> unsigned long*, unsigned long*) () from
> /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> Missing separate debuginfos, use: debuginfo-install
> libgcc-4.8.5-44.el7.x86_64 libstdc++-4.8.5-44.el7.x86_64
> libuuid-2.23.2-65.el7_9.1.x86_64 mbedtls-2.7.17-1.el7.x86_64
> pkcs11-helper-1.11-3.el7.x86_64
> (gdb) bt
> #0 0x00007ffff73de5c1 in __asan::FakeStack::AddrIsInFakeStack(unsigned
> long, unsigned long*, unsigned long*) () from
> /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #1 0x00007ffff74c5a11 in
> __asan::ThreadStackContainsAddress(__sanitizer::ThreadContextBase*, void*)
> () from /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #2 0x00007ffff74dfdc2 in
> __sanitizer::ThreadRegistry::FindThreadContextLocked(bool
> (*)(__sanitizer::ThreadContextBase*, void*), void*) () from
> /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #3 0x00007ffff74c6e5a in __asan::FindThreadByStackAddress(unsigned long)
> () from /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #4 0x00007ffff73d8fb6 in __asan::GetStackAddressInformation(unsigned
> long, unsigned long, __asan::StackAddressDescription*) () from
> /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #5 0x00007ffff73da3f9 in
> __asan::AddressDescription::AddressDescription(unsigned long, unsigned
> long, bool) () from
> /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #6 0x00007ffff73dce51 in __asan::ErrorGeneric::ErrorGeneric(unsigned int,
> unsigned long, unsigned long, unsigned long, unsigned long, bool, unsigned
> long) () from
> /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #7 0x00007ffff74c0c2a in __asan::ReportGenericError(unsigned long,
> unsigned long, unsigned long, unsigned long, bool, unsigned long, unsigned
> int, bool) () from
> /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #8 0x00007ffff74c2194 in __asan_report_load_n () from
> /home/dev/code/net-base/dist/script/test/../../lib/libasan.so.5
> #9 0x00007ffff41c34c5 in clib_mask_compare_u16_x64 (v=2,
> a=0x7fffd38cb980, n_elts=1) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vppinfra/vector_funcs.h:24
> #10 0x00007ffff41c374c in clib_mask_compare_u16 (v=2, a=0x7fffd38cb980,
> mask=0x7ff96ecf5310, n_elts=1) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vppinfra/vector_funcs.h:79
> #11 0x00007ffff41c3b7b in enqueue_one (vm=0x7fffd1c73080,
> node=0x7fffd2d21040, used_elt_bmp=0x7ff96ecf5440, next_index=2,
> buffers=0x7fffd1d3b2d0, nexts=0x7fffd38cb980, n_buffers=1, n_left=1,
> tmp=0x7ff96ecf5480) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vlib/buffer_funcs.c:30
> #12 0x00007ffff41fe451 in vlib_buffer_enqueue_to_next_fn_hsw
> (vm=0x7fffd1c73080, node=0x7fffd2d21040, buffers=0x7fffd1d3b2d0,
> nexts=0x7fffd38cb980, count=1) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vlib/buffer_funcs.c:110
> #13 0x00007ffff5aff172 in vlib_buffer_enqueue_to_next (vm=0x7fffd1c73080,
> node=0x7fffd2d21040, buffers=0x7fffd1d3b2d0, nexts=0x7fffd38cb980,
> count=1) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vlib/buffer_node.h:344
> #14 0x00007ffff5b16b0a in session_flush_pending_tx_buffers
> (wrk=0x7fffd4d1ad40, node=0x7fffd2d21040) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vnet/session/session_node.c:1626
>
> #15 0x00007ffff5b1a3db in session_queue_node_fn (vm=0x7fffd1c73080,
> node=0x7fffd2d21040, frame=0x0) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vnet/session/session_node.c:1793
>
> #16 0x00007ffff40a1bfb in dispatch_node (vm=0x7fffd1c73080,
> node=0x7fffd2d21040, type=VLIB_NODE_TYPE_INPUT,
> dispatch_state=VLIB_NODE_STATE_POLLING, frame=0x0,
> last_time_stamp=101201619637438) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vlib/main.c:1024
> #17 0x00007ffff40a6aef in vlib_main_or_worker_loop (vm=0x7fffd1c73080,
> is_main=0) at /home/dev/code/net-base/.vpp-21.06-rc2/src/vlib/main.c:1618
> #18 0x00007ffff40a8713 in vlib_worker_loop (vm=0x7fffd1c73080) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vlib/main.c:1783
> #19 0x00007ffff413f573 in vlib_worker_thread_fn (arg=0x7fffd685c500) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vlib/threads.c:1562
> #20 0x00007ffff377b504 in clib_calljmp () at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vppinfra/longjmp.S:123
> #21 0x00007ff96f54cc30 in ?? ()
> #22 0x00007ffff4132d71 in vlib_worker_thread_bootstrap_fn
> (arg=0x7fffd685c500) at
> /home/dev/code/net-base/.vpp-21.06-rc2/src/vlib/threads.c:431
> #23 0x00007fffc8dce4bd in eal_thread_loop (arg=0x0) at
> ../src-dpdk/lib/librte_eal/linux/eal_thread.c:127
> #24 0x00007ffff3b4cea5 in start_thread (arg=0x7ff96f54d700) at
> pthread_create.c:307
> #25 0x00007ffff30d49fd in clone () at
> ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
> (gdb)
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#19593): https://lists.fd.io/g/vpp-dev/message/19593
Mute This Topic: https://lists.fd.io/mt/83600497/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
