Hi, all I faild to issue the illegal memory write using Valgrind on spdk. Is there Anyone who have succeed? The valgrind what I used comes from: https://github.com/bluca/valgrind-dpdk Here is the process: valgrind --soname-synonyms=somalloc=NONE ./iscsi_tgt -c my_iscsi.conf Starting DPDK 17.02.0 initialization... [ DPDK EAL parameters: iscsi -c 0xff --file-prefix=spdk_pid540 ] EAL: Detected 12 lcore(s) EAL: No free hugepages reported in hugepages-1048576kB EAL: Probing VFIO support... ==540== Warning: set address range perms: large range [0x80200000, 0x100000000) (defined) ==540== Warning: set address range perms: large range [0x80200000, 0x100000000) (noaccess) Occupied cpu core mask is 0xff Occupied cpu socket mask is 0x1 EAL: PCI device 0000:02:00.0 on NUMA socket 0 EAL: probe driver: 8086:6f50 spdk_ioat --540-- WARNING: Serious error when reading debug info --540-- When reading debug info from /sys/devices/pci0000:00/0000:00:02.0/0000:02:00.0/resource0: --540-- can't read file to inspect ELF header Found matching device at 0000:02:00.0 vendor:0x8086 device:0x6f50 ==540== Invalid read of size 4 ==540== at 0x4A3CEE: rte_malloc_virt2phy (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x48E1EC: spdk_malloc (env.c:51) ==540== by 0x48E20E: spdk_zmalloc (env.c:59) ==540== by 0x415387: ioat_channel_start (ioat.c:407) ==540== by 0x415387: ioat_attach (ioat.c:483) ==540== by 0x415387: ioat_enum_cb (ioat.c:522) ==540== by 0x49DC4C: pci_probe_all_drivers.part.0 (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x49E1D1: rte_eal_pci_probe (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x490325: spdk_pci_enumerate (pci.c:147) ==540== by 0x41574D: spdk_ioat_probe (ioat.c:548) ==540== by 0x414C7F: copy_engine_ioat_init (copy_engine_ioat.c:304) ==540== by 0x438761: spdk_copy_engine_module_initialize (copy_engine.c:228) ==540== by 0x438761: spdk_copy_engine_initialize (copy_engine.c:246) ==540== by 0x44268A: spdk_subsystem_init (subsystem.c:135) ==540== by 0x43FF07: spdk_app_init (app.c:425) ==540== Address 0x5303cb8 is 24 bytes before a block of size 8 alloc'd ==540== at 0x4A0A3BC: rte_malloc (vg_replace_malloc.c:1184) ==540== by 0x48E1C5: spdk_malloc (env.c:49) ==540== by 0x48E20E: spdk_zmalloc (env.c:59) ==540== by 0x415387: ioat_channel_start (ioat.c:407) ==540== by 0x415387: ioat_attach (ioat.c:483) ==540== by 0x415387: ioat_enum_cb (ioat.c:522) ==540== by 0x49DC4C: pci_probe_all_drivers.part.0 (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x49E1D1: rte_eal_pci_probe (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x490325: spdk_pci_enumerate (pci.c:147) ==540== by 0x41574D: spdk_ioat_probe (ioat.c:548) ==540== by 0x414C7F: copy_engine_ioat_init (copy_engine_ioat.c:304) ==540== by 0x438761: spdk_copy_engine_module_initialize (copy_engine.c:228) ==540== by 0x438761: spdk_copy_engine_initialize (copy_engine.c:246) ==540== by 0x44268A: spdk_subsystem_init (subsystem.c:135) ==540== by 0x43FF07: spdk_app_init (app.c:425) ==540== ==540== Invalid read of size 8 ==540== at 0x4A3CF6: rte_malloc_virt2phy (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x48E1EC: spdk_malloc (env.c:51) ==540== by 0x48E20E: spdk_zmalloc (env.c:59) ==540== by 0x415387: ioat_channel_start (ioat.c:407) ==540== by 0x415387: ioat_attach (ioat.c:483) ==540== by 0x415387: ioat_enum_cb (ioat.c:522) ==540== by 0x49DC4C: pci_probe_all_drivers.part.0 (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x49E1D1: rte_eal_pci_probe (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x490325: spdk_pci_enumerate (pci.c:147) ==540== by 0x41574D: spdk_ioat_probe (ioat.c:548) ==540== by 0x414C7F: copy_engine_ioat_init (copy_engine_ioat.c:304) ==540== by 0x438761: spdk_copy_engine_module_initialize (copy_engine.c:228) ==540== by 0x438761: spdk_copy_engine_initialize (copy_engine.c:246) ==540== by 0x44268A: spdk_subsystem_init (subsystem.c:135) ==540== by 0x43FF07: spdk_app_init (app.c:425) ==540== Address 0x5303cb0 is 32 bytes before a block of size 16 in arena "client" ==540== ==540== Invalid read of size 8 ==540== at 0x4A3CFD: rte_malloc_virt2phy (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x48E1EC: spdk_malloc (env.c:51) ==540== by 0x48E20E: spdk_zmalloc (env.c:59) ==540== by 0x415387: ioat_channel_start (ioat.c:407) ==540== by 0x415387: ioat_attach (ioat.c:483) ==540== by 0x415387: ioat_enum_cb (ioat.c:522) ==540== by 0x49DC4C: pci_probe_all_drivers.part.0 (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x49E1D1: rte_eal_pci_probe (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x490325: spdk_pci_enumerate (pci.c:147) ==540== by 0x41574D: spdk_ioat_probe (ioat.c:548) ==540== by 0x414C7F: copy_engine_ioat_init (copy_engine_ioat.c:304) ==540== by 0x438761: spdk_copy_engine_module_initialize (copy_engine.c:228) ==540== by 0x438761: spdk_copy_engine_initialize (copy_engine.c:246) ==540== by 0x44268A: spdk_subsystem_init (subsystem.c:135) ==540== by 0x43FF07: spdk_app_init (app.c:425) ==540== Address 0x58 is not stack'd, malloc'd or (recently) free'd ==540== ==540== ==540== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==540== Access not within mapped region at address 0x58 ==540== at 0x4A3CFD: rte_malloc_virt2phy (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x48E1EC: spdk_malloc (env.c:51) ==540== by 0x48E20E: spdk_zmalloc (env.c:59) ==540== by 0x415387: ioat_channel_start (ioat.c:407) ==540== by 0x415387: ioat_attach (ioat.c:483) ==540== by 0x415387: ioat_enum_cb (ioat.c:522) ==540== by 0x49DC4C: pci_probe_all_drivers.part.0 (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x49E1D1: rte_eal_pci_probe (in /home/spdk_61/app/iscsi_tgt/iscsi_tgt) ==540== by 0x490325: spdk_pci_enumerate (pci.c:147) ==540== by 0x41574D: spdk_ioat_probe (ioat.c:548) ==540== by 0x414C7F: copy_engine_ioat_init (copy_engine_ioat.c:304) ==540== by 0x438761: spdk_copy_engine_module_initialize (copy_engine.c:228) ==540== by 0x438761: spdk_copy_engine_initialize (copy_engine.c:246) ==540== by 0x44268A: spdk_subsystem_init (subsystem.c:135) ==540== by 0x43FF07: spdk_app_init (app.c:425) ==540== If you believe this happened as a result of a stack ==540== overflow in your program's main thread (unlikely but ==540== possible), you can try to increase the size of the ==540== main thread stack using the --main-stacksize= flag. ==540== The main thread stack size used in this run was 8388608. ==540== ==540== HEAP SUMMARY: ==540== in use at exit: 2,274,897 bytes in 308 blocks ==540== total heap usage: 1,050 allocs, 742 frees, 7,068,857 bytes allocated ==540== ==540== LEAK SUMMARY: ==540== definitely lost: 4,424 bytes in 4 blocks ==540== indirectly lost: 236 bytes in 9 blocks ==540== possibly lost: 2,432 bytes in 8 blocks ==540== still reachable: 2,267,805 bytes in 287 blocks ==540== suppressed: 0 bytes in 0 blocks ==540== Rerun with --leak-check=full to see details of leaked memory ==540== ==540== For counts of detected and suppressed errors, rerun with: -v ==540== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0) ________________________________ Best Regards