Hi , While using AddressSanitizer with VPP, it detected use-after-poison in vl_socket_read_ready() function.
Closely looking at the code, it seems that this is happening due to the following code. if (vec_len (msg_buffer) > msgbuf_len) /* There are some fragments left. Shrink the msg_buffer to simplify logic. */ vec_delete (msg_buffer, msgbuf_len, 0); <<<<<<<<<<<<< we are deleting the socket_main.input_buffer, which is initialized in api_init, but not again after this delete. So, when we try to use this buffer again, its detected by libASAN. I see that this change is done as part of following commit. -------------------------------------- commit 6a6af6ea1a77b5818e717047b5d01251ef6d024a Author: Vratko Polak <vrpo...@cisco.com> Date: Mon Oct 7 14:52:53 2019 +0200 api: comment, simplify and fix api socket read The function vl_socket_read_ready did contain some comments already, but as they stated, the logic has to be tricky to cover multiple cases. ------------------------------------- Can someone please comment, if I am missing anything here ? I see that this code is present even in the latest stable code base. -- Thanks & Regards, Murthy
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18714): https://lists.fd.io/g/vpp-dev/message/18714 Mute This Topic: https://lists.fd.io/mt/80528036/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
