> I see that this change is done as part of following commit. I only edited variable names and such. The previous code contained the same logic [1], and it seems to come from the initial code [2].
> we are deleting the socket_main.input_buffer No, we are deleting just some (perhaps all) elements (bytes) from the vector (buffer). > it detected use-after-poison Looking at [3], only the area after the remaining values is poisoned. But macros that can enlarge the vector should unpoison that area, so I am not sure what use does address sanitizer see. Vratko. [1] https://gerrit.fd.io/r/c/vpp/+/22547/4/src/vlibmemory/socket_api.c#b304 [2] https://gerrit.fd.io/r/c/vpp/+/23/3/vlib-api/vlibsocket/socksvr_vlib.c#314 [3] https://gerrit.fd.io/r/c/vpp/+/21937/10/src/vppinfra/vec.h#798 From: vpp-dev@lists.fd.io <vpp-dev@lists.fd.io> On Behalf Of Satya Murthy Sent: Wednesday, 2021-February-10 10:42 To: vpp-dev@lists.fd.io Subject: [vpp-dev] Bug in vl_socket_read_ready() function Hi , While using AddressSanitizer with VPP, it detected use-after-poison in vl_socket_read_ready() function. Closely looking at the code, it seems that this is happening due to the following code. if (vec_len (msg_buffer) > msgbuf_len) /* There are some fragments left. Shrink the msg_buffer to simplify logic. */ vec_delete (msg_buffer, msgbuf_len, 0); <<<<<<<<<<<<< we are deleting the socket_main.input_buffer, which is initialized in api_init, but not again after this delete. So, when we try to use this buffer again, its detected by libASAN. I see that this change is done as part of following commit. -------------------------------------- commit 6a6af6ea1a77b5818e717047b5d01251ef6d024a Author: Vratko Polak <vrpo...@cisco.com<mailto:vrpo...@cisco.com>> Date: Mon Oct 7 14:52:53 2019 +0200 api: comment, simplify and fix api socket read The function vl_socket_read_ready did contain some comments already, but as they stated, the logic has to be tricky to cover multiple cases. ------------------------------------- Can someone please comment, if I am missing anything here ? I see that this code is present even in the latest stable code base. -- Thanks & Regards, Murthy
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18721): https://lists.fd.io/g/vpp-dev/message/18721 Mute This Topic: https://lists.fd.io/mt/80528036/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
