Add BGP dynamic capability support for graceful restart #17
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When graceful-retart is enabled, trigger graceful restart capability in BGP capability message, so that neighbors with dynamic capability support can update graceful restart status, including forwarding state bit for each address-family without resetting adjacency.
| @@ -24,7 +24,7 @@ | |||
| /* Standard header for capability TLV */ | |||
| struct capability_header { | |||
| uint8_t code; | |||
| uint8_t length; | |||
| uint8_t length; /* Note, extra one more oct in dynamic capabilities */ | |||
There was a problem hiding this comment.
what 'oct' means here?
There was a problem hiding this comment.
FRR implemented the old version of dynamic capability draft, which has only 1 Octect for "length field". This field has been changed in the latest version to 2 Octects. Since the draft hasn't become RFC, and by talking to the authors, they are still trying to finalize the content, hence I didn't change the code, but left some comment there.
There was a problem hiding this comment.
Since it's still a draft, what bgp implementations supports it? Why SONiC needs to support it?
There was a problem hiding this comment.
Almost all switch vendors with BGP implementation support dynamic capability - Cisco, Juniper, Arista, Huawei...
| afi_t afi; | ||
| safi_t safi; | ||
| uint16_t afi; | ||
| uint8_t safi; |
There was a problem hiding this comment.
According to graceful restart RFC 4724
+--------------------------------------------------+
| Address Family Identifier (16 bits) |
+--------------------------------------------------+
| Subsequent Address Family Identifier (8 bits) |
+--------------------------------------------------+
Wrong size is defined in current FRR:
(gdb) p/x sizeof(afi_t)
$2 = 0x4
(gdb) p/x sizeof(safi_t)
$3 = 0x4
This causes failure in compatibility testing with other switches.
There was a problem hiding this comment.
But this value is not what is being sent over line inside of the packet. FRR has special code which convert from aft_t, safi_t to a line format
There was a problem hiding this comment.
Do you mean the big/small endian convert or something else? Which piece of convert code do you refer to?
There was a problem hiding this comment.
Here we just copy fields from wire directly, without conversion, similar to capability_mp_data. There were multiple problems fixed after the introduction of iana_xxx_t, such as
FRRouting/frr@a46a2e9
|
|
|
https://tools.ietf.org/html/draft-ietf-idr-dynamic-cap-14 It was expired in 2012. |
|
It expired because the authors didn't do update on time. But it has been widely deployed, and the corresponding BGP code value has been assigned officially by IANA. |
|
@heidinet2007 Can you please show me "new version of draft won't be submitted to IETF until March 2020"? Where can I read it? |
The authors are still working on it, not ready to share yet. Will let you know once I get it. |
|
@heidinet2007 sounds good |
pavel-shirshov
pushed a commit
that referenced
this pull request
Nov 17, 2020
When zebra is running with debugs turned on there
is a use after free reported by the address sanitizer:
2020/10/16 12:58:02 ZEBRA: rib_delnode: (0:254):4.5.6.16/32: rn 0x60b000026f20, re 0x6080000131a0, removing
2020/10/16 12:58:02 ZEBRA: rib_meta_queue_add: (0:254):4.5.6.16/32: queued rn 0x60b000026f20 into sub-queue 3
=================================================================
==3101430==ERROR: AddressSanitizer: heap-use-after-free on address 0x608000011d28 at pc 0x555555705ab6 bp 0x7fffffffdab0 sp 0x7fffffffdaa8
READ of size 8 at 0x608000011d28 thread T0
#0 0x555555705ab5 in re_list_const_first zebra/rib.h:222
#1 0x555555705b54 in re_list_first zebra/rib.h:222
#2 0x555555711a4f in process_subq_route zebra/zebra_rib.c:2248
#3 0x555555711d2e in process_subq zebra/zebra_rib.c:2286
#4 0x555555711ec7 in meta_queue_process zebra/zebra_rib.c:2320
#5 0x7ffff74701f7 in work_queue_run lib/workqueue.c:291
#6 0x7ffff7450e9c in thread_call lib/thread.c:1581
#7 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
#8 0x55555561a578 in main zebra/main.c:455
#9 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
#10 0x5555555e3429 in _start (/usr/lib/frr/zebra+0x8f429)
0x608000011d28 is located 8 bytes inside of 88-byte region [0x608000011d20,0x608000011d78)
freed by thread T0 here:
#0 0x7ffff768bb6f in __interceptor_free (/lib/x86_64-linux-gnu/libasan.so.6+0xa9b6f)
#1 0x7ffff739ccad in qfree lib/memory.c:129
#2 0x555555709ee4 in rib_gc_dest zebra/zebra_rib.c:746
#3 0x55555570ca76 in rib_process zebra/zebra_rib.c:1240
#4 0x555555711a05 in process_subq_route zebra/zebra_rib.c:2245
#5 0x555555711d2e in process_subq zebra/zebra_rib.c:2286
#6 0x555555711ec7 in meta_queue_process zebra/zebra_rib.c:2320
#7 0x7ffff74701f7 in work_queue_run lib/workqueue.c:291
#8 0x7ffff7450e9c in thread_call lib/thread.c:1581
#9 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
#10 0x55555561a578 in main zebra/main.c:455
#11 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
previously allocated by thread T0 here:
#0 0x7ffff768c037 in calloc (/lib/x86_64-linux-gnu/libasan.so.6+0xaa037)
#1 0x7ffff739cb98 in qcalloc lib/memory.c:110
#2 0x555555712ace in zebra_rib_create_dest zebra/zebra_rib.c:2515
#3 0x555555712c6c in rib_link zebra/zebra_rib.c:2576
#4 0x555555712faa in rib_addnode zebra/zebra_rib.c:2607
#5 0x555555715bf0 in rib_add_multipath_nhe zebra/zebra_rib.c:3012
#6 0x555555715f56 in rib_add_multipath zebra/zebra_rib.c:3049
#7 0x55555571788b in rib_add zebra/zebra_rib.c:3327
#8 0x5555555e584a in connected_up zebra/connected.c:254
#9 0x5555555e42ff in connected_announce zebra/connected.c:94
#10 0x5555555e4fd3 in connected_update zebra/connected.c:195
#11 0x5555555e61ad in connected_add_ipv4 zebra/connected.c:340
#12 0x5555555f26f5 in netlink_interface_addr zebra/if_netlink.c:1213
#13 0x55555560f756 in netlink_information_fetch zebra/kernel_netlink.c:350
#14 0x555555612e49 in netlink_parse_info zebra/kernel_netlink.c:941
#15 0x55555560f9f1 in kernel_read zebra/kernel_netlink.c:402
#16 0x7ffff7450e9c in thread_call lib/thread.c:1581
#17 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
#18 0x55555561a578 in main zebra/main.c:455
#19 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: heap-use-after-free zebra/rib.h:222 in re_list_const_first
This is happening because we are using the dest pointer after a call into
rib_gc_dest. In process_subq_route, we call rib_process() and if the
dest is deleted dest pointer is now garbage. We must reload the
dest pointer in this case.
Signed-off-by: Donald Sharp <[email protected]>
dgsudharsan
pushed a commit
to dgsudharsan/sonic-frr
that referenced
this pull request
Jun 6, 2023
When changing the peers sockunion structure the bgp->peer
list was not being updated properly. Since the peer's su
is being used for a sorted insert then the change of it requires
that the value be pulled out of the bgp->peer list and then
put back into as well.
Additionally ensure that the hash is always released on peer
deletion.
Lead to this from this decode in a address sanitizer run.
=================================================================
==30778==ERROR: AddressSanitizer: heap-use-after-free on address 0x62a0000d8440 at pc 0x7f48c9c5c547 bp 0x7ffcba272cb0 sp 0x7ffcba272ca8
READ of size 2 at 0x62a0000d8440 thread T0
#0 0x7f48c9c5c546 in sockunion_same lib/sockunion.c:425
sonic-net#1 0x55cfefe3000f in peer_hash_same bgpd/bgpd.c:890
sonic-net#2 0x7f48c9bde039 in hash_release lib/hash.c:209
sonic-net#3 0x55cfefe3373f in bgp_peer_conf_if_to_su_update bgpd/bgpd.c:1541
sonic-net#4 0x55cfefd0be7a in bgp_stop bgpd/bgp_fsm.c:1631
sonic-net#5 0x55cfefe4028f in peer_delete bgpd/bgpd.c:2362
sonic-net#6 0x55cfefdd5e97 in no_neighbor_interface_config bgpd/bgp_vty.c:4267
sonic-net#7 0x7f48c9b9d160 in cmd_execute_command_real lib/command.c:949
sonic-net#8 0x7f48c9ba1112 in cmd_execute_command lib/command.c:1009
sonic-net#9 0x7f48c9ba1573 in cmd_execute lib/command.c:1162
sonic-net#10 0x7f48c9c87402 in vty_command lib/vty.c:526
sonic-net#11 0x7f48c9c87832 in vty_execute lib/vty.c:1291
sonic-net#12 0x7f48c9c8e741 in vtysh_read lib/vty.c:2130
sonic-net#13 0x7f48c9c7a66d in thread_call lib/thread.c:1585
sonic-net#14 0x7f48c9bf64e7 in frr_run lib/libfrr.c:1123
sonic-net#15 0x55cfefc75a15 in main bgpd/bgp_main.c:540
sonic-net#16 0x7f48c96b009a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
sonic-net#17 0x55cfefc787f9 in _start (/usr/lib/frr/bgpd+0xe27f9)
0x62a0000d8440 is located 576 bytes inside of 23376-byte region [0x62a0000d8200,0x62a0000ddd50)
freed by thread T0 here:
#0 0x7f48c9eb9fb0 in __interceptor_free (/lib/x86_64-linux-gnu/libasan.so.5+0xe8fb0)
sonic-net#1 0x55cfefe3fe42 in peer_free bgpd/bgpd.c:1113
sonic-net#2 0x55cfefe3fe42 in peer_unlock_with_caller bgpd/bgpd.c:1144
sonic-net#3 0x55cfefe4092e in peer_delete bgpd/bgpd.c:2457
sonic-net#4 0x55cfefdd5e97 in no_neighbor_interface_config bgpd/bgp_vty.c:4267
sonic-net#5 0x7f48c9b9d160 in cmd_execute_command_real lib/command.c:949
sonic-net#6 0x7f48c9ba1112 in cmd_execute_command lib/command.c:1009
sonic-net#7 0x7f48c9ba1573 in cmd_execute lib/command.c:1162
sonic-net#8 0x7f48c9c87402 in vty_command lib/vty.c:526
sonic-net#9 0x7f48c9c87832 in vty_execute lib/vty.c:1291
sonic-net#10 0x7f48c9c8e741 in vtysh_read lib/vty.c:2130
sonic-net#11 0x7f48c9c7a66d in thread_call lib/thread.c:1585
sonic-net#12 0x7f48c9bf64e7 in frr_run lib/libfrr.c:1123
sonic-net#13 0x55cfefc75a15 in main bgpd/bgp_main.c:540
sonic-net#14 0x7f48c96b009a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
Signed-off-by: Donald Sharp <[email protected]>
dgsudharsan
pushed a commit
to dgsudharsan/sonic-frr
that referenced
this pull request
Jun 6, 2023
ASAN reported the following memleak:
```
Direct leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x4d4342 in calloc (/usr/lib/frr/bgpd+0x4d4342)
sonic-net#1 0xbc3d68 in qcalloc /home/sharpd/frr8/lib/memory.c:116:27
sonic-net#2 0xb869f7 in list_new /home/sharpd/frr8/lib/linklist.c:64:9
sonic-net#3 0x5a38bc in bgp_evpn_remote_ip_hash_alloc /home/sharpd/frr8/bgpd/bgp_evpn.c:6789:24
sonic-net#4 0xb358d3 in hash_get /home/sharpd/frr8/lib/hash.c:162:13
sonic-net#5 0x593d39 in bgp_evpn_remote_ip_hash_add /home/sharpd/frr8/bgpd/bgp_evpn.c:6881:7
sonic-net#6 0x59dbbd in install_evpn_route_entry_in_vni_common /home/sharpd/frr8/bgpd/bgp_evpn.c:3049:2
sonic-net#7 0x59cfe0 in install_evpn_route_entry_in_vni_ip /home/sharpd/frr8/bgpd/bgp_evpn.c:3126:8
sonic-net#8 0x59c6f0 in install_evpn_route_entry /home/sharpd/frr8/bgpd/bgp_evpn.c:3318:8
sonic-net#9 0x59bb52 in install_uninstall_route_in_vnis /home/sharpd/frr8/bgpd/bgp_evpn.c:3888:10
sonic-net#10 0x59b6d2 in bgp_evpn_install_uninstall_table /home/sharpd/frr8/bgpd/bgp_evpn.c:4019:5
sonic-net#11 0x578857 in install_uninstall_evpn_route /home/sharpd/frr8/bgpd/bgp_evpn.c:4051:9
sonic-net#12 0x58ada6 in bgp_evpn_import_route /home/sharpd/frr8/bgpd/bgp_evpn.c:6049:9
sonic-net#13 0x713794 in bgp_update /home/sharpd/frr8/bgpd/bgp_route.c:4842:3
sonic-net#14 0x583fa0 in process_type2_route /home/sharpd/frr8/bgpd/bgp_evpn.c:4518:9
sonic-net#15 0x5824ba in bgp_nlri_parse_evpn /home/sharpd/frr8/bgpd/bgp_evpn.c:5732:8
sonic-net#16 0x6ae6a2 in bgp_nlri_parse /home/sharpd/frr8/bgpd/bgp_packet.c:363:10
sonic-net#17 0x6be6fa in bgp_update_receive /home/sharpd/frr8/bgpd/bgp_packet.c:2020:15
sonic-net#18 0x6b7433 in bgp_process_packet /home/sharpd/frr8/bgpd/bgp_packet.c:2929:11
sonic-net#19 0xd00146 in thread_call /home/sharpd/frr8/lib/thread.c:2006:2
```
The list itself was not being cleaned up when the final list entry was
removed, so make sure we do that instead of leaking memory.
Signed-off-by: Trey Aspelund <[email protected]>
marcosfsch
pushed a commit
to marcosfsch/sonic-frr
that referenced
this pull request
Jan 30, 2024
This commit ensures proper cleanup by deleting the gm_join_list when a PIM interface is deleted. The gm_join_list was previously not being freed, causing a memory leak.
The ASan leak log for reference:
```
***********************************************************************************
Address Sanitizer Error detected in multicast_mld_join_topo1.test_multicast_mld_local_join/r1.asan.pim6d.28070
=================================================================
==28070==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
sonic-net#2 0x56230372180f in list_new lib/linklist.c:49
sonic-net#3 0x56230361b589 in pim_if_gm_join_add pimd/pim_iface.c:1313
sonic-net#4 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
sonic-net#5 0x562303767280 in nb_callback_create lib/northbound.c:1235
sonic-net#6 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
sonic-net#7 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
sonic-net#8 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
sonic-net#9 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
sonic-net#10 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
sonic-net#11 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
sonic-net#12 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
sonic-net#13 0x5623036c5f1b in cmd_execute_command lib/command.c:1053
sonic-net#14 0x5623036c6392 in cmd_execute lib/command.c:1221
sonic-net#15 0x5623037e75da in vty_command lib/vty.c:591
sonic-net#16 0x5623037e7a74 in vty_execute lib/vty.c:1354
sonic-net#17 0x5623037f0253 in vtysh_read lib/vty.c:2362
sonic-net#18 0x5623037db4e8 in event_call lib/event.c:1995
sonic-net#19 0x562303720f97 in frr_run lib/libfrr.c:1213
sonic-net#20 0x56230368615d in main pimd/pim6_main.c:184
sonic-net#21 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 192 byte(s) in 4 object(s) allocated from:
#0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
sonic-net#2 0x56230361b91d in gm_join_new pimd/pim_iface.c:1288
sonic-net#3 0x56230361b91d in pim_if_gm_join_add pimd/pim_iface.c:1326
sonic-net#4 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
sonic-net#5 0x562303767280 in nb_callback_create lib/northbound.c:1235
sonic-net#6 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
sonic-net#7 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
sonic-net#8 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
sonic-net#9 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
sonic-net#10 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
sonic-net#11 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
sonic-net#12 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
sonic-net#13 0x5623036c5f1b in cmd_execute_command lib/command.c:1053
sonic-net#14 0x5623036c6392 in cmd_execute lib/command.c:1221
sonic-net#15 0x5623037e75da in vty_command lib/vty.c:591
sonic-net#16 0x5623037e7a74 in vty_execute lib/vty.c:1354
sonic-net#17 0x5623037f0253 in vtysh_read lib/vty.c:2362
sonic-net#18 0x5623037db4e8 in event_call lib/event.c:1995
sonic-net#19 0x562303720f97 in frr_run lib/libfrr.c:1213
sonic-net#20 0x56230368615d in main pimd/pim6_main.c:184
sonic-net#21 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 96 byte(s) in 4 object(s) allocated from:
#0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
sonic-net#2 0x562303721651 in listnode_new lib/linklist.c:71
sonic-net#3 0x56230372182b in listnode_add lib/linklist.c:92
sonic-net#4 0x56230361ba9a in gm_join_new pimd/pim_iface.c:1295
sonic-net#5 0x56230361ba9a in pim_if_gm_join_add pimd/pim_iface.c:1326
sonic-net#6 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
sonic-net#7 0x562303767280 in nb_callback_create lib/northbound.c:1235
sonic-net#8 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
sonic-net#9 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
sonic-net#10 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
sonic-net#11 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
sonic-net#12 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
sonic-net#13 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
sonic-net#14 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
sonic-net#15 0x5623036c5f1b in cmd_execute_command lib/command.c:1053
sonic-net#16 0x5623036c6392 in cmd_execute lib/command.c:1221
sonic-net#17 0x5623037e75da in vty_command lib/vty.c:591
sonic-net#18 0x5623037e7a74 in vty_execute lib/vty.c:1354
sonic-net#19 0x5623037f0253 in vtysh_read lib/vty.c:2362
sonic-net#20 0x5623037db4e8 in event_call lib/event.c:1995
sonic-net#21 0x562303720f97 in frr_run lib/libfrr.c:1213
sonic-net#22 0x56230368615d in main pimd/pim6_main.c:184
sonic-net#23 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
sonic-net#2 0x56230361b91d in gm_join_new pimd/pim_iface.c:1288
sonic-net#3 0x56230361b91d in pim_if_gm_join_add pimd/pim_iface.c:1326
sonic-net#4 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
sonic-net#5 0x562303767280 in nb_callback_create lib/northbound.c:1235
sonic-net#6 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
sonic-net#7 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
sonic-net#8 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
sonic-net#9 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
sonic-net#10 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
sonic-net#11 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
sonic-net#12 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
sonic-net#13 0x5623036c5f6f in cmd_execute_command lib/command.c:1072
sonic-net#14 0x5623036c6392 in cmd_execute lib/command.c:1221
sonic-net#15 0x5623037e75da in vty_command lib/vty.c:591
sonic-net#16 0x5623037e7a74 in vty_execute lib/vty.c:1354
sonic-net#17 0x5623037f0253 in vtysh_read lib/vty.c:2362
sonic-net#18 0x5623037db4e8 in event_call lib/event.c:1995
sonic-net#19 0x562303720f97 in frr_run lib/libfrr.c:1213
sonic-net#20 0x56230368615d in main pimd/pim6_main.c:184
sonic-net#21 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 24 byte(s) in 1 object(s) allocated from:
#0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
sonic-net#2 0x562303721651 in listnode_new lib/linklist.c:71
sonic-net#3 0x56230372182b in listnode_add lib/linklist.c:92
sonic-net#4 0x56230361ba9a in gm_join_new pimd/pim_iface.c:1295
sonic-net#5 0x56230361ba9a in pim_if_gm_join_add pimd/pim_iface.c:1326
sonic-net#6 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
sonic-net#7 0x562303767280 in nb_callback_create lib/northbound.c:1235
sonic-net#8 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
sonic-net#9 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
sonic-net#10 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
sonic-net#11 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
sonic-net#12 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
sonic-net#13 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
sonic-net#14 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
sonic-net#15 0x5623036c5f6f in cmd_execute_command lib/command.c:1072
sonic-net#16 0x5623036c6392 in cmd_execute lib/command.c:1221
sonic-net#17 0x5623037e75da in vty_command lib/vty.c:591
sonic-net#18 0x5623037e7a74 in vty_execute lib/vty.c:1354
sonic-net#19 0x5623037f0253 in vtysh_read lib/vty.c:2362
sonic-net#20 0x5623037db4e8 in event_call lib/event.c:1995
sonic-net#21 0x562303720f97 in frr_run lib/libfrr.c:1213
sonic-net#22 0x56230368615d in main pimd/pim6_main.c:184
sonic-net#23 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
SUMMARY: AddressSanitizer: 400 byte(s) leaked in 11 allocation(s).
***********************************************************************************
```
Signed-off-by: Keelan Cannoo <[email protected]>
marcosfsch
pushed a commit
to marcosfsch/sonic-frr
that referenced
this pull request
Jan 30, 2024
The loading_done event needs a event pointer to prevent
use after free's. Testing found this:
ERROR: AddressSanitizer: heap-use-after-free on address 0x613000035130 at pc 0x55ad42d54e5f bp 0x7ffff1e942a0 sp 0x7ffff1e94290
READ of size 1 at 0x613000035130 thread T0
#0 0x55ad42d54e5e in loading_done ospf6d/ospf6_neighbor.c:447
sonic-net#1 0x55ad42ed7be4 in event_call lib/event.c:1995
sonic-net#2 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
sonic-net#3 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
sonic-net#4 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
sonic-net#5 0x55ad42cf2b19 in _start (/usr/lib/frr/ospf6d+0x248b19)
0x613000035130 is located 48 bytes inside of 384-byte region [0x613000035100,0x613000035280)
freed by thread T0 here:
#0 0x7f57998d77a8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xde7a8)
sonic-net#1 0x55ad42e3b4b6 in qfree lib/memory.c:130
sonic-net#2 0x55ad42d5d049 in ospf6_neighbor_delete ospf6d/ospf6_neighbor.c:180
sonic-net#3 0x55ad42d1e1ea in interface_down ospf6d/ospf6_interface.c:930
sonic-net#4 0x55ad42ed7be4 in event_call lib/event.c:1995
sonic-net#5 0x55ad42ed84fe in _event_execute lib/event.c:2086
sonic-net#6 0x55ad42d26d7b in ospf6_interface_clear ospf6d/ospf6_interface.c:2847
sonic-net#7 0x55ad42d73f16 in ospf6_process_reset ospf6d/ospf6_top.c:755
sonic-net#8 0x55ad42d7e98c in clear_router_ospf6_magic ospf6d/ospf6_top.c:778
sonic-net#9 0x55ad42d7e98c in clear_router_ospf6 ospf6d/ospf6_top_clippy.c:42
sonic-net#10 0x55ad42dc2665 in cmd_execute_command_real lib/command.c:994
sonic-net#11 0x55ad42dc2b32 in cmd_execute_command lib/command.c:1053
sonic-net#12 0x55ad42dc2fa9 in cmd_execute lib/command.c:1221
sonic-net#13 0x55ad42ee3cd6 in vty_command lib/vty.c:591
sonic-net#14 0x55ad42ee4170 in vty_execute lib/vty.c:1354
sonic-net#15 0x55ad42eec94f in vtysh_read lib/vty.c:2362
sonic-net#16 0x55ad42ed7be4 in event_call lib/event.c:1995
sonic-net#17 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
sonic-net#18 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
sonic-net#19 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
previously allocated by thread T0 here:
#0 0x7f57998d7d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x55ad42e3ab22 in qcalloc lib/memory.c:105
sonic-net#2 0x55ad42d5c8ff in ospf6_neighbor_create ospf6d/ospf6_neighbor.c:119
sonic-net#3 0x55ad42d4c86a in ospf6_hello_recv ospf6d/ospf6_message.c:464
sonic-net#4 0x55ad42d4c86a in ospf6_read_helper ospf6d/ospf6_message.c:1884
sonic-net#5 0x55ad42d4c86a in ospf6_receive ospf6d/ospf6_message.c:1925
sonic-net#6 0x55ad42ed7be4 in event_call lib/event.c:1995
sonic-net#7 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
sonic-net#8 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
sonic-net#9 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Add an actual event pointer and just track it appropriately.
Signed-off-by: Donald Sharp <[email protected]>
marcosfsch
pushed a commit
to marcosfsch/sonic-frr
that referenced
this pull request
Jan 30, 2024
In the function ospf_lsa_translated_nssa_new the newly created lsa is lock however, the return lsa from ospf_lsa_new already has a lock. Therefore removing the addition lock resolve the leak below.
ospf_basic_functionality.test_ospf_nssa#r3.asan.ospfd.5456
=================================================================
==5456==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 640 byte(s) in 5 object(s) allocated from:
#0 0x7f294f354a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
sonic-net#1 0x7f294eeed562 in qcalloc ../lib/memory.c:105
sonic-net#2 0x561a16004f60 in ospf_lsa_new ../ospfd/ospf_lsa.c:186
sonic-net#3 0x561a160051a1 in ospf_lsa_new_and_data ../ospfd/ospf_lsa.c:205
sonic-net#4 0x561a1600f21d in ospf_exnl_lsa_prepare_and_flood ../ospfd/ospf_lsa.c:1762
sonic-net#5 0x561a1600fd71 in ospf_external_lsa_new ../ospfd/ospf_lsa.c:1863
sonic-net#6 0x561a160107d7 in ospf_lsa_translated_nssa_new ../ospfd/ospf_lsa.c:1985
sonic-net#7 0x561a16011cfb in ospf_translated_nssa_refresh ../ospfd/ospf_lsa.c:2152
sonic-net#8 0x561a16014bb2 in ospf_external_lsa_install ../ospfd/ospf_lsa.c:2871
sonic-net#9 0x561a1601596b in ospf_lsa_install ../ospfd/ospf_lsa.c:3076
sonic-net#10 0x561a16168b3c in ospf_flood ../ospfd/ospf_flood.c:482
sonic-net#11 0x561a160462f8 in ospf_ls_upd ../ospfd/ospf_packet.c:2115
sonic-net#12 0x561a1604c66c in ospf_read_helper ../ospfd/ospf_packet.c:3198
sonic-net#13 0x561a1604c88e in ospf_read ../ospfd/ospf_packet.c:3229
sonic-net#14 0x7f294efd6c33 in event_call ../lib/event.c:1995
sonic-net#15 0x7f294eec134a in frr_run ../lib/libfrr.c:1213
sonic-net#16 0x561a15fd3b6d in main ../ospfd/ospf_main.c:249
sonic-net#17 0x7f294e998d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Objects leaked above:
0x60c000062800 (128 bytes)
0x60c000062c80 (128 bytes)
0x60c0000631c0 (128 bytes)
0x60c000063700 (128 bytes)
0x60c000063d00 (128 bytes)
Direct leak of 640 byte(s) in 5 object(s) allocated from:
#0 0x7f294f354a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
sonic-net#1 0x7f294eeed562 in qcalloc ../lib/memory.c:105
sonic-net#2 0x561a16004f60 in ospf_lsa_new ../ospfd/ospf_lsa.c:186
sonic-net#3 0x561a160051a1 in ospf_lsa_new_and_data ../ospfd/ospf_lsa.c:205
sonic-net#4 0x561a1600f21d in ospf_exnl_lsa_prepare_and_flood ../ospfd/ospf_lsa.c:1762
sonic-net#5 0x561a1600fd71 in ospf_external_lsa_new ../ospfd/ospf_lsa.c:1863
sonic-net#6 0x561a160107d7 in ospf_lsa_translated_nssa_new ../ospfd/ospf_lsa.c:1985
sonic-net#7 0x561a16010e10 in ospf_translated_nssa_originate ../ospfd/ospf_lsa.c:2034
sonic-net#8 0x561a16136559 in ospf_abr_translate_nssa ../ospfd/ospf_abr.c:668
sonic-net#9 0x561a161383da in ospf_abr_process_nssa_translates ../ospfd/ospf_abr.c:968
sonic-net#10 0x561a1613f9b8 in ospf_abr_nssa_task ../ospfd/ospf_abr.c:2054
sonic-net#11 0x561a161402e5 in ospf_abr_task_timer ../ospfd/ospf_abr.c:2168
sonic-net#12 0x7f294efd6c33 in event_call ../lib/event.c:1995
sonic-net#13 0x7f294eec134a in frr_run ../lib/libfrr.c:1213
sonic-net#14 0x561a15fd3b6d in main ../ospfd/ospf_main.c:249
sonic-net#15 0x7f294e998d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Objects leaked above:
0x60c00003e380 (128 bytes)
0x60c00003e740 (128 bytes)
0x60c00003eb00 (128 bytes)
0x60c00005fd40 (128 bytes)
0x60c00005ff80 (128 bytes)
Indirect leak of 180 byte(s) in 5 object(s) allocated from:
#0 0x7f294f354a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
sonic-net#1 0x7f294eeed562 in qcalloc ../lib/memory.c:105
sonic-net#2 0x561a16005a43 in ospf_lsa_data_new ../ospfd/ospf_lsa.c:296
sonic-net#3 0x561a160051b1 in ospf_lsa_new_and_data ../ospfd/ospf_lsa.c:206
sonic-net#4 0x561a1600f21d in ospf_exnl_lsa_prepare_and_flood ../ospfd/ospf_lsa.c:1762
sonic-net#5 0x561a1600fd71 in ospf_external_lsa_new ../ospfd/ospf_lsa.c:1863
sonic-net#6 0x561a160107d7 in ospf_lsa_translated_nssa_new ../ospfd/ospf_lsa.c:1985
sonic-net#7 0x561a16011cfb in ospf_translated_nssa_refresh ../ospfd/ospf_lsa.c:2152
sonic-net#8 0x561a16014bb2 in ospf_external_lsa_install ../ospfd/ospf_lsa.c:2871
sonic-net#9 0x561a1601596b in ospf_lsa_install ../ospfd/ospf_lsa.c:3076
sonic-net#10 0x561a16168b3c in ospf_flood ../ospfd/ospf_flood.c:482
sonic-net#11 0x561a160462f8 in ospf_ls_upd ../ospfd/ospf_packet.c:2115
sonic-net#12 0x561a1604c66c in ospf_read_helper ../ospfd/ospf_packet.c:3198
sonic-net#13 0x561a1604c88e in ospf_read ../ospfd/ospf_packet.c:3229
sonic-net#14 0x7f294efd6c33 in event_call ../lib/event.c:1995
sonic-net#15 0x7f294eec134a in frr_run ../lib/libfrr.c:1213
sonic-net#16 0x561a15fd3b6d in main ../ospfd/ospf_main.c:249
sonic-net#17 0x7f294e998d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Objects leaked above:
0x60400003f890 (36 bytes)
0x60400003f990 (36 bytes)
0x60400003fa50 (36 bytes)
0x60400003fb10 (36 bytes)
0x60400003fbd0 (36 bytes)
Indirect leak of 180 byte(s) in 5 object(s) allocated from:
#0 0x7f294f354a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
sonic-net#1 0x7f294eeed562 in qcalloc ../lib/memory.c:105
sonic-net#2 0x561a16005a43 in ospf_lsa_data_new ../ospfd/ospf_lsa.c:296
sonic-net#3 0x561a160051b1 in ospf_lsa_new_and_data ../ospfd/ospf_lsa.c:206
sonic-net#4 0x561a1600f21d in ospf_exnl_lsa_prepare_and_flood ../ospfd/ospf_lsa.c:1762
sonic-net#5 0x561a1600fd71 in ospf_external_lsa_new ../ospfd/ospf_lsa.c:1863
sonic-net#6 0x561a160107d7 in ospf_lsa_translated_nssa_new ../ospfd/ospf_lsa.c:1985
sonic-net#7 0x561a16010e10 in ospf_translated_nssa_originate ../ospfd/ospf_lsa.c:2034
sonic-net#8 0x561a16136559 in ospf_abr_translate_nssa ../ospfd/ospf_abr.c:668
sonic-net#9 0x561a161383da in ospf_abr_process_nssa_translates ../ospfd/ospf_abr.c:968
sonic-net#10 0x561a1613f9b8 in ospf_abr_nssa_task ../ospfd/ospf_abr.c:2054
sonic-net#11 0x561a161402e5 in ospf_abr_task_timer ../ospfd/ospf_abr.c:2168
sonic-net#12 0x7f294efd6c33 in event_call ../lib/event.c:1995
sonic-net#13 0x7f294eec134a in frr_run ../lib/libfrr.c:1213
sonic-net#14 0x561a15fd3b6d in main ../ospfd/ospf_main.c:249
sonic-net#15 0x7f294e998d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Objects leaked above:
0x60400003c6d0 (36 bytes)
0x60400003c790 (36 bytes)
0x60400003c810 (36 bytes)
0x60400003c890 (36 bytes)
0x60400003c910 (36 bytes)
SUMMARY: AddressSanitizer: 1640 byte(s) leaked in 20 allocation(s).
Signed-off-by: ryndia <[email protected]>
marcosfsch
pushed a commit
to marcosfsch/sonic-frr
that referenced
this pull request
Jan 30, 2024
This commit ensures proper cleanup by clearing the `algo->pdst` pointer if it points to a path that is being deleted.
It addresses memory leaks by freeing memory held by `algo->pdst` that might not have been released during the cleanup of processed paths.
The ASan leak log for reference:
```
Direct leak of 96 byte(s) in 1 object(s) allocated from:
#0 0x7fbffcec9a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
sonic-net#1 0x7fbffca67a81 in qcalloc ../lib/memory.c:105
sonic-net#2 0x7fbffc9d1a54 in cpath_new ../lib/cspf.c:44
sonic-net#3 0x7fbffc9d2829 in cspf_init ../lib/cspf.c:256
sonic-net#4 0x7fbffc9d295d in cspf_init_v4 ../lib/cspf.c:287
sonic-net#5 0x5601dcd34d3f in show_sharp_cspf_magic ../sharpd/sharp_vty.c:1262
sonic-net#6 0x5601dcd2c2be in show_sharp_cspf sharpd/sharp_vty_clippy.c:1869
sonic-net#7 0x7fbffc9afd61 in cmd_execute_command_real ../lib/command.c:993
sonic-net#8 0x7fbffc9b00ee in cmd_execute_command ../lib/command.c:1052
sonic-net#9 0x7fbffc9b0dc0 in cmd_execute ../lib/command.c:1218
sonic-net#10 0x7fbffcb611c7 in vty_command ../lib/vty.c:591
sonic-net#11 0x7fbffcb660ac in vty_execute ../lib/vty.c:1354
sonic-net#12 0x7fbffcb6c4aa in vtysh_read ../lib/vty.c:2362
sonic-net#13 0x7fbffcb51324 in event_call ../lib/event.c:1979
sonic-net#14 0x7fbffca3b872 in frr_run ../lib/libfrr.c:1213
sonic-net#15 0x5601dcd11c6f in main ../sharpd/sharp_main.c:177
sonic-net#16 0x7fbffc5ffd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Indirect leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x7fbffcec9a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
sonic-net#1 0x7fbffca67a81 in qcalloc ../lib/memory.c:105
sonic-net#2 0x7fbffca3c108 in list_new ../lib/linklist.c:49
sonic-net#3 0x7fbffc9d1acc in cpath_new ../lib/cspf.c:47
sonic-net#4 0x7fbffc9d2829 in cspf_init ../lib/cspf.c:256
sonic-net#5 0x7fbffc9d295d in cspf_init_v4 ../lib/cspf.c:287
sonic-net#6 0x5601dcd34d3f in show_sharp_cspf_magic ../sharpd/sharp_vty.c:1262
sonic-net#7 0x5601dcd2c2be in show_sharp_cspf sharpd/sharp_vty_clippy.c:1869
sonic-net#8 0x7fbffc9afd61 in cmd_execute_command_real ../lib/command.c:993
sonic-net#9 0x7fbffc9b00ee in cmd_execute_command ../lib/command.c:1052
sonic-net#10 0x7fbffc9b0dc0 in cmd_execute ../lib/command.c:1218
sonic-net#11 0x7fbffcb611c7 in vty_command ../lib/vty.c:591
sonic-net#12 0x7fbffcb660ac in vty_execute ../lib/vty.c:1354
sonic-net#13 0x7fbffcb6c4aa in vtysh_read ../lib/vty.c:2362
sonic-net#14 0x7fbffcb51324 in event_call ../lib/event.c:1979
sonic-net#15 0x7fbffca3b872 in frr_run ../lib/libfrr.c:1213
sonic-net#16 0x5601dcd11c6f in main ../sharpd/sharp_main.c:177
sonic-net#17 0x7fbffc5ffd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
```
Signed-off-by: Keelan Cannoo <[email protected]>
marcosfsch
pushed a commit
to marcosfsch/sonic-frr
that referenced
this pull request
Jan 30, 2024
The shallow copy of attr wasn't freed when there was no valid label for the momentand the function return therefore creating leaks. The leak below are solved by flushing the shallow copy of attr.
Address Sanitizer Error detected in bgp_vpnv6_per_nexthop_label.test_bgp_vpnv6_per_nexthop_label/r1.asan.bgpd.13409
=================================================================
==13409==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 280 byte(s) in 7 object(s) allocated from:
#0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x5623b89beabc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x5623b89beabc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
sonic-net#7 0x5623b89beabc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
sonic-net#8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
sonic-net#9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
sonic-net#10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
sonic-net#11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
sonic-net#12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
sonic-net#13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
sonic-net#14 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#16 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 280 byte(s) in 7 object(s) allocated from:
#0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b892e86d in bgp_update bgpd/bgp_route.c:4969
sonic-net#5 0x5623b893134d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
sonic-net#6 0x5623b88e2a0e in bgp_nlri_parse bgpd/bgp_packet.c:341
sonic-net#7 0x5623b88e4f7c in bgp_update_receive bgpd/bgp_packet.c:2220
sonic-net#8 0x5623b88f0474 in bgp_process_packet bgpd/bgp_packet.c:3386
sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 280 byte(s) in 7 object(s) allocated from:
#0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x5623b89bdebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x5623b89bdebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
sonic-net#7 0x5623b89bdebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
sonic-net#8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
sonic-net#9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
sonic-net#10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
sonic-net#11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
sonic-net#12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
sonic-net#13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
sonic-net#14 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#16 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 240 byte(s) in 6 object(s) allocated from:
#0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b88dc289 in evaluate_paths bgpd/bgp_nht.c:1384
sonic-net#5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
sonic-net#6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
sonic-net#7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
sonic-net#8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 120 byte(s) in 3 object(s) allocated from:
#0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b893a406 in bgp_redistribute_add bgpd/bgp_route.c:8692
sonic-net#5 0x5623b8a02b3b in zebra_read_route bgpd/bgp_zebra.c:595
sonic-net#6 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
sonic-net#7 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#8 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#9 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#10 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 80 byte(s) in 2 object(s) allocated from:
#0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b88dc188 in evaluate_paths bgpd/bgp_nht.c:1348
sonic-net#5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
sonic-net#6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
sonic-net#7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
sonic-net#8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 56 byte(s) in 7 object(s) allocated from:
#0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x5623b89beabc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x5623b89beabc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
sonic-net#7 0x5623b89beabc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
sonic-net#8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
sonic-net#9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
sonic-net#10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
sonic-net#11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
sonic-net#12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
sonic-net#13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
sonic-net#14 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#16 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 56 byte(s) in 7 object(s) allocated from:
#0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b892e86d in bgp_update bgpd/bgp_route.c:4969
sonic-net#5 0x5623b893134d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
sonic-net#6 0x5623b88e2a0e in bgp_nlri_parse bgpd/bgp_packet.c:341
sonic-net#7 0x5623b88e4f7c in bgp_update_receive bgpd/bgp_packet.c:2220
sonic-net#8 0x5623b88f0474 in bgp_process_packet bgpd/bgp_packet.c:3386
sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 56 byte(s) in 7 object(s) allocated from:
#0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x5623b89bdebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x5623b89bdebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
sonic-net#7 0x5623b89bdebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
sonic-net#8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
sonic-net#9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
sonic-net#10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
sonic-net#11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
sonic-net#12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
sonic-net#13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
sonic-net#14 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#16 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 48 byte(s) in 6 object(s) allocated from:
#0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b88dc289 in evaluate_paths bgpd/bgp_nht.c:1384
sonic-net#5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
sonic-net#6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
sonic-net#7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
sonic-net#8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 24 byte(s) in 3 object(s) allocated from:
#0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b893a406 in bgp_redistribute_add bgpd/bgp_route.c:8692
sonic-net#5 0x5623b8a02b3b in zebra_read_route bgpd/bgp_zebra.c:595
sonic-net#6 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
sonic-net#7 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#8 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#9 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#10 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 16 byte(s) in 2 object(s) allocated from:
#0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x5623b88dc188 in evaluate_paths bgpd/bgp_nht.c:1348
sonic-net#5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
sonic-net#6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
sonic-net#7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
sonic-net#8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
SUMMARY: AddressSanitizer: 1536 byte(s) leaked in 64 allocation(s).
***********************************************************************************
Address Sanitizer Error detected in bgp_vpnv4_per_nexthop_label.test_bgp_vpnv4_per_nexthop_label/r1.asan.bgpd.10610
=================================================================
==10610==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 280 byte(s) in 7 object(s) allocated from:
#0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9c4686d in bgp_update bgpd/bgp_route.c:4969
sonic-net#5 0x55cdc9c4934d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
sonic-net#6 0x55cdc9bfaa0e in bgp_nlri_parse bgpd/bgp_packet.c:341
sonic-net#7 0x55cdc9bfcf7c in bgp_update_receive bgpd/bgp_packet.c:2220
sonic-net#8 0x55cdc9c08474 in bgp_process_packet bgpd/bgp_packet.c:3386
sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 280 byte(s) in 7 object(s) allocated from:
#0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x55cdc9cd6abc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
sonic-net#7 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
sonic-net#8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
sonic-net#9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
sonic-net#10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
sonic-net#11 0x7f81fc007e20 in vty_command lib/vty.c:591
sonic-net#12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
sonic-net#13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
sonic-net#14 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#16 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 280 byte(s) in 7 object(s) allocated from:
#0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x55cdc9cd5ebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x55cdc9cd5ebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
sonic-net#7 0x55cdc9cd5ebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
sonic-net#8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
sonic-net#9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
sonic-net#10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
sonic-net#11 0x7f81fc007e20 in vty_command lib/vty.c:591
sonic-net#12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
sonic-net#13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
sonic-net#14 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#16 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 240 byte(s) in 6 object(s) allocated from:
#0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bf4289 in evaluate_paths bgpd/bgp_nht.c:1384
sonic-net#5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
sonic-net#6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
sonic-net#7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
sonic-net#8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 80 byte(s) in 2 object(s) allocated from:
#0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bf4188 in evaluate_paths bgpd/bgp_nht.c:1348
sonic-net#5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
sonic-net#6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
sonic-net#7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
sonic-net#8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 80 byte(s) in 2 object(s) allocated from:
#0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x55cdc9bdafd5 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x55cdc9bdafd5 in vpn_leak_label_callback bgpd/bgp_mplsvpn.c:581
sonic-net#7 0x55cdc9bb2606 in lp_cbq_docallback bgpd/bgp_labelpool.c:118
sonic-net#8 0x7f81fc0164b5 in work_queue_run lib/workqueue.c:266
sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9c52406 in bgp_redistribute_add bgpd/bgp_route.c:8692
sonic-net#5 0x55cdc9d1ab3b in zebra_read_route bgpd/bgp_zebra.c:595
sonic-net#6 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
sonic-net#7 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#8 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#9 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#10 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 56 byte(s) in 7 object(s) allocated from:
#0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x55cdc9cd6abc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
sonic-net#7 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
sonic-net#8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
sonic-net#9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
sonic-net#10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
sonic-net#11 0x7f81fc007e20 in vty_command lib/vty.c:591
sonic-net#12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
sonic-net#13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
sonic-net#14 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#16 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 56 byte(s) in 7 object(s) allocated from:
#0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x55cdc9cd5ebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x55cdc9cd5ebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
sonic-net#7 0x55cdc9cd5ebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
sonic-net#8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
sonic-net#9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
sonic-net#10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
sonic-net#11 0x7f81fc007e20 in vty_command lib/vty.c:591
sonic-net#12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
sonic-net#13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
sonic-net#14 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#16 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 56 byte(s) in 7 object(s) allocated from:
#0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9c4686d in bgp_update bgpd/bgp_route.c:4969
sonic-net#5 0x55cdc9c4934d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
sonic-net#6 0x55cdc9bfaa0e in bgp_nlri_parse bgpd/bgp_packet.c:341
sonic-net#7 0x55cdc9bfcf7c in bgp_update_receive bgpd/bgp_packet.c:2220
sonic-net#8 0x55cdc9c08474 in bgp_process_packet bgpd/bgp_packet.c:3386
sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 48 byte(s) in 6 object(s) allocated from:
#0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bf4289 in evaluate_paths bgpd/bgp_nht.c:1384
sonic-net#5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
sonic-net#6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
sonic-net#7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
sonic-net#8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 16 byte(s) in 2 object(s) allocated from:
#0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bf4188 in evaluate_paths bgpd/bgp_nht.c:1348
sonic-net#5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
sonic-net#6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
sonic-net#7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
sonic-net#8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 16 byte(s) in 2 object(s) allocated from:
#0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
sonic-net#5 0x55cdc9bdafd5 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
sonic-net#6 0x55cdc9bdafd5 in vpn_leak_label_callback bgpd/bgp_mplsvpn.c:581
sonic-net#7 0x55cdc9bb2606 in lp_cbq_docallback bgpd/bgp_labelpool.c:118
sonic-net#8 0x7f81fc0164b5 in work_queue_run lib/workqueue.c:266
sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Indirect leak of 8 byte(s) in 1 object(s) allocated from:
#0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
sonic-net#4 0x55cdc9c52406 in bgp_redistribute_add bgpd/bgp_route.c:8692
sonic-net#5 0x55cdc9d1ab3b in zebra_read_route bgpd/bgp_zebra.c:595
sonic-net#6 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
sonic-net#7 0x7f81fbffbb8f in event_call lib/event.c:1969
sonic-net#8 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
sonic-net#9 0x55cdc9af854b in main bgpd/bgp_main.c:510
sonic-net#10 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
SUMMARY: AddressSanitizer: 1536 byte(s) leaked in 64 allocation(s).
***********************************************************************************
Signed-off-by: ryndia <[email protected]>
(cherry picked from commit 78b6cad)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When graceful-retart is enabled, trigger graceful restart capability in
BGP capability message, so that neighbors with dynamic capability support
can update graceful restart status, including forwarding state bit for each
address-family without resetting adjacency.