frr icon indicating copy to clipboard operation
frr copied to clipboard

Published 20 hours ago verified publisher icon FRRouting

Memory leak in route-map aspath exclude list => aspath_dup()

Open pguibert6WIND opened this issue 9 months ago • 0 comments

Description

Memory leak detected when using address sanitizer and the bgp_set_aspath_exclude topotest.

Version

master

The problem is due to 
https://github.com/FRRouting/frr/blob/master/bgpd/bgp_routemap.c#L2403

never being released.

How to reproduce

python3 test_bgp_set_aspath_exclude.py -vs

Expected behavior

no memleak

Actual behavior

root@ubuntu2204:~/frr# cat /tmp/topotests/bgp_set_aspath_exclude.test_bgp_set_aspath_exclude/r1.asan.bgpd.1724635

================================================================= ==1724635==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 120 byte(s) in 3 object(s) allocated from: #0 0x7f00a820ba57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154 #1 0x7f00a7d6d0ac in qcalloc lib/memory.c:105 #2 0x564833a23655 in aspath_dup bgpd/bgp_aspath.c:689 #3 0x5648338113fa in route_set_aspath_exclude bgpd/bgp_routemap.c:2403 #4 0x7f00a7e05b2c in route_map_apply_ext lib/routemap.c:2668 #5 0x5648337ac18b in bgp_input_modifier bgpd/bgp_route.c:1886 #6 0x5648337bd84b in bgp_update bgpd/bgp_route.c:4731 #7 0x5648337c75ef in bgp_nlri_parse_ip bgpd/bgp_route.c:6575 #8 0x564833761b7a in bgp_nlri_parse bgpd/bgp_packet.c:342 #9 0x56483376ebdf in bgp_update_receive bgpd/bgp_packet.c:2453 #10 0x56483377bc5e in bgp_process_packet bgpd/bgp_packet.c:4025 #11 0x7f00a7e6d551 in event_call lib/event.c:2011 #12 0x7f00a7d4074b in frr_run lib/libfrr.c:1217 #13 0x5648336055ca in main bgpd/bgp_main.c:545 #14 0x7f00a76ced8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 72 byte(s) in 3 object(s) allocated from: #0 0x7f00a820ba57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154 #1 0x7f00a7d6d0ac in qcalloc lib/memory.c:105 #2 0x564833a2057c in assegment_new bgpd/bgp_aspath.c:105 #3 0x564833a207c4 in assegment_dup bgpd/bgp_aspath.c:145 #4 0x564833a208f3 in assegment_dup_all bgpd/bgp_aspath.c:162 #5 0x564833a236cc in aspath_dup bgpd/bgp_aspath.c:693 #6 0x5648338113fa in route_set_aspath_exclude bgpd/bgp_routemap.c:2403 #7 0x7f00a7e05b2c in route_map_apply_ext lib/routemap.c:2668 #8 0x5648337ac18b in bgp_input_modifier bgpd/bgp_route.c:1886 #9 0x5648337bd84b in bgp_update bgpd/bgp_route.c:4731 #10 0x5648337c75ef in bgp_nlri_parse_ip bgpd/bgp_route.c:6575 #11 0x564833761b7a in bgp_nlri_parse bgpd/bgp_packet.c:342 #12 0x56483376ebdf in bgp_update_receive bgpd/bgp_packet.c:2453 #13 0x56483377bc5e in bgp_process_packet bgpd/bgp_packet.c:4025 #14 0x7f00a7e6d551 in event_call lib/event.c:2011 #15 0x7f00a7d4074b in frr_run lib/libfrr.c:1217 #16 0x5648336055ca in main bgpd/bgp_main.c:545 #17 0x7f00a76ced8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 36 byte(s) in 3 object(s) allocated from: #0 0x7f00a820b887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x7f00a7d6d06f in qmalloc lib/memory.c:100 #2 0x564833a2374a in aspath_dup bgpd/bgp_aspath.c:698 #3 0x5648338113fa in route_set_aspath_exclude bgpd/bgp_routemap.c:2403 #4 0x7f00a7e05b2c in route_map_apply_ext lib/routemap.c:2668 #5 0x5648337ac18b in bgp_input_modifier bgpd/bgp_route.c:1886 #6 0x5648337bd84b in bgp_update bgpd/bgp_route.c:4731 #7 0x5648337c75ef in bgp_nlri_parse_ip bgpd/bgp_route.c:6575 #8 0x564833761b7a in bgp_nlri_parse bgpd/bgp_packet.c:342 #9 0x56483376ebdf in bgp_update_receive bgpd/bgp_packet.c:2453 #10 0x56483377bc5e in bgp_process_packet bgpd/bgp_packet.c:4025 #11 0x7f00a7e6d551 in event_call lib/event.c:2011 #12 0x7f00a7d4074b in frr_run lib/libfrr.c:1217 #13 0x5648336055ca in main bgpd/bgp_main.c:545 #14 0x7f00a76ced8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 24 byte(s) in 3 object(s) allocated from: #0 0x7f00a820b887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 #1 0x7f00a7d6d06f in qmalloc lib/memory.c:100 #2 0x564833a2051e in assegment_data_new bgpd/bgp_aspath.c:83 #3 0x564833a20592 in assegment_new bgpd/bgp_aspath.c:108 #4 0x564833a207c4 in assegment_dup bgpd/bgp_aspath.c:145 #5 0x564833a208f3 in assegment_dup_all bgpd/bgp_aspath.c:162 #6 0x564833a236cc in aspath_dup bgpd/bgp_aspath.c:693 #7 0x5648338113fa in route_set_aspath_exclude bgpd/bgp_routemap.c:2403 #8 0x7f00a7e05b2c in route_map_apply_ext lib/routemap.c:2668 #9 0x5648337ac18b in bgp_input_modifier bgpd/bgp_route.c:1886 #10 0x5648337bd84b in bgp_update bgpd/bgp_route.c:4731 #11 0x5648337c75ef in bgp_nlri_parse_ip bgpd/bgp_route.c:6575 #12 0x564833761b7a in bgp_nlri_parse bgpd/bgp_packet.c:342 #13 0x56483376ebdf in bgp_update_receive bgpd/bgp_packet.c:2453 #14 0x56483377bc5e in bgp_process_packet bgpd/bgp_packet.c:4025 #15 0x7f00a7e6d551 in event_call lib/event.c:2011 #16 0x7f00a7d4074b in frr_run lib/libfrr.c:1217 #17 0x5648336055ca in main bgpd/bgp_main.c:545 #18 0x7f00a76ced8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: 252 byte(s) leaked in 12 allocation(s).

Additional context

is not there a problem when [not] interning attr after attr->aspath changed?

Checklist

  • [X] I have searched the open issues for this bug.
  • [X] I have not included sensitive information in this report.

pguibert6WIND avatar Apr 25 '24 07:04 pguibert6WIND