Skip to content

[zebra_fpm]: FIX vrf master device index can't be larger than 255#15

Closed
tylerlinp wants to merge 1 commit intosonic-net:masterfrom
tylerlinp:master
Closed

[zebra_fpm]: FIX vrf master device index can't be larger than 255#15
tylerlinp wants to merge 1 commit intosonic-net:masterfrom
tylerlinp:master

Conversation

@tylerlinp
Copy link

@tylerlinp tylerlinp commented Jun 19, 2019

The existing Frr suite have a bug. When master device index is larger than 255 , index will be truncated to uchar. For vrf support we set master index to another data structure following netlink message definition.

@pavel-shirshov pavel-shirshov self-assigned this Jun 20, 2019
@pavel-shirshov
Copy link
Contributor

pavel-shirshov commented Jun 20, 2019

Is your patch is enough?
I see the FRR has more fixes for the bug: FRRouting/frr@6dfcd75

@tylerlinp
Copy link
Author

tylerlinp commented Jun 21, 2019

Is your patch is enough?
I see the FRR has more fixes for the bug: FRRouting/frr@6dfcd75

Yes, enough. Now vrf implementation depends on it.
In fact, FRR commit fills the real table_id, it is more consistent with netlink definitions.
But, my commit & origin fills the vrf_id to rtm_table, it is a fake table_id, vrf_id in FRR is just vrf ifindex in kernel.
At the beginning, I had modified it just like FRR commit except RT_TABLE_UNSPEC/RT_TABLE_COMPAT(linux kernel fills RT_TABLE_COMPAT if table >= 256, libnl doesn't check it). But then I found it is more convenient(in orchs no table_id) in SONiC if keep ifindex, so I reserve it.
The route table based table_id in linux kernel and based vrf_id in FRR. Actually linux can create multiple vrf device in same table. Maybe to maintain uniqueness vrf_id has certain rationality.

@preetham-singh
Copy link

preetham-singh commented Jul 25, 2019

rtm_table is set to RT_TABLE_COMPAT here for programming routes to FPMSYNCD.
Shouldnt same be done for programming route to kernel? I see that RT_TABLE_UNSPEC is used while programming to kernel. Would this cause inconsistency since these values are different and it might go to different tables when application has vrf in u8?
Also, as per FRR commit: FRRouting/frr#4365 , rtm_table is set to RT_TABLE_UNSPEC . If this can be consistent it would be helpful when this FRR fix is merged to SONiC.

@tylerlinp
Copy link
Author

tylerlinp commented Jul 25, 2019

rtm_table is set to RT_TABLE_COMPAT here for programming routes to FPMSYNCD.
Shouldnt same be done for programming route to kernel? I see that RT_TABLE_UNSPEC is used while programming to kernel. Would this cause inconsistency since these values are different and it might go to different tables when application has vrf in u8?
Also, as per FRR commit: FRRouting/frr#4365 , rtm_table is set to RT_TABLE_UNSPEC . If this can be consistent it would be helpful when this FRR fix is merged to SONiC.

Using RT_TABLE_COMPAT is because I consulted how linux kernel fill this. (rt_fill_info in net/ipv4/route.c)
Like you said, FRR fill netlink to kernel using RT_TABLE_UNSPEC. (netlink_route_multipath in zebra/rt_netlink.c)
In fact it doesn't matter, rtm_table will be overwrite by u32 data when parsing message.
Like this:
rt_table = rtm->rtm_table;
if (tb[RTA_TABLE])
rt_table = RTA_DATA(tb[RTA_TABLE]));

To keep consistency in FRR, it would be RT_TABLE_UNSPEC. But now frr#4365 cannot be merged to SONiC directly, just as above comment. It wouldn't be a good job even if redesign fpmsyncd to translate table_id.

@pavel-shirshov
Copy link
Contributor

pavel-shirshov commented Jul 30, 2019

Can we use this patch to incorporate for FRR master sources into branch 7.0?

@lguohan
Copy link

lguohan commented Jul 31, 2019

agree, it should be frr/7.0 branch.

@pavel-shirshov
Copy link
Contributor

pavel-shirshov commented Jul 31, 2019

We can add patches to sonic-frr in two ways:
Either make a PR for https://github.com/FRRouting/frr/tree/stable/7.0
Or add a patch as a .patch file into https://github.com/Azure/sonic-buildimage/tree/master/src/sonic-frr/patch

@shine4chen
Copy link

shine4chen commented Aug 2, 2019

@pavel-shirshov Sure, we will add a .patch file soon. At the same time we will submit a PR to FRR community.

@tylerlinp tylerlinp mentioned this pull request Aug 4, 2019
Merged
@prsunny
Copy link

prsunny commented Aug 6, 2019

Closing this in favor of sonic-net/sonic-buildimage#3280

@prsunny prsunny closed this Aug 6, 2019
@pavel-shirshov pavel-shirshov mentioned this pull request Nov 5, 2019
Merged
pavel-shirshov pushed a commit that referenced this pull request Nov 17, 2020
@donaldsharp
zebra: Fix use after free in debug path
947097e 
When zebra is running with debugs turned on there
is a use after free reported by the address sanitizer:

2020/10/16 12:58:02 ZEBRA: rib_delnode: (0:254):4.5.6.16/32: rn 0x60b000026f20, re 0x6080000131a0, removing
2020/10/16 12:58:02 ZEBRA: rib_meta_queue_add: (0:254):4.5.6.16/32: queued rn 0x60b000026f20 into sub-queue 3
=================================================================
==3101430==ERROR: AddressSanitizer: heap-use-after-free on address 0x608000011d28 at pc 0x555555705ab6 bp 0x7fffffffdab0 sp 0x7fffffffdaa8
READ of size 8 at 0x608000011d28 thread T0
    #0 0x555555705ab5 in re_list_const_first zebra/rib.h:222
    #1 0x555555705b54 in re_list_first zebra/rib.h:222
    #2 0x555555711a4f in process_subq_route zebra/zebra_rib.c:2248
    #3 0x555555711d2e in process_subq zebra/zebra_rib.c:2286
    #4 0x555555711ec7 in meta_queue_process zebra/zebra_rib.c:2320
    #5 0x7ffff74701f7 in work_queue_run lib/workqueue.c:291
    #6 0x7ffff7450e9c in thread_call lib/thread.c:1581
    #7 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
    #8 0x55555561a578 in main zebra/main.c:455
    #9 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
    #10 0x5555555e3429 in _start (/usr/lib/frr/zebra+0x8f429)
0x608000011d28 is located 8 bytes inside of 88-byte region [0x608000011d20,0x608000011d78)
freed by thread T0 here:
    #0 0x7ffff768bb6f in __interceptor_free (/lib/x86_64-linux-gnu/libasan.so.6+0xa9b6f)
    #1 0x7ffff739ccad in qfree lib/memory.c:129
    #2 0x555555709ee4 in rib_gc_dest zebra/zebra_rib.c:746
    #3 0x55555570ca76 in rib_process zebra/zebra_rib.c:1240
    #4 0x555555711a05 in process_subq_route zebra/zebra_rib.c:2245
    #5 0x555555711d2e in process_subq zebra/zebra_rib.c:2286
    #6 0x555555711ec7 in meta_queue_process zebra/zebra_rib.c:2320
    #7 0x7ffff74701f7 in work_queue_run lib/workqueue.c:291
    #8 0x7ffff7450e9c in thread_call lib/thread.c:1581
    #9 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
    #10 0x55555561a578 in main zebra/main.c:455
    #11 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
previously allocated by thread T0 here:
    #0 0x7ffff768c037 in calloc (/lib/x86_64-linux-gnu/libasan.so.6+0xaa037)
    #1 0x7ffff739cb98 in qcalloc lib/memory.c:110
    #2 0x555555712ace in zebra_rib_create_dest zebra/zebra_rib.c:2515
    #3 0x555555712c6c in rib_link zebra/zebra_rib.c:2576
    #4 0x555555712faa in rib_addnode zebra/zebra_rib.c:2607
    #5 0x555555715bf0 in rib_add_multipath_nhe zebra/zebra_rib.c:3012
    #6 0x555555715f56 in rib_add_multipath zebra/zebra_rib.c:3049
    #7 0x55555571788b in rib_add zebra/zebra_rib.c:3327
    #8 0x5555555e584a in connected_up zebra/connected.c:254
    #9 0x5555555e42ff in connected_announce zebra/connected.c:94
    #10 0x5555555e4fd3 in connected_update zebra/connected.c:195
    #11 0x5555555e61ad in connected_add_ipv4 zebra/connected.c:340
    #12 0x5555555f26f5 in netlink_interface_addr zebra/if_netlink.c:1213
    #13 0x55555560f756 in netlink_information_fetch zebra/kernel_netlink.c:350
    #14 0x555555612e49 in netlink_parse_info zebra/kernel_netlink.c:941
    #15 0x55555560f9f1 in kernel_read zebra/kernel_netlink.c:402
    #16 0x7ffff7450e9c in thread_call lib/thread.c:1581
    #17 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
    #18 0x55555561a578 in main zebra/main.c:455
    #19 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: heap-use-after-free zebra/rib.h:222 in re_list_const_first

This is happening because we are using the dest pointer after a call into
rib_gc_dest.  In process_subq_route, we call rib_process() and if the
dest is deleted dest pointer is now garbage.  We must reload the
dest pointer in this case.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
dgsudharsan pushed a commit to dgsudharsan/sonic-frr that referenced this pull request Jun 6, 2023
@donaldsharp
bgpd: Prevent use after free of peer structure
b242e73 
When changing the peers sockunion structure the bgp->peer
list was not being updated properly.  Since the peer's su
is being used for a sorted insert then the change of it requires
that the value be pulled out of the bgp->peer list and then
put back into as well.

Additionally ensure that the hash is always released on peer
deletion.

Lead to this from this decode in a address sanitizer run.

=================================================================
==30778==ERROR: AddressSanitizer: heap-use-after-free on address 0x62a0000d8440 at pc 0x7f48c9c5c547 bp 0x7ffcba272cb0 sp 0x7ffcba272ca8
READ of size 2 at 0x62a0000d8440 thread T0
    #0 0x7f48c9c5c546 in sockunion_same lib/sockunion.c:425
    sonic-net#1 0x55cfefe3000f in peer_hash_same bgpd/bgpd.c:890
    sonic-net#2 0x7f48c9bde039 in hash_release lib/hash.c:209
    sonic-net#3 0x55cfefe3373f in bgp_peer_conf_if_to_su_update bgpd/bgpd.c:1541
    sonic-net#4 0x55cfefd0be7a in bgp_stop bgpd/bgp_fsm.c:1631
    sonic-net#5 0x55cfefe4028f in peer_delete bgpd/bgpd.c:2362
    sonic-net#6 0x55cfefdd5e97 in no_neighbor_interface_config bgpd/bgp_vty.c:4267
    sonic-net#7 0x7f48c9b9d160 in cmd_execute_command_real lib/command.c:949
    sonic-net#8 0x7f48c9ba1112 in cmd_execute_command lib/command.c:1009
    sonic-net#9 0x7f48c9ba1573 in cmd_execute lib/command.c:1162
    sonic-net#10 0x7f48c9c87402 in vty_command lib/vty.c:526
    sonic-net#11 0x7f48c9c87832 in vty_execute lib/vty.c:1291
    sonic-net#12 0x7f48c9c8e741 in vtysh_read lib/vty.c:2130
    sonic-net#13 0x7f48c9c7a66d in thread_call lib/thread.c:1585
    sonic-net#14 0x7f48c9bf64e7 in frr_run lib/libfrr.c:1123
    sonic-net#15 0x55cfefc75a15 in main bgpd/bgp_main.c:540
    sonic-net#16 0x7f48c96b009a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
    sonic-net#17 0x55cfefc787f9 in _start (/usr/lib/frr/bgpd+0xe27f9)

0x62a0000d8440 is located 576 bytes inside of 23376-byte region [0x62a0000d8200,0x62a0000ddd50)
freed by thread T0 here:
    #0 0x7f48c9eb9fb0 in __interceptor_free (/lib/x86_64-linux-gnu/libasan.so.5+0xe8fb0)
    sonic-net#1 0x55cfefe3fe42 in peer_free bgpd/bgpd.c:1113
    sonic-net#2 0x55cfefe3fe42 in peer_unlock_with_caller bgpd/bgpd.c:1144
    sonic-net#3 0x55cfefe4092e in peer_delete bgpd/bgpd.c:2457
    sonic-net#4 0x55cfefdd5e97 in no_neighbor_interface_config bgpd/bgp_vty.c:4267
    sonic-net#5 0x7f48c9b9d160 in cmd_execute_command_real lib/command.c:949
    sonic-net#6 0x7f48c9ba1112 in cmd_execute_command lib/command.c:1009
    sonic-net#7 0x7f48c9ba1573 in cmd_execute lib/command.c:1162
    sonic-net#8 0x7f48c9c87402 in vty_command lib/vty.c:526
    sonic-net#9 0x7f48c9c87832 in vty_execute lib/vty.c:1291
    sonic-net#10 0x7f48c9c8e741 in vtysh_read lib/vty.c:2130
    sonic-net#11 0x7f48c9c7a66d in thread_call lib/thread.c:1585
    sonic-net#12 0x7f48c9bf64e7 in frr_run lib/libfrr.c:1123
    sonic-net#13 0x55cfefc75a15 in main bgpd/bgp_main.c:540
    sonic-net#14 0x7f48c96b009a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
dgsudharsan pushed a commit to dgsudharsan/sonic-frr that referenced this pull request Jun 6, 2023
bgpd: cleanup macip_path_list for remote macip
889360d 
ASAN reported the following memleak:
```
Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x4d4342 in calloc (/usr/lib/frr/bgpd+0x4d4342)
    sonic-net#1 0xbc3d68 in qcalloc /home/sharpd/frr8/lib/memory.c:116:27
    sonic-net#2 0xb869f7 in list_new /home/sharpd/frr8/lib/linklist.c:64:9
    sonic-net#3 0x5a38bc in bgp_evpn_remote_ip_hash_alloc /home/sharpd/frr8/bgpd/bgp_evpn.c:6789:24
    sonic-net#4 0xb358d3 in hash_get /home/sharpd/frr8/lib/hash.c:162:13
    sonic-net#5 0x593d39 in bgp_evpn_remote_ip_hash_add /home/sharpd/frr8/bgpd/bgp_evpn.c:6881:7
    sonic-net#6 0x59dbbd in install_evpn_route_entry_in_vni_common /home/sharpd/frr8/bgpd/bgp_evpn.c:3049:2
    sonic-net#7 0x59cfe0 in install_evpn_route_entry_in_vni_ip /home/sharpd/frr8/bgpd/bgp_evpn.c:3126:8
    sonic-net#8 0x59c6f0 in install_evpn_route_entry /home/sharpd/frr8/bgpd/bgp_evpn.c:3318:8
    sonic-net#9 0x59bb52 in install_uninstall_route_in_vnis /home/sharpd/frr8/bgpd/bgp_evpn.c:3888:10
    sonic-net#10 0x59b6d2 in bgp_evpn_install_uninstall_table /home/sharpd/frr8/bgpd/bgp_evpn.c:4019:5
    sonic-net#11 0x578857 in install_uninstall_evpn_route /home/sharpd/frr8/bgpd/bgp_evpn.c:4051:9
    sonic-net#12 0x58ada6 in bgp_evpn_import_route /home/sharpd/frr8/bgpd/bgp_evpn.c:6049:9
    sonic-net#13 0x713794 in bgp_update /home/sharpd/frr8/bgpd/bgp_route.c:4842:3
    sonic-net#14 0x583fa0 in process_type2_route /home/sharpd/frr8/bgpd/bgp_evpn.c:4518:9
    sonic-net#15 0x5824ba in bgp_nlri_parse_evpn /home/sharpd/frr8/bgpd/bgp_evpn.c:5732:8
    sonic-net#16 0x6ae6a2 in bgp_nlri_parse /home/sharpd/frr8/bgpd/bgp_packet.c:363:10
    sonic-net#17 0x6be6fa in bgp_update_receive /home/sharpd/frr8/bgpd/bgp_packet.c:2020:15
    sonic-net#18 0x6b7433 in bgp_process_packet /home/sharpd/frr8/bgpd/bgp_packet.c:2929:11
    sonic-net#19 0xd00146 in thread_call /home/sharpd/frr8/lib/thread.c:2006:2
```

The list itself was not being cleaned up when the final list entry was
removed, so make sure we do that instead of leaking memory.

Signed-off-by: Trey Aspelund <taspelund@nvidia.com>
dgsudharsan pushed a commit to dgsudharsan/sonic-frr that referenced this pull request Jun 6, 2023
@louis-6wind
bgpd: fix show bgp all with evpn
0adc5bb 
Fix crash on "show bgp all" when BGP EVPN is set.

> #0  raise (sig=11) at ../sysdeps/unix/sysv/linux/raise.c:50
> sonic-net#1  0x00007fdfe03cf53c in core_handler (signo=11, siginfo=0x7ffdebbffe30, context=0x7ffdebbffd00) at lib/sigevent.c:261
> sonic-net#2  <signal handler called>
> sonic-net#3  0x00000000004d4fec in bgp_attr_get_community (attr=0x41) at bgpd/bgp_attr.h:553
> sonic-net#4  0x00000000004eee84 in bgp_show_table (vty=0x1a790d0, bgp=0x19d0a00, safi=SAFI_EVPN, table=0x19f6010, type=bgp_show_type_normal, output_arg=0x0, rd=0x0, is_last=1, output_cum=0x0,
>     total_cum=0x0, json_header_depth=0x7ffdebc00bf8, show_flags=4, rpki_target_state=RPKI_NOT_BEING_USED) at bgpd/bgp_route.c:11329
> sonic-net#5  0x00000000004f7765 in bgp_show (vty=0x1a790d0, bgp=0x19d0a00, afi=AFI_L2VPN, safi=SAFI_EVPN, type=bgp_show_type_normal, output_arg=0x0, show_flags=4,
>     rpki_target_state=RPKI_NOT_BEING_USED) at bgpd/bgp_route.c:11814
> sonic-net#6  0x00000000004fb53b in show_ip_bgp_magic (self=0x6752b0 <show_ip_bgp_cmd>, vty=0x1a790d0, argc=3, argv=0x19cb050, viewvrfname=0x0, all=0x1395390 "all", aa_nn=0x0, community_list=0,
>     community_list_str=0x0, community_list_name=0x0, as_path_filter_name=0x0, prefix_list=0x0, accesslist_name=0x0, rmap_name=0x0, version=0, version_str=0x0, alias_name=0x0,
>     orr_group_name=0x0, detail_routes=0x0, uj=0x0, detail_json=0x0, wide=0x0) at bgpd/bgp_route.c:13040
> sonic-net#7  0x00000000004fa322 in show_ip_bgp (self=0x6752b0 <show_ip_bgp_cmd>, vty=0x1a790d0, argc=3, argv=0x19cb050) at ./bgpd/bgp_route_clippy.c:519
> sonic-net#8  0x00007fdfe033ccc8 in cmd_execute_command_real (vline=0x19c9300, filter=FILTER_RELAXED, vty=0x1a790d0, cmd=0x0, up_level=0) at lib/command.c:996
> sonic-net#9  0x00007fdfe033c739 in cmd_execute_command (vline=0x19c9300, vty=0x1a790d0, cmd=0x0, vtysh=0) at lib/command.c:1056
> sonic-net#10 0x00007fdfe033cdf5 in cmd_execute (vty=0x1a790d0, cmd=0x19c9eb0 "show bgp all", matched=0x0, vtysh=0) at lib/command.c:1223
> sonic-net#11 0x00007fdfe03f65c6 in vty_command (vty=0x1a790d0, buf=0x19c9eb0 "show bgp all") at lib/vty.c:486
> sonic-net#12 0x00007fdfe03f603b in vty_execute (vty=0x1a790d0) at lib/vty.c:1249
> sonic-net#13 0x00007fdfe03f533b in vtysh_read (thread=0x7ffdebc03838) at lib/vty.c:2148
> sonic-net#14 0x00007fdfe03e815d in thread_call (thread=0x7ffdebc03838) at lib/thread.c:2006
> sonic-net#15 0x00007fdfe0379b54 in frr_run (master=0x1246880) at lib/libfrr.c:1198
> sonic-net#16 0x000000000042b2a8 in main (argc=7, argv=0x7ffdebc03af8) at bgpd/bgp_main.c:520

Link: FRRouting/frr#12576
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
dgsudharsan pushed a commit to dgsudharsan/sonic-frr that referenced this pull request Jun 6, 2023
@donaldsharp @mergify
staticd: Tell bfd that we are shutting down
a46e6f8 
Prevent a use after free and tell the bfd subsystem
we are shutting down in staticd.

./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460:==2264460==ERROR: AddressSanitizer: heap-use-after-free on address 0x61f000004698 at pc 0x7f65d1eb11b2 bp 0x7ffdbface490 sp 0x7ffdbface488
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-READ of size 4 at 0x61f000004698 thread T0
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    #0 0x7f65d1eb11b1 in zclient_bfd_command lib/bfd.c:307
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#1 0x7f65d1eb20f5 in _bfd_sess_send lib/bfd.c:507
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#2 0x7f65d20510aa in thread_call lib/thread.c:1989
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#3 0x7f65d2051f0a in _thread_execute lib/thread.c:2081
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#4 0x7f65d1eb271b in _bfd_sess_remove lib/bfd.c:544
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#5 0x7f65d1eb278d in bfd_sess_free lib/bfd.c:553
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#6 0x7f65d1eb5400 in bfd_protocol_integration_finish lib/bfd.c:1029
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#7 0x7f65d1f42f77 in hook_call_frr_fini lib/libfrr.c:41
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#8 0x7f65d1f494a1 in frr_fini lib/libfrr.c:1199
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#9 0x563b7abefd76 in sigint staticd/static_main.c:70
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#10 0x7f65d200ef91 in frr_sigevent_process lib/sigevent.c:115
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#11 0x7f65d204fac6 in thread_fetch lib/thread.c:1758
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#12 0x7f65d1f49377 in frr_run lib/libfrr.c:1184
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#13 0x563b7abefed1 in main staticd/static_main.c:160
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#14 0x7f65d1b92d09 in __libc_start_main ../csu/libc-start.c:308
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-    sonic-net#15 0x563b7abefa99 in _start (/usr/lib/frr/staticd+0x15a99)
./bfd_topo3.test_bfd_topo3/r4.staticd.asan.2264460-

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 7a185ac)
dgsudharsan pushed a commit to dgsudharsan/sonic-frr that referenced this pull request Jun 6, 2023
@samanvithab @ton31337
bgpd : aggregate-address memory leak fix
3ed9af7 
Memory leaks are observed in the cleanup code. When “no router bgp" is executed,
cleanup in that flow for aggregate-address command is not taken care.

fixes the below leak:
    --
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444:Direct leak of 152 byte(s) in 1 object(s) allocated from:
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    #0 0x7f163e911037 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#1 0x7f163e4b9259 in qcalloc lib/memory.c:105
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#2 0x562bf42ebbd5 in bgp_aggregate_new bgpd/bgp_route.c:7239
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#3 0x562bf42f14e8 in bgp_aggregate_set bgpd/bgp_route.c:8421
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#4 0x562bf42f1e55 in aggregate_addressv6_magic bgpd/bgp_route.c:8592
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#5 0x562bf42be3f5 in aggregate_addressv6 bgpd/bgp_route_clippy.c:341
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#6 0x7f163e3f1e1b in cmd_execute_command_real lib/command.c:988
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#7 0x7f163e3f219c in cmd_execute_command lib/command.c:1048
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#8 0x7f163e3f2df4 in cmd_execute lib/command.c:1215
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#9 0x7f163e5a2d73 in vty_command lib/vty.c:544
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#10 0x7f163e5a79c8 in vty_execute lib/vty.c:1307
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#11 0x7f163e5ad299 in vtysh_read lib/vty.c:2216
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#12 0x7f163e593f16 in event_call lib/event.c:1995
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#13 0x7f163e47c839 in frr_run lib/libfrr.c:1185
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#14 0x562bf414e58d in main bgpd/bgp_main.c:505
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#15 0x7f163de66d09 in __libc_start_main ../csu/libc-start.c:308
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444:Direct leak of 152 byte(s) in 1 object(s) allocated from:
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    #0 0x7f163e911037 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#1 0x7f163e4b9259 in qcalloc lib/memory.c:105
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#2 0x562bf42ebbd5 in bgp_aggregate_new bgpd/bgp_route.c:7239
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#3 0x562bf42f14e8 in bgp_aggregate_set bgpd/bgp_route.c:8421
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#4 0x562bf42f1cde in aggregate_addressv4_magic bgpd/bgp_route.c:8543
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#5 0x562bf42bd258 in aggregate_addressv4 bgpd/bgp_route_clippy.c:255
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#6 0x7f163e3f1e1b in cmd_execute_command_real lib/command.c:988
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#7 0x7f163e3f219c in cmd_execute_command lib/command.c:1048
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#8 0x7f163e3f2df4 in cmd_execute lib/command.c:1215
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#9 0x7f163e5a2d73 in vty_command lib/vty.c:544
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#10 0x7f163e5a79c8 in vty_execute lib/vty.c:1307
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#11 0x7f163e5ad299 in vtysh_read lib/vty.c:2216
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#12 0x7f163e593f16 in event_call lib/event.c:1995
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#13 0x7f163e47c839 in frr_run lib/libfrr.c:1185
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#14 0x562bf414e58d in main bgpd/bgp_main.c:505
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-    sonic-net#15 0x7f163de66d09 in __libc_start_main ../csu/libc-start.c:308
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-
    ./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-SUMMARY: AddressSanitizer: 304 byte(s) leaked in 2 allocation(s).

Signed-off-by: Samanvitha B Bhargav <bsamanvitha@vmware.com>
(cherry picked from commit 7a70d99)
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@Keelan10
pimd: Fix memory leak in PIM interface deletion
24379f0 
This commit ensures proper cleanup by deleting the gm_join_list when a PIM interface is deleted. The gm_join_list was previously not being freed, causing a memory leak.

The ASan leak log for reference:
```
***********************************************************************************
Address Sanitizer Error detected in multicast_mld_join_topo1.test_multicast_mld_local_join/r1.asan.pim6d.28070

=================================================================
==28070==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
    sonic-net#2 0x56230372180f in list_new lib/linklist.c:49
    sonic-net#3 0x56230361b589 in pim_if_gm_join_add pimd/pim_iface.c:1313
    sonic-net#4 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
    sonic-net#5 0x562303767280 in nb_callback_create lib/northbound.c:1235
    sonic-net#6 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
    sonic-net#7 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
    sonic-net#8 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
    sonic-net#9 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
    sonic-net#10 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
    sonic-net#11 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
    sonic-net#12 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
    sonic-net#13 0x5623036c5f1b in cmd_execute_command lib/command.c:1053
    sonic-net#14 0x5623036c6392 in cmd_execute lib/command.c:1221
    sonic-net#15 0x5623037e75da in vty_command lib/vty.c:591
    sonic-net#16 0x5623037e7a74 in vty_execute lib/vty.c:1354
    sonic-net#17 0x5623037f0253 in vtysh_read lib/vty.c:2362
    sonic-net#18 0x5623037db4e8 in event_call lib/event.c:1995
    sonic-net#19 0x562303720f97 in frr_run lib/libfrr.c:1213
    sonic-net#20 0x56230368615d in main pimd/pim6_main.c:184
    sonic-net#21 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 192 byte(s) in 4 object(s) allocated from:
    #0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
    sonic-net#2 0x56230361b91d in gm_join_new pimd/pim_iface.c:1288
    sonic-net#3 0x56230361b91d in pim_if_gm_join_add pimd/pim_iface.c:1326
    sonic-net#4 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
    sonic-net#5 0x562303767280 in nb_callback_create lib/northbound.c:1235
    sonic-net#6 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
    sonic-net#7 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
    sonic-net#8 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
    sonic-net#9 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
    sonic-net#10 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
    sonic-net#11 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
    sonic-net#12 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
    sonic-net#13 0x5623036c5f1b in cmd_execute_command lib/command.c:1053
    sonic-net#14 0x5623036c6392 in cmd_execute lib/command.c:1221
    sonic-net#15 0x5623037e75da in vty_command lib/vty.c:591
    sonic-net#16 0x5623037e7a74 in vty_execute lib/vty.c:1354
    sonic-net#17 0x5623037f0253 in vtysh_read lib/vty.c:2362
    sonic-net#18 0x5623037db4e8 in event_call lib/event.c:1995
    sonic-net#19 0x562303720f97 in frr_run lib/libfrr.c:1213
    sonic-net#20 0x56230368615d in main pimd/pim6_main.c:184
    sonic-net#21 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 96 byte(s) in 4 object(s) allocated from:
    #0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
    sonic-net#2 0x562303721651 in listnode_new lib/linklist.c:71
    sonic-net#3 0x56230372182b in listnode_add lib/linklist.c:92
    sonic-net#4 0x56230361ba9a in gm_join_new pimd/pim_iface.c:1295
    sonic-net#5 0x56230361ba9a in pim_if_gm_join_add pimd/pim_iface.c:1326
    sonic-net#6 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
    sonic-net#7 0x562303767280 in nb_callback_create lib/northbound.c:1235
    sonic-net#8 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
    sonic-net#9 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
    sonic-net#10 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
    sonic-net#11 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
    sonic-net#12 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
    sonic-net#13 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
    sonic-net#14 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
    sonic-net#15 0x5623036c5f1b in cmd_execute_command lib/command.c:1053
    sonic-net#16 0x5623036c6392 in cmd_execute lib/command.c:1221
    sonic-net#17 0x5623037e75da in vty_command lib/vty.c:591
    sonic-net#18 0x5623037e7a74 in vty_execute lib/vty.c:1354
    sonic-net#19 0x5623037f0253 in vtysh_read lib/vty.c:2362
    sonic-net#20 0x5623037db4e8 in event_call lib/event.c:1995
    sonic-net#21 0x562303720f97 in frr_run lib/libfrr.c:1213
    sonic-net#22 0x56230368615d in main pimd/pim6_main.c:184
    sonic-net#23 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 1 object(s) allocated from:
    #0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
    sonic-net#2 0x56230361b91d in gm_join_new pimd/pim_iface.c:1288
    sonic-net#3 0x56230361b91d in pim_if_gm_join_add pimd/pim_iface.c:1326
    sonic-net#4 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
    sonic-net#5 0x562303767280 in nb_callback_create lib/northbound.c:1235
    sonic-net#6 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
    sonic-net#7 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
    sonic-net#8 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
    sonic-net#9 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
    sonic-net#10 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
    sonic-net#11 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
    sonic-net#12 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
    sonic-net#13 0x5623036c5f6f in cmd_execute_command lib/command.c:1072
    sonic-net#14 0x5623036c6392 in cmd_execute lib/command.c:1221
    sonic-net#15 0x5623037e75da in vty_command lib/vty.c:591
    sonic-net#16 0x5623037e7a74 in vty_execute lib/vty.c:1354
    sonic-net#17 0x5623037f0253 in vtysh_read lib/vty.c:2362
    sonic-net#18 0x5623037db4e8 in event_call lib/event.c:1995
    sonic-net#19 0x562303720f97 in frr_run lib/libfrr.c:1213
    sonic-net#20 0x56230368615d in main pimd/pim6_main.c:184
    sonic-net#21 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x7f3605dbfd28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x56230373dd6b in qcalloc lib/memory.c:105
    sonic-net#2 0x562303721651 in listnode_new lib/linklist.c:71
    sonic-net#3 0x56230372182b in listnode_add lib/linklist.c:92
    sonic-net#4 0x56230361ba9a in gm_join_new pimd/pim_iface.c:1295
    sonic-net#5 0x56230361ba9a in pim_if_gm_join_add pimd/pim_iface.c:1326
    sonic-net#6 0x562303642247 in lib_interface_gmp_address_family_static_group_create pimd/pim_nb_config.c:2868
    sonic-net#7 0x562303767280 in nb_callback_create lib/northbound.c:1235
    sonic-net#8 0x562303767280 in nb_callback_configuration lib/northbound.c:1579
    sonic-net#9 0x562303768a1d in nb_transaction_process lib/northbound.c:1710
    sonic-net#10 0x56230376904a in nb_candidate_commit_apply lib/northbound.c:1104
    sonic-net#11 0x5623037692ba in nb_candidate_commit lib/northbound.c:1137
    sonic-net#12 0x562303769dec in nb_cli_classic_commit lib/northbound_cli.c:49
    sonic-net#13 0x56230376fb79 in nb_cli_pending_commit_check lib/northbound_cli.c:88
    sonic-net#14 0x5623036c5bcb in cmd_execute_command_real lib/command.c:991
    sonic-net#15 0x5623036c5f6f in cmd_execute_command lib/command.c:1072
    sonic-net#16 0x5623036c6392 in cmd_execute lib/command.c:1221
    sonic-net#17 0x5623037e75da in vty_command lib/vty.c:591
    sonic-net#18 0x5623037e7a74 in vty_execute lib/vty.c:1354
    sonic-net#19 0x5623037f0253 in vtysh_read lib/vty.c:2362
    sonic-net#20 0x5623037db4e8 in event_call lib/event.c:1995
    sonic-net#21 0x562303720f97 in frr_run lib/libfrr.c:1213
    sonic-net#22 0x56230368615d in main pimd/pim6_main.c:184
    sonic-net#23 0x7f360461bc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 400 byte(s) leaked in 11 allocation(s).
***********************************************************************************
```

Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@donaldsharp
ospf6d: Fix crash because neighbor structure was freed
77e838e 
The loading_done event needs a event pointer to prevent
use after free's.  Testing found this:

    ERROR: AddressSanitizer: heap-use-after-free on address 0x613000035130 at pc 0x55ad42d54e5f bp 0x7ffff1e942a0 sp 0x7ffff1e94290
    READ of size 1 at 0x613000035130 thread T0
        #0 0x55ad42d54e5e in loading_done ospf6d/ospf6_neighbor.c:447
        sonic-net#1 0x55ad42ed7be4 in event_call lib/event.c:1995
        sonic-net#2 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
        sonic-net#3 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
        sonic-net#4 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
        sonic-net#5 0x55ad42cf2b19 in _start (/usr/lib/frr/ospf6d+0x248b19)

    0x613000035130 is located 48 bytes inside of 384-byte region [0x613000035100,0x613000035280)
    freed by thread T0 here:
        #0 0x7f57998d77a8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xde7a8)
        sonic-net#1 0x55ad42e3b4b6 in qfree lib/memory.c:130
        sonic-net#2 0x55ad42d5d049 in ospf6_neighbor_delete ospf6d/ospf6_neighbor.c:180
        sonic-net#3 0x55ad42d1e1ea in interface_down ospf6d/ospf6_interface.c:930
        sonic-net#4 0x55ad42ed7be4 in event_call lib/event.c:1995
        sonic-net#5 0x55ad42ed84fe in _event_execute lib/event.c:2086
        sonic-net#6 0x55ad42d26d7b in ospf6_interface_clear ospf6d/ospf6_interface.c:2847
        sonic-net#7 0x55ad42d73f16 in ospf6_process_reset ospf6d/ospf6_top.c:755
        sonic-net#8 0x55ad42d7e98c in clear_router_ospf6_magic ospf6d/ospf6_top.c:778
        sonic-net#9 0x55ad42d7e98c in clear_router_ospf6 ospf6d/ospf6_top_clippy.c:42
        sonic-net#10 0x55ad42dc2665 in cmd_execute_command_real lib/command.c:994
        sonic-net#11 0x55ad42dc2b32 in cmd_execute_command lib/command.c:1053
        sonic-net#12 0x55ad42dc2fa9 in cmd_execute lib/command.c:1221
        sonic-net#13 0x55ad42ee3cd6 in vty_command lib/vty.c:591
        sonic-net#14 0x55ad42ee4170 in vty_execute lib/vty.c:1354
        sonic-net#15 0x55ad42eec94f in vtysh_read lib/vty.c:2362
        sonic-net#16 0x55ad42ed7be4 in event_call lib/event.c:1995
        sonic-net#17 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
        sonic-net#18 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
        sonic-net#19 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

    previously allocated by thread T0 here:
        #0 0x7f57998d7d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
        sonic-net#1 0x55ad42e3ab22 in qcalloc lib/memory.c:105
        sonic-net#2 0x55ad42d5c8ff in ospf6_neighbor_create ospf6d/ospf6_neighbor.c:119
        sonic-net#3 0x55ad42d4c86a in ospf6_hello_recv ospf6d/ospf6_message.c:464
        sonic-net#4 0x55ad42d4c86a in ospf6_read_helper ospf6d/ospf6_message.c:1884
        sonic-net#5 0x55ad42d4c86a in ospf6_receive ospf6d/ospf6_message.c:1925
        sonic-net#6 0x55ad42ed7be4 in event_call lib/event.c:1995
        sonic-net#7 0x55ad42e1df75 in frr_run lib/libfrr.c:1213
        sonic-net#8 0x55ad42cf332e in main ospf6d/ospf6_main.c:250
        sonic-net#9 0x7f5798133c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Add an actual event pointer and just track it appropriately.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@ryndia
ospf: fix lsa leak
f0d1ea8 
In the function ospf_lsa_translated_nssa_new the newly created lsa is lock however, the return lsa from ospf_lsa_new already has a lock. Therefore removing the addition lock resolve the leak below.

ospf_basic_functionality.test_ospf_nssa#r3.asan.ospfd.5456

=================================================================
==5456==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 640 byte(s) in 5 object(s) allocated from:
    #0 0x7f294f354a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    sonic-net#1 0x7f294eeed562 in qcalloc ../lib/memory.c:105
    sonic-net#2 0x561a16004f60 in ospf_lsa_new ../ospfd/ospf_lsa.c:186
    sonic-net#3 0x561a160051a1 in ospf_lsa_new_and_data ../ospfd/ospf_lsa.c:205
    sonic-net#4 0x561a1600f21d in ospf_exnl_lsa_prepare_and_flood ../ospfd/ospf_lsa.c:1762
    sonic-net#5 0x561a1600fd71 in ospf_external_lsa_new ../ospfd/ospf_lsa.c:1863
    sonic-net#6 0x561a160107d7 in ospf_lsa_translated_nssa_new ../ospfd/ospf_lsa.c:1985
    sonic-net#7 0x561a16011cfb in ospf_translated_nssa_refresh ../ospfd/ospf_lsa.c:2152
    sonic-net#8 0x561a16014bb2 in ospf_external_lsa_install ../ospfd/ospf_lsa.c:2871
    sonic-net#9 0x561a1601596b in ospf_lsa_install ../ospfd/ospf_lsa.c:3076
    sonic-net#10 0x561a16168b3c in ospf_flood ../ospfd/ospf_flood.c:482
    sonic-net#11 0x561a160462f8 in ospf_ls_upd ../ospfd/ospf_packet.c:2115
    sonic-net#12 0x561a1604c66c in ospf_read_helper ../ospfd/ospf_packet.c:3198
    sonic-net#13 0x561a1604c88e in ospf_read ../ospfd/ospf_packet.c:3229
    sonic-net#14 0x7f294efd6c33 in event_call ../lib/event.c:1995
    sonic-net#15 0x7f294eec134a in frr_run ../lib/libfrr.c:1213
    sonic-net#16 0x561a15fd3b6d in main ../ospfd/ospf_main.c:249
    sonic-net#17 0x7f294e998d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Objects leaked above:
0x60c000062800 (128 bytes)
0x60c000062c80 (128 bytes)
0x60c0000631c0 (128 bytes)
0x60c000063700 (128 bytes)
0x60c000063d00 (128 bytes)

Direct leak of 640 byte(s) in 5 object(s) allocated from:
    #0 0x7f294f354a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    sonic-net#1 0x7f294eeed562 in qcalloc ../lib/memory.c:105
    sonic-net#2 0x561a16004f60 in ospf_lsa_new ../ospfd/ospf_lsa.c:186
    sonic-net#3 0x561a160051a1 in ospf_lsa_new_and_data ../ospfd/ospf_lsa.c:205
    sonic-net#4 0x561a1600f21d in ospf_exnl_lsa_prepare_and_flood ../ospfd/ospf_lsa.c:1762
    sonic-net#5 0x561a1600fd71 in ospf_external_lsa_new ../ospfd/ospf_lsa.c:1863
    sonic-net#6 0x561a160107d7 in ospf_lsa_translated_nssa_new ../ospfd/ospf_lsa.c:1985
    sonic-net#7 0x561a16010e10 in ospf_translated_nssa_originate ../ospfd/ospf_lsa.c:2034
    sonic-net#8 0x561a16136559 in ospf_abr_translate_nssa ../ospfd/ospf_abr.c:668
    sonic-net#9 0x561a161383da in ospf_abr_process_nssa_translates ../ospfd/ospf_abr.c:968
    sonic-net#10 0x561a1613f9b8 in ospf_abr_nssa_task ../ospfd/ospf_abr.c:2054
    sonic-net#11 0x561a161402e5 in ospf_abr_task_timer ../ospfd/ospf_abr.c:2168
    sonic-net#12 0x7f294efd6c33 in event_call ../lib/event.c:1995
    sonic-net#13 0x7f294eec134a in frr_run ../lib/libfrr.c:1213
    sonic-net#14 0x561a15fd3b6d in main ../ospfd/ospf_main.c:249
    sonic-net#15 0x7f294e998d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Objects leaked above:
0x60c00003e380 (128 bytes)
0x60c00003e740 (128 bytes)
0x60c00003eb00 (128 bytes)
0x60c00005fd40 (128 bytes)
0x60c00005ff80 (128 bytes)

Indirect leak of 180 byte(s) in 5 object(s) allocated from:
    #0 0x7f294f354a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    sonic-net#1 0x7f294eeed562 in qcalloc ../lib/memory.c:105
    sonic-net#2 0x561a16005a43 in ospf_lsa_data_new ../ospfd/ospf_lsa.c:296
    sonic-net#3 0x561a160051b1 in ospf_lsa_new_and_data ../ospfd/ospf_lsa.c:206
    sonic-net#4 0x561a1600f21d in ospf_exnl_lsa_prepare_and_flood ../ospfd/ospf_lsa.c:1762
    sonic-net#5 0x561a1600fd71 in ospf_external_lsa_new ../ospfd/ospf_lsa.c:1863
    sonic-net#6 0x561a160107d7 in ospf_lsa_translated_nssa_new ../ospfd/ospf_lsa.c:1985
    sonic-net#7 0x561a16011cfb in ospf_translated_nssa_refresh ../ospfd/ospf_lsa.c:2152
    sonic-net#8 0x561a16014bb2 in ospf_external_lsa_install ../ospfd/ospf_lsa.c:2871
    sonic-net#9 0x561a1601596b in ospf_lsa_install ../ospfd/ospf_lsa.c:3076
    sonic-net#10 0x561a16168b3c in ospf_flood ../ospfd/ospf_flood.c:482
    sonic-net#11 0x561a160462f8 in ospf_ls_upd ../ospfd/ospf_packet.c:2115
    sonic-net#12 0x561a1604c66c in ospf_read_helper ../ospfd/ospf_packet.c:3198
   sonic-net#13 0x561a1604c88e in ospf_read ../ospfd/ospf_packet.c:3229
    sonic-net#14 0x7f294efd6c33 in event_call ../lib/event.c:1995
    sonic-net#15 0x7f294eec134a in frr_run ../lib/libfrr.c:1213
    sonic-net#16 0x561a15fd3b6d in main ../ospfd/ospf_main.c:249
    sonic-net#17 0x7f294e998d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Objects leaked above:
0x60400003f890 (36 bytes)
0x60400003f990 (36 bytes)
0x60400003fa50 (36 bytes)
0x60400003fb10 (36 bytes)
0x60400003fbd0 (36 bytes)

Indirect leak of 180 byte(s) in 5 object(s) allocated from:
    #0 0x7f294f354a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    sonic-net#1 0x7f294eeed562 in qcalloc ../lib/memory.c:105
    sonic-net#2 0x561a16005a43 in ospf_lsa_data_new ../ospfd/ospf_lsa.c:296
    sonic-net#3 0x561a160051b1 in ospf_lsa_new_and_data ../ospfd/ospf_lsa.c:206
    sonic-net#4 0x561a1600f21d in ospf_exnl_lsa_prepare_and_flood ../ospfd/ospf_lsa.c:1762
    sonic-net#5 0x561a1600fd71 in ospf_external_lsa_new ../ospfd/ospf_lsa.c:1863
    sonic-net#6 0x561a160107d7 in ospf_lsa_translated_nssa_new ../ospfd/ospf_lsa.c:1985
    sonic-net#7 0x561a16010e10 in ospf_translated_nssa_originate ../ospfd/ospf_lsa.c:2034
    sonic-net#8 0x561a16136559 in ospf_abr_translate_nssa ../ospfd/ospf_abr.c:668
    sonic-net#9 0x561a161383da in ospf_abr_process_nssa_translates ../ospfd/ospf_abr.c:968
    sonic-net#10 0x561a1613f9b8 in ospf_abr_nssa_task ../ospfd/ospf_abr.c:2054
    sonic-net#11 0x561a161402e5 in ospf_abr_task_timer ../ospfd/ospf_abr.c:2168
    sonic-net#12 0x7f294efd6c33 in event_call ../lib/event.c:1995
    sonic-net#13 0x7f294eec134a in frr_run ../lib/libfrr.c:1213
    sonic-net#14 0x561a15fd3b6d in main ../ospfd/ospf_main.c:249
    sonic-net#15 0x7f294e998d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Objects leaked above:
0x60400003c6d0 (36 bytes)
0x60400003c790 (36 bytes)
0x60400003c810 (36 bytes)
0x60400003c890 (36 bytes)
0x60400003c910 (36 bytes)

SUMMARY: AddressSanitizer: 1640 byte(s) leaked in 20 allocation(s).
Signed-off-by: ryndia <dindyalsarvesh@gmail.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@Keelan10
bgpd: Free memory in set_aspath_replace_access_list
c60dc2a 
Properly free the dynamically allocated memory held by `str` after its use.
The change also maintains the return value of `nb_cli_apply_changes` by using 'ret' variable.

The ASan leak log for reference:

```
***********************************************************************************
Address Sanitizer Error detected in bgp_set_aspath_replace.test_bgp_set_aspath_replace/r1.asan.bgpd.11586

=================================================================
==11586==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 92 byte(s) in 3 object(s) allocated from:
    #0 0x7f4e2951db40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f4e28f19ea2 in qmalloc lib/memory.c:100
    sonic-net#2 0x7f4e28edbb08 in frrstr_join lib/frrstr.c:89
    sonic-net#3 0x7f4e28e9a601 in argv_concat lib/command.c:183
    sonic-net#4 0x56519adf8413 in set_aspath_replace_access_list_magic bgpd/bgp_routemap.c:6174
    sonic-net#5 0x56519adf8942 in set_aspath_replace_access_list bgpd/bgp_routemap_clippy.c:683
    sonic-net#6 0x7f4e28e9d548 in cmd_execute_command_real lib/command.c:993
    sonic-net#7 0x7f4e28e9da0c in cmd_execute_command lib/command.c:1051
    sonic-net#8 0x7f4e28e9de8b in cmd_execute lib/command.c:1218
    sonic-net#9 0x7f4e28fc4f1c in vty_command lib/vty.c:591
    sonic-net#10 0x7f4e28fc53c7 in vty_execute lib/vty.c:1354
    sonic-net#11 0x7f4e28fcdc8d in vtysh_read lib/vty.c:2362
    sonic-net#12 0x7f4e28fb8c8b in event_call lib/event.c:1979
    sonic-net#13 0x7f4e28efd445 in frr_run lib/libfrr.c:1213
    sonic-net#14 0x56519ac85d81 in main bgpd/bgp_main.c:510
    sonic-net#15 0x7f4e27f40c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 92 byte(s) leaked in 3 allocation(s).
***********************************************************************************

***********************************************************************************
Address Sanitizer Error detected in bgp_set_aspath_exclude.test_bgp_set_aspath_exclude/r1.asan.bgpd.10385

=================================================================
==10385==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 55 byte(s) in 2 object(s) allocated from:
    #0 0x7f6814fdab40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f68149d6ea2 in qmalloc lib/memory.c:100
    sonic-net#2 0x7f6814998b08 in frrstr_join lib/frrstr.c:89
    sonic-net#3 0x7f6814957601 in argv_concat lib/command.c:183
    sonic-net#4 0x5570e05117a1 in set_aspath_exclude_access_list_magic bgpd/bgp_routemap.c:6327
    sonic-net#5 0x5570e05119da in set_aspath_exclude_access_list bgpd/bgp_routemap_clippy.c:836
    sonic-net#6 0x7f681495a548 in cmd_execute_command_real lib/command.c:993
    sonic-net#7 0x7f681495aa0c in cmd_execute_command lib/command.c:1051
    sonic-net#8 0x7f681495ae8b in cmd_execute lib/command.c:1218
    sonic-net#9 0x7f6814a81f1c in vty_command lib/vty.c:591
    sonic-net#10 0x7f6814a823c7 in vty_execute lib/vty.c:1354
    sonic-net#11 0x7f6814a8ac8d in vtysh_read lib/vty.c:2362
    sonic-net#12 0x7f6814a75c8b in event_call lib/event.c:1979
    sonic-net#13 0x7f68149ba445 in frr_run lib/libfrr.c:1213
    sonic-net#14 0x5570e03a0d81 in main bgpd/bgp_main.c:510
    sonic-net#15 0x7f68139fdc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 55 byte(s) leaked in 2 allocation(s).
***********************************************************************************
```

Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@Keelan10
bgpd: Free memory in set_aspath_exclude_access_list
411cb8a 
Properly free the dynamically allocated memory held by `str` after its use.
The change also maintains the return value of `nb_cli_apply_changes` by using `ret` variable.

The ASan leak log for reference:

```
Direct leak of 55 byte(s) in 2 object(s) allocated from:
    #0 0x7f16f285f867 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
    sonic-net#1 0x7f16f23fda11 in qmalloc ../lib/memory.c:100
    sonic-net#2 0x7f16f23a01a0 in frrstr_join ../lib/frrstr.c:89
    sonic-net#3 0x7f16f23418c7 in argv_concat ../lib/command.c:183
    sonic-net#4 0x55aba24731f2 in set_aspath_exclude_access_list_magic ../bgpd/bgp_routemap.c:6327
    sonic-net#5 0x55aba2455cf4 in set_aspath_exclude_access_list bgpd/bgp_routemap_clippy.c:836
    sonic-net#6 0x7f16f2345d61 in cmd_execute_command_real ../lib/command.c:993
    sonic-net#7 0x7f16f23460ee in cmd_execute_command ../lib/command.c:1052
    sonic-net#8 0x7f16f2346dc0 in cmd_execute ../lib/command.c:1218
    sonic-net#9 0x7f16f24f7197 in vty_command ../lib/vty.c:591
    sonic-net#10 0x7f16f24fc07c in vty_execute ../lib/vty.c:1354
    sonic-net#11 0x7f16f250247a in vtysh_read ../lib/vty.c:2362
    sonic-net#12 0x7f16f24e72f4 in event_call ../lib/event.c:1979
    sonic-net#13 0x7f16f23d1828 in frr_run ../lib/libfrr.c:1213
    sonic-net#14 0x55aba2269e52 in main ../bgpd/bgp_main.c:510
    sonic-net#15 0x7f16f1dbfd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
```

Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@Keelan10
ospfd: Delete q_space->vertex_list on No Backup Path
64e0a47 
In scenarios where no backup paths are available, ensure proper
memory management by deleting `q_space->vertex_list`. This prevents
memory leaks.

The ASan leak log for reference:

```
Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7fcf8c70aa37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    sonic-net#1 0x7fcf8c2a8a45 in qcalloc ../lib/memory.c:105
    sonic-net#2 0x7fcf8c27d0cc in list_new ../lib/linklist.c:49
    sonic-net#3 0x55d6e8385e35 in ospf_spf_init ../ospfd/ospf_spf.c:540
    sonic-net#4 0x55d6e838c30d in ospf_spf_calculate ../ospfd/ospf_spf.c:1736
    sonic-net#5 0x55d6e83933cf in ospf_ti_lfa_generate_q_spaces ../ospfd/ospf_ti_lfa.c:673
    sonic-net#6 0x55d6e8394214 in ospf_ti_lfa_generate_p_space ../ospfd/ospf_ti_lfa.c:812
    sonic-net#7 0x55d6e8394c63 in ospf_ti_lfa_generate_p_spaces ../ospfd/ospf_ti_lfa.c:923
    sonic-net#8 0x55d6e8396390 in ospf_ti_lfa_compute ../ospfd/ospf_ti_lfa.c:1101
    sonic-net#9 0x55d6e838ca48 in ospf_spf_calculate_area ../ospfd/ospf_spf.c:1811
    sonic-net#10 0x55d6e838cd73 in ospf_spf_calculate_areas ../ospfd/ospf_spf.c:1840
    sonic-net#11 0x55d6e838cfb0 in ospf_spf_calculate_schedule_worker ../ospfd/ospf_spf.c:1871
    sonic-net#12 0x7fcf8c3922e4 in event_call ../lib/event.c:1979
    sonic-net#13 0x7fcf8c27c828 in frr_run ../lib/libfrr.c:1213
    sonic-net#14 0x55d6e82eeb6d in main ../ospfd/ospf_main.c:249
    sonic-net#15 0x7fcf8bd59d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

```

Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@Keelan10
lib: Clear Computed Path Pointer to Destination on Clean
0629ad0 
This commit ensures proper cleanup by clearing the `algo->pdst` pointer if it points to a path that is being deleted.
It addresses memory leaks by freeing memory held by `algo->pdst` that might not have been released during the cleanup of processed paths.

The ASan leak log for reference:

```
Direct leak of 96 byte(s) in 1 object(s) allocated from:
    #0 0x7fbffcec9a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    sonic-net#1 0x7fbffca67a81 in qcalloc ../lib/memory.c:105
    sonic-net#2 0x7fbffc9d1a54 in cpath_new ../lib/cspf.c:44
    sonic-net#3 0x7fbffc9d2829 in cspf_init ../lib/cspf.c:256
    sonic-net#4 0x7fbffc9d295d in cspf_init_v4 ../lib/cspf.c:287
    sonic-net#5 0x5601dcd34d3f in show_sharp_cspf_magic ../sharpd/sharp_vty.c:1262
    sonic-net#6 0x5601dcd2c2be in show_sharp_cspf sharpd/sharp_vty_clippy.c:1869
    sonic-net#7 0x7fbffc9afd61 in cmd_execute_command_real ../lib/command.c:993
    sonic-net#8 0x7fbffc9b00ee in cmd_execute_command ../lib/command.c:1052
    sonic-net#9 0x7fbffc9b0dc0 in cmd_execute ../lib/command.c:1218
    sonic-net#10 0x7fbffcb611c7 in vty_command ../lib/vty.c:591
    sonic-net#11 0x7fbffcb660ac in vty_execute ../lib/vty.c:1354
    sonic-net#12 0x7fbffcb6c4aa in vtysh_read ../lib/vty.c:2362
    sonic-net#13 0x7fbffcb51324 in event_call ../lib/event.c:1979
    sonic-net#14 0x7fbffca3b872 in frr_run ../lib/libfrr.c:1213
    sonic-net#15 0x5601dcd11c6f in main ../sharpd/sharp_main.c:177
    sonic-net#16 0x7fbffc5ffd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Indirect leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7fbffcec9a37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
    sonic-net#1 0x7fbffca67a81 in qcalloc ../lib/memory.c:105
    sonic-net#2 0x7fbffca3c108 in list_new ../lib/linklist.c:49
    sonic-net#3 0x7fbffc9d1acc in cpath_new ../lib/cspf.c:47
    sonic-net#4 0x7fbffc9d2829 in cspf_init ../lib/cspf.c:256
    sonic-net#5 0x7fbffc9d295d in cspf_init_v4 ../lib/cspf.c:287
    sonic-net#6 0x5601dcd34d3f in show_sharp_cspf_magic ../sharpd/sharp_vty.c:1262
    sonic-net#7 0x5601dcd2c2be in show_sharp_cspf sharpd/sharp_vty_clippy.c:1869
    sonic-net#8 0x7fbffc9afd61 in cmd_execute_command_real ../lib/command.c:993
    sonic-net#9 0x7fbffc9b00ee in cmd_execute_command ../lib/command.c:1052
    sonic-net#10 0x7fbffc9b0dc0 in cmd_execute ../lib/command.c:1218
    sonic-net#11 0x7fbffcb611c7 in vty_command ../lib/vty.c:591
    sonic-net#12 0x7fbffcb660ac in vty_execute ../lib/vty.c:1354
    sonic-net#13 0x7fbffcb6c4aa in vtysh_read ../lib/vty.c:2362
    sonic-net#14 0x7fbffcb51324 in event_call ../lib/event.c:1979
    sonic-net#15 0x7fbffca3b872 in frr_run ../lib/libfrr.c:1213
    sonic-net#16 0x5601dcd11c6f in main ../sharpd/sharp_main.c:177
    sonic-net#17 0x7fbffc5ffd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

```

Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@Keelan10
ospfd: fix area range memory leak
35cf10a 
Addressed a memory leak in OSPF by fixing the improper deallocation of
area range nodes when removed from the table. Introducing a new function,
`ospf_range_table_node_destroy` for proper node cleanup, resolved the issue.

The ASan leak log for reference:

```
Direct leak of 56 byte(s) in 2 object(s) allocated from:
    #0 0x7faf661d1d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7faf65bce1e9 in qcalloc lib/memory.c:105
    sonic-net#2 0x55a66e0b61cd in ospf_area_range_new ospfd/ospf_abr.c:43
    sonic-net#3 0x55a66e0b61cd in ospf_area_range_set ospfd/ospf_abr.c:195
    sonic-net#4 0x55a66e07f2eb in ospf_area_range ospfd/ospf_vty.c:631
    sonic-net#5 0x7faf65b51548 in cmd_execute_command_real lib/command.c:993
    sonic-net#6 0x7faf65b51f79 in cmd_execute_command_strict lib/command.c:1102
    sonic-net#7 0x7faf65b51fd8 in command_config_read_one_line lib/command.c:1262
    sonic-net#8 0x7faf65b522bf in config_from_file lib/command.c:1315
    sonic-net#9 0x7faf65c832df in vty_read_file lib/vty.c:2605
    sonic-net#10 0x7faf65c83409 in vty_read_config lib/vty.c:2851
    sonic-net#11 0x7faf65bb0341 in frr_config_read_in lib/libfrr.c:977
    sonic-net#12 0x7faf65c6cceb in event_call lib/event.c:1979
    sonic-net#13 0x7faf65bb1488 in frr_run lib/libfrr.c:1213
    sonic-net#14 0x55a66dfb28c4 in main ospfd/ospf_main.c:249
    sonic-net#15 0x7faf651c9c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 56 byte(s) leaked in 2 allocation(s).
```

Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@Keelan10
zebra: Free nexthop_group
92598cb 
`ng` was not properly freed, leading to a memory leak.
The commit calls `nexthop_group_delete` to free memory associated with `ng`.

The ASan leak log for reference:

```
***********************************************************************************
Address Sanitizer Error detected in isis_topo1.test_isis_topo1/r5.asan.zebra.24308

=================================================================
==24308==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f4f47b43d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f4f4753c0a8 in qcalloc lib/memory.c:105
    sonic-net#2 0x7f4f47559526 in nexthop_group_new lib/nexthop_group.c:270
    sonic-net#3 0x562ded6a39d4 in zebra_add_import_table_entry zebra/redistribute.c:681
    sonic-net#4 0x562ded787c35 in rib_link zebra/zebra_rib.c:3972
    sonic-net#5 0x562ded787c35 in rib_addnode zebra/zebra_rib.c:3993
    sonic-net#6 0x562ded787c35 in process_subq_early_route_add zebra/zebra_rib.c:2860
    sonic-net#7 0x562ded787c35 in process_subq_early_route zebra/zebra_rib.c:3138
    sonic-net#8 0x562ded787c35 in process_subq zebra/zebra_rib.c:3178
    sonic-net#9 0x562ded787c35 in meta_queue_process zebra/zebra_rib.c:3228
    sonic-net#10 0x7f4f475f7118 in work_queue_run lib/workqueue.c:266
    sonic-net#11 0x7f4f475dc7f2 in event_call lib/event.c:1969
    sonic-net#12 0x7f4f4751f347 in frr_run lib/libfrr.c:1213
    sonic-net#13 0x562ded69e818 in main zebra/main.c:486
    sonic-net#14 0x7f4f468ffc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 152 byte(s) in 1 object(s) allocated from:
    #0 0x7f4f47b43d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f4f4753c0a8 in qcalloc lib/memory.c:105
    sonic-net#2 0x7f4f475510ad in nexthop_new lib/nexthop.c:376
    sonic-net#3 0x7f4f475539c5 in nexthop_dup lib/nexthop.c:914
    sonic-net#4 0x7f4f4755b27a in copy_nexthops lib/nexthop_group.c:444
    sonic-net#5 0x562ded6a3a1c in zebra_add_import_table_entry zebra/redistribute.c:682
    sonic-net#6 0x562ded787c35 in rib_link zebra/zebra_rib.c:3972
    sonic-net#7 0x562ded787c35 in rib_addnode zebra/zebra_rib.c:3993
    sonic-net#8 0x562ded787c35 in process_subq_early_route_add zebra/zebra_rib.c:2860
    sonic-net#9 0x562ded787c35 in process_subq_early_route zebra/zebra_rib.c:3138
    sonic-net#10 0x562ded787c35 in process_subq zebra/zebra_rib.c:3178
    sonic-net#11 0x562ded787c35 in meta_queue_process zebra/zebra_rib.c:3228
    sonic-net#12 0x7f4f475f7118 in work_queue_run lib/workqueue.c:266
    sonic-net#13 0x7f4f475dc7f2 in event_call lib/event.c:1969
    sonic-net#14 0x7f4f4751f347 in frr_run lib/libfrr.c:1213
    sonic-net#15 0x562ded69e818 in main zebra/main.c:486
    sonic-net#16 0x7f4f468ffc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 184 byte(s) leaked in 2 allocation(s).
***********************************************************************************
```

Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@ryndia @mergify
bgpd: Ecommunity_dup memory leak fix
81884d4 
The shallow copy of attr wasn't freed when there was no valid label for the momentand the function return therefore creating leaks. The leak below are solved by flushing the shallow copy of attr.

Address Sanitizer Error detected in bgp_vpnv6_per_nexthop_label.test_bgp_vpnv6_per_nexthop_label/r1.asan.bgpd.13409
=================================================================
==13409==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x5623b89beabc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x5623b89beabc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
    sonic-net#7 0x5623b89beabc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
    sonic-net#8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
    sonic-net#9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
    sonic-net#10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
    sonic-net#11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
    sonic-net#12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
    sonic-net#13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
    sonic-net#14 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#16 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b892e86d in bgp_update bgpd/bgp_route.c:4969
    sonic-net#5 0x5623b893134d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
    sonic-net#6 0x5623b88e2a0e in bgp_nlri_parse bgpd/bgp_packet.c:341
    sonic-net#7 0x5623b88e4f7c in bgp_update_receive bgpd/bgp_packet.c:2220
    sonic-net#8 0x5623b88f0474 in bgp_process_packet bgpd/bgp_packet.c:3386
    sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x5623b89bdebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x5623b89bdebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
    sonic-net#7 0x5623b89bdebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
    sonic-net#8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
    sonic-net#9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
    sonic-net#10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
    sonic-net#11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
    sonic-net#12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
    sonic-net#13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
    sonic-net#14 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#16 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 240 byte(s) in 6 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b88dc289 in evaluate_paths bgpd/bgp_nht.c:1384
    sonic-net#5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    sonic-net#6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    sonic-net#7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    sonic-net#8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 120 byte(s) in 3 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b893a406 in bgp_redistribute_add bgpd/bgp_route.c:8692
    sonic-net#5 0x5623b8a02b3b in zebra_read_route bgpd/bgp_zebra.c:595
    sonic-net#6 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    sonic-net#7 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#8 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#9 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#10 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7f62cd0c9d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f62ccac21c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x5623b8810dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b88dc188 in evaluate_paths bgpd/bgp_nht.c:1348
    sonic-net#5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    sonic-net#6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    sonic-net#7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    sonic-net#8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x5623b89beabc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x5623b89beabc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
    sonic-net#7 0x5623b89beabc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
    sonic-net#8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
    sonic-net#9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
    sonic-net#10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
    sonic-net#11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
    sonic-net#12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
    sonic-net#13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
    sonic-net#14 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#16 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b892e86d in bgp_update bgpd/bgp_route.c:4969
    sonic-net#5 0x5623b893134d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
    sonic-net#6 0x5623b88e2a0e in bgp_nlri_parse bgpd/bgp_packet.c:341
    sonic-net#7 0x5623b88e4f7c in bgp_update_receive bgpd/bgp_packet.c:2220
    sonic-net#8 0x5623b88f0474 in bgp_process_packet bgpd/bgp_packet.c:3386
    sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b88c13b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x5623b89bdebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x5623b89bdebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
    sonic-net#7 0x5623b89bdebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
    sonic-net#8 0x7f62cca45511 in cmd_execute_command_real lib/command.c:978
    sonic-net#9 0x7f62cca459d5 in cmd_execute_command lib/command.c:1036
    sonic-net#10 0x7f62cca45e54 in cmd_execute lib/command.c:1203
    sonic-net#11 0x7f62ccb6ee20 in vty_command lib/vty.c:591
    sonic-net#12 0x7f62ccb6f2cb in vty_execute lib/vty.c:1354
    sonic-net#13 0x7f62ccb77b95 in vtysh_read lib/vty.c:2362
    sonic-net#14 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#15 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#16 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#17 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 6 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b88dc289 in evaluate_paths bgpd/bgp_nht.c:1384
    sonic-net#5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    sonic-net#6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    sonic-net#7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    sonic-net#8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 24 byte(s) in 3 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b893a406 in bgp_redistribute_add bgpd/bgp_route.c:8692
    sonic-net#5 0x5623b8a02b3b in zebra_read_route bgpd/bgp_zebra.c:595
    sonic-net#6 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    sonic-net#7 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#8 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#9 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#10 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 16 byte(s) in 2 object(s) allocated from:
    #0 0x7f62cd0c9b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f62ccac1ee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x5623b8810eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x5623b88be8eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x5623b88dc188 in evaluate_paths bgpd/bgp_nht.c:1348
    sonic-net#5 0x5623b88ddb0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    sonic-net#6 0x5623b88de027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    sonic-net#7 0x5623b8a03163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    sonic-net#8 0x7f62ccb92d8a in zclient_read lib/zclient.c:4425
    sonic-net#9 0x7f62ccb62b8f in event_call lib/event.c:1969
    sonic-net#10 0x7f62ccaa5462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x5623b87e054b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f62cbae7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 1536 byte(s) leaked in 64 allocation(s).
***********************************************************************************

Address Sanitizer Error detected in bgp_vpnv4_per_nexthop_label.test_bgp_vpnv4_per_nexthop_label/r1.asan.bgpd.10610

=================================================================
==10610==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9c4686d in bgp_update bgpd/bgp_route.c:4969
    sonic-net#5 0x55cdc9c4934d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
    sonic-net#6 0x55cdc9bfaa0e in bgp_nlri_parse bgpd/bgp_packet.c:341
    sonic-net#7 0x55cdc9bfcf7c in bgp_update_receive bgpd/bgp_packet.c:2220
    sonic-net#8 0x55cdc9c08474 in bgp_process_packet bgpd/bgp_packet.c:3386
    sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x55cdc9cd6abc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
    sonic-net#7 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
    sonic-net#8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
    sonic-net#9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
    sonic-net#10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
    sonic-net#11 0x7f81fc007e20 in vty_command lib/vty.c:591
    sonic-net#12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
    sonic-net#13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
    sonic-net#14 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#16 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 280 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x55cdc9cd5ebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x55cdc9cd5ebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
    sonic-net#7 0x55cdc9cd5ebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
    sonic-net#8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
    sonic-net#9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
    sonic-net#10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
    sonic-net#11 0x7f81fc007e20 in vty_command lib/vty.c:591
    sonic-net#12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
    sonic-net#13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
    sonic-net#14 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#16 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 240 byte(s) in 6 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bf4289 in evaluate_paths bgpd/bgp_nht.c:1384
    sonic-net#5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    sonic-net#6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    sonic-net#7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    sonic-net#8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bf4188 in evaluate_paths bgpd/bgp_nht.c:1348
    sonic-net#5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    sonic-net#6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    sonic-net#7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    sonic-net#8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 80 byte(s) in 2 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x55cdc9bdafd5 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x55cdc9bdafd5 in vpn_leak_label_callback bgpd/bgp_mplsvpn.c:581
    sonic-net#7 0x55cdc9bb2606 in lp_cbq_docallback bgpd/bgp_labelpool.c:118
    sonic-net#8 0x7f81fc0164b5 in work_queue_run lib/workqueue.c:266
    sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7f81fc562d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f81fbf5b1c3 in qcalloc lib/memory.c:105
    sonic-net#2 0x55cdc9b28dc8 in ecommunity_dup bgpd/bgp_ecommunity.c:252
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9c52406 in bgp_redistribute_add bgpd/bgp_route.c:8692
    sonic-net#5 0x55cdc9d1ab3b in zebra_read_route bgpd/bgp_zebra.c:595
    sonic-net#6 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    sonic-net#7 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#8 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#9 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#10 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x55cdc9cd6abc in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode_magic bgpd/bgp_vty.c:9464
    sonic-net#7 0x55cdc9cd6abc in af_label_vpn_export_allocation_mode bgpd/bgp_vty_clippy.c:2809
    sonic-net#8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
    sonic-net#9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
    sonic-net#10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
    sonic-net#11 0x7f81fc007e20 in vty_command lib/vty.c:591
    sonic-net#12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
    sonic-net#13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
    sonic-net#14 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#16 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x55cdc9cd5ebb in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x55cdc9cd5ebb in af_label_vpn_export_magic bgpd/bgp_vty.c:9547
    sonic-net#7 0x55cdc9cd5ebb in af_label_vpn_export bgpd/bgp_vty_clippy.c:2868
    sonic-net#8 0x7f81fbede511 in cmd_execute_command_real lib/command.c:978
    sonic-net#9 0x7f81fbede9d5 in cmd_execute_command lib/command.c:1036
    sonic-net#10 0x7f81fbedee54 in cmd_execute lib/command.c:1203
    sonic-net#11 0x7f81fc007e20 in vty_command lib/vty.c:591
    sonic-net#12 0x7f81fc0082cb in vty_execute lib/vty.c:1354
    sonic-net#13 0x7f81fc010b95 in vtysh_read lib/vty.c:2362
    sonic-net#14 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#15 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#16 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#17 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 56 byte(s) in 7 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9c4686d in bgp_update bgpd/bgp_route.c:4969
    sonic-net#5 0x55cdc9c4934d in bgp_nlri_parse_ip bgpd/bgp_route.c:6213
    sonic-net#6 0x55cdc9bfaa0e in bgp_nlri_parse bgpd/bgp_packet.c:341
    sonic-net#7 0x55cdc9bfcf7c in bgp_update_receive bgpd/bgp_packet.c:2220
    sonic-net#8 0x55cdc9c08474 in bgp_process_packet bgpd/bgp_packet.c:3386
    sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 48 byte(s) in 6 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bf4289 in evaluate_paths bgpd/bgp_nht.c:1384
    sonic-net#5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    sonic-net#6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    sonic-net#7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    sonic-net#8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 16 byte(s) in 2 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bf4188 in evaluate_paths bgpd/bgp_nht.c:1348
    sonic-net#5 0x55cdc9bf5b0b in bgp_process_nexthop_update bgpd/bgp_nht.c:733
    sonic-net#6 0x55cdc9bf6027 in bgp_parse_nexthop_update bgpd/bgp_nht.c:934
    sonic-net#7 0x55cdc9d1b163 in bgp_read_nexthop_update bgpd/bgp_zebra.c:104
    sonic-net#8 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 16 byte(s) in 2 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9bd93b3 in vpn_leak_from_vrf_update_all bgpd/bgp_mplsvpn.c:2005
    sonic-net#5 0x55cdc9bdafd5 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:287
    sonic-net#6 0x55cdc9bdafd5 in vpn_leak_label_callback bgpd/bgp_mplsvpn.c:581
    sonic-net#7 0x55cdc9bb2606 in lp_cbq_docallback bgpd/bgp_labelpool.c:118
    sonic-net#8 0x7f81fc0164b5 in work_queue_run lib/workqueue.c:266
    sonic-net#9 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#10 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#11 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#12 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x7f81fc562b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    sonic-net#1 0x7f81fbf5aee3 in qmalloc lib/memory.c:100
    sonic-net#2 0x55cdc9b28eb8 in ecommunity_dup bgpd/bgp_ecommunity.c:256
    sonic-net#3 0x55cdc9bd68eb in vpn_leak_from_vrf_update bgpd/bgp_mplsvpn.c:1628
    sonic-net#4 0x55cdc9c52406 in bgp_redistribute_add bgpd/bgp_route.c:8692
    sonic-net#5 0x55cdc9d1ab3b in zebra_read_route bgpd/bgp_zebra.c:595
    sonic-net#6 0x7f81fc02bd8a in zclient_read lib/zclient.c:4425
    sonic-net#7 0x7f81fbffbb8f in event_call lib/event.c:1969
    sonic-net#8 0x7f81fbf3e462 in frr_run lib/libfrr.c:1213
    sonic-net#9 0x55cdc9af854b in main bgpd/bgp_main.c:510
    sonic-net#10 0x7f81faf80c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

SUMMARY: AddressSanitizer: 1536 byte(s) leaked in 64 allocation(s).
***********************************************************************************

Signed-off-by: ryndia <dindyalsarvesh@gmail.com>
(cherry picked from commit 78b6cad)
marcosfsch pushed a commit to marcosfsch/sonic-frr that referenced this pull request Jan 30, 2024
@Keelan10 @mergify
zebra: Refactor memory allocation in zebra_rnh.c
fbb9a78 
Fix memory leaks by allocating `json_segs` conditionally on `nexthop->nh_srv6->seg6_segs`.
The previous code allocated memory even when not in use or attached to the JSON tree.

The ASan leak log for reference:

```
Direct leak of 3240 byte(s) in 45 object(s) allocated from:
    #0 0x7f6e84a35d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f6e83de9e6f in json_object_new_array (/lib/x86_64-linux-gnu/libjson-c.so.3+0x3e6f)
    sonic-net#2 0x564dcab5c1a6 in vty_show_ip_route zebra/zebra_vty.c:705
    sonic-net#3 0x564dcab5cc71 in do_show_route_helper zebra/zebra_vty.c:955
    sonic-net#4 0x564dcab5d418 in do_show_ip_route zebra/zebra_vty.c:1039
    sonic-net#5 0x564dcab63ee5 in show_route_magic zebra/zebra_vty.c:1878
    sonic-net#6 0x564dcab63ee5 in show_route zebra/zebra_vty_clippy.c:659
    sonic-net#7 0x7f6e843b6fb1 in cmd_execute_command_real lib/command.c:978
    sonic-net#8 0x7f6e843b7475 in cmd_execute_command lib/command.c:1036
    sonic-net#9 0x7f6e843b78f4 in cmd_execute lib/command.c:1203
    sonic-net#10 0x7f6e844dfe3b in vty_command lib/vty.c:594
    sonic-net#11 0x7f6e844e02e6 in vty_execute lib/vty.c:1357
    sonic-net#12 0x7f6e844e8bb7 in vtysh_read lib/vty.c:2365
    sonic-net#13 0x7f6e844d3b7a in event_call lib/event.c:1965
    sonic-net#14 0x7f6e844172b0 in frr_run lib/libfrr.c:1214
    sonic-net#15 0x564dcaa50e81 in main zebra/main.c:488
    sonic-net#16 0x7f6e837f7c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)

Indirect leak of 11520 byte(s) in 45 object(s) allocated from:
    #0 0x7f6e84a35d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f6e83de88c0 in array_list_new (/lib/x86_64-linux-gnu/libjson-c.so.3+0x28c0)

Indirect leak of 1080 byte(s) in 45 object(s) allocated from:
    #0 0x7f6e84a35d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    sonic-net#1 0x7f6e83de8897 in array_list_new (/lib/x86_64-linux-gnu/libjson-c.so.3+0x2897)
```

Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
Signed-off-by: ryndia <dindyalsarvesh@gmail.com>
(cherry picked from commit 531866c)
eddieruan-alibaba pushed a commit to eddieruan-alibaba/sonic-frr that referenced this pull request Mar 11, 2025
@pguibert6WIND
bgpd: bmp, fix address sanitizer issue
9e940d4 
The following ASAN error can be seen.

> ERROR: AddressSanitizer: attempting to call malloc_usable_size() for pointer which is not owned: 0x608000036c20
>     #0 0x7f3d7a4b5425 in __interceptor_malloc_usable_size ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:198
>     sonic-net#1 0x7f3d7a426a16 in __sanitizer::BufferedStackTrace::Unwind(unsigned long, unsigned long, void*, bool, unsigned int) ../../../../src/libsanitizer/sanitizer_common
> /sanitizer_stacktrace.h:122
>     sonic-net#2 0x7f3d7a426a16 in __asan::asan_malloc_usable_size(void const*, unsigned long, unsigned long) ../../../../src/libsanitizer/asan/asan_allocator.cpp:1074
>     sonic-net#3 0x7f3d7a03f330 in mt_count_free lib/memory.c:78
>     sonic-net#4 0x7f3d7a03f330 in qfree lib/memory.c:130
>     sonic-net#5 0x7f3d76ccf89b in bmp_peer_status_changed bgpd/bgp_bmp.c:982
>     sonic-net#6 0x560ae2aa6a94 in hook_call_peer_status_changed bgpd/bgp_fsm.c:47
>     sonic-net#7 0x560ae2aa6a94 in bgp_fsm_change_status bgpd/bgp_fsm.c:1287
>     sonic-net#8 0x560ae2c4f2e5 in peer_delete bgpd/bgpd.c:2777
>     sonic-net#9 0x560ae2c58d24 in bgp_delete bgpd/bgpd.c:4140
>     sonic-net#10 0x560ae2bbb47e in no_router_bgp bgpd/bgp_vty.c:1764
>     sonic-net#11 0x7f3d79fb74ed in cmd_execute_command_real lib/command.c:1003
>     sonic-net#12 0x7f3d79fb78a3 in cmd_execute_command lib/command.c:1062
>     sonic-net#13 0x7f3d79fb7e03 in cmd_execute lib/command.c:1228
>     sonic-net#14 0x7f3d7a107b53 in vty_command lib/vty.c:625
>     sonic-net#15 0x7f3d7a109902 in vty_execute lib/vty.c:1388
>     sonic-net#16 0x7f3d7a10cc32 in vtysh_read lib/vty.c:2400
>     sonic-net#17 0x7f3d7a0f848b in event_call lib/event.c:2019
>     sonic-net#18 0x7f3d7a01e627 in frr_run lib/libfrr.c:1232
>     sonic-net#19 0x560ae29e0037 in main bgpd/bgp_main.c:555
>     sonic-net#20 0x7f3d79a29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>     sonic-net#21 0x7f3d79a29e3f in __libc_start_main_impl ../csu/libc-start.c:392
>     sonic-net#22 0x560ae29e4ef4 in _start (/usr/lib/frr/bgpd+0x2eeef4)
>
> 0x608000036c20 is located 0 bytes inside of 81-byte region [0x608000036c20,0x608000036c71)
> freed by thread T0 here:
>     #0 0x7f3d7a4b4537 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127
>     sonic-net#1 0x7f3d76ccf85f in bmp_peer_status_changed bgpd/bgp_bmp.c:981
>     sonic-net#2 0x560ae2aa6a94 in hook_call_peer_status_changed bgpd/bgp_fsm.c:47
>     sonic-net#3 0x560ae2aa6a94 in bgp_fsm_change_status bgpd/bgp_fsm.c:1287
>     sonic-net#4 0x560ae2c4f2e5 in peer_delete bgpd/bgpd.c:2777
>     sonic-net#5 0x560ae2c58d24 in bgp_delete bgpd/bgpd.c:4140
>     sonic-net#6 0x560ae2bbb47e in no_router_bgp bgpd/bgp_vty.c:1764
>     sonic-net#7 0x7f3d79fb74ed in cmd_execute_command_real lib/command.c:1003
>     sonic-net#8 0x7f3d79fb78a3 in cmd_execute_command lib/command.c:1062
>     sonic-net#9 0x7f3d79fb7e03 in cmd_execute lib/command.c:1228
>     sonic-net#10 0x7f3d7a107b53 in vty_command lib/vty.c:625
>     sonic-net#11 0x7f3d7a109902 in vty_execute lib/vty.c:1388
>     sonic-net#12 0x7f3d7a10cc32 in vtysh_read lib/vty.c:2400
>     sonic-net#13 0x7f3d7a0f848b in event_call lib/event.c:2019
>     sonic-net#14 0x7f3d7a01e627 in frr_run lib/libfrr.c:1232
>     sonic-net#15 0x560ae29e0037 in main bgpd/bgp_main.c:555
>     sonic-net#16 0x7f3d79a29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> previously allocated by thread T0 here:
>     #0 0x7f3d7a4b4887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
>     sonic-net#1 0x7f3d7a03f0e9 in qmalloc lib/memory.c:101
>     sonic-net#2 0x7f3d76cd0166 in bmp_bgp_peer_vrf bgpd/bgp_bmp.c:2194
>     sonic-net#3 0x7f3d76cd0166 in bmp_bgp_update_vrf_status bgpd/bgp_bmp.c:2236
>     sonic-net#4 0x7f3d76cd29b8 in bmp_vrf_state_changed bgpd/bgp_bmp.c:3479
>     sonic-net#5 0x560ae2c45b34 in hook_call_bgp_instance_state bgpd/bgpd.c:88
>     sonic-net#6 0x560ae2c4d158 in bgp_instance_up bgpd/bgpd.c:3936
>     sonic-net#7 0x560ae29e5ed1 in bgp_vrf_enable bgpd/bgp_main.c:299
>     sonic-net#8 0x7f3d7a0ff8b1 in vrf_enable lib/vrf.c:286
>     sonic-net#9 0x7f3d7a0ff8b1 in vrf_enable lib/vrf.c:275
>     sonic-net#10 0x7f3d7a12ab66 in zclient_vrf_add lib/zclient.c:2561
>     sonic-net#11 0x7f3d7a12eb43 in zclient_read lib/zclient.c:4624
>     sonic-net#12 0x7f3d7a0f848b in event_call lib/event.c:2019
>     sonic-net#13 0x7f3d7a01e627 in frr_run lib/libfrr.c:1232
>     sonic-net#14 0x560ae29e0037 in main bgpd/bgp_main.c:555
>     sonic-net#15 0x7f3d79a29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
eddieruan-alibaba pushed a commit to eddieruan-alibaba/sonic-frr that referenced this pull request Mar 11, 2025
@pguibert6WIND
bgpd: bmp, fix memory leak in peer messages
3e63abf 
The following memory leak is observed when running bgp_bmp test.

> ==614841==ERROR: LeakSanitizer: detected memory leaks
>
> Direct leak of 81 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f2b4887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
>     sonic-net#1 0x7f0e9ec771f8 in qmalloc lib/memory.c:101
>     sonic-net#2 0x7f0e9e5a2f89 in bmp_bgp_peer_vrf bgpd/bgp_bmp.c:2211
>     sonic-net#3 0x7f0e9e5a31a8 in bmp_bgp_update_vrf_status bgpd/bgp_bmp.c:2247
>     sonic-net#4 0x7f0e9e5b0325 in bmp_bgp_attribute_updated_instance bgpd/bgp_bmp.c:3476
>     sonic-net#5 0x7f0e9e5b0661 in bmp_bgp_attribute_updated bgpd/bgp_bmp.c:3526
>     sonic-net#6 0x7f0e9e5b08ae in bmp_routerid_update bgpd/bgp_bmp.c:3547
>     sonic-net#7 0x55cdc4bcbd88 in hook_call_bgp_routerid_update bgpd/bgpd.c:89
>     sonic-net#8 0x55cdc4bccf0b in bgp_router_id_set bgpd/bgpd.c:305
>     sonic-net#9 0x55cdc4bcd87d in bgp_router_id_zebra_bump bgpd/bgpd.c:393
>     sonic-net#10 0x55cdc4ba87d5 in bgp_router_id_update bgpd/bgp_zebra.c:99
>     sonic-net#11 0x7f0e9ede3f0b in zclient_read lib/zclient.c:4626
>     sonic-net#12 0x7f0e9ed8074d in event_call lib/event.c:1996
>     sonic-net#13 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     sonic-net#14 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     sonic-net#15 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 81 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f2b4887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
>     sonic-net#1 0x7f0e9ec771f8 in qmalloc lib/memory.c:101
>     sonic-net#2 0x7f0e9e5a2ed8 in bmp_bgp_peer_vrf bgpd/bgp_bmp.c:2207
>     sonic-net#3 0x7f0e9e5a31a8 in bmp_bgp_update_vrf_status bgpd/bgp_bmp.c:2247
>     sonic-net#4 0x7f0e9e5b0325 in bmp_bgp_attribute_updated_instance bgpd/bgp_bmp.c:3476
>     sonic-net#5 0x7f0e9e5b0661 in bmp_bgp_attribute_updated bgpd/bgp_bmp.c:3526
>     sonic-net#6 0x7f0e9e5b08ae in bmp_routerid_update bgpd/bgp_bmp.c:3547
>     sonic-net#7 0x55cdc4bcbd88 in hook_call_bgp_routerid_update bgpd/bgpd.c:89
>     sonic-net#8 0x55cdc4bccf0b in bgp_router_id_set bgpd/bgpd.c:305
>     sonic-net#9 0x55cdc4bcd87d in bgp_router_id_zebra_bump bgpd/bgpd.c:393
>     sonic-net#10 0x55cdc4ba87d5 in bgp_router_id_update bgpd/bgp_zebra.c:99
>     sonic-net#11 0x7f0e9ede3f0b in zclient_read lib/zclient.c:4626
>     sonic-net#12 0x7f0e9ed8074d in event_call lib/event.c:1996
>     sonic-net#13 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     sonic-net#14 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     sonic-net#15 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 64 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f2b4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7f0e9ec77235 in qcalloc lib/memory.c:106
>     sonic-net#2 0x7f0e9e5a498d in bmp_imported_bgp_get bgpd/bgp_bmp.c:2441
>     sonic-net#3 0x7f0e9e5acbed in bmp_import_vrf_magic bgpd/bgp_bmp.c:2855
>     sonic-net#4 0x7f0e9e5a7f97 in bmp_import_vrf bgpd/bgp_bmp_clippy.c:147
>     sonic-net#5 0x7f0e9ebb1178 in cmd_execute_command_real lib/command.c:1003
>     sonic-net#6 0x7f0e9ebb1505 in cmd_execute_command lib/command.c:1062
>     sonic-net#7 0x7f0e9ebb21d7 in cmd_execute lib/command.c:1228
>     sonic-net#8 0x7f0e9ed90bf0 in vty_command lib/vty.c:626
>     sonic-net#9 0x7f0e9ed95ad5 in vty_execute lib/vty.c:1389
>     sonic-net#10 0x7f0e9ed9c01e in vtysh_read lib/vty.c:2408
>     sonic-net#11 0x7f0e9ed8074d in event_call lib/event.c:1996
>     sonic-net#12 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     sonic-net#13 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     sonic-net#14 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 6 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f25b9a7 in __interceptor_strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:454
>     sonic-net#1 0x7f0e9ec772fa in qstrdup lib/memory.c:118
>     sonic-net#2 0x55cdc4b57d54 in af_rd_vpn_export_magic bgpd/bgp_vty.c:9814
>     sonic-net#3 0x55cdc4b288d7 in af_rd_vpn_export bgpd/bgp_vty_clippy.c:3493
>     sonic-net#4 0x7f0e9ebb1178 in cmd_execute_command_real lib/command.c:1003
>     sonic-net#5 0x7f0e9ebb1505 in cmd_execute_command lib/command.c:1062
>     sonic-net#6 0x7f0e9ebb21d7 in cmd_execute lib/command.c:1228
>     sonic-net#7 0x7f0e9ed90bf0 in vty_command lib/vty.c:626
>     sonic-net#8 0x7f0e9ed95ad5 in vty_execute lib/vty.c:1389
>     sonic-net#9 0x7f0e9ed9c01e in vtysh_read lib/vty.c:2408
>     sonic-net#10 0x7f0e9ed8074d in event_call lib/event.c:1996
>     sonic-net#11 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     sonic-net#12 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     sonic-net#13 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Indirect leak of 5 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f25b9a7 in __interceptor_strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:454
>     sonic-net#1 0x7f0e9ec772fa in qstrdup lib/memory.c:118
>     sonic-net#2 0x7f0e9e5a49ae in bmp_imported_bgp_get bgpd/bgp_bmp.c:2443
>     sonic-net#3 0x7f0e9e5acbed in bmp_import_vrf_magic bgpd/bgp_bmp.c:2855
>     sonic-net#4 0x7f0e9e5a7f97 in bmp_import_vrf bgpd/bgp_bmp_clippy.c:147
>     sonic-net#5 0x7f0e9ebb1178 in cmd_execute_command_real lib/command.c:1003
>     sonic-net#6 0x7f0e9ebb1505 in cmd_execute_command lib/command.c:1062
>     sonic-net#7 0x7f0e9ebb21d7 in cmd_execute lib/command.c:1228
>     sonic-net#8 0x7f0e9ed90bf0 in vty_command lib/vty.c:626
>     sonic-net#9 0x7f0e9ed95ad5 in vty_execute lib/vty.c:1389
>     sonic-net#10 0x7f0e9ed9c01e in vtysh_read lib/vty.c:2408
>     sonic-net#11 0x7f0e9ed8074d in event_call lib/event.c:1996
>     sonic-net#12 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     sonic-net#13 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     sonic-net#14 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> SUMMARY: AddressSanitizer: 237 byte(s) leaked in 5 allocation(s).

Fix this by freeing the missing memory block that helps building the
open message to send to remote bmp collector.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
eddieruan-alibaba pushed a commit to eddieruan-alibaba/sonic-frr that referenced this pull request Mar 11, 2025
@pguibert6WIND
bgpd: fix access to invalid memory zone
3e05ba0 
> ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f73891cb146 bp 0x7ffca86584c0 sp 0x7ffca8658490 T0)
> ==837617==The signal is caused by a READ memory access.
> ==837617==Hint: address points to the zero page.
>     #0 0x7f73891cb146 in bmp_targets_const_next bgpd/bgp_bmp.c:149
>     sonic-net#1 0x7f73891cb1a5 in bmp_targets_next bgpd/bgp_bmp.c:149
>     sonic-net#2 0x7f73891e875a in _bmp_vrf_state_changed_internal bgpd/bgp_bmp.c:3520
>     sonic-net#3 0x7f73891e8922 in bmp_vrf_itf_state_changed bgpd/bgp_bmp.c:3566
>     sonic-net#4 0x55e511af8d1b in hook_call_bgp_vrf_status_changed bgpd/bgp_zebra.c:64
>     sonic-net#5 0x55e511afa304 in bgp_ifp_up bgpd/bgp_zebra.c:234
>     sonic-net#6 0x7f738981c193 in hook_call_if_up lib/if.c:57
>     sonic-net#7 0x7f738981d09a in if_up_via_zapi lib/if.c:203
>     sonic-net#8 0x7f73899d6f54 in zclient_interface_up lib/zclient.c:2671
>     sonic-net#9 0x7f73899e3e5a in zclient_read lib/zclient.c:4624
>     sonic-net#10 0x7f738998078d in event_call lib/event.c:1996
>     sonic-net#11 0x7f7389848933 in frr_run lib/libfrr.c:1232
>     sonic-net#12 0x55e5117f7ae1 in main bgpd/bgp_main.c:557
>     sonic-net#13 0x7f7389229d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>     sonic-net#14 0x7f7389229e3f in __libc_start_main_impl ../csu/libc-start.c:392
>     sonic-net#15 0x55e5117f4234 in _start (/usr/lib/frr/bgpd+0x2ec234)

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
eddieruan-alibaba pushed a commit to eddieruan-alibaba/sonic-frr that referenced this pull request Aug 19, 2025
@louis-6wind
zebra: fix table heap-after-free crash
7395e39 
Fix a heap-after-free that causes zebra to crash even without
address-sanitizer. To reproduce:

> echo "100 my_table" | tee -a /etc/iproute2/rt_tables
> ip route add blackhole default table 100
> ip route show table 100
> ip l add red type vrf table 100
> ip l del red
> ip route del blackhole default table 100

Zebra manages routing tables for all existing Linux RT tables,
regardless of whether they are assigned to a VRF interface. When a table
is not assigned to any VRF, zebra arbitrarily assigns it to the default
VRF, even though this is not strictly accurate (the code expects this
behavior).

When an RT table is created after a VRF, zebra correctly assigns the
table to the VRF. However, if a VRF interface is assigned to an existing
RT table, zebra does not update the table owner, which remains as the
default VRF. As a result, existing routing entries remain under the
default VRF, while new entries are correctly assigned to the VRF. The
VRF mismatch is unexpected in the code and creates crashes and memory
related issues.

Furthermore, Linux does not automatically delete RT tables when they are
unassigned from a VRF. It is incorrect to delete these tables from zebra.

Instead, at VRF disabling, do not release the table but reassign it to
the default VRF. At VRF enabling, change the table owner back to the
appropriate VRF.

> ==2866266==ERROR: AddressSanitizer: heap-use-after-free on address 0x606000154f54 at pc 0x7fa32474b83f bp 0x7ffe94f67d90 sp 0x7ffe94f67d88
> READ of size 1 at 0x606000154f54 thread T0
>     #0 0x7fa32474b83e in rn_hash_node_const_find lib/table.c:28
>     sonic-net#1 0x7fa32474bab1 in rn_hash_node_find lib/table.c:28
>     sonic-net#2 0x7fa32474d783 in route_node_get lib/table.c:283
>     sonic-net#3 0x7fa3247328dd in srcdest_rnode_get lib/srcdest_table.c:231
>     sonic-net#4 0x55b0e4fa8da4 in rib_find_rn_from_ctx zebra/zebra_rib.c:1957
>     sonic-net#5 0x55b0e4fa8e31 in rib_process_result zebra/zebra_rib.c:1988
>     sonic-net#6 0x55b0e4fb9d64 in rib_process_dplane_results zebra/zebra_rib.c:4894
>     sonic-net#7 0x7fa32476689c in event_call lib/event.c:1996
>     sonic-net#8 0x7fa32463b7b2 in frr_run lib/libfrr.c:1232
>     sonic-net#9 0x55b0e4e6c32a in main zebra/main.c:526
>     sonic-net#10 0x7fa32424fd09 in __libc_start_main ../csu/libc-start.c:308
>     sonic-net#11 0x55b0e4e2d649 in _start (/usr/lib/frr/zebra+0x1a1649)
>
> 0x606000154f54 is located 20 bytes inside of 56-byte region [0x606000154f40,0x606000154f78)
> freed by thread T0 here:
>     #0 0x7fa324ca9b6f in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:123
>     sonic-net#1 0x7fa324668d8f in qfree lib/memory.c:130
>     sonic-net#2 0x7fa32474c421 in route_table_free lib/table.c:126
>     sonic-net#3 0x7fa32474bf96 in route_table_finish lib/table.c:46
>     sonic-net#4 0x55b0e4fbca3a in zebra_router_free_table zebra/zebra_router.c:191
>     sonic-net#5 0x55b0e4fbccea in zebra_router_release_table zebra/zebra_router.c:214
>     sonic-net#6 0x55b0e4fd428e in zebra_vrf_disable zebra/zebra_vrf.c:219
>     sonic-net#7 0x7fa32476fabf in vrf_disable lib/vrf.c:326
>     sonic-net#8 0x7fa32476f5d4 in vrf_delete lib/vrf.c:231
>     sonic-net#9 0x55b0e4e4ad36 in interface_vrf_change zebra/interface.c:1478
>     sonic-net#10 0x55b0e4e4d5d2 in zebra_if_dplane_ifp_handling zebra/interface.c:1949
>     sonic-net#11 0x55b0e4e4fb89 in zebra_if_dplane_result zebra/interface.c:2268
>     sonic-net#12 0x55b0e4fb9f26 in rib_process_dplane_results zebra/zebra_rib.c:4954
>     sonic-net#13 0x7fa32476689c in event_call lib/event.c:1996
>     sonic-net#14 0x7fa32463b7b2 in frr_run lib/libfrr.c:1232
>     sonic-net#15 0x55b0e4e6c32a in main zebra/main.c:526
>     sonic-net#16 0x7fa32424fd09 in __libc_start_main ../csu/libc-start.c:308
>
> previously allocated by thread T0 here:
>     #0 0x7fa324caa037 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7fa324668c4d in qcalloc lib/memory.c:105
>     sonic-net#2 0x7fa32474bf33 in route_table_init_with_delegate lib/table.c:38
>     sonic-net#3 0x7fa32474e73c in route_table_init lib/table.c:512
>     sonic-net#4 0x55b0e4fbc353 in zebra_router_get_table zebra/zebra_router.c:137
>     sonic-net#5 0x55b0e4fd4da0 in zebra_vrf_table_create zebra/zebra_vrf.c:358
>     sonic-net#6 0x55b0e4fd3d30 in zebra_vrf_enable zebra/zebra_vrf.c:140
>     sonic-net#7 0x7fa32476f9b2 in vrf_enable lib/vrf.c:286
>     sonic-net#8 0x55b0e4e4af76 in interface_vrf_change zebra/interface.c:1533
>     sonic-net#9 0x55b0e4e4d612 in zebra_if_dplane_ifp_handling zebra/interface.c:1968
>     sonic-net#10 0x55b0e4e4fb89 in zebra_if_dplane_result zebra/interface.c:2268
>     sonic-net#11 0x55b0e4fb9f26 in rib_process_dplane_results zebra/zebra_rib.c:4954
>     sonic-net#12 0x7fa32476689c in event_call lib/event.c:1996
>     sonic-net#13 0x7fa32463b7b2 in frr_run lib/libfrr.c:1232
>     sonic-net#14 0x55b0e4e6c32a in main zebra/main.c:526
>     sonic-net#15 0x7fa32424fd09 in __libc_start_main ../csu/libc-start.c:308

Fixes: d8612e6 ("zebra: Track tables allocated by vrf and cleanup")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
eddieruan-alibaba pushed a commit to eddieruan-alibaba/sonic-frr that referenced this pull request Aug 19, 2025
@louis-6wind
isisd: fix asla memory leak
fe2a07a 
> ==713776==ERROR: LeakSanitizer: detected memory leaks
>
> Direct leak of 120 byte(s) in 1 object(s) allocated from:
>     #0 0x7fdfcbeb4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7fdfcb86f8dd in qcalloc lib/memory.c:105
>     sonic-net#2 0x55ce707739b6 in isis_tlvs_find_alloc_asla isisd/isis_tlvs.c:8500
>     sonic-net#3 0x55ce7072fae0 in isis_link_params_update_asla isisd/isis_te.c:191
>     sonic-net#4 0x55ce70733881 in isis_link_params_update isisd/isis_te.c:499
>     sonic-net#5 0x55ce70693f2a in isis_circuit_up isisd/isis_circuit.c:776
>     sonic-net#6 0x55ce7069a120 in isis_csm_state_change isisd/isis_csm.c:135
>     sonic-net#7 0x55ce7068dd80 in isis_circuit_enable isisd/isis_circuit.c:79
>     sonic-net#8 0x55ce70699346 in isis_ifp_create isisd/isis_circuit.c:1618
>     sonic-net#9 0x7fdfcb81f47f in hook_call_if_real lib/if.c:55
>     sonic-net#10 0x7fdfcb82056e in if_new_via_zapi lib/if.c:188
>     sonic-net#11 0x7fdfcb9d17da in zclient_interface_add lib/zclient.c:2706
>     sonic-net#12 0x7fdfcb9df842 in zclient_read lib/zclient.c:4843
>     sonic-net#13 0x7fdfcb97798e in event_call lib/event.c:2011
>     sonic-net#14 0x7fdfcb842ff1 in frr_run lib/libfrr.c:1216
>     sonic-net#15 0x55ce7067cbf2 in main isisd/isis_main.c:360
>     sonic-net#16 0x7fdfcb229d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Indirect leak of 8 byte(s) in 1 object(s) allocated from:
>     #0 0x7fdfcbeb4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7fdfcb86f8dd in qcalloc lib/memory.c:105
>     sonic-net#2 0x7fdfcb79a7b7 in admin_group_init lib/admin_group.c:186
>     sonic-net#3 0x55ce707739ca in isis_tlvs_find_alloc_asla isisd/isis_tlvs.c:8501
>     sonic-net#4 0x55ce7072fae0 in isis_link_params_update_asla isisd/isis_te.c:191
>     sonic-net#5 0x55ce70733881 in isis_link_params_update isisd/isis_te.c:499
>     sonic-net#6 0x55ce70693f2a in isis_circuit_up isisd/isis_circuit.c:776
>     sonic-net#7 0x55ce7069a120 in isis_csm_state_change isisd/isis_csm.c:135
>     sonic-net#8 0x55ce7068dd80 in isis_circuit_enable isisd/isis_circuit.c:79
>     sonic-net#9 0x55ce70699346 in isis_ifp_create isisd/isis_circuit.c:1618
>     sonic-net#10 0x7fdfcb81f47f in hook_call_if_real lib/if.c:55
>     sonic-net#11 0x7fdfcb82056e in if_new_via_zapi lib/if.c:188
>     sonic-net#12 0x7fdfcb9d17da in zclient_interface_add lib/zclient.c:2706
>     sonic-net#13 0x7fdfcb9df842 in zclient_read lib/zclient.c:4843
>     sonic-net#14 0x7fdfcb97798e in event_call lib/event.c:2011
>     sonic-net#15 0x7fdfcb842ff1 in frr_run lib/libfrr.c:1216
>     sonic-net#16 0x55ce7067cbf2 in main isisd/isis_main.c:360
>     sonic-net#17 0x7fdfcb229d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

PR: 95719
Fixes: 5749ac8 ("isisd: add ASLA support")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
eddieruan-alibaba pushed a commit to eddieruan-alibaba/sonic-frr that referenced this pull request Aug 19, 2025
@louis-6wind
bgpd: fix bgp_pbr_match memory leak
8d9df5c 
> Direct leak of 1144 byte(s) in 13 object(s) allocated from:
>     #0 0x7f3eedeb4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7f3eed86f8dd in qcalloc lib/memory.c:105
>     sonic-net#2 0x55b32d236faf in bgp_pbr_match_alloc_intern bgpd/bgp_pbr.c:1074
>     sonic-net#3 0x7f3eed817d79 in hash_get lib/hash.c:147
>     sonic-net#4 0x55b32d242d9a in bgp_pbr_policyroute_add_to_zebra_unit bgpd/bgp_pbr.c:2486
>     sonic-net#5 0x55b32d244436 in bgp_pbr_policyroute_add_to_zebra bgpd/bgp_pbr.c:2672
>     sonic-net#6 0x55b32d245a05 in bgp_pbr_handle_entry bgpd/bgp_pbr.c:2843
>     sonic-net#7 0x55b32d246912 in bgp_pbr_update_entry bgpd/bgp_pbr.c:2939
>     sonic-net#8 0x55b32d3c7472 in bgp_zebra_announce bgpd/bgp_zebra.c:1618
>     sonic-net#9 0x55b32d26e5e7 in bgp_process_main_one bgpd/bgp_route.c:3691
>     sonic-net#10 0x55b32d26f77d in process_subq_other_route bgpd/bgp_route.c:3856
>     sonic-net#11 0x55b32d2701ff in process_subq bgpd/bgp_route.c:3955
>     sonic-net#12 0x55b32d27029f in meta_queue_process bgpd/bgp_route.c:3980
>     sonic-net#13 0x7f3eed99fdd8 in work_queue_run lib/workqueue.c:282
>     sonic-net#14 0x7f3eed97798e in event_call lib/event.c:2011
>     sonic-net#15 0x7f3eed842ff1 in frr_run lib/libfrr.c:1216
>     sonic-net#16 0x55b32d0a1a15 in main bgpd/bgp_main.c:545
>     sonic-net#17 0x7f3eed229d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Fixes: d114b0d ("bgpd: inject policy route entry from bgp into zebra pbr entries.")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
eddieruan-alibaba pushed a commit to eddieruan-alibaba/sonic-frr that referenced this pull request Aug 19, 2025
@louis-6wind
bgpd: fix bgp_pbr_or_filter memory leaks
eb8281a 
Note that bgp_pbr_policyroute_add_from_zebra() and
bgp_pbr_policyroute_remove_from_zebra() are only called from
bgp_pbr_handle_entry().

>  ==966967==ERROR: LeakSanitizer: detected memory leaks
>
> Direct leak of 40 byte(s) in 1 object(s) allocated from:
>     #0 0x7fd447ab4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7fd44746f8dd in qcalloc lib/memory.c:105
>     sonic-net#2 0x7fd44744401a in list_new lib/linklist.c:49
>     sonic-net#3 0x560f8c094490 in bgp_pbr_handle_entry bgpd/bgp_pbr.c:2818
>     sonic-net#4 0x560f8c095993 in bgp_pbr_update_entry bgpd/bgp_pbr.c:2941
>     sonic-net#5 0x560f8c2164f3 in bgp_zebra_announce bgpd/bgp_zebra.c:1618
>     sonic-net#6 0x560f8c0bd668 in bgp_process_main_one bgpd/bgp_route.c:3691
>     sonic-net#7 0x560f8c0be7fe in process_subq_other_route bgpd/bgp_route.c:3856
>     sonic-net#8 0x560f8c0bf280 in process_subq bgpd/bgp_route.c:3955
>     sonic-net#9 0x560f8c0bf320 in meta_queue_process bgpd/bgp_route.c:3980
>     sonic-net#10 0x7fd44759fdfc in work_queue_run lib/workqueue.c:282
>     sonic-net#11 0x7fd4475779b2 in event_call lib/event.c:2011
>     sonic-net#12 0x7fd447442ff1 in frr_run lib/libfrr.c:1216
>     sonic-net#13 0x560f8bef0a15 in main bgpd/bgp_main.c:545
>     sonic-net#14 0x7fd446e29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 40 byte(s) in 1 object(s) allocated from:
>     #0 0x7fd447ab4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7fd44746f8dd in qcalloc lib/memory.c:105
>     sonic-net#2 0x7fd44744401a in list_new lib/linklist.c:49
>     sonic-net#3 0x560f8c09439d in bgp_pbr_handle_entry bgpd/bgp_pbr.c:2812
>     sonic-net#4 0x560f8c095993 in bgp_pbr_update_entry bgpd/bgp_pbr.c:2941
>     sonic-net#5 0x560f8c2164f3 in bgp_zebra_announce bgpd/bgp_zebra.c:1618
>     sonic-net#6 0x560f8c0bd668 in bgp_process_main_one bgpd/bgp_route.c:3691
>     sonic-net#7 0x560f8c0be7fe in process_subq_other_route bgpd/bgp_route.c:3856
>     sonic-net#8 0x560f8c0bf280 in process_subq bgpd/bgp_route.c:3955
>     sonic-net#9 0x560f8c0bf320 in meta_queue_process bgpd/bgp_route.c:3980
>     sonic-net#10 0x7fd44759fdfc in work_queue_run lib/workqueue.c:282
>     sonic-net#11 0x7fd4475779b2 in event_call lib/event.c:2011
>     sonic-net#12 0x7fd447442ff1 in frr_run lib/libfrr.c:1216
>     sonic-net#13 0x560f8bef0a15 in main bgpd/bgp_main.c:545
>     sonic-net#14 0x7fd446e29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 4 byte(s) in 1 object(s) allocated from:
>     #0 0x7fd447ab4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7fd44746f8dd in qcalloc lib/memory.c:105
>     sonic-net#2 0x560f8c080cec in bgp_pbr_extract_enumerate_unary bgpd/bgp_pbr.c:362
>     sonic-net#3 0x560f8c080f7e in bgp_pbr_extract_enumerate bgpd/bgp_pbr.c:400
>     sonic-net#4 0x560f8c094530 in bgp_pbr_handle_entry bgpd/bgp_pbr.c:2819
>     sonic-net#5 0x560f8c095993 in bgp_pbr_update_entry bgpd/bgp_pbr.c:2941
>     sonic-net#6 0x560f8c2164f3 in bgp_zebra_announce bgpd/bgp_zebra.c:1618
>     sonic-net#7 0x560f8c0bd668 in bgp_process_main_one bgpd/bgp_route.c:3691
>     sonic-net#8 0x560f8c0be7fe in process_subq_other_route bgpd/bgp_route.c:3856
>     sonic-net#9 0x560f8c0bf280 in process_subq bgpd/bgp_route.c:3955
>     sonic-net#10 0x560f8c0bf320 in meta_queue_process bgpd/bgp_route.c:3980
>     sonic-net#11 0x7fd44759fdfc in work_queue_run lib/workqueue.c:282
>     sonic-net#12 0x7fd4475779b2 in event_call lib/event.c:2011
>     sonic-net#13 0x7fd447442ff1 in frr_run lib/libfrr.c:1216
>     sonic-net#14 0x560f8bef0a15 in main bgpd/bgp_main.c:545
>     sonic-net#15 0x7fd446e29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 4 byte(s) in 1 object(s) allocated from:
>     #0 0x7fd447ab4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7fd44746f8dd in qcalloc lib/memory.c:105
>     sonic-net#2 0x560f8c080cec in bgp_pbr_extract_enumerate_unary bgpd/bgp_pbr.c:362
>     sonic-net#3 0x560f8c080f7e in bgp_pbr_extract_enumerate bgpd/bgp_pbr.c:400
>     sonic-net#4 0x560f8c09443d in bgp_pbr_handle_entry bgpd/bgp_pbr.c:2813
>     sonic-net#5 0x560f8c095993 in bgp_pbr_update_entry bgpd/bgp_pbr.c:2941
>     sonic-net#6 0x560f8c2164f3 in bgp_zebra_announce bgpd/bgp_zebra.c:1618
>     sonic-net#7 0x560f8c0bd668 in bgp_process_main_one bgpd/bgp_route.c:3691
>     sonic-net#8 0x560f8c0be7fe in process_subq_other_route bgpd/bgp_route.c:3856
>     sonic-net#9 0x560f8c0bf280 in process_subq bgpd/bgp_route.c:3955
>     sonic-net#10 0x560f8c0bf320 in meta_queue_process bgpd/bgp_route.c:3980
>     sonic-net#11 0x7fd44759fdfc in work_queue_run lib/workqueue.c:282
>     sonic-net#12 0x7fd4475779b2 in event_call lib/event.c:2011
>     sonic-net#13 0x7fd447442ff1 in frr_run lib/libfrr.c:1216
>     sonic-net#14 0x560f8bef0a15 in main bgpd/bgp_main.c:545
>     sonic-net#15 0x7fd446e29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
eddieruan-alibaba pushed a commit to eddieruan-alibaba/sonic-frr that referenced this pull request Aug 19, 2025
@louis-6wind @pguibert6WIND
zebra: fix heap-after-free on shutdown in netns mode
39f6549 
Seen with bfd_vrf_topo1, and bgp_evpn_rt5 on Ubuntu 22.04 hwe.

Do not call ns_delete() from zebra_vrf_delete(), which calls
zebra_ns_delete().

- If a netns is removed from the system, vrf_delete()->zebra_vrf_delete()
  is called before calling ns_delete() (see zebra_ns_notify.c).
- If zebra is terminating, zebra_ns_final_shutdown() will call
  zebra_vrf_delete().

> ==616172==ERROR: AddressSanitizer: heap-use-after-free on address 0x6160000ae3a4 at pc 0x556cdc178d8f bp 0x7ffe4f41ace0 sp 0x7ffe4f41acd0
> READ of size 4 at 0x6160000ae3a4 thread T0
>     #0 0x556cdc178d8e in ctx_info_from_zns zebra/zebra_dplane.c:3394
>     sonic-net#1 0x556cdc178f55 in dplane_ctx_ns_init zebra/zebra_dplane.c:3410
>     sonic-net#2 0x556cdc17b829 in dplane_ctx_nexthop_init zebra/zebra_dplane.c:3759
>     sonic-net#3 0x556cdc18095f in dplane_nexthop_update_internal zebra/zebra_dplane.c:4566
>     sonic-net#4 0x556cdc1813f1 in dplane_nexthop_delete zebra/zebra_dplane.c:4793
>     sonic-net#5 0x556cdc229234 in zebra_nhg_uninstall_kernel zebra/zebra_nhg.c:3484
>     sonic-net#6 0x556cdc21f8fe in zebra_nhg_decrement_ref zebra/zebra_nhg.c:1804
>     sonic-net#7 0x556cdc24b05a in route_entry_update_nhe zebra/zebra_rib.c:456
>     sonic-net#8 0x556cdc255083 in rib_re_nhg_free zebra/zebra_rib.c:2633
>     sonic-net#9 0x556cdc25e3bb in rib_unlink zebra/zebra_rib.c:4049
>     sonic-net#10 0x556cdc24c9b0 in zebra_rtable_node_cleanup zebra/zebra_rib.c:903
>     sonic-net#11 0x7fb25c173144 in route_node_free lib/table.c:75
>     sonic-net#12 0x7fb25c17337f in route_table_free lib/table.c:111
>     sonic-net#13 0x7fb25c172fe4 in route_table_finish lib/table.c:46
>     sonic-net#14 0x556cdc266f62 in zebra_router_free_table zebra/zebra_router.c:191
>     sonic-net#15 0x556cdc2673ef in zebra_router_terminate zebra/zebra_router.c:243
>     sonic-net#16 0x556cdc10638b in zebra_finalize zebra/main.c:240
>     sonic-net#17 0x7fb25c18e012 in event_call lib/event.c:2019
>     sonic-net#18 0x7fb25c04afc6 in frr_run lib/libfrr.c:1247
>     sonic-net#19 0x556cdc106deb in main zebra/main.c:543
>     sonic-net#20 0x7fb25ba29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>     sonic-net#21 0x7fb25ba29e3f in __libc_start_main_impl ../csu/libc-start.c:392
>     sonic-net#22 0x556cdc0c7ed4 in _start (/usr/lib/frr/zebra+0x192ed4)
>
> 0x6160000ae3a4 is located 36 bytes inside of 592-byte region [0x6160000ae380,0x6160000ae5d0)
> freed by thread T0 here:
>     #0 0x7fb25c6b4537 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127
>     sonic-net#1 0x7fb25c0790e3 in qfree lib/memory.c:131
>     sonic-net#2 0x556cdc22d9c9 in zebra_ns_delete zebra/zebra_ns.c:261
>     sonic-net#3 0x7fb25c0ac400 in ns_delete lib/netns_linux.c:319
>     sonic-net#4 0x556cdc28026a in zebra_vrf_delete zebra/zebra_vrf.c:343
>     sonic-net#5 0x7fb25c197443 in vrf_delete lib/vrf.c:282
>     sonic-net#6 0x7fb25c1987e8 in vrf_terminate_single lib/vrf.c:601
>     sonic-net#7 0x7fb25c197a7a in vrf_iterate lib/vrf.c:394
>     sonic-net#8 0x7fb25c198834 in vrf_terminate lib/vrf.c:609
>     sonic-net#9 0x556cdc106345 in zebra_finalize zebra/main.c:223
>     sonic-net#10 0x7fb25c18e012 in event_call lib/event.c:2019
>     sonic-net#11 0x7fb25c04afc6 in frr_run lib/libfrr.c:1247
>     sonic-net#12 0x556cdc106deb in main zebra/main.c:543
>     sonic-net#13 0x7fb25ba29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> previously allocated by thread T0 here:
>     #0 0x7fb25c6b4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     sonic-net#1 0x7fb25c078f91 in qcalloc lib/memory.c:106
>     sonic-net#2 0x556cdc22d6a1 in zebra_ns_new zebra/zebra_ns.c:231
>     sonic-net#3 0x556cdc22e30b in zebra_ns_init zebra/zebra_ns.c:429
>     sonic-net#4 0x556cdc106cec in main zebra/main.c:480
>     sonic-net#5 0x7fb25ba29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> SUMMARY: AddressSanitizer: heap-use-after-free zebra/zebra_dplane.c:3394 in ctx_info_from_zns

Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@preetham-singh preetham-singh preetham-singh approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pavel-shirshov pavel-shirshov

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@tylerlinp @pavel-shirshov @preetham-singh @lguohan @shine4chen @prsunny