Skip to content

Commit

Permalink
bgpd: bmp, fix memory leak in peer messages
Browse files Browse the repository at this point in the history
The following memory leak is observed when running bgp_bmp test.

> ==614841==ERROR: LeakSanitizer: detected memory leaks
>
> Direct leak of 81 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f2b4887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
>     FRRouting#1 0x7f0e9ec771f8 in qmalloc lib/memory.c:101
>     FRRouting#2 0x7f0e9e5a2f89 in bmp_bgp_peer_vrf bgpd/bgp_bmp.c:2211
>     FRRouting#3 0x7f0e9e5a31a8 in bmp_bgp_update_vrf_status bgpd/bgp_bmp.c:2247
>     FRRouting#4 0x7f0e9e5b0325 in bmp_bgp_attribute_updated_instance bgpd/bgp_bmp.c:3476
>     FRRouting#5 0x7f0e9e5b0661 in bmp_bgp_attribute_updated bgpd/bgp_bmp.c:3526
>     FRRouting#6 0x7f0e9e5b08ae in bmp_routerid_update bgpd/bgp_bmp.c:3547
>     FRRouting#7 0x55cdc4bcbd88 in hook_call_bgp_routerid_update bgpd/bgpd.c:89
>     FRRouting#8 0x55cdc4bccf0b in bgp_router_id_set bgpd/bgpd.c:305
>     FRRouting#9 0x55cdc4bcd87d in bgp_router_id_zebra_bump bgpd/bgpd.c:393
>     FRRouting#10 0x55cdc4ba87d5 in bgp_router_id_update bgpd/bgp_zebra.c:99
>     FRRouting#11 0x7f0e9ede3f0b in zclient_read lib/zclient.c:4626
>     FRRouting#12 0x7f0e9ed8074d in event_call lib/event.c:1996
>     FRRouting#13 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     FRRouting#14 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     FRRouting#15 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 81 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f2b4887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
>     FRRouting#1 0x7f0e9ec771f8 in qmalloc lib/memory.c:101
>     FRRouting#2 0x7f0e9e5a2ed8 in bmp_bgp_peer_vrf bgpd/bgp_bmp.c:2207
>     FRRouting#3 0x7f0e9e5a31a8 in bmp_bgp_update_vrf_status bgpd/bgp_bmp.c:2247
>     FRRouting#4 0x7f0e9e5b0325 in bmp_bgp_attribute_updated_instance bgpd/bgp_bmp.c:3476
>     FRRouting#5 0x7f0e9e5b0661 in bmp_bgp_attribute_updated bgpd/bgp_bmp.c:3526
>     FRRouting#6 0x7f0e9e5b08ae in bmp_routerid_update bgpd/bgp_bmp.c:3547
>     FRRouting#7 0x55cdc4bcbd88 in hook_call_bgp_routerid_update bgpd/bgpd.c:89
>     FRRouting#8 0x55cdc4bccf0b in bgp_router_id_set bgpd/bgpd.c:305
>     FRRouting#9 0x55cdc4bcd87d in bgp_router_id_zebra_bump bgpd/bgpd.c:393
>     FRRouting#10 0x55cdc4ba87d5 in bgp_router_id_update bgpd/bgp_zebra.c:99
>     FRRouting#11 0x7f0e9ede3f0b in zclient_read lib/zclient.c:4626
>     FRRouting#12 0x7f0e9ed8074d in event_call lib/event.c:1996
>     FRRouting#13 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     FRRouting#14 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     FRRouting#15 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 64 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f2b4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
>     FRRouting#1 0x7f0e9ec77235 in qcalloc lib/memory.c:106
>     FRRouting#2 0x7f0e9e5a498d in bmp_imported_bgp_get bgpd/bgp_bmp.c:2441
>     FRRouting#3 0x7f0e9e5acbed in bmp_import_vrf_magic bgpd/bgp_bmp.c:2855
>     FRRouting#4 0x7f0e9e5a7f97 in bmp_import_vrf bgpd/bgp_bmp_clippy.c:147
>     FRRouting#5 0x7f0e9ebb1178 in cmd_execute_command_real lib/command.c:1003
>     FRRouting#6 0x7f0e9ebb1505 in cmd_execute_command lib/command.c:1062
>     FRRouting#7 0x7f0e9ebb21d7 in cmd_execute lib/command.c:1228
>     FRRouting#8 0x7f0e9ed90bf0 in vty_command lib/vty.c:626
>     FRRouting#9 0x7f0e9ed95ad5 in vty_execute lib/vty.c:1389
>     FRRouting#10 0x7f0e9ed9c01e in vtysh_read lib/vty.c:2408
>     FRRouting#11 0x7f0e9ed8074d in event_call lib/event.c:1996
>     FRRouting#12 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     FRRouting#13 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     FRRouting#14 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Direct leak of 6 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f25b9a7 in __interceptor_strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:454
>     FRRouting#1 0x7f0e9ec772fa in qstrdup lib/memory.c:118
>     FRRouting#2 0x55cdc4b57d54 in af_rd_vpn_export_magic bgpd/bgp_vty.c:9814
>     FRRouting#3 0x55cdc4b288d7 in af_rd_vpn_export bgpd/bgp_vty_clippy.c:3493
>     FRRouting#4 0x7f0e9ebb1178 in cmd_execute_command_real lib/command.c:1003
>     FRRouting#5 0x7f0e9ebb1505 in cmd_execute_command lib/command.c:1062
>     FRRouting#6 0x7f0e9ebb21d7 in cmd_execute lib/command.c:1228
>     FRRouting#7 0x7f0e9ed90bf0 in vty_command lib/vty.c:626
>     FRRouting#8 0x7f0e9ed95ad5 in vty_execute lib/vty.c:1389
>     FRRouting#9 0x7f0e9ed9c01e in vtysh_read lib/vty.c:2408
>     FRRouting#10 0x7f0e9ed8074d in event_call lib/event.c:1996
>     FRRouting#11 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     FRRouting#12 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     FRRouting#13 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> Indirect leak of 5 byte(s) in 1 object(s) allocated from:
>     #0 0x7f0e9f25b9a7 in __interceptor_strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:454
>     FRRouting#1 0x7f0e9ec772fa in qstrdup lib/memory.c:118
>     FRRouting#2 0x7f0e9e5a49ae in bmp_imported_bgp_get bgpd/bgp_bmp.c:2443
>     FRRouting#3 0x7f0e9e5acbed in bmp_import_vrf_magic bgpd/bgp_bmp.c:2855
>     FRRouting#4 0x7f0e9e5a7f97 in bmp_import_vrf bgpd/bgp_bmp_clippy.c:147
>     FRRouting#5 0x7f0e9ebb1178 in cmd_execute_command_real lib/command.c:1003
>     FRRouting#6 0x7f0e9ebb1505 in cmd_execute_command lib/command.c:1062
>     FRRouting#7 0x7f0e9ebb21d7 in cmd_execute lib/command.c:1228
>     FRRouting#8 0x7f0e9ed90bf0 in vty_command lib/vty.c:626
>     FRRouting#9 0x7f0e9ed95ad5 in vty_execute lib/vty.c:1389
>     FRRouting#10 0x7f0e9ed9c01e in vtysh_read lib/vty.c:2408
>     FRRouting#11 0x7f0e9ed8074d in event_call lib/event.c:1996
>     FRRouting#12 0x7f0e9ec48933 in frr_run lib/libfrr.c:1232
>     FRRouting#13 0x55cdc48a9a27 in main bgpd/bgp_main.c:555
>     FRRouting#14 0x7f0e9e629d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> SUMMARY: AddressSanitizer: 237 byte(s) leaked in 5 allocation(s).

Fix this by freeing the missing memory block that helps building the
open message to send to remote bmp collector.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
  • Loading branch information
pguibert6WIND committed Dec 17, 2024
1 parent 67bdeaa commit ad213de
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions bgpd/bgp_bmp.c
Original file line number Diff line number Diff line change
Expand Up @@ -2249,6 +2249,7 @@ bool bmp_bgp_update_vrf_status(enum bmp_vrf_state *vrf_state, struct bgp *bgp,
bbpeer = bmp_bgp_peer_find(peer->qobj_node.nid);
if (bbpeer) {
XFREE(MTYPE_BMP_OPEN, bbpeer->open_rx);
XFREE(MTYPE_BMP_OPEN, bbpeer->open_tx);
bmp_peerh_del(&bmp_peerh, bbpeer);
XFREE(MTYPE_BMP_PEER, bbpeer);
}
Expand Down

0 comments on commit ad213de

Please sign in to comment.