Add tests for multiple distributed gateway ports #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AbhiramSangana
referenced
this pull request
in AbhiramSangana/ovn
Jul 26, 2021
This is benign but AddressSanitizer was complaining about it:
Direct leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x7fa93cd6d667 in __interceptor_malloc (/lib64/libasan.so.6+0xb0667)
#1 0x1be8d3e in xmalloc__ lib/util.c:137
#2 0x1be8e1a in xmalloc lib/util.c:172
#3 0x1b799d3 in json_create lib/json.c:1451
#4 0x1b74314 in json_integer_create lib/json.c:263
#5 0x1b7d38a in jsonrpc_create_id lib/jsonrpc.c:563
#6 0x1b7d3a5 in jsonrpc_create_request lib/jsonrpc.c:570
#7 0x1b8d851 in ovsdb_cs_send_transaction lib/ovsdb-cs.c:1376
#8 0x40b017 in northd_send_output_only_data_request northd/ovn-northd-ddlog.c:290
#9 0x40c802 in northd_run northd/ovn-northd-ddlog.c:568
#10 0x410225 in main northd/ovn-northd-ddlog.c:1289
#11 0x7fa93c4a9081 in __libc_start_main ../csu/libc-start.c:308
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Ben Pfaff <blp@ovn.org>
hzhou8
pushed a commit
that referenced
this pull request
Feb 7, 2022
UB Sanitizer reports:
controller/pinctrl.c:4607:17: runtime error: member access within misaligned address 0x7efe1c19994e for type 'struct ip6_hdr', which requires 4 byte alignment
0x7efe1c19994e: note: pointer points here
02 fe 86 dd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
#0 0x477817 in pinctrl_compose_ipv6 controller/pinctrl.c:4607
#1 0x47cbaa in ip_mcast_querier_send_mld controller/pinctrl.c:5445
[...]
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Numan Siddique <numans@ovn.org>
Signed-off-by: Mark Michelson <mmichels@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
Feb 7, 2022
UB Sanitizer report:
controller/pinctrl.c:1921:54: runtime error: member access within misaligned address 0x00000261ce26 for type 'const struct sctp_init_chunk', which requires 4 byte alignment
0x00000261ce26: note: pointer points here
01 00 00 14 00 00 00 02 00 00 00 00 00 01 00 01 00 00 00 02 00 00 00 03 00 05 11 00 00 00 00 04
^
#0 0x466da5 in pinctrl_handle_sctp_abort controller/pinctrl.c:1921
#1 0x46725a in pinctrl_handle_reject controller/pinctrl.c:1975
[...]
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Numan Siddique <numans@ovn.org>
Signed-off-by: Mark Michelson <mmichels@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
Feb 7, 2022
UB Sanitizer report:
controller/pinctrl.c:2945:33: runtime error: load of misaligned address 0x000002ce5407 for type 'const ovs_be16', which requires 2 byte alignment
0x000002ce5407: note: pointer points here
6f 72 67 00 00 01 00 01 00 00 00 00 00 00 03 00 05 00 00 00 00 00 04 00 10 00 00 00 00 00 00 00
^
#0 0x46d12d in pinctrl_handle_dns_lookup controller/pinctrl.c:2945
#1 0x46e6fa in process_packet_in controller/pinctrl.c:3186
[...]
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Numan Siddique <numans@ovn.org>
Signed-off-by: Mark Michelson <mmichels@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
Feb 7, 2022
UB Sanitizer report:
controller/pinctrl.c:1700:21: runtime error: member access within misaligned address 0x7f8b1195e58e for type 'struct ip6_hdr', which requires 4 byte alignment
0x7f8b1195e58e: note: pointer points here
00 21 86 dd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^
#0 0x464f92 in pinctrl_handle_icmp controller/pinctrl.c:1700
#1 0x467344 in pinctrl_handle_reject controller/pinctrl.c:1967
#2 0x46e96e in process_packet_in controller/pinctrl.c:3217
[...]
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Numan Siddique <numans@ovn.org>
Signed-off-by: Mark Michelson <mmichels@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
Feb 7, 2022
UB Sanitizer report:
lib/actions.c:1849:23: runtime error: member access within misaligned address 0x000002cefc83 for type 'struct controller_event_opt_header', which requires 2 byte alignment
0x000002cefc83: note: pointer points here
31 3a 38 30 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 57 30 2c 20 70 72 00 07 41 00 00 00 00 00 00
^
#0 0x457034 in encode_event_empty_lb_backends_opts lib/actions.c:1849
#1 0x4573fa in encode_TRIGGER_EVENT lib/actions.c:1873
#2 0x46b95d in ovnact_encode lib/actions.c:4263
#3 0x46bb23 in ovnacts_encode lib/actions.c:4281
[...]
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Numan Siddique <numans@ovn.org>
Signed-off-by: Mark Michelson <mmichels@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
Feb 7, 2022
UB Sanitizer report:
controller/pinctrl.c:6013:27: runtime error: member access within misaligned address 0x000002028836 for type 'struct ovs_ra_msg', which requires 4 byte alignment
0x000002028836: note: pointer points here
00 00 00 02 86 00 00 00 ff 00 ff ff 00 00 00 00 00 00 00 00 01 01 fa 16 3e 00 00 01 03 04 40 c0
^
#0 0x47fb65 in pinctrl_handle_put_nd_ra_opts controller/pinctrl.c:6013
#1 0x46e0f1 in process_packet_in controller/pinctrl.c:3165
[...]
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Numan Siddique <numans@ovn.org>
Signed-off-by: Mark Michelson <mmichels@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
Feb 7, 2022
Reported by UB Sanitizer:
lib/actions.c:2309:54: runtime error: applying zero offset to null pointer
#0 0x4fa41b in free_gen_options /root/ovn/lib/actions.c:2309:54
#1 0x4d6f87 in ovnact_free /root/ovn/lib/actions.c:4297:9
#2 0x4d6f87 in ovnacts_free /root/ovn/lib/actions.c:4315:13
#3 0x4d67b6 in ovnacts_parse /root/ovn/lib/actions.c:4189:9
#4 0x4d74a7 in ovnacts_parse_string /root/ovn/lib/actions.c:4208:5
ovn-org#5 0x49d3e7 in test_parse_actions /root/ovn/tests/test-ovn.c:1324:17
utilities/ovn-dbctl.c:467:16: runtime error: applying zero offset to null pointer
#0 0x498a56 in has_option /root/ovn/utilities/ovn-dbctl.c:467:16
#1 0x497f91 in ovn_dbctl_main /root/ovn/utilities/ovn-dbctl.c:167:13
#2 0x4a0b46 in main /root/ovn/utilities/ovn-sbctl.c:1526:12
#3 0x7ff3cdd56b74 in __libc_start_main (/lib64/libc.so.6+0x27b74)
#4 0x47147d in _start (/root/ovn/utilities/ovn-sbctl+0x47147d)
utilities/ovn-dbctl.c:1063:29: runtime error: applying zero offset to null pointer
#0 0x4bf407 in server_cmd_run /root/ovn/utilities/ovn-dbctl.c:1063:29
#1 0x739bdc in process_command /root/ovs/lib/unixctl.c:310:13
#2 0x73853e in run_connection /root/ovs/lib/unixctl.c:344:17
#3 0x738228 in unixctl_server_run /root/ovs/lib/unixctl.c:395:21
#4 0x4badf5 in server_loop /root/ovn/utilities/ovn-dbctl.c:1128:9
ovn-org#5 0x4badf5 in ovn_dbctl_main /root/ovn/utilities/ovn-dbctl.c:196:9
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Mark Michelson <mmichels@redhat.com>
Signed-off-by: Numan Siddique <numans@ovn.org>
hzhou8
pushed a commit
that referenced
this pull request
Feb 7, 2022
packet_set_ipv6() calls packet_rh_present() which expects L3 and L4
offsets to be set in the packet. If not, it may incorrectly iterate
outside the bounds of the packet.
We now call dp_packet_set_l4() before packet_set_ipv6() in
pinctrl_compose_ipv6(). This also means that now packet_set_ipv6() will
update the L4 checksums so we need to make sure we zero them out when
recomputing them, e.g., in pinctrl_handle_tcp_reset().
Reported by AddressSanitizer:
==3919971==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fd9eecfc7b4 at pc 0x00000065d7a7 bp 0x7fd9eecfc580 sp 0x7fd9eecfc578
READ of size 1 at 0x7fd9eecfc7b4 thread T1 (ovn_pinctrl0)
#0 0x65d7a6 in packet_rh_present lib/packets.c:1220
#1 0x65d7a6 in packet_set_ipv6 lib/packets.c:1339
#2 0x450eeb in pinctrl_compose_ipv6 controller/pinctrl.c:4577
#3 0x4540f3 in ip_mcast_querier_send_mld controller/pinctrl.c:5408
#4 0x478de5 in ip_mcast_querier_send controller/pinctrl.c:5463
ovn-org#5 0x478de5 in ip_mcast_querier_run controller/pinctrl.c:5486
ovn-org#6 0x478de5 in pinctrl_handler controller/pinctrl.c:3400
ovn-org#7 0x62f183 in ovsthread_wrapper lib/ovs-thread.c:422
ovn-org#8 0x7fd9f26cd298 in start_thread /usr/src/debug/glibc-2.33-20.fc34.x86_64/nptl/pthread_create.c:481
ovn-org#9 0x7fd9f24a4352 in clone (/lib64/libc.so.6+0x100352)
Address 0x7fd9eecfc7b4 is located in stack of thread T1 (ovn_pinctrl0) at offset 292 in frame
#0 0x453eff in ip_mcast_querier_send_mld controller/pinctrl.c:5402
This frame has 6 object(s):
[32, 48) 'unspecified' (line 5422)
[64, 128) 'ofpacts' (line 5427)
[160, 288) 'packet_stub' (line 5404) <== Memory access at offset 292 overflows this variable
Fixes: 6e475f9 ("pinctrl: Ensure proper alignment when using pinctrl_compose_ipv*().")
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Mark Michelson <mmichels@redhat.com>
Signed-off-by: Numan Siddique <numans@ovn.org>
hzhou8
added a commit
that referenced
this pull request
Mar 9, 2022
Fix it by using shash_destroy_free_data() instead of shash_destroy().
Example of asan log of this memory leak:
Direct leak of 232 byte(s) in 29 object(s) allocated from:
#0 0x534b0f in malloc (/home/hanzhou/src/ovn/_build_as/controller/ovn-controller+0x534b0f)
#1 0x73bd4d in xmalloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:137:15
#2 0x73bd4d in xmalloc /home/hanzhou/src/ovs/_build/../lib/util.c:172:12
#3 0x638c49 in parse_constant_set /home/hanzhou/src/ovn/_build_as/../lib/expr.c:971:14
#4 0x64450d in expr_parse_primary /home/hanzhou/src/ovn/_build_as/../lib/expr.c:1390:44
ovn-org#5 0x63aefc in expr_parse_not /home/hanzhou/src/ovn/_build_as/../lib/expr.c:1479:16
ovn-org#6 0x63ac45 in expr_parse__ /home/hanzhou/src/ovn/_build_as/../lib/expr.c:1486:22
ovn-org#7 0x63b500 in expr_parse /home/hanzhou/src/ovn/_build_as/../lib/expr.c:1535:34
ovn-org#8 0x63b500 in expr_parse_string /home/hanzhou/src/ovn/_build_as/../lib/expr.c:1557:25
ovn-org#9 0x598a56 in convert_match_to_expr /home/hanzhou/src/ovn/_build_as/../controller/lflow.c:1240:22
ovn-org#10 0x591c07 in consider_logical_flow__ /home/hanzhou/src/ovn/_build_as/../controller/lflow.c:1407:16
ovn-org#11 0x58d641 in add_logical_flows /home/hanzhou/src/ovn/_build_as/../controller/lflow.c:393:9
ovn-org#12 0x58d641 in lflow_run /home/hanzhou/src/ovn/_build_as/../controller/lflow.c:2444:5
ovn-org#13 0x5f57a3 in en_lflow_output_run /home/hanzhou/src/ovn/_build_as/../controller/ovn-controller.c:2449:5
ovn-org#14 0x65bc04 in engine_recompute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:380:5
ovn-org#15 0x65b2a3 in engine_run_node /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:456:17
ovn-org#16 0x65b2a3 in engine_run /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:493:9
ovn-org#17 0x5ef9c1 in main /home/hanzhou/src/ovn/_build_as/../controller/ovn-controller.c
ovn-org#18 0x7f82418691a1 in __libc_start_main (/lib64/libc.so.6+0x281a1)
Reported-by: Numan Siddique <numans@ovn.org>
Fixes: aa3e4e8 ("lflow: Track reference count of address sets when parsing lflows.")
Signed-off-by: Han Zhou <hzhou@ovn.org>
hzhou8
added a commit
that referenced
this pull request
Mar 9, 2022
The asan log:
Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x534cb7 in calloc (/home/hanzhou/src/ovn/_build_as/controller/ovn-controller+0x534cb7)
#1 0x73bf9e in xcalloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:121:31
#2 0x73bf9e in xzalloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:131:12
#3 0x73bf9e in xzalloc /home/hanzhou/src/ovs/_build/../lib/util.c:165:12
#4 0x5f7629 in addr_sets_update /home/hanzhou/src/ovn/_build_as/../controller/ovn-controller.c:1484:21
ovn-org#5 0x5f7629 in addr_sets_sb_address_set_handler /home/hanzhou/src/ovn/_build_as/../controller/ovn-controller.c:1531:5
ovn-org#6 0x65b140 in engine_compute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:406:28
ovn-org#7 0x65b140 in engine_run_node /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:468:14
ovn-org#8 0x65b140 in engine_run /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:493:9
ovn-org#9 0x5ef9c1 in main /home/hanzhou/src/ovn/_build_as/../controller/ovn-controller.c
ovn-org#10 0x7f3092dda1a1 in __libc_start_main (/lib64/libc.so.6+0x281a1)
Reported-by: Numan Siddique <numans@ovn.org>
Fixes: 6a60154 ("ovn-controller: Handle addresses deletion in address set incrementally.")
Signed-off-by: Han Zhou <hzhou@ovn.org>
hzhou8
pushed a commit
that referenced
this pull request
Jun 25, 2022
Avoid the following crash in ovn-trace due to a reject action infinite
loop:
AddressSanitizer:DEADLYSIGNAL
==569410==ERROR: AddressSanitizer: stack-overflow on address 0x7ffc0a991bc4 (pc 0x000000415081 bp 0x7ffc0a993fa0 sp 0x7ffc0a991b30 T0)
#0 0x415081 in trace_actions utilities/ovn-trace.c:2617
#1 0x41d878 in trace_actions utilities/ovn-trace.c:2622
#2 0x41d878 in trace__ utilities/ovn-trace.c:3007
#3 0x41e3a8 in execute_output utilities/ovn-trace.c:1700
#4 0x416fcf in trace_actions utilities/ovn-trace.c:2640
ovn-org#5 0x41d878 in trace_actions utilities/ovn-trace.c:2622
ovn-org#6 0x41d878 in trace__ utilities/ovn-trace.c:3007
ovn-org#7 0x41788d in execute_next utilities/ovn-trace.c:2307
ovn-org#8 0x41788d in trace_actions utilities/ovn-trace.c:2644
ovn-org#9 0x41a7c0 in trace_actions utilities/ovn-trace.c:2622
ovn-org#10 0x41a7c0 in execute_sctp4_abort utilities/ovn-trace.c:1985
ovn-org#11 0x419671 in execute_reject utilities/ovn-trace.c:2049
ovn-org#12 0x419671 in trace_actions utilities/ovn-trace.c:2860
ovn-org#13 0x41d878 in trace_actions utilities/ovn-trace.c:2622
ovn-org#14 0x41d878 in trace__ utilities/ovn-trace.c:3007
ovn-org#15 0x41e3a8 in execute_output utilities/ovn-trace.c:1700
ovn-org#16 0x416fcf in trace_actions utilities/ovn-trace.c:2640
ovn-org#17 0x41d878 in trace_actions utilities/ovn-trace.c:2622
ovn-org#18 0x41d878 in trace__ utilities/ovn-trace.c:3007
ovn-org#19 0x41788d in execute_next utilities/ovn-trace.c:2307
ovn-org#20 0x41788d in trace_actions utilities/ovn-trace.c:2644
ovn-org#21 0x41a7c0 in trace_actions utilities/ovn-trace.c:2622
ovn-org#22 0x41a7c0 in execute_sctp4_abort utilities/ovn-trace.c:1985
ovn-org#23 0x419671 in execute_reject utilities/ovn-trace.c:2049
ovn-org#24 0x419671 in trace_actions utilities/ovn-trace.c:2860
ovn-org#25 0x41d878 in trace_actions utilities/ovn-trace.c:2622
ovn-org#26 0x41d878 in trace__ utilities/ovn-trace.c:3007
ovn-org#27 0x41e3a8 in execute_output utilities/ovn-trace.c:1700
ovn-org#28 0x416fcf in trace_actions utilities/ovn-trace.c:2640
ovn-org#29 0x41d878 in trace_actions utilities/ovn-trace.c:2622
ovn-org#30 0x41d878 in trace__ utilities/ovn-trace.c:3007
ovn-org#31 0x41788d in execute_next utilities/ovn-trace.c:2307
ovn-org#32 0x41788d in trace_actions utilities/ovn-trace.c:2644
ovn-org#33 0x41a7c0 in trace_actions utilities/ovn-trace.c:2622
ovn-org#34 0x41a7c0 in execute_sctp4_abort utilities/ovn-trace.c:1985
ovn-org#35 0x419671 in execute_reject utilities/ovn-trace.c:2049
ovn-org#36 0x419671 in trace_actions utilities/ovn-trace.c:2860
ovn-org#37 0x41d878 in trace_actions utilities/ovn-trace.c:2622
ovn-org#38 0x41d878 in trace__ utilities/ovn-trace.c:3007
ovn-org#39 0x41e3a8 in execute_output utilities/ovn-trace.c:1700
ovn-org#40 0x416fcf in trace_actions utilities/ovn-trace.c:2640
ovn-org#41 0x41d878 in trace_actions utilities/ovn-trace.c:2622
ovn-org#42 0x41d878 in trace__ utilities/ovn-trace.c:3007
ovn-org#43 0x41788d in execute_next utilities/ovn-trace.c:2307
....
The issue can be triggered with the following reproducer:
$ovn-nbctl ls-add sw
$ovn-nbctl lsp-add sw p1
$ovn-nbctl lsp-set-addresses p1 "00:00:00:00:00:02 192.168.0.2"
$ovn-nbctl lsp-add sw p2
$ovn-nbctl lsp-set-addresses p2 "00:00:00:00:00:03 192.168.0.3"
$ovn-nbctl pg-add pg1 p1 p2
$ovn-nbctl acl-add pg1 to-lport 2003 "inport==@pg1 && ip4 && ip4.src == 192.168.0.0/16 && udp && udp.dst == 9000" allow
$ovn-nbctl acl-add pg1 to-lport 2001 "inport==@pg1" reject
$ovn-trace 'inport == "p2" && eth.src == 00:00:00:00:00:03 && eth.dst == 00:00:00:00:00:02 && ip.ttl==42 && ip4.src == 192.168.0.3'
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2074537
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Acked-by: Mark Michelson <mmichels@redhat.com>
Signed-off-by: Mark Michelson <mmichels@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
Jan 5, 2023
This avoids misaligned accesses as flagged by UBSan when running CoPP
system tests:
controller/pinctrl.c:7129:28: runtime error: member access within misaligned address 0x61b0000627be for type 'const struct bfd_msg', which requires 4 byte alignment
0x61b0000627be: note: pointer points here
00 20 d3 d4 20 60 05 18 a8 99 e7 7b 92 1d 36 73 00 0f 42 40 00 0f 42 40 00 00 00 00 00 00 00 03
^
#0 0x621b8f in pinctrl_check_bfd_msg /root/ovn/controller/pinctrl.c:7129:28
#1 0x621b8f in pinctrl_handle_bfd_msg /root/ovn/controller/pinctrl.c:7183:10
#2 0x621b8f in process_packet_in /root/ovn/controller/pinctrl.c:3320:9
#3 0x621b8f in pinctrl_recv /root/ovn/controller/pinctrl.c:3386:9
#4 0x621b8f in pinctrl_handler /root/ovn/controller/pinctrl.c:3481:17
ovn-org#5 0xa2d89a in ovsthread_wrapper /root/ovn/ovs/lib/ovs-thread.c:422:12
ovn-org#6 0x7fcb598081ce in start_thread (/lib64/libpthread.so.0+0x81ce)
ovn-org#7 0x7fcb58439dd2 in clone (/lib64/libc.so.6+0x39dd2)
Fixes: 1172035 ("controller: introduce BFD tx path in ovn-controller.")
Reported-by: Ilya Maximets <i.maximets@ovn.org>
Acked-by: Ales Musil <amusil@redhat.com>
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
May 3, 2023
Nothing is being freed wherever we are calling
ctl_fatal which is fine because the program is
about to shutdown anyway however one of the
leaks was caught by address sanitizer.
Fix most of the leaks that are happening before
call to ctl_fatal.
Direct leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x568d70 in __interceptor_realloc.part.0 asan_malloc_linux.cpp.o
#1 0xa530a5 in xrealloc__ /workspace/ovn/ovs/lib/util.c:147:9
#2 0xa530a5 in xrealloc /workspace/ovn/ovs/lib/util.c:179:12
#3 0xa530a5 in x2nrealloc /workspace/ovn/ovs/lib/util.c:239:12
#4 0xa2ee57 in svec_expand /workspace/ovn/ovs/lib/svec.c:92:23
ovn-org#5 0xa2ef6e in svec_terminate /workspace/ovn/ovs/lib/svec.c:116:5
ovn-org#6 0x82c117 in ovs_cmdl_env_parse_all /workspace/ovn/ovs/lib/command-line.c:98:5
ovn-org#7 0x5ad70d in ovn_dbctl_main /workspace/ovn/utilities/ovn-dbctl.c:132:20
ovn-org#8 0x5b58c7 in main /workspace/ovn/utilities/ovn-nbctl.c:7943:12
Indirect leak of 10 byte(s) in 1 object(s) allocated from:
#0 0x569c07 in malloc (/workspace/ovn/utilities/ovn-nbctl+0x569c07) (BuildId: 3a287416f70de43f52382f0336980c876f655f90)
#1 0xa52d4c in xmalloc__ /workspace/ovn/ovs/lib/util.c:137:15
#2 0xa52d4c in xmalloc /workspace/ovn/ovs/lib/util.c:172:12
#3 0xa52d4c in xmemdup0 /workspace/ovn/ovs/lib/util.c:193:15
#4 0xa2e580 in svec_add /workspace/ovn/ovs/lib/svec.c:71:27
ovn-org#5 0x82c041 in ovs_cmdl_env_parse_all /workspace/ovn/ovs/lib/command-line.c:91:5
ovn-org#6 0x5ad70d in ovn_dbctl_main /workspace/ovn/utilities/ovn-dbctl.c:132:20
ovn-org#7 0x5b58c7 in main /workspace/ovn/utilities/ovn-nbctl.c:7943:12
Indirect leak of 8 byte(s) in 2 object(s) allocated from:
#0 0x569c07 in malloc (/workspace/ovn/utilities/ovn-nbctl+0x569c07)
#1 0xa52d4c in xmalloc__ /workspace/ovn/ovs/lib/util.c:137:15
#2 0xa52d4c in xmalloc /workspace/ovn/ovs/lib/util.c:172:12
#3 0xa52d4c in xmemdup0 /workspace/ovn/ovs/lib/util.c:193:15
#4 0xa2e580 in svec_add /workspace/ovn/ovs/lib/svec.c:71:27
ovn-org#5 0x82c0b6 in ovs_cmdl_env_parse_all /workspace/ovn/ovs/lib/command-line.c:96:9
ovn-org#6 0x5ad70d in ovn_dbctl_main /workspace/ovn/utilities/ovn-dbctl.c:132:20
ovn-org#7 0x5b58c7 in main /workspace/ovn/utilities/ovn-nbctl.c:7943:12
Signed-off-by: Ales Musil <amusil@redhat.com>
Reviewed-by: Simon Horman <simon.horman@corigine.com>
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
hzhou8
added a commit
that referenced
this pull request
Jun 29, 2023
…eletion.
When multiple LSP deletions are handled in incremental processing, if it
hits a LSP that can't be incrementally processed after incrementally
processing some LSP deletions, it falls back to recompute without
destroying the ovn_port objects that are already handled in the handler,
resulting in memory leaks. See example below, which is detected by the
new test case added by this patch when running with address sanitizer.
=======================
Indirect leak of 936 byte(s) in 3 object(s) allocated from:
#0 0x55bce7 in calloc (/home/hanzhou/src/ovn/_build_as/northd/ovn-northd+0x55bce7)
#1 0x773f4e in xcalloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:121:31
#2 0x773f4e in xzalloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:131:12
#3 0x773f4e in xzalloc /home/hanzhou/src/ovs/_build/../lib/util.c:165:12
#4 0x60106c in en_northd_run /home/hanzhou/src/ovn/_build_as/../northd/en-northd.c:137:5
ovn-org#5 0x61c6a8 in engine_recompute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:415:5
ovn-org#6 0x61bee0 in engine_compute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:454:17
ovn-org#7 0x61bee0 in engine_run_node /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:503:14
ovn-org#8 0x61bee0 in engine_run /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:528:9
ovn-org#9 0x605e23 in inc_proc_northd_run /home/hanzhou/src/ovn/_build_as/../northd/inc-proc-northd.c:317:9
ovn-org#10 0x5fe43b in main /home/hanzhou/src/ovn/_build_as/../northd/ovn-northd.c:934:33
ovn-org#11 0x7f473933c1a1 in __libc_start_main (/lib64/libc.so.6+0x281a1)
Indirect leak of 204 byte(s) in 3 object(s) allocated from:
#0 0x55bea8 in realloc (/home/hanzhou/src/ovn/_build_as/northd/ovn-northd+0x55bea8)
#1 0x773c7d in xrealloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:147:9
#2 0x773c7d in xrealloc /home/hanzhou/src/ovs/_build/../lib/util.c:179:12
#3 0x614bd4 in extract_addresses /home/hanzhou/src/ovn/_build_as/../lib/ovn-util.c:228:12
#4 0x614bd4 in extract_lsp_addresses /home/hanzhou/src/ovn/_build_as/../lib/ovn-util.c:243:20
ovn-org#5 0x5c8d90 in parse_lsp_addrs /home/hanzhou/src/ovn/_build_as/../northd/northd.c:2468:21
ovn-org#6 0x5b2ebf in join_logical_ports /home/hanzhou/src/ovn/_build_as/../northd/northd.c:2594:13
ovn-org#7 0x5b2ebf in build_ports /home/hanzhou/src/ovn/_build_as/../northd/northd.c:4711:5
ovn-org#8 0x5b2ebf in ovnnb_db_run /home/hanzhou/src/ovn/_build_as/../northd/northd.c:17376:5
ovn-org#9 0x60106c in en_northd_run /home/hanzhou/src/ovn/_build_as/../northd/en-northd.c:137:5
ovn-org#10 0x61c6a8 in engine_recompute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:415:5
ovn-org#11 0x61bee0 in engine_compute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:454:17
ovn-org#12 0x61bee0 in engine_run_node /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:503:14
ovn-org#13 0x61bee0 in engine_run /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:528:9
ovn-org#14 0x605e23 in inc_proc_northd_run /home/hanzhou/src/ovn/_build_as/../northd/inc-proc-northd.c:317:9
ovn-org#15 0x5fe43b in main /home/hanzhou/src/ovn/_build_as/../northd/ovn-northd.c:934:33
ovn-org#16 0x7f473933c1a1 in __libc_start_main (/lib64/libc.so.6+0x281a1)
...
Fixes: b337750 ("northd: Incremental processing of VIF changes in 'northd' node.")
Reported-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Han Zhou <hzhou@ovn.org>
hzhou8
added a commit
that referenced
this pull request
Jul 1, 2023
…eletion.
When multiple LSP deletions are handled in incremental processing, if it
hits a LSP that can't be incrementally processed after incrementally
processing some LSP deletions, it falls back to recompute without
destroying the ovn_port objects that are already handled in the handler,
resulting in memory leaks. See example below, which is detected by the
new test case added by this patch when running with address sanitizer.
=======================
Indirect leak of 936 byte(s) in 3 object(s) allocated from:
#0 0x55bce7 in calloc (/home/hanzhou/src/ovn/_build_as/northd/ovn-northd+0x55bce7)
#1 0x773f4e in xcalloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:121:31
#2 0x773f4e in xzalloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:131:12
#3 0x773f4e in xzalloc /home/hanzhou/src/ovs/_build/../lib/util.c:165:12
#4 0x60106c in en_northd_run /home/hanzhou/src/ovn/_build_as/../northd/en-northd.c:137:5
ovn-org#5 0x61c6a8 in engine_recompute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:415:5
ovn-org#6 0x61bee0 in engine_compute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:454:17
ovn-org#7 0x61bee0 in engine_run_node /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:503:14
ovn-org#8 0x61bee0 in engine_run /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:528:9
ovn-org#9 0x605e23 in inc_proc_northd_run /home/hanzhou/src/ovn/_build_as/../northd/inc-proc-northd.c:317:9
ovn-org#10 0x5fe43b in main /home/hanzhou/src/ovn/_build_as/../northd/ovn-northd.c:934:33
ovn-org#11 0x7f473933c1a1 in __libc_start_main (/lib64/libc.so.6+0x281a1)
Indirect leak of 204 byte(s) in 3 object(s) allocated from:
#0 0x55bea8 in realloc (/home/hanzhou/src/ovn/_build_as/northd/ovn-northd+0x55bea8)
#1 0x773c7d in xrealloc__ /home/hanzhou/src/ovs/_build/../lib/util.c:147:9
#2 0x773c7d in xrealloc /home/hanzhou/src/ovs/_build/../lib/util.c:179:12
#3 0x614bd4 in extract_addresses /home/hanzhou/src/ovn/_build_as/../lib/ovn-util.c:228:12
#4 0x614bd4 in extract_lsp_addresses /home/hanzhou/src/ovn/_build_as/../lib/ovn-util.c:243:20
ovn-org#5 0x5c8d90 in parse_lsp_addrs /home/hanzhou/src/ovn/_build_as/../northd/northd.c:2468:21
ovn-org#6 0x5b2ebf in join_logical_ports /home/hanzhou/src/ovn/_build_as/../northd/northd.c:2594:13
ovn-org#7 0x5b2ebf in build_ports /home/hanzhou/src/ovn/_build_as/../northd/northd.c:4711:5
ovn-org#8 0x5b2ebf in ovnnb_db_run /home/hanzhou/src/ovn/_build_as/../northd/northd.c:17376:5
ovn-org#9 0x60106c in en_northd_run /home/hanzhou/src/ovn/_build_as/../northd/en-northd.c:137:5
ovn-org#10 0x61c6a8 in engine_recompute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:415:5
ovn-org#11 0x61bee0 in engine_compute /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:454:17
ovn-org#12 0x61bee0 in engine_run_node /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:503:14
ovn-org#13 0x61bee0 in engine_run /home/hanzhou/src/ovn/_build_as/../lib/inc-proc-eng.c:528:9
ovn-org#14 0x605e23 in inc_proc_northd_run /home/hanzhou/src/ovn/_build_as/../northd/inc-proc-northd.c:317:9
ovn-org#15 0x5fe43b in main /home/hanzhou/src/ovn/_build_as/../northd/ovn-northd.c:934:33
ovn-org#16 0x7f473933c1a1 in __libc_start_main (/lib64/libc.so.6+0x281a1)
...
Fixes: b337750 ("northd: Incremental processing of VIF changes in 'northd' node.")
Reported-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Han Zhou <hzhou@ovn.org>
Acked-by: Dumitru Ceara <dceara@redhat.com>
hzhou8
pushed a commit
that referenced
this pull request
Sep 13, 2023
It's specified in RFC 8415. This also avoids having to free/realloc the
pfd->uuid.data memory. That part was not correct anyway and was flagged
by ASAN as a memleak:
Direct leak of 42 byte(s) in 3 object(s) allocated from:
#0 0x55e5b6354c9e in malloc (/workspace/ovn-tmp/controller/ovn-controller+0x2edc9e) (BuildId: f963f8c756bd5a2207a9b3c922d4362e46bb3162)
#1 0x55e5b671878d in xmalloc__ /workspace/ovn-tmp/ovs/lib/util.c:140:15
#2 0x55e5b671878d in xmalloc /workspace/ovn-tmp/ovs/lib/util.c:175:12
#3 0x55e5b642cebc in pinctrl_parse_dhcpv6_reply /workspace/ovn-tmp/controller/pinctrl.c:997:20
#4 0x55e5b642cebc in pinctrl_handle_dhcp6_server /workspace/ovn-tmp/controller/pinctrl.c:1040:9
ovn-org#5 0x55e5b642cebc in process_packet_in /workspace/ovn-tmp/controller/pinctrl.c:3210:9
ovn-org#6 0x55e5b642cebc in pinctrl_recv /workspace/ovn-tmp/controller/pinctrl.c:3290:9
ovn-org#7 0x55e5b642cebc in pinctrl_handler /workspace/ovn-tmp/controller/pinctrl.c:3385:17
ovn-org#8 0x55e5b66ef664 in ovsthread_wrapper /workspace/ovn-tmp/ovs/lib/ovs-thread.c:423:12
ovn-org#9 0x7faa30194b42 (/lib/x86_64-linux-gnu/libc.so.6+0x94b42) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
Fixes: faa44a0 ("controller: IPv6 Prefix-Delegation: introduce RENEW/REBIND msg support")
Signed-off-by: Ales Musil <amusil@redhat.com>
Co-authored-by: Ales Musil <amusil@redhat.com>
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.