Hi, Please find the latest report on new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 4 new defect(s) introduced to freerangerouting/frr found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1599394: Concurrent data access violations (MISSING_LOCK) /bgpd/bgp_io.c: 82 in bgp_reads_on() ________________________________________________________________________________________________________ *** CID 1599394: Concurrent data access violations (MISSING_LOCK) /bgpd/bgp_io.c: 82 in bgp_reads_on() 76 void bgp_reads_on(struct peer_connection *connection) 77 { 78 struct frr_pthread *fpt = bgp_pth_io; 79 assert(fpt->running); 80 81 assert(connection->status != Deleted);

...

...

CID 1599394: Concurrent data access violations (MISSING_LOCK) Accessing "connection->ibuf" without holding lock "peer_connection.io_mtx". Elsewhere, "peer_connection.ibuf" is written to with "peer_connection.io_mtx" held 5 out of 5 times.

82 assert(connection->ibuf); 83 assert(connection->fd); 84 assert(connection->ibuf_work); 85 assert(connection->obuf); 86 assert(!connection->t_connect_check_r); 87 assert(!connection->t_connect_check_w);

** CID 1599393: Concurrent data access violations (MISSING_LOCK) /bgpd/bgp_io.c: 53 in bgp_writes_on() ________________________________________________________________________________________________________ *** CID 1599393: Concurrent data access violations (MISSING_LOCK) /bgpd/bgp_io.c: 53 in bgp_writes_on() 47 struct frr_pthread *fpt = bgp_pth_io; 48 49 assert(fpt->running); 50 51 assert(connection->status != Deleted); 52 assert(connection->obuf);

...

...

CID 1599393: Concurrent data access violations (MISSING_LOCK) Accessing "connection->ibuf" without holding lock "peer_connection.io_mtx". Elsewhere, "peer_connection.ibuf" is written to with "peer_connection.io_mtx" held 5 out of 5 times.

53 assert(connection->ibuf); 54 assert(connection->ibuf_work); 55 assert(!connection->t_connect_check_r); 56 assert(!connection->t_connect_check_w); 57 assert(connection->fd); 58

** CID 1599392: Concurrent data access violations (MISSING_LOCK) /bgpd/bgp_fsm.c: 524 in bgp_holdtime_timer() ________________________________________________________________________________________________________ *** CID 1599392: Concurrent data access violations (MISSING_LOCK) /bgpd/bgp_fsm.c: 524 in bgp_holdtime_timer() 518 * events on the peer. If we have incoming 519 * data on the peers inq, let's give the system a chance 520 * to handle that data. This can be especially true 521 * for systems where we are heavily loaded for one 522 * reason or another. 523 */

...

...

CID 1599392: Concurrent data access violations (MISSING_LOCK) Accessing "connection->ibuf" without holding lock "peer_connection.io_mtx". Elsewhere, "peer_connection.ibuf" is written to with "peer_connection.io_mtx" held 5 out of 5 times.

524 inq_count = atomic_load_explicit(&connection->ibuf->count, 525 memory_order_relaxed); 526 if (inq_count) 527 BGP_TIMER_ON(connection->t_holdtime, bgp_holdtime_timer, 528 peer->v_holdtime); 529

** CID 1599391: Null pointer dereferences (FORWARD_NULL) /zebra/zebra_rib.c: 4416 in rib_add_multipath() ________________________________________________________________________________________________________ *** CID 1599391: Null pointer dereferences (FORWARD_NULL) /zebra/zebra_rib.c: 4416 in rib_add_multipath() 4410 ZEBRA_IFA_NOPREFIXROUTE)) { 4411 zebra_nhg_free(n); 4412 zebra_rib_route_entry_free(re); 4413 return -1; 4414 } 4415

...

...

CID 1599391: Null pointer dereferences (FORWARD_NULL) Dereferencing null pointer "ng".

4416 if (ifp->ifindex == ng->nexthop->ifindex) 4417 re->type = ZEBRA_ROUTE_CONNECT; 4418 } 4419 } 4420 4421 ret = rib_add_multipath_nhe(afi, safi, p, src_p, re, n, startup);

________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2B...