Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I035e3fdbb52eca010ad7b2c20ca2930cb1645978
|
|
Type: improvement
Change-Id: I707399b8ba617a659476bfd7d793f04a1283e694
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
This change was introduced to workaround a bug in the NAT code, but
we should not woraround plugin bugs in infra.
Type: fix
Fixes: f8631ce7e8886136b4543a7926ffdf1bc760fb11
Change-Id: Id6ee281cf1fe8466b6522905fc2a176716e3d52f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Account for the potential of sysconf() returning -1 if it can not
get the page size and make it a fatal error.
Coverity: 277313
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I8cae6a35ec2f745c37f1fe6557e5fa66720b4628
|
|
Type: fix
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: I0a947b74e40499327910c1ed10923f7a869039d6
|
|
convert vhost device driver to a plugin as described in
https://jira.fd.io/browse/VPP-2065
Type: improvement
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ibfe2f351bcaed36a04b136d082ae414145dd37b5
|
|
Support generic flow in native avf.
Enable necessary RSS hash function for generic flow. Extend some
structures and functions from for FDIR only to for both RSS and FDIR
flows. Modify virtual channel message to align with ice kernel driver.
Add functions to parse generic flow patterns. The parsing results will
be delivered to the kernel driver and create corresponding flow rules.
Type: feature
Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: I82ce102a21993f1bae8a8bf23e491d5e1c261f61
|
|
The initiate handshake process can be called a numbers times for each
peers, then the main VPP thread called by Wireguard starting to
allocate memory. This behaviour can lead to out of memory when VPP has
a lot of Wireguard tunnels concurrently.
This fix add mutex to send only once handshake initiate at time for
each peers.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I13b4b2d47021753926d42a38ccadb36a411c5b79
|
|
Also, use connected udp for builtin echo apps
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie24d7e97f4f27b67df9ceff3c268954485255c2d
|
|
Write time into /sys/boottime on VPP start.
This allows a stateless control plane agent to validate if it's reconnecting to the same
VPP instance.
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Iba7f334339c46142045e43da6efab11612e7b9c0
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4f7314ddf95d26f1939bd3772d29d011fb4cea47
|
|
Maintain a single writer multiple readers usage model for transport
endpoints pool.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I8555700ed725971341f145ea97f031042a298e83
|
|
Type: fix
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: I477e92712e441c91789afdf9be389d967acfa799
|
|
The issue can be reproduced by running "vpp_get_stats tightpoll"
The root cause is that the control flow discards the "result" struct
being prepared, along with pointer its allocated name.
This results in a memory leak.
Type: fix
Change-Id: Ibf884e92314f19b983a0159fc1257b3fa0110443
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
When n_rx_packets is less then 16(VEC256) or 8(VEC128), code execution
will fall into scalar path of processing packets. But with a wrong
initialization value for n_left set to zero, i in the for-loop will
equal to n_rx_packets. This leads to the bypass of required ip4 checksum
validation and byte count endianness conversion in scalar path.
Besides, refactor the code using while instead of for-loop to keep
consistency with VPP code style.
Type: fix
Fixes: bf93670c515d ("rdma: fix ipv4 checksum check in rdma-input node")
Signed-off-by: Lijian Zhang <lijian.zhang@arm.com>
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: Ib4e8cb5202735f8b060c99caddf26035657551e1
|
|
Type: fix
Fixes: 815c6a4fbcbb636ce3b4dc98446ad205a30670a6
Ticket: VPP-2068
Change-Id: I42d678b0e28ac4d0b524dfc2dbd01bbad020cf24
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Type: fix
Fixes: a51f9b3747
Some IPsec message type definitions were not being written to
ipsec.api.vapi.h. These include ipsec_sad_entry_add_del_v3 and
ipsec_sad_entry_add.
The cause appears to be that tunnel_flags, which is defined in
tunnel_types.api is a special case of enum called an enumflag. These do
not appear to have been handled in the code that generates the vapi
header files.
This patch adds processing of enumflag objects for vapi.
Change-Id: Ie506c4fcb5a07fe97a330ba11c252d1df98adfd9
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Fast path spd was explicitely storing array of policy id vectors.
This information was redundand, as this inofrmation is already stored
in bihash table. This additional array was affecting performance
when adding and removing fast path policies.
The other place that needed refactoring after removing this array was
cli command showing fast path policies.
Type: feature
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Change-Id: I78d45653f71539e7ba90ff5d2834451f83ead4be
|
|
Not ideal. The sparse vector used to map ports to next nodes assumes
only a few ports are ever used. When udp transport is enabled this does
not hold and, to make matters worse, ports are consumed in a random
order.
This can lead to a lot of slow updates to internal data structures
which in turn can slow udp connection allocations until all ports are
eventually consumed.
Consequently, reallocate sparse vector, preallocate all ports and have
them point to UDP_NO_NODE_SET. We could consider switching the sparse
vector to a preallocated vector but that would increase memory
consumption for vpp deployments that do not rely on host stack.
For reference, populating one of the v4 or v6 sparse vectors in reverse
order takes about 9.8s on a skylake cpu.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id795e1805d0d3ba54f56a152a9506a7a2a06ecbc
|
|
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I3138f97519d216b89a9c46865271db1f9ddd53cd
|
|
Implements the API for SRv6 Path Tracing
Type: feature
Signed-off-by: Julian Klaiber <julian@klaiber.me>
Change-Id: Iefa7e512c8e1894595a9e3f5d42eab4160db1f28
|
|
Type: docs
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I8a96e6cc73b5f7ab3049fef37aafba43f3ef4d84
|
|
Type: fix
Fib entries for attached routes when sourced from
FIB_SOURCE_API or FIB_SOURCE_CLI
get the FIB_ENTRY_FLAG_ATTACHED flag raised on the source.
Such a route added from linux-cp doesn't get this flag.
Fix this flag for linux-cp sources by passing it to the
fib entry's update/create function in lcp_router_route_add().
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
Change-Id: I24278ef86886cfee8a14acb250fb6992a754cc3c
|
|
Type: docs
Several kinds of policers are implemented in VPP.
However, they could differ from the RFCs it is
said they are from.
Additionally, the CLI command's help has been
updated with the current list of acceptable
parameters.
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Change-Id: Ic9bf94e1094bea0fcc87ccaa882c2c5f88824041
|
|
Type: fix
Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
Change-Id: Icb5450f4bd0eaef7684eb7e3816d1d6051e889d7
|
|
Type: improvement
Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com>
Change-Id: I91ba1ff4c1085f4aca60ca111cbbaf14a3b4d761
|
|
We add the crypto key to the vnet crypto library via vnet_crypto_key_add.
However, when the session is disconnected, we don't call
vnet_crypto_key_del and the memory is leaked in vnet_crypto library
as well as in pico tls key store.
It seems dispose crypto is the appropriate place to add
vnet_crypto_key_del.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: If6d1266baf686fefe5bb81330ce60b35c8ff574e
|
|
the batch
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Icd1e43a5764496784c355c93066273435f16dd35
|
|
Leave tp_vfts vector out for now.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic20a1671be9424280d0645f48ef2131a694cd16f
|
|
Plugin checks just for AVX2 instruction set, while the v1.3 of IPsec
Multi-Buffer library checks for both AVX2 and BMI2 sets during init.
VirtualBox VM doesn't provide BMI2 by default to guest operating system.
Result is that VPP plugin decides to use AVX2 initialization and library
then doesn't do it. Since flush_job remains empty, the self-check fails
and with that the whole VPP crashes on start-up.
Type: fix
Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech>
Change-Id: I6b661f2b9bbe6dd03b499c55c38a9b814e6d718a
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I572017433a1ba0f8576522f02138928e303e10ab
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I15fea1f90640ea54cafe3ea929e871ec6e86fc67
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6dd400285ae475974c416f9b94e8a5b4b6257ca1
|
|
Make sure they only double in size.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I18d5508c7f32836deb3b25943e8e3af39d0dbc33
|
|
need free args.error if args.rv < 0
Type: fix
Signed-off-by: luoyaozu <luoyaozu@foxmail.com>
Change-Id: I8ceebfc36f51798d8d1a8e4c41bec33d74344396
|
|
Type: feature
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I0738c0aefb41ab6c0ff717cfccd1df75ddb481fa
|
|
Type: fix
Signed-off-by: Filip Varga <filipvarga89@gmail.com>
Change-Id: I1f5069df2dc743ecd1269e947dd375cb1b84970f
|
|
End.AD.Flow localsid
Type: fix
Signed-off-by: ChinmayaAgarwal <chinmaya.agarwal@hsc.com>
Change-Id: Ifad23978b98c5e05d86f6254bfb65baa0b380436
|
|
API refactoring moved the address-family tag from rule
level down to prefix level.
This necessarily warrants the check that they are the same.
Also, add a check that the address family is sane.
Change-Id: Ia63b688cc9e7c9e9cc773e89708d9e9f99185fb7
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
dd2f12ba made use of ip46_address_is_ip4() in order to determine whether
the address is ipv4 or ipv6 within unformat_ip_address - however, its
logic is correct only for some addresses. e.g. a valid IPv6 address of :: (unspecified)
will result in "true" result. This is probably not an issue for most
of the cases (the unspecified address is quite rare),
however if the unformat_ip_address is used as part of the
prefix parsing, the ::/0 is a fairly often utilized construct,
which gets parsed as 0.0.0.0
Solution: return the old logic, but use a temporary
variable to avoid overwriting the target memory on failure.
Type: fix
Fixes: dd2f12ba6ab952d9d66f4d9ba89ffde6309b1ff2.
Change-Id: I272f740dfdf07036cec68516e153f0701a53233d
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
cli show policer's help info is not consistent
with it's arguments.
Type: improvement
Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
Change-Id: I8332fe97ba343e98511db9ff1bb6afd6f3c657cd
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I620447c9aa8606a125063cdd724bfe74f8a870f6
|
|
Each NAT44 ED session has a per_vrf_sessions_index referencing
an element in the thread-local vector per_vrf_sessions_vec.
However this index can be possibly invalidated by vec_del1() in
per_vrf_sessions_cleanup(), before a session is registered.
Such a stale index can cause an assertion failure in function
per_vrf_sessions_is_expired() when we use it to locate the
per_vrf_sessions object.
A possible sequence to reproduce is:
1. Create two NAT44 ED sessions s1, s2 so that two per_vrf_sessions are created:
index 0: between VRF pair 10 and 11 (expired=0, ses_count=1)
index 1: between VRF pair 20 and 21 (expired=0, ses_count=1)
For the sessions we have:
s1->per_vrf_sessions_index == 0
s2->per_vrf_sessions_index == 1
2. Delete the first session via CLI, now the two per_vrf_sessions become:
index 0: between VRF pair 10 and 11 (expired=0, ses_count=0)
index 1: between VRF pair 20 and 21 (expired=0, ses_count=1)
For the sessions we have:
s2->per_vrf_sessions_index == 1
3. Delete the VRF 11:
index 0: between VRF pair 10 and 11 (expired=1, ses_count=0)
index 1: between VRF pair 20 and 21 (expired=0, ses_count=1)
For the sessions we have:
s2->per_vrf_sessions_index == 1
4. Create a new session s3 between VRF pair 20 and 21 so that the first
per_vrf_sessions will be deleted:
index 0: between VRF pair 20 and 21 (expired=0, ses_count=2)
For the sessions we have:
s2->per_vrf_sessions_index == 1
s3->per_vrf_sessions_index == 0
Here, note that the actual index of per_vrf_session is changed due
to vec_del1(). The new session is added after the cleanup so it gets
the correct index. But the index held by the existing session is not
updated.
5. Trigger the fast path of the session s2. To achieve this, session
s2 could be created in step 1 by
ping -i20 -Iiface_in_vrf_10 1.1.1.1
and steps 2-4 should then be performed within the 20-second interval.
This patch fixes this by changing per_vrf_sessions_vec to a pool so
that indicies are kept intact.
Type: fix
Signed-off-by: Jing Peng <jing@meter.com>
Change-Id: I4c08f9bfd50134bcb5f08e50ad61af2bddbcb645
|
|
fix byte order error about the struct snat_address_t's member net.
for example configurations:
set interface ip table loop1 1
set interface ip addr loop1 10.10.10.2/24
nat44 add address 10.10.10.2 tenant-vrf 1
the snat address's net should be "as_u8 = {0xa, 0xa, 0xa, 0x0}",
but now it's "as_u8 = {0x0, 0xa, 0xa, 0x2}" because of missing
transition of byte order about the member net of snat_address_t.
(gdb) p/x *snat_main->addresses
$3 = {addr = {data = {0xa, 0xa, 0xa, 0x2}, data_u32 = 0x20a0a0a,
as_u8 = {0xa, 0xa, 0xa, 0x2}, as_u16 = {0xa0a, 0x20a},
as_u32 = 0x20a0a0a}, net = {data = {0x0, 0xa, 0xa, 0x2},
data_u32 = 0x20a0a00, as_u8 = {0x0, 0xa, 0xa, 0x2},
as_u16 = {0xa00, 0x20a}, as_u32 = 0x20a0a00},
sw_if_index = 0x3, fib_index = 0x1,addr_len = 0x18}
(gdb)
Type: fix
Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
Change-Id: I4f25f0639ae90a7f2e8715b44f825571283d994d
|
|
Type: fix
The router flag on a neighbor advertisement can be used by neighbors to
detect that a router has changed to a host (RFC 4861 section 4.4).
If a neighbor adds routes after receiving a router advertisement sent
by VPP and subsequently receives a neighbor advertisement sent by VPP,
it may remove any routes it added based on the RA if the NA does not
have the router flag set. It appears that this is how windows behaves.
When sending a neighbor advertisement, set the router flag if sending
RAs is enabled on the interface.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I1f3e42bbd8ea1a4c116b1ce5a8273652d4cd763d
|
|
Otherwise, the newly configured interface will never send RADV's.
See below. In the typical case, suppress = 0 and is_no = 0, which
propagates the current value of radv->send_radv:
radv_info->send_radv =
(suppress != 0) ? ((is_no != 0) ? 1 : 0) : radv_info->send_radv;
No other bit of code will set send_radv, at least in straightforward
ways.
Type:fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: If9368155f7676460ca1f87729c2b3c453405d08d
|
|
When echo client fails to connect to remote, it should quit.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I787423bdc61a58eea48bab7bd8b73137626c02b4
|
|
vpp crash when update nonexistent classify table.
Program received signal SIGABRT, Aborted.
0x00007fbf3b49b337 in raise () from /lib64/libc.so.6
(gdb) bt
0 0x00007fbf3b49b337 in raise () from /lib64/libc.so.6
1 0x00007fbf3b49ca28 in abort () from /lib64/libc.so.6
2 0x00000000004079db in os_panic () at /usr/src/debug/vpp-23.02/src/vpp/vnet/main.c:417
3 0x00007fbf3bb611c7 in debugger () at /usr/src/debug/vpp-23.02/src/vppinfra/error.c:84
4 0x00007fbf3bb61529 in _clib_error (how_to_die=2, function_name=0x0, line_number=0, fmt=0x7fbf3d03af08 "%s:%d (%s) assertion `%s' fails")
at /usr/src/debug/vpp-23.02/src/vppinfra/error.c:143
5 0x00007fbf3c67062c in vnet_classify_add_del_table (cm=0x7fbf3d438f00 <vnet_classify_main>, mask=0x7fbf00fdc088 "", nbuckets=2, memory_size=2097152,
skip=4, match=1, next_table_index=4294967295, miss_next_index=4294967295, table_index=0x7fbeed930b98, current_data_flag=0 '\000',
current_data_offset=0, is_add=1, del_chain=0) at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:780
6 0x00007fbf3c672bf4 in classify_table_command_fn (vm=0x7fbefb465740, input=0x7fbeed930ef0, cmd=0x7fbefc45ec18)
at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:1622
7 0x00007fbf3d52b527 in vlib_cli_dispatch_sub_commands (vm=0x7fbefb465740, cm=0x4273f0 <vlib_global_main+48>, input=0x7fbeed930ef0,
parent_command_index=1064) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:650
8 0x00007fbf3d52b2c3 in vlib_cli_dispatch_sub_commands (vm=0x7fbefb465740, cm=0x4273f0 <vlib_global_main+48>, input=0x7fbeed930ef0,
parent_command_index=0) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607
9 0x00007fbf3d52b9cb in vlib_cli_input (vm=0x7fbefb465740, input=0x7fbeed930ef0, function=0x7fbf3d597406 <unix_vlib_cli_output>, function_arg=0)
at /usr/src/debug/vpp-23.02/src/vlib/cli.c:753
10 0x00007fbf3d59cb0c in unix_cli_process_input (cm=0x7fbf3d61fe00 <unix_cli_main>, cli_file_index=0)
at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2616
11 0x00007fbf3d59d25a in unix_cli_process (vm=0x7fbefb465740, rt=0x7fbf00f7bfc0, f=0x0) at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2745
12 0x00007fbf3d555a25 in vlib_process_bootstrap (_a=140458063833296) at /usr/src/debug/vpp-23.02/src/vlib/main.c:1221
13 0x00007fbf3bb74204 in clib_calljmp () at /usr/src/debug/vpp-23.02/src/vppinfra/longjmp.S:123
14 0x00007fbef10028a0 in ?? ()
15 0x00007fbf3d555b4e in vlib_process_startup (vm=0x7fbf3bb7d70f <clib_mem_size+24>, p=0x7fbef10028d0, f=0x7fbf00f06ae0)
at /usr/src/debug/vpp-23.02/src/vlib/main.c:1246
16 0x00007fbf3d592be6 in vec_max_bytes (v=0x8) at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:161
17 0x00007fbf00f06af8 in ?? ()
18 0x0000000000000004 in ?? ()
19 0x00000000000000ff in ?? ()
20 0x00007fbef1002980 in ?? ()
21 0x00007fbf3d592dcb in _vec_set_len (v=<error reading variable: Cannot access memory at address 0xfffffffffffffff5>,
len=<error reading variable: Cannot access memory at address 0xffffffffffffffed>,
elt_sz=<error reading variable: Cannot access memory at address 0xffffffffffffffe5>) at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:196
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb) f 5
0x00007fbf3c67062c in vnet_classify_add_del_table (cm=0x7fbf3d438f00 <vnet_classify_main>, mask=0x7fbf00fdc088 "", nbuckets=2, memory_size=2097152,
skip=4, match=1, next_table_index=4294967295, miss_next_index=4294967295, table_index=0x7fbeed930b98, current_data_flag=0 '\000',
current_data_offset=0, is_add=1, del_chain=0) at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:780
780 t = pool_elt_at_index (cm->tables, *table_index);
(gdb) p *table_index
$1 = 8
(gdb) p cm->tables
$2 = (vnet_classify_table_t *) 0x0
(gdb)
Type: fix
Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
Change-Id: I1c5f6168f0a7e1d1989ce07ec6c30c6fd9f0aaa9
|
|
Type: refactor
1) Removed deprecated API.
- These specific APIs do not have repleacement
because features that they controled
aren't part of current NAT44-ED
implementation anymore.
2) Removed unused typedef of port allocation funciton.
- Missed left over removed.
Change-Id: Ib3f763449065eda7cdcb2c6565a9cae51baf23d6
Signed-off-by: Filip Varga <filipvarga89@gmail.com>
|
|
_clib_error (how_to_die=2, function_name=0x0, line_number=0, fmt=0x7fffb3a7e1b5 "%s:%d (%s) assertion `%s' fails") at src/vppinfra/error.c:143
mbedtls_ctx_get (ctx_index=0) at src/plugins/tlsmbedtls/tls_mbedtls.c:114
tls_ctx_get (ctx_handle=536870912) at src/vnet/tls/tls.c:310
tls_app_session_cleanup (s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/tls/tls.c:624
app_worker_cleanup_notify (app_wrk=0x7fffbef95f80, s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/session/application_worker.c:445
session_cleanup_notify (s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/session/session.c:262
session_free_w_fifos (s=0x7fffbf102040) at src/vnet/session/session.c:268
session_delete (s=0x7fffbf102040) at src/vnet/session/session.c:287
session_transport_delete_notify (tc=0x7fffbdf63c40) at src/vnet/session/session.c:1159
tcp_handle_cleanups (wrk=0x7fffbef46d40, now=133.30033046694487) at src/vnet/tcp/tcp.c:1298
tcp_update_time (now=133.30033046694487, thread_index=2 '\002') at src/vnet/tcp/tcp.c:1309
session_update_time_subscribers (smm=0x7ffff7f75ce0 <session_main>, now=133.30033046694487, thread_index=2) at src/vnet/session/session_node.c:1817
session_queue_node_fn (vm=0x7fffbdfad1c0, node=0x7fffbe0b1340, frame=0x0) at src/vnet/session/session_node.c:1934
dispatch_node (vm=0x7fffbdfad1c0, node=0x7fffbe0b1340, type=VLIB_NODE_TYPE_INPUT, dispatch_state=VLIB_NODE_STATE_POLLING, frame=0x0, last_time_stamp=4722227957546624) at src/vlib/main.c:960
Putting a breakpoint in gdb, I found out ctx was free in mbedtls_app_close.
Looking at app_close function in picotls and openssl, I don't see they
free ctx and they don't crash when processing cleanup. I am inclined to
think that mbedtls_ctx_free should not be called in mbedtls_app_close
at src/plugins/tlsmbedtls/tls_mbedtls.c:92
at src/plugins/tlsmbedtls/tls_mbedtls.c:559
at src/vnet/tls/tls.c:360
thread_index=2) at src/vnet/tls/tls.c:762
conn_index=536870912, thread_index=2 '\002')
at src/vnet/session/transport.c:332
at src/vnet/session/session.c:1608
elt=0x7fffbdfef3dc)
at src/vnet/session/session_node.c:1672
node=0x7fffbe0b1340, frame=0x0)
at src/vnet/session/session_node.c:1966
node=0x7fffbe0b1340, type=VLIB_NODE_TYPE_INPUT,
dispatch_state=VLIB_NODE_STATE_POLLING, frame=0x0,
last_time_stamp=4721919444027682)
at src/vlib/main.c:960
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ic5c13e659aee618c8accee42af9f40931b62f467
|