- restrict the unittests SVM address space to what is supported by ASan
- mark SVM mmap()ed address space accessible for ASan
- SVM shared memory heap scheme means some allocation can happen
outside the current process. Lazily mark those accessible for ASan
Type: fix
Change-Id: I7c196c80b2a5297651d0afa54f1a8e478fcf59b1
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Leak Sanitizer is not stable yet with VPP. It can always be enabled at
runtime with ASAN_OPTIONS=detect_leaks=1.
Type: fix
Change-Id: Ieff01091e2976e127783ebd331cd0e50a1dbca12
Signed-off-by: Benoît Ganne <bganne@cisco.com>
The patch brings 0.8 clocks saved per pkt in IPv4 l3fwd case on Skylake.
Type: improvement
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Change-Id: Ia8d3a27773bf959433380d7c219602b1e4a8e5bd
It is a bad idea to poison memory after munmap because the address space
can be reused (eg. for global data of dlopen()ed object) and ASan model
allows access by default.
Moreover, access to a stale address space will fault.
Type: fix
Change-Id: I356de422f255447d9d50a3a71fb0c2eaa790d731
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Measured improvement is from 439 to 167 clocks for add operation
in 16_8 case...
Type: improvement
Change-Id: I975ff46ff30b983a3ec80a5cde25ccb68d7fa03b
Signed-off-by: Damjan Marion <damarion@cisco.com>
0001 ~ 0014 patches are for virtual channel and PMD
0015 is the iavf fdir framework
0016 ~ 0017 are for the iavf fidr driver
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I38e69ca0065a71cc6ba0b44ef7c7db51193a0899
vl_api_address_t uses a packed enum for the address family, compare
a->af directly with ADDRESS_IP4 / ADDRESS_IP6 instead of running a->af
through clib_host_to_net_u32(...) before compare.
Indirectly fixes api_ip_route_add_del(...) w/ count > 1.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ib7f562ec9e92ee63e52a338d318fcf1ce6221755
Adapt queue_hi_thresh value using num_threads to avoid risk of deadlock
between threads which could happen for example when different NAT
threads try to handoff work to each other at the same time when their
frame queues are congested. This change ensures that each thread can
reserve a queue entry without causing problems even in the most extreme
case when all threads attempt to add to the same queue simultaneously
when the queue is nearly full.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: I9e02f753bd00833d8dd500d181b0d4f9a454d703
Previously dslite was moved to separate plugin folder
and CE mode was removed. But it still needed.
This patch adds CE option to separate config entry
Type: feature
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: If153ae08fa385ba5a6605cb412e49bbb4d1db46c
Template instances can allocate BIHASH_KVP_PER_PAGE data records
tangent to the bucket, to remove a dependent read / prefetch.
Template instances can ask for immediate memory allocation, to avoid
several branches in the lookup path.
Clean up l2 fib, gpb plugin codes: use clib_bihash_get_bucket(...)
Use hugepages for bihash allocation arenas
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Change-Id: I92fc11bc58e48d84e2d61f44580916dd1c56361c
replace hand crafted version with existing vector function
Type: fix
Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
Change-Id: I94834852469ed316c7bdbd48bb7f479648b2c8e5
Some vhost-backed missing the VIRTIO_RING_F_INDIRECT_DESC feature.
Previously, vpp doesn't support jumbo frames using chained descriptors.
This patch fixes this issue.
Type: fix
Change-Id: I20487e201e88ea136b556ac84dde058019ab3e78
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Now UDP encapsulation doesn't work in transport mode because:
- the encrypt node misses filling of UDP header and it gets sent with
all zeros;
- the decrypt node misses filling of new IP header and it contains
garbage data.
With this commit, fill UDP header during encryption and fill IP header
during decryption.
Change-Id: I87a7bd594f0e312b16d3e5eb19e568b4e3164d36
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Type: improvement
Do extra checks when establishing an active connect and cleanup pending
connects if application detaches.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibe9349db57b313ba2aa5ea3960ef5cf755f5098a
The vector is initialized to 1024 entries which is guaranteed to be
enough, but as its size can shrink between calls, make sure ASan is
aware of the expected size before using it.
Type: fix
Change-Id: I4bcc39867a886b3cb463854d2cda0b32155650e9
Signed-off-by: Benoît Ganne <bganne@cisco.com>
When merging proxy groups in igmp_proxy_device_merge_group(), the call
to igmp_proxy_device_merge_src() can end up removing the current proxy
group via igmp_group_clear(). When that happens, it must returns NULL so
that igmp_proxy_device_merge_config() does not send a IGMPv3 report for
a dead proxy group.
Make igmp_group_clear() reset the group pointer to NULL to fix this bug
and to detect similar bugs more easily.
Type: fix
Change-Id: I229e55b5bfa71734d7844893f5209a66fa3cc8ae
Signed-off-by: Benoît Ganne <bganne@cisco.com>
There is no need to calculate bucket2 if there is hit on bucket1
Type: improvement
Change-Id: Id01c37963497668c0160068501294568a181d011
Signed-off-by: Damjan Marion <damarion@cisco.com>
See .../extras/pg/checksum_offload.pg for a nontrivial example, which
deliberately sets bogus ip and udp checksums in the generated packets,
then fixes the mess with (software emulated) hardware checksum
offload.
Validated via "pcap dispatch trace on max 1000 buffer-trace pg-input 100".
Packets stuffed into loop1-output have the configured bogus ip and udp
checksums. vnet_calc_checksums_inline(...) fixes the checksums, which
are correct when packets visit loop1-tx.
The packet generator is a dumb robot in this regard. If you ask for a
ridiculous flag combination - example: ip4 and ip6 - your mileage may
vary.
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I6d9e790f373bcd9e445a89113ca8e4c8f9aa9419
