vpp icon indicating copy to clipboard operation
vpp copied to clipboard
verified publisher icon FDio

vapi_ctx->vl_input_queue may be not shared with vpp process when it is alloced from non-vpp heap memory.

Open tsinghai1982 opened this issue 7 months ago • 0 comments

https://github.com/FDio/vpp/blob/eca860c856c265089789f32e04e5c2b51594caf9/src/vpp-api/vapi/vapi.c#L684

when i connect the vpp from another process, use the following api:

 vapi_rv = vapi_connect_ex (vapi_client.vapi_ctx,
         "CLIXON_BE_VPP", NULL,
         vapi_client.max_outstanding_requests,
         vapi_client.response_queue_size,
         VAPI_MODE_BLOCKING,
         true/*handle_keepalives*/,
         false/*use_uds*/);

then the vpp process is crashed, the stack as following:

#0 0x00007f95281940bc in __pthread_kill_implementation () from /lib/libc.so.6 #1 0x00007f9528146f22 in raise () from /lib/libc.so.6 #2 0x00007f9528130ece in abort () from /lib/libc.so.6 #3 0x0000565442eb0b36 in os_exit (code=1) at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vpp/vnet/main.c:464 #4 0x00007f95285678d2 in unix_signal_handler (signum=11, si=0x7f94e2e918b0, uc=0x7f94e2e91780) at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlib/unix/main.c:255 #5 #6 0x00007f95296c6fc6 in VL_MSG_API_SVM_QUEUE_UNPOISON (q=0x7ffff50c8440) at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlibapi/api_common.h:156 #7 0x00007f95296c819b in vl_api_memclnt_create_v2_t_handler (mp=0x13009e920) at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlibmemory/memory_api.c:272 #8 0x00007f95296c9eb9 in vl_mem_api_handler_with_vm_node ( am=0x7f95285ff020 <api_global_main>, vlib_rp=0x13002f000, the_msg=0x13009e920, vm=0x7f94e8108740, node=0x7f94eafd7440, is_private=0 '\000') at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlibmemory/memory_api.c:833 #9 0x00007f95296ca17c in void_mem_api_handle_msg_i ( am=0x7f95285ff020 <api_global_main>, vlib_rp=0x13002f000, vm=0x7f94e8108740, node=0x7f94eafd7440, is_private=0 '\000') at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlibmemory/memory_api.c:908 #10 0x00007f95296ca1c5 in vl_mem_api_handle_msg_main (vm=0x7f94e8108740, node=0x7f94eafd7440) --Type <RET> for more, q to quit, c to continue without paging-- at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlibmemory/memory_api.c:919 #11 0x00007f95296d89b3 in vl_api_clnt_process (vm=0x7f94e8108740, node=0x7f94eafd7440, f=0x0) at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlibmemory/memclnt_api.c:397 #12 0x00007f9528512f10 in vlib_process_bootstrap (_a=140277476826368) at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlib/main.c:1208 #13 0x00007f9528416a48 in clib_calljmp () at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vppinfra/longjmp.S:123 #14 0x00007f94e52d1cd0 in ?? () #15 0x00007f952851303f in vlib_process_startup ( vm=0x7f952851386b <dispatch_suspended_process+860>, p=0x7f94e52d1db0, f=0xffffffffffffffff) at /home/tsinghai/redsteed/sys-out/build/vpp-custom/src/vlib/main.c:1233 #16 0x000000000000001e in ?? () #17 0x0001a32c2ef6bcc2 in ?? () #18 0x00007f94eafd7440 in ?? () #19 0x00007f94eaa16ca0 in ?? () #20 0x00007f94eaa16ca0 in ?? () #21 0x00007f94eafd7440 in ?? () #22 0x00007f94eafd72d0 in ?? () #23 0x0000000000000000 in ?? ()

**the direct reason is that ctx->vl_input_queue cannot be shared with vpp process ** vapi client process creates ctx->vl_input_queue from it's heap memory, then send this queue to vpp process, then vpp process get the msg, and handle it at vl_api_memclnt_create_v2_t_handler (). this handler trigger the SIGABRT when access the queue.

tsinghai1982 avatar May 06 '25 13:05 tsinghai1982