[Swan-dev] Leaks when killing states during crypto; time to drop WIRE_*?

Andrew Cagney andrew.cagney at gmail.com
Fri Dec 15 15:49:33 UTC 2017 

Just an update:

- I've removed uses of wire_chunk_t for the results but left them for the inputs

- instead of overwriting the request with the result, everything is
retained; this makes cleanup easier - if there is a pointer release it

- the DH secret is a little messy - its ownership gets shuffled back
and forth as things progress

- instead of passing the contents of a struct from the main to the
helper threads using a socket; it now just passes the address - far
less copying

- 'inline' is gone; if there are no threads then the work is thrown
onto the main event loop

The following are still being tested:

The 'st/md' patches are still being trickled out.  But the switch has
flushed out at least one real bug.

The current code tries to pre-assign work to helpers and, once
assigned, doesn't delete it.  Based on my understanding of the code
this causes:
- high priority work can't overtake a pre-assigned low priority task
- once assigned, a task can't be deleted (it could be tweaked to be
ignored I guess)
I'm testing a patch to replace all that with a pretty standard
(in-memory) priority ordered array of queues, and threads grab work
from that.

I think the too-much-crypto code path should either be deleted and/or
handled by generating a crypto timeout event with delay 0.  The above
code ignores the problem, if there is too much crypto then low
priority tasks will timeout anyway.

I suspect there's a bug in the 'importance' code (variable defaulting
to 0) - on east the KE computation gets scheduled with no priority at
all and I suspect that is wrong.  Anyone?

Antony pointed out on IRC that, often, crypto is performed in little
chunks (compute KE, compute DH,...).  This has to slow down an
individual state's throughput.  Doing all the work as a single
operation would also simplify code.

Finally, I've a patch to add a generic mechanism for scheduling work
for the helper threads.  This should simplify adding/replacing crypto
operations.

Andrew

More information about the Swan-dev mailing list