VLOG_DEFINE_THIS_MODULE(ofproto_dpif_upcall);
COVERAGE_DEFINE(upcall_queue_overflow);
+COVERAGE_DEFINE(upcall_duplicate_flow);
/* A thread that processes each upcall handed to it by the dispatcher thread,
* forwards the upcall's packet, and possibly sets up a kernel flow as a
long long int created; /* Estimation of creation time. */
bool mark; /* Used by mark and sweep GC algorithm. */
+ bool flow_exists; /* Ensures flows are only deleted once. */
struct odputil_keybuf key_buf; /* Memory for 'key'. */
};
static uint64_t udpif_get_n_flows(struct udpif *);
static void revalidate_udumps(struct revalidator *, struct list *udumps);
static void revalidator_sweep(struct revalidator *);
+static void revalidator_purge(struct revalidator *);
static void upcall_unixctl_show(struct unixctl_conn *conn, int argc,
const char *argv[], void *aux);
static void upcall_unixctl_disable_megaflows(struct unixctl_conn *, int argc,
for (i = 0; i < udpif->n_revalidators; i++) {
struct revalidator *revalidator = &udpif->revalidators[i];
struct udpif_flow_dump *udump, *next_udump;
- struct udpif_key *ukey, *next_ukey;
LIST_FOR_EACH_SAFE (udump, next_udump, list_node,
&revalidator->udumps) {
free(udump);
}
- HMAP_FOR_EACH_SAFE (ukey, next_ukey, hmap_node,
- &revalidator->ukeys) {
- ukey_delete(revalidator, ukey);
- }
+ /* Delete ukeys, and delete all flows from the datapath to prevent
+ * double-counting stats. */
+ revalidator_purge(revalidator);
hmap_destroy(&revalidator->ukeys);
ovs_mutex_destroy(&revalidator->mutex);
}
}
+/* Waits for all ongoing upcall translations to complete. This ensures that
+ * there are no transient references to any removed ofprotos (or other
+ * objects). In particular, this should be called after an ofproto is removed
+ * (e.g. via xlate_remove_ofproto()) but before it is destroyed. */
+void
+udpif_synchronize(struct udpif *udpif)
+{
+ /* This is stronger than necessary. It would be sufficient to ensure
+ * (somehow) that each handler and revalidator thread had passed through
+ * its main loop once. */
+ size_t n_handlers = udpif->n_handlers;
+ size_t n_revalidators = udpif->n_revalidators;
+ udpif_set_threads(udpif, 0, 0);
+ udpif_set_threads(udpif, n_handlers, n_revalidators);
+}
+
/* Notifies 'udpif' that something changed which may render previous
* xlate_actions() results invalid. */
void
ovs_mutex_unlock(&revalidator->mutex);
}
- duration = time_msec() - start_time;
+ duration = MAX(time_msec() - start_time, 1);
udpif->dump_duration = duration;
atomic_read(&udpif->flow_limit, &flow_limit);
if (duration > 2000) {
}
memset(&cookie, 0, sizeof cookie);
memcpy(&cookie, nl_attr_get(dpif_upcall->userdata), userdata_len);
- if (userdata_len == sizeof cookie.sflow
+ if (userdata_len == MAX(8, sizeof cookie.sflow)
&& cookie.type == USER_ACTION_COOKIE_SFLOW) {
return SFLOW_UPCALL;
- } else if (userdata_len == sizeof cookie.slow_path
+ } else if (userdata_len == MAX(8, sizeof cookie.slow_path)
&& cookie.type == USER_ACTION_COOKIE_SLOW_PATH) {
return MISS_UPCALL;
- } else if (userdata_len == sizeof cookie.flow_sample
+ } else if (userdata_len == MAX(8, sizeof cookie.flow_sample)
&& cookie.type == USER_ACTION_COOKIE_FLOW_SAMPLE) {
return FLOW_SAMPLE_UPCALL;
- } else if (userdata_len == sizeof cookie.ipfix
+ } else if (userdata_len == MAX(8, sizeof cookie.ipfix)
&& cookie.type == USER_ACTION_COOKIE_IPFIX) {
return IPFIX_UPCALL;
} else {
return NULL;
}
+static struct udpif_key *
+ukey_create(const struct nlattr *key, size_t key_len, long long int used)
+{
+ struct udpif_key *ukey = xmalloc(sizeof *ukey);
+
+ ukey->key = (struct nlattr *) &ukey->key_buf;
+ memcpy(&ukey->key_buf, key, key_len);
+ ukey->key_len = key_len;
+
+ ukey->mark = false;
+ ukey->flow_exists = true;
+ ukey->created = used ? used : time_msec();
+ memset(&ukey->stats, 0, sizeof ukey->stats);
+
+ return ukey;
+}
+
static void
ukey_delete(struct revalidator *revalidator, struct udpif_key *ukey)
{
struct ofpbuf xout_actions, *actions;
uint64_t slow_path_buf[128 / 8];
struct xlate_out xout, *xoutp;
+ struct netflow *netflow;
struct flow flow, udump_mask;
struct ofproto_dpif *ofproto;
struct dpif_flow_stats push;
ok = false;
xoutp = NULL;
actions = NULL;
+ netflow = NULL;
/* If we don't need to revalidate, we can simply push the stats contained
* in the udump, otherwise we'll have to get the actions so we can check
}
error = xlate_receive(udpif->backer, NULL, ukey->key, ukey->key_len, &flow,
- NULL, &ofproto, NULL, NULL, NULL, &odp_in_port);
+ NULL, &ofproto, NULL, NULL, &netflow, &odp_in_port);
if (error) {
goto exit;
}
ok = true;
exit:
+ if (netflow) {
+ if (!ok) {
+ netflow_expire(netflow, &flow);
+ netflow_flow_clear(netflow, &flow);
+ }
+ netflow_unref(netflow);
+ }
ofpbuf_delete(actions);
xlate_out_uninit(xoutp);
return ok;
}
+struct dump_op {
+ struct udpif_key *ukey;
+ struct udpif_flow_dump *udump;
+ struct dpif_flow_stats stats; /* Stats for 'op'. */
+ struct dpif_op op; /* Flow del operation. */
+};
+
static void
-revalidate_udumps(struct revalidator *revalidator, struct list *udumps)
+dump_op_init(struct dump_op *op, const struct nlattr *key, size_t key_len,
+ struct udpif_key *ukey, struct udpif_flow_dump *udump)
+{
+ op->ukey = ukey;
+ op->udump = udump;
+ op->op.type = DPIF_OP_FLOW_DEL;
+ op->op.u.flow_del.key = key;
+ op->op.u.flow_del.key_len = key_len;
+ op->op.u.flow_del.stats = &op->stats;
+}
+
+static void
+push_dump_ops(struct revalidator *revalidator,
+ struct dump_op *ops, size_t n_ops)
{
struct udpif *udpif = revalidator->udpif;
+ struct dpif_op *opsp[REVALIDATE_MAX_BATCH];
+ size_t i;
- struct {
- struct dpif_flow_stats ukey_stats; /* Stats stored in the ukey. */
- struct dpif_flow_stats stats; /* Stats for 'op'. */
- struct dpif_op op; /* Flow del operation. */
- } ops[REVALIDATE_MAX_BATCH];
+ ovs_assert(n_ops <= REVALIDATE_MAX_BATCH);
+ for (i = 0; i < n_ops; i++) {
+ opsp[i] = &ops[i].op;
+ }
+ dpif_operate(udpif->dpif, opsp, n_ops);
- struct dpif_op *opsp[REVALIDATE_MAX_BATCH];
+ for (i = 0; i < n_ops; i++) {
+ struct dump_op *op = &ops[i];
+ struct dpif_flow_stats *push, *stats, push_buf;
+
+ stats = op->op.u.flow_del.stats;
+ if (op->ukey) {
+ push = &push_buf;
+ push->used = MAX(stats->used, op->ukey->stats.used);
+ push->tcp_flags = stats->tcp_flags | op->ukey->stats.tcp_flags;
+ push->n_packets = stats->n_packets - op->ukey->stats.n_packets;
+ push->n_bytes = stats->n_bytes - op->ukey->stats.n_bytes;
+ } else {
+ push = stats;
+ }
+
+ if (push->n_packets || netflow_exists()) {
+ struct ofproto_dpif *ofproto;
+ struct netflow *netflow;
+ struct flow flow;
+
+ if (!xlate_receive(udpif->backer, NULL, op->op.u.flow_del.key,
+ op->op.u.flow_del.key_len, &flow, NULL,
+ &ofproto, NULL, NULL, &netflow, NULL)) {
+ struct xlate_in xin;
+
+ xlate_in_init(&xin, ofproto, &flow, NULL, push->tcp_flags,
+ NULL);
+ xin.resubmit_stats = push->n_packets ? push : NULL;
+ xin.may_learn = push->n_packets > 0;
+ xin.skip_wildcards = true;
+ xlate_actions_for_side_effects(&xin);
+
+ if (netflow) {
+ netflow_expire(netflow, &flow);
+ netflow_flow_clear(netflow, &flow);
+ netflow_unref(netflow);
+ }
+ }
+ }
+ }
+
+ for (i = 0; i < n_ops; i++) {
+ struct udpif_key *ukey;
+
+ /* If there's a udump, this ukey came directly from a datapath flow
+ * dump. Sometimes a datapath can send duplicates in flow dumps, in
+ * which case we wouldn't want to double-free a ukey, so avoid that by
+ * looking up the ukey again.
+ *
+ * If there's no udump then we know what we're doing. */
+ ukey = (ops[i].udump
+ ? ukey_lookup(revalidator, ops[i].udump)
+ : ops[i].ukey);
+ if (ukey) {
+ ukey_delete(revalidator, ukey);
+ }
+ }
+}
+
+static void
+revalidate_udumps(struct revalidator *revalidator, struct list *udumps)
+{
+ struct udpif *udpif = revalidator->udpif;
+
+ struct dump_op ops[REVALIDATE_MAX_BATCH];
struct udpif_flow_dump *udump, *next_udump;
- size_t n_ops, i, n_flows;
+ size_t n_ops, n_flows;
unsigned int flow_limit;
long long int max_idle;
bool must_del;
used = ukey->created;
}
- if (must_del || (used && used < now - max_idle)) {
- struct dpif_flow_stats *ukey_stats = &ops[n_ops].ukey_stats;
- struct dpif_op *op = &ops[n_ops].op;
+ if (ukey && (ukey->mark || !ukey->flow_exists)) {
+ /* The flow has already been dumped. This can occasionally occur
+ * if the datapath is changed in the middle of a flow dump. Rather
+ * than perform the same work twice, skip the flow this time. */
+ COVERAGE_INC(upcall_duplicate_flow);
+ continue;
+ }
- op->type = DPIF_OP_FLOW_DEL;
- op->u.flow_del.key = udump->key;
- op->u.flow_del.key_len = udump->key_len;
- op->u.flow_del.stats = &ops[n_ops].stats;
- n_ops++;
+ if (must_del || (used && used < now - max_idle)) {
+ struct dump_op *dop = &ops[n_ops++];
if (ukey) {
- *ukey_stats = ukey->stats;
- ukey_delete(revalidator, ukey);
- } else {
- memset(ukey_stats, 0, sizeof *ukey_stats);
+ ukey->flow_exists = false;
}
-
+ dump_op_init(dop, udump->key, udump->key_len, ukey, udump);
continue;
}
if (!ukey) {
- ukey = xmalloc(sizeof *ukey);
-
- ukey->key = (struct nlattr *) &ukey->key_buf;
- memcpy(ukey->key, udump->key, udump->key_len);
- ukey->key_len = udump->key_len;
-
- ukey->created = used ? used : now;
- memset(&ukey->stats, 0, sizeof ukey->stats);
-
- ukey->mark = false;
-
+ ukey = ukey_create(udump->key, udump->key_len, used);
hmap_insert(&revalidator->ukeys, &ukey->hmap_node,
udump->key_hash);
}
ukey->mark = true;
if (!revalidate_ukey(udpif, udump, ukey)) {
+ ukey->flow_exists = false;
dpif_flow_del(udpif->dpif, udump->key, udump->key_len, NULL);
- ukey_delete(revalidator, ukey);
+ /* The ukey will be cleaned up by revalidator_sweep().
+ * This helps to avoid deleting the same flow twice. */
}
list_remove(&udump->list_node);
free(udump);
}
- for (i = 0; i < n_ops; i++) {
- opsp[i] = &ops[i].op;
- }
- dpif_operate(udpif->dpif, opsp, n_ops);
-
- for (i = 0; i < n_ops; i++) {
- struct dpif_flow_stats push, *stats, *ukey_stats;
-
- ukey_stats = &ops[i].ukey_stats;
- stats = ops[i].op.u.flow_del.stats;
- push.used = MAX(stats->used, ukey_stats->used);
- push.tcp_flags = stats->tcp_flags | ukey_stats->tcp_flags;
- push.n_packets = stats->n_packets - ukey_stats->n_packets;
- push.n_bytes = stats->n_bytes - ukey_stats->n_bytes;
-
- if (push.n_packets || netflow_exists()) {
- struct ofproto_dpif *ofproto;
- struct netflow *netflow;
- struct flow flow;
-
- if (!xlate_receive(udpif->backer, NULL, ops[i].op.u.flow_del.key,
- ops[i].op.u.flow_del.key_len, &flow, NULL,
- &ofproto, NULL, NULL, &netflow, NULL)) {
- struct xlate_in xin;
-
- xlate_in_init(&xin, ofproto, &flow, NULL, push.tcp_flags,
- NULL);
- xin.resubmit_stats = push.n_packets ? &push : NULL;
- xin.may_learn = push.n_packets > 0;
- xin.skip_wildcards = true;
- xlate_actions_for_side_effects(&xin);
-
- if (netflow) {
- netflow_expire(netflow, &flow);
- netflow_flow_clear(netflow, &flow);
- netflow_unref(netflow);
- }
- }
- }
- }
+ push_dump_ops(revalidator, ops, n_ops);
LIST_FOR_EACH_SAFE (udump, next_udump, list_node, udumps) {
list_remove(&udump->list_node);
}
static void
-revalidator_sweep(struct revalidator *revalidator)
+revalidator_sweep__(struct revalidator *revalidator, bool purge)
{
+ struct dump_op ops[REVALIDATE_MAX_BATCH];
struct udpif_key *ukey, *next;
+ size_t n_ops;
+
+ n_ops = 0;
HMAP_FOR_EACH_SAFE (ukey, next, hmap_node, &revalidator->ukeys) {
- if (ukey->mark) {
+ if (!purge && ukey->mark) {
ukey->mark = false;
- } else {
+ } else if (!ukey->flow_exists) {
ukey_delete(revalidator, ukey);
+ } else {
+ struct dump_op *op = &ops[n_ops++];
+
+ /* If we have previously seen a flow in the datapath, but didn't
+ * see it during the most recent dump, delete it. This allows us
+ * to clean up the ukey and keep the statistics consistent. */
+ dump_op_init(op, ukey->key, ukey->key_len, ukey, NULL);
+ if (n_ops == REVALIDATE_MAX_BATCH) {
+ push_dump_ops(revalidator, ops, n_ops);
+ n_ops = 0;
+ }
}
}
+
+ if (n_ops) {
+ push_dump_ops(revalidator, ops, n_ops);
+ }
+}
+
+static void
+revalidator_sweep(struct revalidator *revalidator)
+{
+ revalidator_sweep__(revalidator, false);
+}
+
+static void
+revalidator_purge(struct revalidator *revalidator)
+{
+ revalidator_sweep__(revalidator, true);
}
\f
static void