>
> Segfault was observed when running ipsec unit test:
>
> + TestCase [10] : test_ipsec_replay_inb_repeat_null_null_wrapper
> succeeded
> + TestCase [11] : test_ipsec_replay_inb_inside_burst_null_null_wrapper
> succeeded
> + TestCase [12] : test_ipsec_crypto_inb_burst_2sa_null_null_wrapper
> succeeded
> + TestCase [13] : test_ipsec_crypto_inb_burst_2sa_4grp_null_null_wrapper
> succeeded
> Segmentation fault
>
> Data corruption happens due to incorrect destroy of session. Security
> session needs process different from crypto session.
>
> Destroy corresponding sessions according to different security actions.
>
> Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> Cc: sta...@dpdk.org
>
> Signed-off-by: Ruifeng Wang <ruifeng.w...@arm.com>
> Reviewed-by: Phil Yang <phil.y...@arm.com>
> Reviewed-by: Gavin Hu <gavin...@arm.com>
> ---
> app/test/test_ipsec.c | 33 ++++++++++++++++++++++++++++++---
> 1 file changed, 30 insertions(+), 3 deletions(-)
>
> diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
> index 9e1447293..79d00d7e0 100644
> --- a/app/test/test_ipsec.c
> +++ b/app/test/test_ipsec.c
> @@ -1167,6 +1167,34 @@ test_ipsec_dump_buffers(struct ipsec_unitest_params
> *ut_params, int i)
> }
> }
>
> +static void
> +destroy_dummy_sec_session(struct ipsec_unitest_params *ut,
> + uint32_t j)
> +{
> + rte_security_session_destroy(&dummy_sec_ctx,
> + ut->ss[j].security.ses);
> + ut->ss[j].security.ctx = NULL;
> +}
> +
> +static void
> +destroy_crypto_session(struct ipsec_unitest_params *ut,
> + uint8_t crypto_dev, uint32_t j)
> +{
> + rte_cryptodev_sym_session_clear(crypto_dev, ut->ss[j].crypto.ses);
> + rte_cryptodev_sym_session_free(ut->ss[j].crypto.ses);
> + memset(&ut->ss[j], 0, sizeof(ut->ss[j]));
> +}
> +
> +static void
> +destroy_session(struct ipsec_unitest_params *ut,
> + uint8_t crypto_dev, uint32_t j)
> +{
> + if (ut->ss[j].type == RTE_SECURITY_ACTION_TYPE_NONE)
> + return destroy_crypto_session(ut, crypto_dev, j);
> + else
> + return destroy_dummy_sec_session(ut, j);
> +}
> +
> static void
> destroy_sa(uint32_t j)
> {
> @@ -1175,9 +1203,8 @@ destroy_sa(uint32_t j)
>
> rte_ipsec_sa_fini(ut->ss[j].sa);
> rte_free(ut->ss[j].sa);
> - rte_cryptodev_sym_session_clear(ts->valid_dev, ut->ss[j].crypto.ses);
> - rte_cryptodev_sym_session_free(ut->ss[j].crypto.ses);
> - memset(&ut->ss[j], 0, sizeof(ut->ss[j]));
> +
> + destroy_session(ut, ts->valid_dev, j);
> }
>
> static int
> --
Good catch, thanks for the fix.
As a nit caption should probably be: "test/ipsec: fix ..."
Tested-by: Konstantin Ananyev <konstantin.anan...@intel.com>
Acked-by: Konstantin Ananyev <konstantin.anan...@intel.com>
> 2.17.1
