Hi Jimmy, It looks like an issue related to crypto key provisioning. Could you enable IKEv2 logs with 'vppctl ikev2 set logging level 5' before starting IKEv2. Then when it crashes you should be able to dump elogs from gdb with 'call vlib_gdb_show_event_log()'. Also can you try with another backend, eg. OpenSSL instead of IPsecMB?
Best ben ________________________________________ From: [email protected] <[email protected]> on behalf of Jimmy Björklund via lists.fd.io <[email protected]> Sent: Thursday, January 29, 2026 16:00 To: [email protected] Subject: Re: [vpp-dev] IPSec 25.10 crash. Hi again, Some more data if someone have any pointer about what causes this crash would be greatly appreciated. Thread 5 "vpp_wk_1" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fff9dd976c0 (LWP 73839)] 0x0000000000000000 in ?? () (gdb) bt #0 0x0000000000000000 in ?? () #1 0x00007fffafa435d4 in ipsecmb_ops_hmac_inline (vm=0x7fffc009eb80, ops=0x7fff9dd935e0, n_ops=1, block_size=64, hash_size=32, digest_size=32, alg=IMB_AUTH_HMAC_SHA_256) at /build-vpp/src/crypto_engines/ipsecmb/ipsecmb.c:192 #2 0x00007fffafa418d8 in ipsecmb_ops_hmac_SHA256 (vm=0x7fffc009eb80, ops=0x7fff9dd935e0, n_ops=1) at /build-vpp/src/crypto_engines/ipsecmb/ipsecmb.c:263 #3 0x00007ffff71f047d in vnet_crypto_process_ops_call_handler (vm=0x7fffc009eb80, cm=0x7ffff7d817b0 <crypto_main>, opt=VNET_CRYPTO_OP_SHA256_HMAC, ops=0x7fff9dd935e0, chunks=0x0, n_ops=1) at /build-vpp/src/vnet/crypto/crypto.c:68 #4 0x00007ffff71ec8e9 in vnet_crypto_process_ops_inline (vm=0x7fffc009eb80, ops=0x7fffc011c000, chunks=0x0, n_ops=1) at /build-vpp/src/vnet/crypto/crypto.c:102 #5 0x00007ffff71ec6f7 in vnet_crypto_process_ops (vm=0x7fffc009eb80, ops=0x7fffc011c000, n_ops=1) at /build-vpp/src/vnet/crypto/crypto.c:110 #6 0x00007ffff723d5bd in esp_process_ops (vm=0x7fffc009eb80, node=0x7fffc0313480, ops=0x7fffc011c000, b=0x7fff9dd94cb0, nexts=0x7fff9dd94ab0, drop_next=0) at /build-vpp/src/vnet/ipsec/esp_encrypt.c:274 #7 0x00007ffff7238649 in esp_encrypt_inline (vm=0x7fffc009eb80, node=0x7fffc0313480, frame=0x7fffc007dd00, lt=VNET_LINK_IP4, is_tun=1, async_next_node=3) at /build-vpp/src/vnet/ipsec/esp_encrypt.c:1112 #8 0x00007ffff723986c in esp4_encrypt_tun_node_fn (vm=0x7fffc009eb80, node=0x7fffc0313480, from_frame=0x7fffc007dd00) at /build-vpp/src/vnet/ipsec/esp_encrypt.c:1318 #9 0x00007ffff7e7de59 in dispatch_node (vm=0x7fffc009eb80, node=0x7fffc0313480, type=VLIB_NODE_TYPE_INTERNAL, frame=0x7fffc007dd00, dispatch_reason=VLIB_NODE_DISPATCH_REASON_PENDING_FRAME, last_time_stamp=553917630588691) at /build-vpp/src/vlib/main.c:938 #10 0x00007ffff7e7ec06 in dispatch_pending_node (vm=0x7fffc009eb80, pending_frame_index=0, last_time_stamp=553917630588691) at /build-vpp/src/vlib/main.c:1096 #11 0x00007ffff7e79b15 in vlib_main_or_worker_loop (vm=0x7fffc009eb80, is_main=0) at /build-vpp/src/vlib/main.c:1640 #12 0x00007ffff7e80806 in vlib_worker_thread_fn (arg=0x7fffb7bf51c0) at /build-vpp/src/vlib/main.c:2090 #13 0x00007ffff7eb18b6 in vlib_worker_thread_bootstrap_fn (arg=0x7fffb7bf51c0) at /build-vpp/src/vlib/threads.c:490 #14 0x00007ffff6a9caa4 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:447 #15 0x00007ffff6b29c6c in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78 (gdb) up #1 0x00007fffafa435d4 in ipsecmb_ops_hmac_inline (vm=0x7fffc009eb80, ops=0x7fff9dd935e0, n_ops=1, block_size=64, hash_size=32, digest_size=32, alg=IMB_AUTH_HMAC_SHA_256) at /build-vpp/src/crypto_engines/ipsecmb/ipsecmb.c:192 192 IMB_SUBMIT_HASH_BURST_NOCHECK (ptd->mgr, ptd->burst_jobs, n, alg); (gdb) p ptd $1 = (ipsecmb_per_thread_data_t *) 0x7fffbc9f1b00 (gdb) p *ptd $2 = {cacheline0 = 0x7fffbc9f1b00 "@\240\252\257\377\177", mgr = 0x7fffafaaa040, burst_jobs = {{enc_keys = 0x0, dec_keys = 0x0, key_len_in_bytes = 0, {src = 0x1004ec3ee8 "\311I", <incomplete sequence \352>, sgl_io_segs = 0x1004ec3ee8}, {dst = 0x0, num_sgl_io_segs = 0}, {cipher_start_src_offset_in_bytes = 0, cipher_start_src_offset_in_bits = 0, cipher_start_offset_in_bits = 0}, { msg_len_to_cipher_in_bytes = 0, msg_len_to_cipher_in_bits = 0}, hash_start_src_offset_in_bytes = 0, {msg_len_to_hash_in_bytes = 136, msg_len_to_hash_in_bits = 136}, iv = 0x0, iv_len_in_bytes = 0, auth_tag_output = 0x7fff9dd93410 "", auth_tag_output_len_in_bytes = 32, u = {HMAC = {_hashed_auth_key_xor_ipad = 0x7fffc0299e80 "", _hashed_auth_key_xor_opad = 0x7fffc0299ea0 ""}, XCBC = { _k1_expanded = 0x7fffc0299e80, _k2 = 0x7fffc0299ea0 "", _k3 = 0x0}, CCM = {aad = 0x7fffc0299e80, aad_len_in_bytes = 140736417341088}, CMAC = {_key_expanded = 0x7fffc0299e80, _skey1 = 0x7fffc0299ea0, _skey2 = 0x0}, GCM = {aad = 0x7fffc0299e80, aad_len_in_bytes = 140736417341088, ctx = 0x0}, ZUC_EIA3 = {_key = 0x7fffc0299e80 "", _iv = 0x7fffc0299ea0 "", _iv23 = 0x0}, SNOW3G_UIA2 = {_key = 0x7fffc0299e80, _iv = 0x7fffc0299ea0}, KASUMI_UIA1 = {_key = 0x7fffc0299e80}, GMAC = {_key = 0x7fffc0299e80, _iv = 0x7fffc0299ea0, iv_len_in_bytes = 0}, GHASH = { _key = 0x7fffc0299e80, _init_tag = 0x7fffc0299ea0}, POLY1305 = {_key = 0x7fffc0299e80}, CHACHA20_POLY1305 = {aad = 0x7fffc0299e80, aad_len_in_bytes = 140736417341088, ctx = 0x0}, SNOW_V_AEAD = { aad = 0x7fffc0299e80, aad_len_in_bytes = 140736417341088, reserved = 0x0}}, status = IMB_STATUS_BEING_PROCESSED, cipher_mode = 0, cipher_direction = 0, hash_alg = 0, chain_order = 0, user_data = 0x7fffc011c000, user_data2 = 0x0, cipher_func = 0x0, hash_func = 0x0, sgl_state = IMB_SGL_INIT, cipher_fields = {CBCS = {next_iv = 0x0}}, suite_id = {0, 0}, session_id = 0}, { enc_keys = 0x0, dec_keys = 0x0, key_len_in_bytes = 0, {src = 0x0, sgl_io_segs = 0x0}, {dst = 0x0, num_sgl_io_segs = 0}, {cipher_start_src_offset_in_bytes = 0, cipher_start_src_offset_in_bits = 0, cipher_start_offset_in_bits = 0}, {msg_len_to_cipher_in_bytes = 0, msg_len_to_cipher_in_bits = 0}, hash_start_src_offset_in_bytes = 0, {msg_len_to_hash_in_bytes = 0, msg_len_to_hash_in_bits = 0}, iv = 0x0, iv_len_in_bytes = 0, auth_tag_output = 0x0, auth_tag_output_len_in_bytes = 0, u = {HMAC = {_hashed_auth_key_xor_ipad = 0x0, _hashed_auth_key_xor_opad = 0x0}, XCBC = {_k1_expanded = 0x0, _k2 = 0x0, _k3 = 0x0}, CCM = {aad = 0x0, aad_len_in_bytes = 0}, CMAC = {_key_expanded = 0x0, _skey1 = 0x0, _skey2 = 0x0}, GCM = {aad = 0x0, aad_len_in_bytes = 0, ctx = 0x0}, ZUC_EIA3 = { _key = 0x0, _iv = 0x0, _iv23 = 0x0}, SNOW3G_UIA2 = {_key = 0x0, _iv = 0x0}, KASUMI_UIA1 = {_key = 0x0}, GMAC = {_key = 0x0, _iv = 0x0, iv_len_in_bytes = 0}, GHASH = {_key = 0x0, _init_tag = 0x0}, POLY1305 = {_key = 0x0}, CHACHA20_POLY1305 = {aad = 0x0, aad_len_in_bytes = 0, ctx = 0x0}, SNOW_V_AEAD = {aad = 0x0, aad_len_in_bytes = 0, reserved = 0x0}}, status = IMB_STATUS_BEING_PROCESSED, cipher_mode = 0, cipher_direction = 0, hash_alg = 0, chain_order = 0, user_data = 0x0, user_data2 = 0x0, cipher_func = 0x0, hash_func = 0x0, sgl_state = IMB_SGL_INIT, cipher_fields = {CBCS = { next_iv = 0x0}}, suite_id = {0, 0}, session_id = 0} <repeats 127 times>}} (gdb) p ptd->mgr $3 = (IMB_MGR *) 0x7fffafaaa040 (gdb) p ptd->burst_jobs $4 = {{enc_keys = 0x0, dec_keys = 0x0, key_len_in_bytes = 0, {src = 0x1004ec3ee8 "\311I", <incomplete sequence \352>, sgl_io_segs = 0x1004ec3ee8}, {dst = 0x0, num_sgl_io_segs = 0}, { cipher_start_src_offset_in_bytes = 0, cipher_start_src_offset_in_bits = 0, cipher_start_offset_in_bits = 0}, {msg_len_to_cipher_in_bytes = 0, msg_len_to_cipher_in_bits = 0}, hash_start_src_offset_in_bytes = 0, {msg_len_to_hash_in_bytes = 136, msg_len_to_hash_in_bits = 136}, iv = 0x0, iv_len_in_bytes = 0, auth_tag_output = 0x7fff9dd93410 "", auth_tag_output_len_in_bytes = 32, u = {HMAC = {_hashed_auth_key_xor_ipad = 0x7fffc0299e80 "", _hashed_auth_key_xor_opad = 0x7fffc0299ea0 ""}, XCBC = {_k1_expanded = 0x7fffc0299e80, _k2 = 0x7fffc0299ea0 "", _k3 = 0x0}, CCM = {aad = 0x7fffc0299e80, aad_len_in_bytes = 140736417341088}, CMAC = {_key_expanded = 0x7fffc0299e80, _skey1 = 0x7fffc0299ea0, _skey2 = 0x0}, GCM = { aad = 0x7fffc0299e80, aad_len_in_bytes = 140736417341088, ctx = 0x0}, ZUC_EIA3 = {_key = 0x7fffc0299e80 "", _iv = 0x7fffc0299ea0 "", _iv23 = 0x0}, SNOW3G_UIA2 = {_key = 0x7fffc0299e80, _iv = 0x7fffc0299ea0}, KASUMI_UIA1 = {_key = 0x7fffc0299e80}, GMAC = {_key = 0x7fffc0299e80, _iv = 0x7fffc0299ea0, iv_len_in_bytes = 0}, GHASH = {_key = 0x7fffc0299e80, _init_tag = 0x7fffc0299ea0}, POLY1305 = {_key = 0x7fffc0299e80}, CHACHA20_POLY1305 = {aad = 0x7fffc0299e80, aad_len_in_bytes = 140736417341088, ctx = 0x0}, SNOW_V_AEAD = {aad = 0x7fffc0299e80, aad_len_in_bytes = 140736417341088, reserved = 0x0}}, status = IMB_STATUS_BEING_PROCESSED, cipher_mode = 0, cipher_direction = 0, hash_alg = 0, chain_order = 0, user_data = 0x7fffc011c000, user_data2 = 0x0, cipher_func = 0x0, hash_func = 0x0, sgl_state = IMB_SGL_INIT, cipher_fields = {CBCS = {next_iv = 0x0}}, suite_id = {0, 0}, session_id = 0}, {enc_keys = 0x0, dec_keys = 0x0, key_len_in_bytes = 0, {src = 0x0, sgl_io_segs = 0x0}, {dst = 0x0, num_sgl_io_segs = 0}, {cipher_start_src_offset_in_bytes = 0, cipher_start_src_offset_in_bits = 0, cipher_start_offset_in_bits = 0}, {msg_len_to_cipher_in_bytes = 0, msg_len_to_cipher_in_bits = 0}, hash_start_src_offset_in_bytes = 0, {msg_len_to_hash_in_bytes = 0, msg_len_to_hash_in_bits = 0}, iv = 0x0, iv_len_in_bytes = 0, auth_tag_output = 0x0, auth_tag_output_len_in_bytes = 0, u = {HMAC = {_hashed_auth_key_xor_ipad = 0x0, _hashed_auth_key_xor_opad = 0x0}, XCBC = {_k1_expanded = 0x0, _k2 = 0x0, _k3 = 0x0}, CCM = {aad = 0x0, aad_len_in_bytes = 0}, CMAC = {_key_expanded = 0x0, _skey1 = 0x0, _skey2 = 0x0}, GCM = {aad = 0x0, aad_len_in_bytes = 0, ctx = 0x0}, ZUC_EIA3 = {_key = 0x0, _iv = 0x0, _iv23 = 0x0}, SNOW3G_UIA2 = { _key = 0x0, _iv = 0x0}, KASUMI_UIA1 = {_key = 0x0}, GMAC = {_key = 0x0, _iv = 0x0, iv_len_in_bytes = 0}, GHASH = {_key = 0x0, _init_tag = 0x0}, POLY1305 = {_key = 0x0}, CHACHA20_POLY1305 = { aad = 0x0, aad_len_in_bytes = 0, ctx = 0x0}, SNOW_V_AEAD = {aad = 0x0, aad_len_in_bytes = 0, reserved = 0x0}}, status = IMB_STATUS_BEING_PROCESSED, cipher_mode = 0, cipher_direction = 0, hash_alg = 0, chain_order = 0, user_data = 0x0, user_data2 = 0x0, cipher_func = 0x0, hash_func = 0x0, sgl_state = IMB_SGL_INIT, cipher_fields = {CBCS = {next_iv = 0x0}}, suite_id = {0, 0}, session_id = 0} <repeats 127 times>} (gdb) up #2 0x00007fffafa418d8 in ipsecmb_ops_hmac_SHA256 (vm=0x7fffc009eb80, ops=0x7fff9dd935e0, n_ops=1) at /build-vpp/src/crypto_engines/ipsecmb/ipsecmb.c:263 263 foreach_ipsecmb_hmac_op; (gdb) l 258 vnet_crypto_op_t * ops[], \ 259 u32 n_ops) \ 260 { return ipsecmb_ops_hmac_inline (vm, ops, n_ops, d, e, f, \ 261 IMB_AUTH_HMAC_##b); } \ 262 263 foreach_ipsecmb_hmac_op; 264 #undef _ 265 266 always_inline void 267 ipsecmb_retire_cipher_job (IMB_JOB *job, u32 *n_fail) (gdb) down #1 0x00007fffafa435d4 in ipsecmb_ops_hmac_inline (vm=0x7fffc009eb80, ops=0x7fff9dd935e0, n_ops=1, block_size=64, hash_size=32, digest_size=32, alg=IMB_AUTH_HMAC_SHA_256) at /build-vpp/src/crypto_engines/ipsecmb/ipsecmb.c:192 192 IMB_SUBMIT_HASH_BURST_NOCHECK (ptd->mgr, ptd->burst_jobs, n, alg); (gdb) p n $5 = 1 (gdb) p alg $6 = IMB_AUTH_HMAC_SHA_256 (gdb) q Sent from Outlook for Mac From: [email protected] <[email protected]> on behalf of Jimmy Björklund via lists.fd.io <[email protected]> Date: Friday, 23 January 2026 at 15:27 To: [email protected] <[email protected]> Subject: [vpp-dev] IPSec 25.10 crash. Hi Trying to start IPsec, I can see that phase1 seems to be working. show ikev2 sa iip 100.127.9.168 ispi b2a759d49c7773a rip 192.x.x.x rspi 951f673d969253d1 But when bringing up the interface of the tunnel, it crashes. Anyone have any idea what is wrong ? show interface ipip0 address ipip0 (dn): L3 192.168.1.2/30 DBGvpp# set interface state ipip0 up DBGvpp# received signal SIGSEGV, PC 0x0, faulting address 0x0 PC contains invalid memory address #0 0x0000000000000000 #1 0x00007e0c39a435d4 ipsecmb_ops_hmac_inline + 0x224 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/vpp_crypto_engines/ipsecmb_crypto_engine.so #2 0x00007e0c811f047d vnet_crypto_process_ops_call_handler + 0xed from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10 #3 0x00007e0c811ec8e9 vnet_crypto_process_ops_inline + 0x1e9 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10 #4 0x00007e0c811ec6f7 vnet_crypto_process_ops + 0x27 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10 #5 0x00007e0c812499e9 esp_process_ops + 0x79 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10 #6 0x00007e0c812455cf esp_decrypt_inline + 0xf8f from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10 #7 0x00007e0c81245deb esp4_decrypt_tun_node_fn + 0x3b from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvnet.so.25.10 #8 0x00007e0c81ea7e59 dispatch_node + 0x349 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10 #9 0x00007e0c81ea8c06 dispatch_pending_node + 0x3b6 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10 #10 0x00007e0c81ea3b15 vlib_main_or_worker_loop + 0x995 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10 #11 0x00007e0c81eaa806 vlib_worker_thread_fn + 0x186 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10 #12 0x00007e0c81edb8b6 vlib_worker_thread_bootstrap_fn + 0xd6 from /dev/jimmy/build-vpp/build-root/install-vpp_debug-native/vpp/lib/x86_64-linux-gnu/libvlib.so.25.10 #13 0x00007e0c80a9caa4 pthread_condattr_setpshared + 0x684 from /lib/x86_64-linux-gnu/libc.so.6 #14 0x00007e0c80b29c6c __clone + 0x24c from /lib/x86_64-linux-gnu/libc.so.6 make: *** [Makefile:760: run] Aborted Config: ikev2 profile add pr1 ikev2 profile set pr1 auth shared-key-mic string MySuperSecretKey ikev2 profile set pr1 id local ip4-addr 80.x.x.x ikev2 profile set pr1 id remote ip4-addr 192.x.x.x ikev2 profile set pr1 traffic-selector local ip-range 192.168.1.2 - 192.168.1.2 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 traffic-selector remote ip-range 192.168.1.1 - 192.168.1.1 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 responder GigabitEthernet0/14/0 192.x.x.x ikev2 profile set pr1 ike-crypto-alg aes-cbc 256 ike-integ-alg hmac-sha2-256-128 ike-dh modp-2048 ikev2 profile set pr1 esp-crypto-alg aes-cbc 256 esp-integ-alg hmac-sha2-256-128 esp-dh modp-2048 ikev2 profile set pr1 sa-lifetime 86400 10 5 0 ikev2 initiate sa-init pr1 set interface ip address ipip0 192.168.1.2/30 set interface state ipip0 up
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#26752): https://lists.fd.io/g/vpp-dev/message/26752 Mute This Topic: https://lists.fd.io/mt/117418341/21656 Group Owner: [email protected] Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/14379924/21656/631435203/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
