feat(flow-info): make reset_expiry methods fallible#1286
Merged
Fredi-raspall merged 7 commits intopr/fredi/fix-flow-table-removalsfrom Feb 17, 2026
Merged
feat(flow-info): make reset_expiry methods fallible#1286Fredi-raspall merged 7 commits intopr/fredi/fix-flow-table-removalsfrom
Fredi-raspall merged 7 commits intopr/fredi/fix-flow-table-removalsfrom
Conversation
Fredi-raspall
force-pushed
the
pr/fredi/fallible_timeout_reset
branch
from
39f3ee0 to
06bddb1
Compare
qmonnet
approved these changes
Feb 16, 2026
Fredi-raspall
force-pushed
the
pr/fredi/fix-flow-table-removals
branch
from
f0f0460 to
71eef6b
Compare
* Add a test that combines flow entry creation and expirations. * Simplify existing test. * add method to provide the number of entries in the flow-table. Signed-off-by: Fredi Raspall <fredi@githedgehog.com>
The previous implementation was (probably purposedly) removing flow entries lazily, on table lookups. While, on lookups, the correct behavior was observed (a removed flow entry would not be returned), state for the corresponding keys was left over. This behavior can increase the memory footprint, possibly degrade performance with many flows/keys and constitutes an attack vector. Fix it by removing the flow entries reported as reaped by the priority queue. In the existing implementation, the on_read() callback was consuming the key and value of the entry. The fix changes the signature of on_reap() so that the values are consumed but the keys preserved, and used later to remove the stale keys from the table. Signed-off-by: Fredi Raspall <fredi@githedgehog.com>
Let reset_expiry_unchecked() and reset_expiry_unchecked() fail if the provided duration would make the new timeout be smaller than the current. This is because the internal value of the AtomicInstant will not be updated to the new value if it is smaller than the one currently stored. This may require callers checking the result, but is the only way to provide guarantees that the call honors the expectations. Signed-off-by: Fredi Raspall <fredi@githedgehog.com>
Allow a flow entry to refer to another one via a Weak reference. This patch extends the flow-info object and provides a constructor that allows mutually relating (setting references for) two flow- info objects. Signed-off-by: Fredi Raspall <fredi@githedgehog.com>
Allow inserting a flow-info from an &Arc<FlowInfo>. This is needed so that we can insert a flow-info that is referenced by another one to preserve its references. Signed-off-by: Fredi Raspall <fredi@githedgehog.com>
Let the FlowInfoCreator (used for testing) to have a configurable timeout. Signed-off-by: Fredi Raspall <fredi@githedgehog.com>
Signed-off-by: Fredi Raspall <fredi@githedgehog.com>
Fredi-raspall
force-pushed
the
pr/fredi/fallible_timeout_reset
branch
from
f55b20d to
2cd640b
Compare
Fredi-raspall
merged commit 95d0298
into
pr/fredi/fix-flow-table-removals
11 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
On top of #1283