<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - nft v0.6 segfault in must_print_eq_op at expression.c:520 during 'nft monitor trace' in netdev filter"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1092">1092</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>nft v0.6 segfault in must_print_eq_op at expression.c:520 during 'nft monitor trace' in netdev filter
</td>
</tr>
<tr>
<th>Product</th>
<td>nftables
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>x86_64
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P5
</td>
</tr>
<tr>
<th>Component</th>
<td>nft
</td>
</tr>
<tr>
<th>Assignee</th>
<td>pablo@netfilter.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>sverd.johnsen+nf@gmail.com
</td>
</tr></table>
<p>
<div>
<pre>table netdev filter {
chain foobar {
type filter hook ingress device eth0 priority 0;
udp sport 53 meta nftrace set 1
}
}
Reading symbols from /usr/bin/nft...done.
[New LWP 11571]
Core was generated by `nft monitor trace'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00000047a69fce5a in must_print_eq_op (expr=0x47a8a13610,
expr=0x47a8a13610) at expression.c:520
520 expression.c: No such file or directory.
(gdb) bt full
#0 0x00000047a69fce5a in must_print_eq_op (expr=0x47a8a13610,
expr=0x47a8a13610) at expression.c:520
No locals.
#1 binop_expr_print (expr=0x47a8a13610) at expression.c:532
No locals.
#2 0x00000047a6a05888 in trace_print_packet (nlt=nlt@entry=0x47a8a22050) at
netlink.c:2380
stmts = {next = 0x47a8a0cc90, prev = 0x47a8a12a90}
pctx = {pbase = PROTO_BASE_INVALID, pdep = 0x0, prev = 0x0}
ctx = {family = 5, protocol = {{location = {indesc = 0x0,
{{token_offset = 0, line_offset = 0, first_line = 0, last_line = 0,
first_column = 0, last_column = 0}, {nle = 0x0}}}, desc = 0x0, offset = 0},
{location = {indesc = 0x0, {{token_offset = 0, line_offset = 0, first_line = 0,
last_line = 0, first_column = 0, last_column = 0}, {nle = 0x0}}}, desc =
0x47a6c3eda0 <proto_netdev>, offset = 0}, {location = {
indesc = 0x0, {{token_offset = 0, line_offset = 0, first_line =
0, last_line = 0, first_column = 0, last_column = 0}, {nle = 0x0}}}, desc =
0x0, offset = 0}, {location = {indesc = 0x0, {{token_offset = 0, line_offset =
0, first_line = 0, last_line = 0, first_column = 0, last_column = 0}, {nle =
0x0}}}, desc = 0x0, offset = 0}}}
dev_type = <optimized out>
nfproto = <optimized out>
stmt = 0x47a8a0cc90
next = 0x47a8a13c40
#3 0x00000047a6a07b66 in netlink_events_trace_cb (monh=0x3cc19177bd0, type=17,
nlh=0x3cc19166b30) at netlink.c:2405
nlt = 0x47a8a22050
#4 netlink_events_cb (nlh=nlh@entry=0x3cc19166b30,
data=data@entry=0x3cc19177bd0) at netlink.c:2464
ret = 1
type = 17
monh = 0x3cc19177bd0
#5 0x000003c19109b490 in __mnl_cb_run (cb_ctl_array_len=0, cb_ctl_array=0x0,
data=0x3cc19177bd0, cb_data=0x47a6a07530 <netlink_events_cb>, portid=0, seq=0,
numbytes=420899556, buf=0x3cc19166ad0) at callback.c:78
ret = 1
len = 176
nlh = 0x3cc19166b30
#6 mnl_cb_run (buf=buf@entry=0x3cc19166b30, numbytes=numbytes@entry=176,
seq=seq@entry=0, portid=portid@entry=0, cb_data=cb_data@entry=0x47a6a07530
<netlink_events_cb>, data=data@entry=0x3cc19177bd0) at callback.c:162
No locals.
#7 0x00000047a6a1483b in mnl_nft_event_listener (nf_sock=0x47a8a0f6f0,
cb=cb@entry=0x47a6a07530 <netlink_events_cb>,
cb_data=cb_data@entry=0x3cc19177bd0) at mnl.c:1021
bufsiz = 16777216
buf = <error reading variable buf (value requires 69631 bytes, which is
more than max-value-size)>
ret = 176
#8 0x00000047a6a09989 in netlink_monitor
(monhandler=monhandler@entry=0x3cc19177bd0) at netlink.c:2483
No locals.
#9 0x00000047a69f913a in do_command_monitor (cmd=<optimized out>,
ctx=0x3cc19177c70) at rule.c:1327
t = <optimized out>
s = <optimized out>
monhandler = {monitor_flags = 131437, format = 0, ctx = 0x3cc19177c70,
loc = 0x47a8a0c4e0, cache_needed = true}
#10 do_command (ctx=0x3cc19177c70, cmd=<optimized out>) at rule.c:1358
__PRETTY_FUNCTION__ = "do_command"
#11 0x00000047a69f657a in nft_netlink (msgs=0x3cc19177d10, state=0x3cc19177d20)
at main.c:194
ctx = {msgs = 0x3cc19177d10, list = {next = 0x3cc19177c78, prev =
0x3cc19177c78}, set = 0x0, data = 0x47a8a0c910, seqnum = 4, batch_supported =
true}
err = <optimized out>
tmp = <optimized out>
err_list = {next = 0x3cc19177c60, prev = 0x3cc19177c60}
batch_seqnum = 3
batch_supported = true
ret = 0
cmd = 0x47a8a0c4d0
#12 nft_run (scanner=<optimized out>, state=0x3cc19177d20, msgs=0x3cc19177d10)
at main.c:236
---Type <return> to continue, or q <return> to quit---
cmd = <optimized out>
next = <optimized out>
ret = <optimized out>
#13 0x00000047a69f5fa6 in main (argc=3, argv=0x3cc19178558) at main.c:361
state = {indesc = 0x42419177cd0, indescs = {{location = {indesc = 0x0,
{{token_offset = 0, line_offset = 0, first_line = 0, last_line = 0,
first_column = 0, last_column = 0}, {nle = 0x0}}}, type = INDESC_BUFFER, name =
0x47a6a2381c "<cmdline>", {data = 0x47a8a0c320 "monitor trace", fd =
-1465859296}, lineno = 1, column = 15, token_offset = 13, line_offset = 0},
{location = {indesc = 0x0, {{token_offset = 0,
line_offset = 0, first_line = 0, last_line = 0,
first_column = 0, last_column = 0}, {nle = 0x0}}}, type = INDESC_INVALID, name
= 0x0, {data = 0x0, fd = 0}, lineno = 0, column = 0, token_offset = 0,
line_offset = 0} <repeats 15 times>}, indesc_idx = 0, msgs = 0x3cc19177d10,
nerrs = 0, top_scope = {parent = 0x0, symbols = {next = 0x3cc191782c8, prev =
0x3cc191782c8}}, scopes = {0x3cc191782c0, 0x0,
0x0}, scope = 0, cmds = {next = 0x47a8a0c4d0, prev = 0x47a8a0c4d0},
ectx = {msgs = 0x3cc19177d10, cmd = 0x47a8a0c4d0, table = 0x0, rule = 0x0, set
= 0x0, stmt = 0x0, ectx = {dtype = 0x0, byteorder = BYTEORDER_INVALID, len =
0}, pctx = {family = 0, protocol = {{location = {indesc = 0x0, {{token_offset =
0, line_offset = 0, first_line = 0, last_line = 0, first_column = 0,
last_column = 0}, {nle = 0x0}}},
desc = 0x0, offset = 0}, {location = {indesc = 0x0,
{{token_offset = 0, line_offset = 0, first_line = 0, last_line = 0,
first_column = 0, last_column = 0}, {nle = 0x0}}}, desc = 0x0, offset = 0},
{location = {indesc = 0x0, {{token_offset = 0, line_offset = 0, first_line = 0,
last_line = 0, first_column = 0, last_column = 0}, {nle = 0x0}}}, desc = 0x0,
offset = 0}, {location = {indesc = 0x0, {{
token_offset = 0, line_offset = 0, first_line = 0,
last_line = 0, first_column = 0, last_column = 0}, {nle = 0x0}}}, desc = 0x0,
offset = 0}}}}}
scanner = 0x47a8a0c340
msgs = {next = 0x3cc19177d10, prev = 0x3cc19177d10}
buf = 0x47a8a0c320 "monitor trace"
filename = 0x0
len = <optimized out>
interactive = false
i = <optimized out>
val = <optimized out>
rc = 0
dig any crash.me.if.you.can</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>