<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - __list_add SIGSEGV fault"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1754#c2">Comment # 2</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - __list_add SIGSEGV fault"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1754">bug 1754</a>
from <span class="vcard"><a class="email" href="mailto:s.egbert@sbcglobal.net" title="Egbert S <s.egbert@sbcglobal.net>"> <span class="fn">Egbert S</span></a>
</span></b>
<pre>53 static inline void __list_add(struct list_head *new,
54 struct list_head *prev,
55 struct list_head *next)
56 {
57 next->prev = new;
58 new->next = next;
59 new->prev = prev;
60 prev->next = new;
61 }
62
Signal SIGSEGV at line 59:
'prev' variable is 0 (zero, NULL pointer, owwie)
Did a dump on '*expr' and 'blackhole' was the identifier. I have 12
'blackhole' in the test file. I renumbered all blackhole into suffix numerical
sequences (i.e., 'blackhole1', 'blackhole2', ...), and got a different
ASSERT!!!
nft: payload.c:117: payload_expr_pctx_update: Assertion `base->length > 0'
failed.
# gdb -q /usr/sbin/nft
GNU gdb (Debian 13.1-3) 13.1
Reading symbols from /usr/sbin/nft...
(No debugging symbols found in /usr/sbin/nft)
(gdb) set args -c -f ../../github/vim-nftables/test/passing-syntaxes.nft
(gdb) set debuginfod enabled on
(gdb) run
Starting program: /usr/sbin/nft -c -f
../../github/vim-nftables/test/passing-syntaxes.nft
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
nft: payload.c:117: payload_expr_pctx_update: Assertion `base->length > 0'
failed.
Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6,
no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
44 ./nptl/pthread_kill.c: No such file or directory.
(gdb) bt
#0 __pthread_kill_implementation (threadid=<optimized out>,
signo=signo@entry=6,
no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44
#1 0x00007ffff7d2de8f in __pthread_kill_internal (signo=6, threadid=<optimized
out>)
at ./nptl/pthread_kill.c:78
#2 0x00007ffff7cdefb2 in __GI_raise (sig=sig@entry=6) at
../sysdeps/posix/raise.c:26
#3 0x00007ffff7cc9472 in __GI_abort () at ./stdlib/abort.c:79
#4 0x00007ffff7cc9395 in __assert_fail_base (
fmt=0x7ffff7e3da90 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n",
assertion=assertion@entry=0x7ffff7f4ad8d "base->length > 0",
file=file@entry=0x7ffff7f4ad53 "payload.c", line=line@entry=117,
function=function@entry=0x7ffff7f4b0e0 "payload_expr_pctx_update") at
./assert/assert.c:92
#5 0x00007ffff7cd7eb2 in __GI___assert_fail (assertion=0x7ffff7f4ad8d
"base->length > 0",
file=0x7ffff7f4ad53 "payload.c", line=117,
function=0x7ffff7f4b0e0 "payload_expr_pctx_update") at
./assert/assert.c:101
#6 0x00007ffff7ef5147 in ?? () from /lib/x86_64-linux-gnu/libnftables.so.1
#7 0x00007ffff7ee910d in ?? () from /lib/x86_64-linux-gnu/libnftables.so.1
#8 0x00007ffff7eef49a in ?? () from /lib/x86_64-linux-gnu/libnftables.so.1
#9 0x00007ffff7eed4ef in ?? () from /lib/x86_64-linux-gnu/libnftables.so.1
#10 0x00007ffff7f188d3 in ?? () from /lib/x86_64-linux-gnu/libnftables.so.1
#11 0x00007ffff7f18d4e in ?? () from /lib/x86_64-linux-gnu/libnftables.so.1
#12 0x00007ffff7f19a99 in nft_run_cmd_from_filename ()
from /lib/x86_64-linux-gnu/libnftables.so.1
--Type <RET> for more, q to quit, c to continue without paging--
#13 0x0000555555556ac9 in ?? ()
#14 0x00007ffff7cca24a in __libc_start_call_main
(main=main@entry=0x5555555562d0,
argc=argc@entry=4, argv=argv@entry=0x7fffffffd2e8)
at ../sysdeps/nptl/libc_start_call_main.h:58
#15 0x00007ffff7cca305 in __libc_start_main_impl (main=0x5555555562d0, argc=4,
argv=0x7fffffffd2e8, init=<optimized out>, fini=<optimized out>,
rtld_fini=<optimized out>, stack_end=0x7fffffffd2d8) at
../csu/libc-start.c:360
#16 0x0000555555556b91 in ?? ()
Make a new new bug report for this kernel ASSERT?</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>