Florian Westphal <fw@xxxxxxxxx> wrote:
> I got a large corpus of various crashes in the set internals code
> tripping over expressions that should not exist, e.g. a range expression
> with a symbolic expression.
>
> From initial investigation it looks like to root cause is the same,
> we have back-to-back declarations of the same set name, evaluation
> is returning errors, but we instist to continue evaluation.
>
> Then, we try to merge set elements and end up merging
> such a 'redefined set' with an erroneous one.
>
> This series adds an initial assertion which helped to make
> crashes easier to backtrace.
>
> Second patch adds a 'errors' flag to struct set and raises
> it once we saw soemthing funky.
>
> Patch 3 also sets/uses this when evaluating the set itself.
>
> Alternative would be to make the lowlevel code more robust
> of these kinds of issues, but that might take a while
> to fix, also because this oce is partially not able to
> indicate errors.
We need to rewrite it, its too picky:
nft add rule t c ip protocol . th dport { tcp . 22, udp . 1 }
nft add rule t c ip protocol . th dport { tcp / 22, udp . 1 }
nft add rule t c ip protocol . th dport { tcp / 22 }
In particular, there is a lot of strange code that causes
this to be evaluated in very different ways.
