Powered by Linux
Hit assert when checking net/netfilter/ipset/ip_set_bitmap_port.c in the Kernel — Semantic Matching Tool

Hit assert when checking net/netfilter/ipset/ip_set_bitmap_port.c in the Kernel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi

When compile-checking net/netfilter/ipset/ip_set_bitmap_port.c using the
following command

~/build/smatch/smatch -p=kernel -D__linux__ -Dlinux -D__STDC__ -Dunix -D__unix__ -Wbitwise -Wno-return-void -D__x86_64__ -m64 -nostdinc -isystem /usr/lib/gcc/x86_64-unknown-linux-gnu/4.8.2/include -Wp,-MD,net/netfilter/ipset/.ip_set_bitmap_port.o.d -nostdinc -isystem /usr/lib/gcc/x86_64-unknown-linux-gnu/4.8.2/include -I/home/silvan/build/linux/arch/x86/include -Iarch/x86/include/generated -Iinclude -I/home/silvan/build/linux/arch/x86/include/uapi -Iarch/x86/include/generated/uapi -I/home/silvan/build/linux/include/uapi -Iinclude/generated/uapi -include /home/silvan/build/linux/include/linux/kconfig.h -D__KERNEL__ -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -Werror-implicit-function-declaration -Wno-format-security -fno-delete-null-pointer-checks -O2 -m64 -mno-mmx -mno-sse -mno-80387 -mno-fp-ret-in-387 -mpreferred-stack-boundary=3 -mtune=generic -mno-red-zone -mcmodel=kernel -funit-at-a-time -maccumulate-outgoing-args -DCONFIG_AS_CFI=1 -DCONFIG_AS_CFI_SIGNAL_FRAME=1 -DCONFIG_AS_CFI_SECTIONS=1 -DCONFIG_AS_FXSAVEQ=1 -DCONFIG_AS_CRC32=1 -DCONFIG_AS_AVX=1 -DCONFIG_AS_AVX2=1 -pipe -Wno-sign-compare -fno-asynchronous-unwind-tables -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -mno-avx -Wframe-larger-than=2048 -fstack-protector -Wno-unused-but-set-variable -fno-omit-frame-pointer -fno-optimize-sibling-calls -pg -mfentry -DCC_USING_FENTRY -Wdeclaration-after-statement -Wno-pointer-sign -fno-strict-overflow -fconserve-stack -Werror=implicit-int -Werror=strict-prototypes -DCC_HAVE_ASM_GOTO -DMODULE -D"KBUILD_STR(s)=#s" -D"KBUILD_BASENAME=KBUILD_STR(ip_set_bitmap_port)" -D"KBUILD_MODNAME=KBUILD_STR(ip_set_bitmap_port)" net/netfilter/ipset/ip_set_bitmap_port.c

I hit the following assert condition at avl.c:513:

assert(stree->stree_id == 0)

so it seems like the stree_id would be reassigned. I gathered some
information about the issue using gdb.

Backtrace:

#0  set_stree_id (stree=0x86be40, stree_id=45) at avl.c:513
#1  0x00000000004089ea in __merge_stree (to=0x7fffffffd7a0, stree=0x873e20, add_pool=1) at smatch_slist.c:653
#2  0x0000000000408cee in merge_stree (to=0x7fffffffd7a0, stree=0x873e20) at smatch_slist.c:690
#3  0x0000000000408fc0 in or_stree_stack (pre_conds=0x6b3120 <pre_cond_stack>, cur_stree=0x872940, stack=0x6b3128 <cond_true_stack>) at smatch_slist.c:777
#4  0x000000000040a85a in __or_cond_states () at smatch_states.c:655
#5  0x0000000000405d82 in handle_logical (expr=0x7ffff3e044d0) at smatch_conditions.c:188
#6  0x0000000000406361 in split_conditions (expr=0x7ffff3e044d0) at smatch_conditions.c:376
#7  0x0000000000405d28 in handle_logical (expr=0x7ffff3e04650) at smatch_conditions.c:172
#8  0x0000000000406361 in split_conditions (expr=0x7ffff3e04650) at smatch_conditions.c:376
#9  0x0000000000405ccf in handle_preop (expr=0x7ffff3e047d0) at smatch_conditions.c:143
#10 0x00000000004063ac in split_conditions (expr=0x7ffff3e047d0) at smatch_conditions.c:388
#11 0x0000000000405ccf in handle_preop (expr=0x7ffff3e04810) at smatch_conditions.c:143
#12 0x00000000004063ac in split_conditions (expr=0x7ffff3e04810) at smatch_conditions.c:388
#13 0x0000000000405bc7 in ignore_builtin_expect (expr=0x7ffff3e04010) at smatch_conditions.c:108
#14 0x0000000000406395 in split_conditions (expr=0x7ffff3e04010) at smatch_conditions.c:384
#15 0x0000000000406546 in __split_whole_condition (expr=0x7ffff3e04010) at smatch_conditions.c:435
#16 0x0000000000403dbe in __split_stmt (stmt=0x7ffff3e95220) at smatch_flow.c:711
#17 0x0000000000403b48 in __split_stmt (stmt=0x7ffff3e94fa0) at smatch_flow.c:685
#18 0x00000000004051af in split_function (sym=0x7ffff3e0c8b0) at smatch_flow.c:1157
#19 0x000000000040587c in split_functions (sym_list=0x7ffff5473a10) at smatch_flow.c:1315
#20 0x0000000000405a25 in smatch (argc=83, argv=0x7fffffffdd60) at smatch_flow.c:1349
#21 0x000000000040220f in main ()


where the "stree" function parameter looks as follows

(gdb) p *stree      
$18 = {root = 0x867470, count = 92, stree_id = 33, references = 5}

(gdb) p *stree->root
$21 = {sm = 0x7ffff3c1e760, lr = {0x866940, 0x869ba0}, balance = 1}

(gdb) p *stree->root->sm
$20 = {name = 0x7ffff3c162a8 "lineno", sym = 0x7ffff3e0cf70, owner =
18, merged = 0, implied = 0, nr_children = 1, line = 127, state =
0x7ffff3c060e0, pool = 0x0, l eft = 0x0, right = 0x0, possible =
0x7ffff3cf7610}

this seems to indicate that the assert fires when analyzing the
bitmap_port_uadt function at
net/netfilter/ipset/ip_set_bitmap_port.c:127. Sadly my debugging skills
are not sufficient to know where to best go from here.

Is this a proper bug? If so, how can I help to further debug it?


Cheers,

Silvan

--
To unsubscribe from this list: send the line "unsubscribe smatch" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux