On 20 September 2016 at 15:02, Arturo Borrero Gonzalez <arturo.borrero.g...@gmail.com> wrote: > > The debian continuous integration system reported issues with > libnftnl which led me to the mxml.
More info, it was able to run valgrind and gdb over the failing program. Here is the trace gdb backtrace: [...] Program received signal SIGSEGV, Segmentation fault. 0x00007ffff779b124 in ?? () from /usr/lib/x86_64-linux-gnu/libmxml.so.1 (gdb) bt #0 0x00007ffff779b124 in ?? () from /usr/lib/x86_64-linux-gnu/libmxml.so.1 #1 0x00007ffff779b4ac in mxmlSaveString () from /usr/lib/x86_64-linux-gnu/libmxml.so.1 #2 0x00007ffff779b556 in mxmlSaveAllocString () from /usr/lib/x86_64-linux-gnu/libmxml.so.1 #3 0x00007ffff7bc069d in nftnl_mxml_expr_parse (node=node@entry=0x60cc20, err=err@entry=0x60b050, set_list=set_list@entry=0x60b2d0) at mxml.c:83 #4 0x00007ffff7bb9997 in nftnl_mxml_rule_parse (tree=0x60c7a0, r=r@entry=0x60d8c0, err=err@entry=0x60b050, set_list=0x60b2d0) at rule.c:667 #5 0x00007ffff7bbeb83 in nftnl_ruleset_parse_rules (ctx=ctx@entry=0x7fffffffd460, err=err@entry=0x60b050) at ruleset.c:445 #6 0x00007ffff7bbf0db in nftnl_ruleset_xml_parse_ruleset (err=0x60b050, ctx=0x7fffffffd460) at ruleset.c:626 #7 nftnl_ruleset_xml_parse_cmd (ctx=0x7fffffffd460, err=0x60b050, cmd=<optimized out>) at ruleset.c:665 #8 nftnl_ruleset_xml_parse (cb=<optimized out>, arg=<optimized out>, type=NFTNL_PARSE_XML, input=<optimized out>, err=0x60b050, xml=<optimized out>) at ruleset.c:704 #9 nftnl_ruleset_do_parse (type=<optimized out>, data=<optimized out>, err=0x60b050, input=<optimized out>, arg=<optimized out>, cb=<optimized out>) at ruleset.c:732 #10 0x000000000040139a in test_xml (filename=filename@entry=0x7fffffffd520 "xmlfiles/66-rule-real.xml", err=err@entry=0x60b050) at nft-parsing-test.c:166 #11 0x00000000004016d5 in execute_test (dir_name=0x7fffffffe8a7 "xmlfiles") at nft-parsing-test.c:214 #12 0x0000000000400e9b in main (argc=<optimized out>, argv=0x7fffffffe668) at nft-parsing-test.c:330 Here is the valgrind run: % valgrind .libs/nft-parsing-test -d xmlfiles ==11111== Memcheck, a memory error detector ==11111== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==11111== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info ==11111== Command: .libs/nft-parsing-test -d xmlfiles ==11111== ==11111== Invalid read of size 8 ==11111== at 0x5276124: ??? (in /usr/lib/x86_64-linux-gnu/libmxml.so.1.5) ==11111== by 0x52764AB: mxmlSaveString (in /usr/lib/x86_64-linux-gnu/libmxml.so.1.5) ==11111== by 0x5276555: mxmlSaveAllocString (in /usr/lib/x86_64-linux-gnu/libmxml.so.1.5) ==11111== by 0x4E4F69C: nftnl_mxml_expr_parse (mxml.c:83) ==11111== by 0x4E48996: nftnl_mxml_rule_parse (rule.c:667) ==11111== by 0x4E4DB82: nftnl_ruleset_parse_rules (ruleset.c:445) ==11111== by 0x4E4E0DA: nftnl_ruleset_xml_parse_ruleset (ruleset.c:626) ==11111== by 0x4E4E0DA: nftnl_ruleset_xml_parse_cmd (ruleset.c:665) ==11111== by 0x4E4E0DA: nftnl_ruleset_xml_parse (ruleset.c:704) ==11111== by 0x4E4E0DA: nftnl_ruleset_do_parse (ruleset.c:732) ==11111== by 0x401399: test_xml (nft-parsing-test.c:166) ==11111== by 0x4016D4: execute_test (nft-parsing-test.c:214) ==11111== by 0x400E9A: main (nft-parsing-test.c:330) ==11111== Address 0x30 is not stack'd, malloc'd or (recently) free'd ==11111== ==11111== ==11111== Process terminating with default action of signal 11 (SIGSEGV) ==11111== Access not within mapped region at address 0x30 ==11111== at 0x5276124: ??? (in /usr/lib/x86_64-linux-gnu/libmxml.so.1.5) ==11111== by 0x52764AB: mxmlSaveString (in /usr/lib/x86_64-linux-gnu/libmxml.so.1.5) ==11111== by 0x5276555: mxmlSaveAllocString (in /usr/lib/x86_64-linux-gnu/libmxml.so.1.5) ==11111== by 0x4E4F69C: nftnl_mxml_expr_parse (mxml.c:83) ==11111== by 0x4E48996: nftnl_mxml_rule_parse (rule.c:667) ==11111== by 0x4E4DB82: nftnl_ruleset_parse_rules (ruleset.c:445) ==11111== by 0x4E4E0DA: nftnl_ruleset_xml_parse_ruleset (ruleset.c:626) ==11111== by 0x4E4E0DA: nftnl_ruleset_xml_parse_cmd (ruleset.c:665) ==11111== by 0x4E4E0DA: nftnl_ruleset_xml_parse (ruleset.c:704) ==11111== by 0x4E4E0DA: nftnl_ruleset_do_parse (ruleset.c:732) ==11111== by 0x401399: test_xml (nft-parsing-test.c:166) ==11111== by 0x4016D4: execute_test (nft-parsing-test.c:214) ==11111== by 0x400E9A: main (nft-parsing-test.c:330) ==11111== If you believe this happened as a result of a stack ==11111== overflow in your program's main thread (unlikely but ==11111== possible), you can try to increase the size of the ==11111== main thread stack using the --main-stacksize= flag. ==11111== The main thread stack size used in this run was 8388608. ==11111== ==11111== HEAP SUMMARY: ==11111== in use at exit: 37,521 bytes in 86 blocks ==11111== total heap usage: 96 allocs, 10 frees, 42,193 bytes allocated ==11111== ==11111== LEAK SUMMARY: ==11111== definitely lost: 0 bytes in 0 blocks ==11111== indirectly lost: 0 bytes in 0 blocks ==11111== possibly lost: 0 bytes in 0 blocks ==11111== still reachable: 37,521 bytes in 86 blocks ==11111== suppressed: 0 bytes in 0 blocks ==11111== Rerun with --leak-check=full to see details of leaked memory ==11111== ==11111== For counts of detected and suppressed errors, rerun with: -v ==11111== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) Segmentation fault The program that produces the segfault is nft-parsing-test inside the libnftnl tree, under tests/, running it like this: libnftnl/tests/ % ./nft-parsing-test -d xmlfiles regards -- Arturo Borrero González