Netfilter-Devel Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 1/1] Solves Bug 1462 - `nft -j list set` does not show counters
@ 2020-10-03 12:58 Gopal Yadav
  2020-10-06 10:33 ` Jose M. Guisado
  0 siblings, 1 reply; 5+ messages in thread
From: Gopal Yadav @ 2020-10-03 12:58 UTC (permalink / raw)
  To: netfilter-devel; +Cc: Gopal Yadav

Solves Bug 1462 - `nft -j list set` does not show counters

Signed-off-by: Gopal Yadav <gopunop@gmail.com>
---
 src/json.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/json.c b/src/json.c
index 5856f9fc..6ad48fdd 100644
--- a/src/json.c
+++ b/src/json.c
@@ -589,7 +589,7 @@ json_t *set_elem_expr_json(const struct expr *expr, struct output_ctx *octx)
 		return NULL;
 
 	/* these element attributes require formal set elem syntax */
-	if (expr->timeout || expr->expiration || expr->comment) {
+	if (expr->timeout || expr->expiration || expr->comment || expr->stmt) {
 		root = json_pack("{s:o}", "val", root);
 
 		if (expr->timeout) {
@@ -604,6 +604,10 @@ json_t *set_elem_expr_json(const struct expr *expr, struct output_ctx *octx)
 			tmp = json_string(expr->comment);
 			json_object_set_new(root, "comment", tmp);
 		}
+		if(expr->stmt) {
+			tmp = expr->stmt->ops->json(expr->stmt, octx);
+			json_object_update(root, tmp);
+		}
 		return json_pack("{s:o}", "elem", root);
 	}
 
-- 
2.17.1


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/1] Solves Bug 1462 - `nft -j list set` does not show counters
  2020-10-03 12:58 [PATCH 1/1] Solves Bug 1462 - `nft -j list set` does not show counters Gopal Yadav
@ 2020-10-06 10:33 ` Jose M. Guisado
  2020-10-06 12:42   ` Gopal Yadav
  0 siblings, 1 reply; 5+ messages in thread
From: Jose M. Guisado @ 2020-10-06 10:33 UTC (permalink / raw)
  To: Gopal Yadav, netfilter-devel

Hi Gopal,

On 3/10/20 14:58, Gopal Yadav wrote:
> Solves Bug 1462 - `nft -j list set` does not show counters
> 
> Signed-off-by: Gopal Yadav <gopunop@gmail.com>
> ---
>   src/json.c | 6 +++++-
>   1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/src/json.c b/src/json.c
> index 5856f9fc..6ad48fdd 100644
> --- a/src/json.c
> +++ b/src/json.c
> @@ -589,7 +589,7 @@ json_t *set_elem_expr_json(const struct expr *expr, struct output_ctx *octx)
>   		return NULL;
>   
>   	/* these element attributes require formal set elem syntax */
> -	if (expr->timeout || expr->expiration || expr->comment) {
> +	if (expr->timeout || expr->expiration || expr->comment || expr->stmt) {
>   		root = json_pack("{s:o}", "val", root);
>   
>   		if (expr->timeout) {
> @@ -604,6 +604,10 @@ json_t *set_elem_expr_json(const struct expr *expr, struct output_ctx *octx)
>   			tmp = json_string(expr->comment);
>   			json_object_set_new(root, "comment", tmp);
>   		}
> +		if(expr->stmt) {
> +			tmp = expr->stmt->ops->json(expr->stmt, octx);

You can compact this using stmt_print_json

> +			json_object_update(root, tmp);

ASAN reports memleaks when using json_object_update. You should use 
json_object_update_new, or maybe json_object_update_missing_new to 
ensure only new keys are created.

> +		}
>   		return json_pack("{s:o}", "elem", root);
>   	}
>   
> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/1] Solves Bug 1462 - `nft -j list set` does not show counters
  2020-10-06 10:33 ` Jose M. Guisado
@ 2020-10-06 12:42   ` Gopal Yadav
  2020-10-06 13:45     ` Jose M. Guisado
  0 siblings, 1 reply; 5+ messages in thread
From: Gopal Yadav @ 2020-10-06 12:42 UTC (permalink / raw)
  To: Jose M. Guisado; +Cc: netfilter-devel

On Tue, Oct 6, 2020 at 4:03 PM Jose M. Guisado <guigom@riseup.net> wrote:
>
> Hi Gopal,
>
> On 3/10/20 14:58, Gopal Yadav wrote:
> > +                     tmp = expr->stmt->ops->json(expr->stmt, octx);
>
> You can compact this using stmt_print_json
>
> > +                     json_object_update(root, tmp);
>
> ASAN reports memleaks when using json_object_update. You should use
> json_object_update_new, or maybe json_object_update_missing_new to
> ensure only new keys are created.

Should I always run ASAN before submitting patches as a regular practice?
json_object_update_missing_new() was raising a warning so I have used
json_object_update_missing() in the updated patch.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/1] Solves Bug 1462 - `nft -j list set` does not show counters
  2020-10-06 12:42   ` Gopal Yadav
@ 2020-10-06 13:45     ` Jose M. Guisado
  2020-10-07  6:28       ` Gopal Yadav
  0 siblings, 1 reply; 5+ messages in thread
From: Jose M. Guisado @ 2020-10-06 13:45 UTC (permalink / raw)
  To: Gopal Yadav; +Cc: netfilter-devel

On 6/10/20 14:42, Gopal Yadav wrote:
> Should I always run ASAN before submitting patches as a regular practice?

I usually check for leaks when submitting patches, using either ASAN or 
Valgrind.

> json_object_update_missing_new() was raising a warning so I have used
> json_object_update_missing() in the updated patch.

I've been unable to reproduce said warning when using 
json_object_update_missing_new.

You need to use the *_new function, because it will call json_decref on 
tmp for you. If not the reference to tmp is leaked.

You should version your patches, have a look at the patch submission 
guidelines in the nftables wiki [1]

[1] 
https://wiki.nftables.org/wiki-nftables/index.php/Portal:DeveloperDocs/Patch_submission_guidelines

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 1/1] Solves Bug 1462 - `nft -j list set` does not show counters
  2020-10-06 13:45     ` Jose M. Guisado
@ 2020-10-07  6:28       ` Gopal Yadav
  0 siblings, 0 replies; 5+ messages in thread
From: Gopal Yadav @ 2020-10-07  6:28 UTC (permalink / raw)
  To: Jose M. Guisado; +Cc: netfilter-devel

On Tue, Oct 6, 2020 at 7:15 PM Jose M. Guisado <guigom@riseup.net> wrote:
>
> On 6/10/20 14:42, Gopal Yadav wrote:
> > Should I always run ASAN before submitting patches as a regular practice?
>
> I usually check for leaks when submitting patches, using either ASAN or
> Valgrind.
>
> > json_object_update_missing_new() was raising a warning so I have used
> > json_object_update_missing() in the updated patch.
>
> I've been unable to reproduce said warning when using
> json_object_update_missing_new.
>
> You need to use the *_new function, because it will call json_decref on
> tmp for you. If not the reference to tmp is leaked.

Since on using *_new() build fails, should I call json_decref(tmp)
explicitly after json_object_update_missing()?

I couldn't get ASAN to run, but I ran valgrind by doing `valgrind nft
list ruleset` on both versions, with & without json_decref(tmp). Both
of them produce the same output which says no leaks:

==5967== Memcheck, a memory error detector
==5967== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==5967== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==5967== Command: nft list ruleset
==5967==
table inet dev {
    set ports_udp {
        type inet_service
        size 65536
        flags dynamic,timeout
        timeout 30d
        elements = { 53 expires 29d6h14m26s268ms counter packets 0 bytes 0 }
    }
}
==5967==
==5967== HEAP SUMMARY:
==5967==     in use at exit: 0 bytes in 0 blocks
==5967==   total heap usage: 78 allocs, 78 frees, 390,728 bytes allocated
==5967==
==5967== All heap blocks were freed -- no leaks are possible
==5967==
==5967== For counts of detected and suppressed errors, rerun with: -v
==5967== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, back to index

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-03 12:58 [PATCH 1/1] Solves Bug 1462 - `nft -j list set` does not show counters Gopal Yadav
2020-10-06 10:33 ` Jose M. Guisado
2020-10-06 12:42   ` Gopal Yadav
2020-10-06 13:45     ` Jose M. Guisado
2020-10-07  6:28       ` Gopal Yadav

Netfilter-Devel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/netfilter-devel/0 netfilter-devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 netfilter-devel netfilter-devel/ https://lore.kernel.org/netfilter-devel \
		netfilter-devel@vger.kernel.org
	public-inbox-index netfilter-devel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.netfilter-devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git