From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/2314
Path: news.gmane.org!.POSTED!not-for-mail
From: mcz <emcze@ya.ru>
Newsgroups: gmane.comp.sysutils.supervision.general
Subject: runit/svlogd: segfault, uninitialized strallocs?
Date: Mon, 15 Jan 2018 01:18:59 +0100
Message-ID: <20180115001859.62hv2rkt7sl6lm7s@nohostname>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: blaine.gmane.org 1515975449 21550 195.159.176.226 (15 Jan 2018 00:17:29 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Mon, 15 Jan 2018 00:17:29 +0000 (UTC)
To: Supervision <supervision@list.skarnet.org>
Original-X-From: supervision-return-1905-gcsg-supervision=m.gmane.org@list.skarnet.org Mon Jan 15 01:17:25 2018
Return-path: <supervision-return-1905-gcsg-supervision=m.gmane.org@list.skarnet.org>
Envelope-to: gcsg-supervision@m.gmane.org
Original-Received: from alyss.skarnet.org ([95.142.172.232])
	by blaine.gmane.org with smtp (Exim 4.84_2)
	(envelope-from <supervision-return-1905-gcsg-supervision=m.gmane.org@list.skarnet.org>)
	id 1easSi-0004kK-L5
	for gcsg-supervision@m.gmane.org; Mon, 15 Jan 2018 01:17:16 +0100
Original-Received: (qmail 22549 invoked by uid 89); 15 Jan 2018 00:19:46 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
Original-Sender: <supervision@list.skarnet.org>
Precedence: bulk
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
Original-Received: (qmail 22542 invoked from network); 15 Jan 2018 00:19:46 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ya.ru; s=mail; t=1515975556;
	bh=/iJluW7LIJWxtoqTCMzf/OgZXn5Ur1m5lz4iHDntBlg=;
	h=Date:From:To:Subject:Message-ID;
	b=KI8TjSXXLokF0/jxHy/gm0iWqtEPKVG10faBff8vQzPVyYI46n06XORLVZ2RrXc3M
	 NQh7TkFhsQujSBEkcEpKON4GKY3Yr1nEGQjIUoyLWLSO1A2BefeNeKtQSnMJzMb/2c
	 X9F/i35Sh3NSuQYCdSIX7jfZRtJVRh3IHaTeRjzg=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ya.ru; s=mail; t=1515975555;
	bh=/iJluW7LIJWxtoqTCMzf/OgZXn5Ur1m5lz4iHDntBlg=;
	h=Date:From:To:Subject:Message-ID;
	b=nx5DMniWqyxd8vzObwudBA1NcO4OdRRb8uvYv2IJkykAUr59ViQMrmgVVR+ct5qGA
	 XTlnuRSwhpRW1CIMeu6MaSljbdWdOlUB5pVqAWp22PiVx0nBFzYz8KfHsWFgkkzlZl
	 28fmjv88ykF/2RV1cqAl9QFQaA795X69OV7BqVU8=
Authentication-Results: smtp2o.mail.yandex.net; dkim=pass header.i=@ya.ru
Content-Disposition: inline
Xref: news.gmane.org gmane.comp.sysutils.supervision.general:2314
Archived-At: <http://permalink.gmane.org/gmane.comp.sysutils.supervision.general/2314>

On one of my PCs (runit-2.1.2, voidlinux, raspberry pi) this happens
when the number of logdir arguments is large enough:

---8<---
# strace svlogd -ttt /var/log/socklog/*
[...]
open("/var/log/socklog/daemon", O_RDONLY|O_NONBLOCK|O_LARGEFILE) = 4
fcntl64(4, F_SETFD, FD_CLOEXEC)         = 0
fchdir(4)                               = 0
open("lock", O_WRONLY|O_CREAT|O_APPEND|O_NONBLOCK|O_LARGEFILE, 0600) = 5
flock(5, LOCK_EX|LOCK_NB)               = 0
fcntl64(5, F_SETFD, FD_CLOEXEC)         = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x68732067} ---
+++ killed by SIGSEGV +++
Segmentation fault
#
---8<---

The dir structures (which are allocated at svlogd.c:706) don't seem to
be zeroed at all when alloc falls back to malloc (alloc.c:21). Then,
uninitialized dir[0].prefix gets passed to stralloc_copys
(svlogd.c:435) and svlogd receives SIGSEGV at stralloc_opyb.c:11.

Is this a bug or am I missing something?

-- 
mcz