<div dir="ltr">This is now <a href="https://bugzilla.balabit.com/show_bug.cgi?id=253">https://bugzilla.balabit.com/show_bug.cgi?id=253</a><div><br></div><div>Thanks.</div><div><br></div><div>-Gonzalo</div><div><br></div></div>
<div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Sep 12, 2013 at 1:32 PM, Gonzalo Paniagua <span dir="ltr"><<a href="mailto:gonzalo.paniagua@acquia.com" target="_blank">gonzalo.paniagua@acquia.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi there.<div><br></div><div>I have been having trouble creating a user in bugzilla and wanted to let you guys know about a bug I run into.</div>
<div><br></div><div>syslog-ng version: 3.4.3 built from sources</div>
<div>syslog-ng -V:</div><div><div>syslog-ng 3.4.3</div><div>Installer-Version: 3.4.3</div><div>Revision: ssh+git://algernon@git.balabit/var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.4#no_branch#64d670f3cbfb90769f3c7f0fdd9c70bb9136ec5b</div>
<div>Compile-Date: Sep 11 2013 05:33:29</div><div>Available-Modules: confgen,afsocket-tls,csvparser,affile,system-source,syslogformat,afuser,dbparser,afsocket-notls,basicfuncs,cryptofuncs,afsocket,afprog</div><div>Enable-Debug: off</div>
<div>Enable-GProf: off</div><div>Enable-Memtrace: off</div><div>Enable-IPv6: on</div><div>Enable-Spoof-Source: off</div><div>Enable-TCP-Wrapper: on</div><div>Enable-Linux-Caps: off</div><div>Enable-Pcre: on</div></div><div>
<br></div><div><br></div><div>On rare occasions (I can't reproduce it reliably) syslog-ng segfaults when reloading (syslog-ng-ctl reload). I have a core dump file that gave me this stack trace:</div><div><div>#0 0x00007fbd30102131 in ?? () from /lib/x86_64-linux-gnu/libc.so.6</div>
<div>#1 0x00007fbd30101d76 in strdup () from /lib/x86_64-linux-gnu/libc.so.6</div><div>#2 0x00007fbd2f868b19 in evt_tag_str (tag=0x7fbd309a42f0 "encoding", value=0xffffffffffffffff <Address 0xffffffffffffffff out of bounds>) at evttags.c:76</div>
<div>#3 0x00007fbd3097918c in log_proto_server_options_validate (options=<optimized out>) at logproto-server.c:138</div><div>#4 0x00007fbd3097d191 in log_proto_server_validate_options (self=<optimized out>) at logproto-server.h:82</div>
<div>#5 log_reader_init (s=0x14a6a30) at logreader.c:638</div><div>#6 0x00007fbd2e9d5b07 in log_pipe_init (cfg=0x0, s=0x14a6a30) at ../../lib/logpipe.h:253</div><div>#7 log_pipe_init (cfg=0x0, s=0x14a6a30) at afsocket-source.c:763</div>
<div>#8 afsocket_sc_init (s=0x14a68f0) at afsocket-source.c:149</div><div>#9 0x00007fbd2e9d67fd in log_pipe_init (cfg=0x0, s=0x14a68f0) at ../../lib/logpipe.h:253</div><div>#10 log_pipe_init (cfg=0x0, s=0x14a68f0) at afsocket-source.c:763</div>
<div>#11 afsocket_sd_init (s=0x1489630) at afsocket-source.c:548</div><div>#12 0x00007fbd2e9d9719 in afunix_sd_init (s=<optimized out>) at afunix-source.c:194</div><div>#13 0x00007fbd3096d27a in log_pipe_init (cfg=<optimized out>, s=0x1489630) at logpipe.h:253</div>
<div>#14 cfg_tree_start (self=0x1c15c48) at cfg-tree.c:1064</div><div>#15 0x00007fbd309685de in cfg_init (cfg=0x1c15ae0) at cfg.c:220</div><div>#16 0x00007fbd30984faf in main_loop_reload_config_apply () at mainloop.c:501</div>
<div>#17 0x00007fbd3096d699 in control_connection_reload (self=0x1d09e90, command=<optimized out>) at control.c:150</div><div>#18 0x00007fbd3096dae8 in control_connection_io_input (s=0x1d09e90) at control.c:242</div>
<div>#19 control_connection_io_input (s=0x1d09e90) at control.c:172</div><div>#20 0x00007fbd309a106c in iv_fd_poll_and_run (st=0x1482580, to=<optimized out>) at iv_fd.c:163</div><div>#21 0x00007fbd309a1aac in iv_main () at iv_main_posix.c:117</div>
<div>#22 0x00007fbd309859fb in main_loop_run () at mainloop.c:736</div><div>#23 0x000000000040142b in main (argc=1, argv=0x7fffd8212a58) at main.c:267</div></div><div><br></div><div>When at frame #5, I got this:</div><div>
<div>(gdb) print *self->proto->options</div><div>$19 = {destroy = 0, initialized = -1, encoding = 0xffffffffffffffff <Address 0xffffffffffffffff out of bounds>, convert = 0xffffffffffffffff, max_msg_size = -1, </div>
<div> max_buffer_size = 0, init_buffer_size = 0}</div></div><div><br></div><div>I could not find anywhere in the code where initialized is set to -1, so I assume this is some kind of memory corruption.</div><div><br></div>
<div>Let me know if you need anything else from me.</div><div><br></div><div>Cheers.</div><span class="HOEnZb"><font color="#888888"><div><br></div><div>-Gonzalo</div><div><br></div></font></span></div>
</blockquote></div><br></div>