From 1befe19a07d3b44d3fe339aae7c51643a299e012 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Tue, 21 Mar 2023 23:19:41 +0100 Subject: [PATCH 01/10] test: add a couple of tests for systemd-coredump (cherry picked from commit aadbd81f7ffbc313d0541c15455211dddeedbfde) (cherry picked from commit f1e2df588ff2bae3b06e7d1f79cfc5af8ba8ee38) --- test/units/testsuite-74.coredump.sh | 175 ++++++++++++++++++++++++++++ 1 file changed, 175 insertions(+) create mode 100755 test/units/testsuite-74.coredump.sh diff --git a/test/units/testsuite-74.coredump.sh b/test/units/testsuite-74.coredump.sh new file mode 100755 index 00000000000..6a299ecbfb1 --- /dev/null +++ b/test/units/testsuite-74.coredump.sh @@ -0,0 +1,175 @@ +#!/usr/bin/env bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -eux +set -o pipefail + +# Make sure the binary name fits into 15 characters +CORE_TEST_BIN="/tmp/test-dump" +CORE_TEST_UNPRIV_BIN="/tmp/test-usr-dump" +MAKE_DUMP_SCRIPT="/tmp/make-dump" +# Unset $PAGER so we don't have to use --no-pager everywhere +export PAGER= + +at_exit() { + rm -fv -- "$CORE_TEST_BIN" "$CORE_TEST_UNPRIV_BIN" "$MAKE_DUMP_SCRIPT" +} + +trap at_exit EXIT + +if systemd-detect-virt -cq; then + echo "Running in a container, skipping the systemd-coredump test..." + exit 0 +fi + +# Check that we're the ones to receive coredumps +sysctl kernel.core_pattern | grep systemd-coredump + +# Prepare "fake" binaries for coredumps, so we can properly exercise +# the matching stuff too +cp -vf /bin/sleep "${CORE_TEST_BIN:?}" +cp -vf /bin/sleep "${CORE_TEST_UNPRIV_BIN:?}" +# Simple script that spawns given "fake" binary and then kills it with +# given signal +cat >"${MAKE_DUMP_SCRIPT:?}" <<\EOF +#!/bin/bash -ex + +bin="${1:?}" +sig="${2:?}" + +ulimit -c unlimited +"$bin" infinity & +pid=$! +sleep 1 +kill -s "$sig" "$pid" +# This should always fail +! wait "$pid" +EOF +chmod +x "$MAKE_DUMP_SCRIPT" + +# Privileged stuff +[[ "$(id -u)" -eq 0 ]] +# Trigger a couple of coredumps +"$MAKE_DUMP_SCRIPT" "$CORE_TEST_BIN" "SIGTRAP" +"$MAKE_DUMP_SCRIPT" "$CORE_TEST_BIN" "SIGABRT" +# In the tests we store the coredumps in journals, so let's generate a couple +# with Storage=external as well +mkdir -p /run/systemd/coredump.conf.d/ +printf '[Coredump]\nStorage=external' >/run/systemd/coredump.conf.d/99-external.conf +"$MAKE_DUMP_SCRIPT" "$CORE_TEST_BIN" "SIGTRAP" +"$MAKE_DUMP_SCRIPT" "$CORE_TEST_BIN" "SIGABRT" +rm -fv /run/systemd/coredump.conf.d/99-external.conf +# Wait a bit for the coredumps to get processed +timeout 30 bash -c "while [[ $(coredumpctl list -q --no-legend $CORE_TEST_BIN | wc -l) -lt 4 ]]; do sleep 1; done" + +coredumpctl +SYSTEMD_LOG_LEVEL=debug coredumpctl +coredumpctl --help +coredumpctl --version +coredumpctl --no-pager --no-legend +coredumpctl --all +coredumpctl -1 +coredumpctl -n 1 +coredumpctl --reverse +coredumpctl -F COREDUMP_EXE +coredumpctl --json=short | jq +coredumpctl --json=pretty | jq +coredumpctl --json=off +coredumpctl --root=/ +coredumpctl --directory=/var/log/journal +coredumpctl --file="/var/log/journal/$(/tmp/core.redirected +test -s /tmp/core.redirected +coredumpctl dump -o /tmp/core.output "${CORE_TEST_BIN##*/}" +test -s /tmp/core.output +rm -f /tmp/core.{output,redirected} + +# Unprivileged stuff +# Related issue: https://github.com/systemd/systemd/issues/26912 +UNPRIV_CMD=(systemd-run --user --wait --pipe -M "testuser@.host" --) +# Trigger a couple of coredumps as an unprivileged user +"${UNPRIV_CMD[@]}" "$MAKE_DUMP_SCRIPT" "$CORE_TEST_UNPRIV_BIN" "SIGTRAP" +"${UNPRIV_CMD[@]}" "$MAKE_DUMP_SCRIPT" "$CORE_TEST_UNPRIV_BIN" "SIGABRT" +# In the tests we store the coredumps in journals, so let's generate a couple +# with Storage=external as well +mkdir -p /run/systemd/coredump.conf.d/ +printf '[Coredump]\nStorage=external' >/run/systemd/coredump.conf.d/99-external.conf +"${UNPRIV_CMD[@]}" "$MAKE_DUMP_SCRIPT" "$CORE_TEST_UNPRIV_BIN" "SIGTRAP" +"${UNPRIV_CMD[@]}" "$MAKE_DUMP_SCRIPT" "$CORE_TEST_UNPRIV_BIN" "SIGABRT" +rm -fv /run/systemd/coredump.conf.d/99-external.conf +# Wait a bit for the coredumps to get processed +timeout 30 bash -c "while [[ $(coredumpctl list -q --no-legend $CORE_TEST_UNPRIV_BIN | wc -l) -lt 4 ]]; do sleep 1; done" + +# root should see coredumps from both binaries +coredumpctl info "$CORE_TEST_UNPRIV_BIN" +coredumpctl info "${CORE_TEST_UNPRIV_BIN##*/}" +# The test user should see only their own coredumps +"${UNPRIV_CMD[@]}" coredumpctl +"${UNPRIV_CMD[@]}" coredumpctl info "$CORE_TEST_UNPRIV_BIN" +"${UNPRIV_CMD[@]}" coredumpctl info "${CORE_TEST_UNPRIV_BIN##*/}" +(! "${UNPRIV_CMD[@]}" coredumpctl info --all "$CORE_TEST_BIN") +(! "${UNPRIV_CMD[@]}" coredumpctl info --all "${CORE_TEST_BIN##*/}") +# We should have a couple of externally stored coredumps +"${UNPRIV_CMD[@]}" coredumpctl --field=COREDUMP_FILENAME | tee /tmp/coredumpctl.out +grep "/var/lib/systemd/coredump/core" /tmp/coredumpctl.out +rm -f /tmp/coredumpctl.out + +"${UNPRIV_CMD[@]}" coredumpctl debug --debugger=/bin/true "$CORE_TEST_UNPRIV_BIN" +"${UNPRIV_CMD[@]}" coredumpctl debug --debugger=/bin/true --debugger-arguments="-this --does --not 'do anything' -a -t --all" "${CORE_TEST_UNPRIV_BIN##*/}" + +"${UNPRIV_CMD[@]}" coredumpctl dump "$CORE_TEST_UNPRIV_BIN" >/tmp/core.redirected +test -s /tmp/core.redirected +"${UNPRIV_CMD[@]}" coredumpctl dump -o /tmp/core.output "${CORE_TEST_UNPRIV_BIN##*/}" +test -s /tmp/core.output +rm -f /tmp/core.{output,redirected} +(! "${UNPRIV_CMD[@]}" coredumpctl dump "$CORE_TEST_BIN" >/dev/null) + +# --backtrace mode +# Pass one of the existing journal coredump records to systemd-coredump and +# use our PID as the source to make matching the coredump later easier +# systemd-coredump args: PID UID GID SIGNUM TIMESTAMP CORE_SOFT_RLIMIT HOSTNAME +journalctl -b -n 1 --output=export --output-fields=MESSAGE,COREDUMP COREDUMP_EXE="/usr/bin/test-dump" | + /usr/lib/systemd/systemd-coredump --backtrace $$ 0 0 6 1679509994 12345 mymachine +# Wait a bit for the coredump to get processed +timeout 30 bash -c "while [[ $(coredumpctl list -q --no-legend $$ | wc -l) -eq 0 ]]; do sleep 1; done" +coredumpctl info "$$" +coredumpctl info COREDUMP_HOSTNAME="mymachine" + + +(! coredumpctl --hello-world) +(! coredumpctl -n 0) +(! coredumpctl -n -1) +(! coredumpctl --file=/dev/null) +(! coredumpctl --since=0) +(! coredumpctl --until='') +(! coredumpctl --since=today --until=yesterday) +(! coredumpctl --directory=/ --root=/) +(! coredumpctl --json=foo) +(! coredumpctl -F foo -F bar) +(! coredumpctl list 0) +(! coredumpctl list -- -1) +(! coredumpctl list '') +(! coredumpctl info /../.~=) +(! coredumpctl info '') +(! coredumpctl dump --output=/dev/full "$CORE_TEST_BIN") +(! coredumpctl dump --output=/dev/null --output=/dev/null "$CORE_TEST_BIN") +(! coredumpctl debug --debugger=/bin/false) +(! coredumpctl debug --debugger=/bin/true --debugger-arguments='"') From 43eadd641f5b54736a8582784d8f21981489f981 Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Sat, 25 Mar 2023 12:02:15 +0100 Subject: [PATCH 02/10] test: don't expand the subshell expression prematurely We need to expand the subshell expression during the `bash -c` invocation, not before, to take the desired effect, as now it expands to: timeout 30 bash -c 'while [[ 0 -eq 0 ]]; do sleep 1; done' instead of the expected: timeout 30 bash -c 'while [[ $(coredumpctl list -q --no-legend 770 | wc -l) -eq 0 ]]; do sleep 1; done' Follow-up to aadbd81f7f. (cherry picked from commit 0b189ac84c432a085a1f10139260cec6b5032523) (cherry picked from commit 7a29e19e9b319d330242a7a2e471460449d82b2a) --- test/units/testsuite-74.coredump.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/units/testsuite-74.coredump.sh b/test/units/testsuite-74.coredump.sh index 6a299ecbfb1..3910abe0ec1 100755 --- a/test/units/testsuite-74.coredump.sh +++ b/test/units/testsuite-74.coredump.sh @@ -59,7 +59,7 @@ printf '[Coredump]\nStorage=external' >/run/systemd/coredump.conf.d/99-external. "$MAKE_DUMP_SCRIPT" "$CORE_TEST_BIN" "SIGABRT" rm -fv /run/systemd/coredump.conf.d/99-external.conf # Wait a bit for the coredumps to get processed -timeout 30 bash -c "while [[ $(coredumpctl list -q --no-legend $CORE_TEST_BIN | wc -l) -lt 4 ]]; do sleep 1; done" +timeout 30 bash -c "while [[ \$(coredumpctl list -q --no-legend $CORE_TEST_BIN | wc -l) -lt 4 ]]; do sleep 1; done" coredumpctl SYSTEMD_LOG_LEVEL=debug coredumpctl @@ -116,7 +116,7 @@ printf '[Coredump]\nStorage=external' >/run/systemd/coredump.conf.d/99-external. "${UNPRIV_CMD[@]}" "$MAKE_DUMP_SCRIPT" "$CORE_TEST_UNPRIV_BIN" "SIGABRT" rm -fv /run/systemd/coredump.conf.d/99-external.conf # Wait a bit for the coredumps to get processed -timeout 30 bash -c "while [[ $(coredumpctl list -q --no-legend $CORE_TEST_UNPRIV_BIN | wc -l) -lt 4 ]]; do sleep 1; done" +timeout 30 bash -c "while [[ \$(coredumpctl list -q --no-legend $CORE_TEST_UNPRIV_BIN | wc -l) -lt 4 ]]; do sleep 1; done" # root should see coredumps from both binaries coredumpctl info "$CORE_TEST_UNPRIV_BIN" @@ -149,7 +149,7 @@ rm -f /tmp/core.{output,redirected} journalctl -b -n 1 --output=export --output-fields=MESSAGE,COREDUMP COREDUMP_EXE="/usr/bin/test-dump" | /usr/lib/systemd/systemd-coredump --backtrace $$ 0 0 6 1679509994 12345 mymachine # Wait a bit for the coredump to get processed -timeout 30 bash -c "while [[ $(coredumpctl list -q --no-legend $$ | wc -l) -eq 0 ]]; do sleep 1; done" +timeout 30 bash -c "while [[ \$(coredumpctl list -q --no-legend $$ | wc -l) -eq 0 ]]; do sleep 1; done" coredumpctl info "$$" coredumpctl info COREDUMP_HOSTNAME="mymachine" From 6e26b785637864c54b9173db0714f2c8a331ef31 Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Wed, 26 Apr 2023 14:32:04 +0100 Subject: [PATCH 03/10] test: add coverage for CoredumpFilter=all (cherry picked from commit cf636aa59eb8c848ed04d5b08aac0acf3f6683d9) (cherry picked from commit f54eda9ba242a424f3428fb239fe8421cc3c0a47) --- test/units/testsuite-74.coredump.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/units/testsuite-74.coredump.sh b/test/units/testsuite-74.coredump.sh index 3910abe0ec1..0e5d050f45e 100755 --- a/test/units/testsuite-74.coredump.sh +++ b/test/units/testsuite-74.coredump.sh @@ -153,6 +153,9 @@ timeout 30 bash -c "while [[ \$(coredumpctl list -q --no-legend $$ | wc -l) -eq coredumpctl info "$$" coredumpctl info COREDUMP_HOSTNAME="mymachine" +# This used to cause a stack overflow +systemd-run -t --property CoredumpFilter=all ls /tmp +systemd-run -t --property CoredumpFilter=default ls /tmp (! coredumpctl --hello-world) (! coredumpctl -n 0) From 9a7614a057c78e7892d90b1ba20bc44b150fb03d Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Wed, 24 May 2023 10:31:41 +0900 Subject: [PATCH 04/10] test: rotate journal before storing coredumps Hopefully fixes the failure like https://jenkins-systemd.apps.ocp.cloud.ci.centos.org/job/upstream-vagrant-archlinux-sanitizers/2558/ --- [ 66.708894] testsuite-74.sh[728]: + coredumpctl --json=off [ 66.709344] testsuite-74.sh[826]: TIME PID UID GID SIG COREFILE EXE SIZE [ 66.709773] testsuite-74.sh[826]: Tue 2023-05-23 22:10:17 UTC 739 0 0 SIGTRAP journal /tmp/test-dump - [ 66.711134] testsuite-74.sh[826]: Tue 2023-05-23 22:10:18 UTC 747 0 0 SIGABRT journal /tmp/test-dump - [ 66.711789] testsuite-74.sh[826]: Tue 2023-05-23 22:10:19 UTC 763 0 0 SIGTRAP present /tmp/test-dump 53.5K [ 66.712460] testsuite-74.sh[826]: Tue 2023-05-23 22:10:20 UTC 776 0 0 SIGABRT present /tmp/test-dump 53.3K [ 66.713505] testsuite-74.sh[728]: + coredumpctl --root=/ [ 66.714144] testsuite-74.sh[828]: TIME PID UID GID SIG COREFILE EXE SIZE [ 66.714535] testsuite-74.sh[828]: Tue 2023-05-23 22:10:17 UTC 739 0 0 SIGTRAP journal /tmp/test-dump - [ 66.715208] testsuite-74.sh[828]: Tue 2023-05-23 22:10:18 UTC 747 0 0 SIGABRT journal /tmp/test-dump - [ 66.715907] testsuite-74.sh[828]: Tue 2023-05-23 22:10:19 UTC 763 0 0 SIGTRAP present /tmp/test-dump 53.5K [ 66.716565] testsuite-74.sh[828]: Tue 2023-05-23 22:10:20 UTC 776 0 0 SIGABRT present /tmp/test-dump 53.3K [ 66.717494] testsuite-74.sh[728]: + coredumpctl --directory=/var/log/journal [ 66.718188] testsuite-74.sh[830]: TIME PID UID GID SIG COREFILE EXE SIZE [ 66.882072] testsuite-74.sh[830]: Tue 2023-05-23 22:10:17 UTC 739 0 0 SIGTRAP journal /tmp/test-dump - [ 66.882642] testsuite-74.sh[830]: Tue 2023-05-23 22:10:18 UTC 747 0 0 SIGABRT journal /tmp/test-dump - [ 66.883450] testsuite-74.sh[830]: Tue 2023-05-23 22:10:19 UTC 763 0 0 SIGTRAP present /tmp/test-dump 53.5K [ 66.883944] testsuite-74.sh[830]: Tue 2023-05-23 22:10:20 UTC 776 0 0 SIGABRT present /tmp/test-dump 53.3K [ 66.885448] testsuite-74.sh[728]: + coredumpctl --file=/var/log/journal/2e1ed84be19a4e22adfc99ad849be1f6/system.journal [ 66.885989] testsuite-74.sh[728]: + at_exit [ 66.894162] coredumpctl[833]: No coredumps found. --- (cherry picked from commit 5c4e96c28c4a2193ba0dd459ea3366614f9b262f) (cherry picked from commit c73e99b39f9a70b12f1aa53337b7477e6d3ddc83) --- test/units/testsuite-74.coredump.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/units/testsuite-74.coredump.sh b/test/units/testsuite-74.coredump.sh index 0e5d050f45e..d5039b70f47 100755 --- a/test/units/testsuite-74.coredump.sh +++ b/test/units/testsuite-74.coredump.sh @@ -21,6 +21,9 @@ if systemd-detect-virt -cq; then exit 0 fi +# To make all coredump entries stored in system.journal. +journalctl --rotate + # Check that we're the ones to receive coredumps sysctl kernel.core_pattern | grep systemd-coredump From 4df9d72dae5a1135f8bd842bc99b9b70e169a1bf Mon Sep 17 00:00:00 2001 From: Frantisek Sumsal Date: Fri, 2 Jun 2023 13:24:32 +0200 Subject: [PATCH 05/10] test: sync with the fake binary before killing it MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On faster machines we might be too fast and kill the fake binary during fork() which then makes kernel report a "wrong" binary in the coredump, e.g.: [ 31.408078] testsuite-74.sh[548]: + /tmp/make-dump /tmp/test-dump SIGTRAP [ 31.409720] testsuite-74.sh[560]: + bin=/tmp/test-dump [ 31.409720] testsuite-74.sh[560]: + sig=SIGTRAP [ 31.409720] testsuite-74.sh[560]: + ulimit -c unlimited [ 31.409720] testsuite-74.sh[560]: + pid=561 [ 31.409720] testsuite-74.sh[560]: + sleep 1 [ 31.409720] testsuite-74.sh[560]: + kill -s SIGTRAP 561 [ 31.409720] testsuite-74.sh[560]: + wait 561 [ 31.491757] systemd[1]: Created slice system-systemd\x2dcoredump.slice. [ 31.524488] systemd[1]: Started systemd-coredump@0-563-0.service. [ 31.616372] systemd-coredump[564]: [🡕] Process 561 (make-dump) of user 0 dumped core. Stack trace of thread 561: #0 0x00007ff86bb49af7 _Fork (libc.so.6 + 0xd4af7) #1 0x00007ff86bb4965f __libc_fork (libc.so.6 + 0xd465f) #2 0x000055e88011b0ad make_child (bash + 0x550ad) #3 0x000055e8800fd05f n/a (bash + 0x3705f) #4 0x000055e880100116 execute_command_internal (bash + 0x3a116) #5 0x000055e8801011f2 execute_command_internal (bash + 0x3b1f2) #6 0x000055e8801025b6 execute_command (bash + 0x3c5b6) #7 0x000055e8800f134b reader_loop (bash + 0x2b34b) #8 0x000055e8800e757d main (bash + 0x2157d) #9 0x00007ff86ba98850 n/a (libc.so.6 + 0x23850) #10 0x00007ff86ba9890a __libc_start_main (libc.so.6 + 0x2390a) #11 0x000055e8800e83b5 _start (bash + 0x223b5) ELF object binary architecture: AMD x86-64 [ 31.666617] testsuite-74.sh[560]: /tmp/make-dump: line 12: 561 Trace/breakpoint trap (core dumped) "$bin" infinity ... $ coredumpctl list --file system.journal TIME PID UID GID SIG COREFILE EXE SIZE Fri 2023-06-02 10:42:10 CEST 561 0 0 SIGTRAP journal /usr/bin/bash - Fri 2023-06-02 10:42:11 CEST 570 0 0 SIGABRT journal /tmp/test-dump - Fri 2023-06-02 10:42:12 CEST 582 0 0 SIGTRAP missing /tmp/test-dump - Fri 2023-06-02 10:42:13 CEST 593 0 0 SIGABRT missing /tmp/test-dump - (cherry picked from commit 1326d2dd059132760b40acb7a715ecc9ff08bd35) (cherry picked from commit de5f0a3a76e1b101c39ffa9f8cf82fb389d1edcd) --- test/units/testsuite-74.coredump.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/test/units/testsuite-74.coredump.sh b/test/units/testsuite-74.coredump.sh index d5039b70f47..d30fd737172 100755 --- a/test/units/testsuite-74.coredump.sh +++ b/test/units/testsuite-74.coredump.sh @@ -42,7 +42,17 @@ sig="${2:?}" ulimit -c unlimited "$bin" infinity & pid=$! -sleep 1 +# Sync with the "fake" binary, so we kill it once it's fully forked off, +# otherwise we might kill it during fork and kernel would then report +# "wrong" binary name (i.e. $MAKE_DUMP_SCRIPT instead of $CORE_TEST_BIN). +# In this case, wait until the "fake" binary (sleep in this case) enters +# the "interruptible sleep" state, at which point it should be ready +# to be sacrificed. +for _ in {0..9}; do + read -ra self_stat <"/proc/$pid/stat" + [[ "${self_stat[2]}" == S ]] && break + sleep .5 +done kill -s "$sig" "$pid" # This should always fail ! wait "$pid" From cfbe69884e0116176ca34df38521115f1c4becbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 29 Apr 2025 14:47:59 +0200 Subject: [PATCH 06/10] coredump: restore compatibility with older patterns This was broken in f45b8015513d38ee5f7cc361db9c5b88c9aae704. Unfortunately the review does not talk about backward compatibility at all. There are two places where it matters: - During upgrades, the replacement of kernel.core_pattern is asynchronous. For example, during rpm upgrades, it would be updated a post-transaction file trigger. In other scenarios, the update might only happen after reboot. We have a potentially long window where the old pattern is in place. We need to capture coredumps during upgrades too. - With --backtrace. The interface of --backtrace, in hindsight, is not great. But there are users of --backtrace which were written to use a specific set of arguments, and we can't just break compatiblity. One example is systemd-coredump-python, but there are also reports of users using --backtrace to generate coredump logs. Thus, we require the original set of args, and will use the additional args if found. A test is added to verify that --backtrace works with and without the optional args. (cherry picked from commit ded0aac389e647d35bce7ec4a48e718d77c0435b) (cherry picked from commit f9b8b75c11bba9b63096904be98cc529c304eb97) (cherry picked from commit 385a33b043406ad79a7207f3906c3b15192a3333) (cherry picked from commit c6f79626b6d175c6a5b62b8c5d957a83eb882301) (cherry picked from commit 9f02346d50e33c24acf879ce4dd5937d56473325) (cherry picked from commit ac0aa5d1fdc21db1ef035fce562cb6fc8602b544) --- src/coredump/coredump.c | 21 ++++++++++++++------- test/units/testsuite-74.coredump.sh | 18 +++++++++++------- 2 files changed, 25 insertions(+), 14 deletions(-) diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index b64d487e142..b2d5197bab9 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -92,8 +92,12 @@ enum { META_ARGV_SIGNAL, /* %s: number of signal causing dump */ META_ARGV_TIMESTAMP, /* %t: time of dump, expressed as seconds since the Epoch (we expand this to µs granularity) */ META_ARGV_RLIMIT, /* %c: core file size soft resource limit */ - META_ARGV_HOSTNAME, /* %h: hostname */ + _META_ARGV_REQUIRED, + /* The fields below were added to kernel/core_pattern at later points, so they might be missing. */ + META_ARGV_HOSTNAME = _META_ARGV_REQUIRED, /* %h: hostname */ _META_ARGV_MAX, + /* If new fields are added, they should be added here, to maintain compatibility + * with callers which don't know about the new fields. */ /* The following indexes are cached for a couple of special fields we use (and * thereby need to be retrieved quickly) for naming coredump files, and attaching @@ -104,7 +108,7 @@ enum { _META_MANDATORY_MAX, /* The rest are similar to the previous ones except that we won't fail if one of - * them is missing. */ + * them is missing in a message sent over the socket. */ META_EXE = _META_MANDATORY_MAX, META_UNIT, @@ -1282,14 +1286,17 @@ static int gather_pid_metadata_from_argv( char *t; /* We gather all metadata that were passed via argv[] into an array of iovecs that - * we'll forward to the socket unit */ + * we'll forward to the socket unit. + * + * We require at least _META_ARGV_REQUIRED args, but will accept more. + * We know how to parse _META_ARGV_MAX args. The rest will be ignored. */ - if (argc < _META_ARGV_MAX) + if (argc < _META_ARGV_REQUIRED) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), - "Not enough arguments passed by the kernel (%i, expected %i).", - argc, _META_ARGV_MAX); + "Not enough arguments passed by the kernel (%i, expected between %i and %i).", + argc, _META_ARGV_REQUIRED, _META_ARGV_MAX); - for (int i = 0; i < _META_ARGV_MAX; i++) { + for (int i = 0; i < MIN(argc, _META_ARGV_MAX); i++) { t = argv[i]; diff --git a/test/units/testsuite-74.coredump.sh b/test/units/testsuite-74.coredump.sh index d30fd737172..6a89cbf208d 100755 --- a/test/units/testsuite-74.coredump.sh +++ b/test/units/testsuite-74.coredump.sh @@ -156,14 +156,18 @@ rm -f /tmp/core.{output,redirected} (! "${UNPRIV_CMD[@]}" coredumpctl dump "$CORE_TEST_BIN" >/dev/null) # --backtrace mode -# Pass one of the existing journal coredump records to systemd-coredump and -# use our PID as the source to make matching the coredump later easier -# systemd-coredump args: PID UID GID SIGNUM TIMESTAMP CORE_SOFT_RLIMIT HOSTNAME +# Pass one of the existing journal coredump records to systemd-coredump. +# Use our PID as the source to be able to create a PIDFD and to make matching easier. +# systemd-coredump args: PID UID GID SIGNUM TIMESTAMP CORE_SOFT_RLIMIT [HOSTNAME] journalctl -b -n 1 --output=export --output-fields=MESSAGE,COREDUMP COREDUMP_EXE="/usr/bin/test-dump" | - /usr/lib/systemd/systemd-coredump --backtrace $$ 0 0 6 1679509994 12345 mymachine -# Wait a bit for the coredump to get processed -timeout 30 bash -c "while [[ \$(coredumpctl list -q --no-legend $$ | wc -l) -eq 0 ]]; do sleep 1; done" -coredumpctl info "$$" + /usr/lib/systemd/systemd-coredump --backtrace $$ 0 0 6 1679509900 12345 +journalctl -b -n 1 --output=export --output-fields=MESSAGE,COREDUMP COREDUMP_EXE="/usr/bin/test-dump" | + /usr/lib/systemd/systemd-coredump --backtrace $$ 0 0 6 1679509901 12345 mymachine +# Wait a bit for the coredumps to get processed +timeout 30 bash -c "while [[ \$(coredumpctl list -q --no-legend $$ | wc -l) -lt 2 ]]; do sleep 1; done" +coredumpctl info $$ +coredumpctl info COREDUMP_TIMESTAMP=1679509900000000 +coredumpctl info COREDUMP_TIMESTAMP=1679509901000000 coredumpctl info COREDUMP_HOSTNAME="mymachine" # This used to cause a stack overflow From b03e81721e286c2cd99455fddfd7abca1a55d60f Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Fri, 9 May 2025 16:33:12 +0900 Subject: [PATCH 07/10] TEST-73-LOCALE: skip lv keymap and friends The following failure should be in libxkbcommon and/or sanitizer. There is nothing we can do here. Let's skip it. ``` TEST-73-LOCALE.sh[3733]: + assert_rc 0 localectl set-keymap lv TEST-73-LOCALE.sh[6699]: + set +ex TEST-73-LOCALE.sh[6700]: Failed to set keymap: Remote peer disconnected TEST-73-LOCALE.sh[6703]: FAIL: expected: '0' actual: '1' TEST-73-LOCALE.sh[157]: + rm -f /etc/dbus-1/system.d/systemd-localed-read-only.conf [FAILED] Failed to start TEST-73-LOCALE.service - TEST-73-LOCALE. ``` ``` ==3719==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7fa51f161000 at pc 0x7fa521250be4 bp 0x7ffe49130a80 sp 0x7ffe49130240 READ of size 19126 at 0x7fa51f161000 thread T0 #0 0x7fa521250be3 in strndup (/usr/lib/clang/20/lib/x86_64-redhat-linux-gnu/libclang_rt.asan.so+0x50be3) (BuildId: aa6231e817f72469c44a6c6cee9f0694a87db7fb) #1 0x7fa51f128325 (/lib64/libxkbcommon.so.0+0x1c325) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #2 0x7fa51f121952 (/lib64/libxkbcommon.so.0+0x15952) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #3 0x7fa51f123d3a (/lib64/libxkbcommon.so.0+0x17d3a) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #4 0x7fa51f117c86 (/lib64/libxkbcommon.so.0+0xbc86) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #5 0x7fa51f12548f (/lib64/libxkbcommon.so.0+0x1948f) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #6 0x7fa51f125c9e (/lib64/libxkbcommon.so.0+0x19c9e) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #7 0x7fa51f126a59 (/lib64/libxkbcommon.so.0+0x1aa59) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #8 0x7fa51f12cec6 (/lib64/libxkbcommon.so.0+0x20ec6) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #9 0x7fa51f12e3c2 (/lib64/libxkbcommon.so.0+0x223c2) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #10 0x7fa51f12a4e5 in xkb_keymap_new_from_names (/lib64/libxkbcommon.so.0+0x1e4e5) (BuildId: 72e8cb985db37963272d140f7b2aee551c465ff5) #11 0x5574dd63f864 in verify_xkb_rmlvo /usr/src/debug/systemd/src/locale/xkbcommon-util.c:69:14 (snip) ``` (cherry picked from commit 18609909d93a4d17e962b47e51fffe38845e99f5) (cherry picked from commit 5d7d60b8dd01282adbe89084b479a51aaff4cf47) (cherry picked from commit 0c27a6f4b40d0e888cd93aa6120e379c88b8e0c4) (cherry picked from commit 630ed0c464dc90519a3dff945ddf7f63f4a51633) (cherry picked from commit 7b1259f93eee15cc43a7bfe3b26cee40ab7d6256) (cherry picked from commit 98a17ffee94d490834652f0e88f9a7ceabb46bae) --- test/units/testsuite-73.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/test/units/testsuite-73.sh b/test/units/testsuite-73.sh index a5d801e937e..3ed0bcdf2ec 100755 --- a/test/units/testsuite-73.sh +++ b/test/units/testsuite-73.sh @@ -243,6 +243,10 @@ test_vc_keymap() { rm -f /etc/X11/xorg.conf.d/00-keyboard.conf /etc/default/keyboard # set VC keymap + + # Skip lv keymap and friends, otherwise the sanitizer detects heap-buffer-overflow in libxkbcommon. + [[ "$i" =~ ^lv ]] && continue + assert_rc 0 localectl set-keymap "$i" output=$(localectl) From 802eb772d5738450469f667da6f7f7a877221e96 Mon Sep 17 00:00:00 2001 From: TheHillBright <150074496+TheHillBright@users.noreply.github.com> Date: Wed, 21 May 2025 18:38:12 +0800 Subject: [PATCH 08/10] journald: clarify doc for usage-related values cap (#37528) The old description makes users wrongly assume that the cap of 4G applied, even when the user specifies a value that will result in higher than 4G. This commit avoids this misunderstanding. (cherry picked from commit 33084145315029775748a89da836465783d65bb3) (cherry picked from commit 137d765b2d01dc93a0ec182654ddf4b9b4114bcf) (cherry picked from commit a7490f121fbecf34d2201d40c238073e1263009c) (cherry picked from commit ceb2d2e3c4d38c284869718db2c33bd227589c1f) (cherry picked from commit f278684aceeb05cfa49d2412e98a21c64d26c851) (cherry picked from commit 5756dc6fcc225a65debcc26a6bd2be563fac09ab) --- man/journald.conf.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/man/journald.conf.xml b/man/journald.conf.xml index 2db6a0f83e3..f3c9d9ce5ca 100644 --- a/man/journald.conf.xml +++ b/man/journald.conf.xml @@ -257,7 +257,7 @@ and use the smaller of the two values. The first pair defaults to 10% and the second to 15% of - the size of the respective file system, but each value is + the size of the respective file system, but each of the calculated default values is capped to 4G. If the file system is nearly full and either SystemKeepFree= or RuntimeKeepFree= are violated when From 1b5106664cc32458beb97bc4715229e2d20d117d Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 23 May 2025 12:15:45 +0200 Subject: [PATCH 09/10] homed: generate proper error if we cannot create mountpoint for homedir Let's make this easier to debug. (When this failed for me due to disk full it took me a bit to figure out what was going on.) (cherry picked from commit 5b759bf5fd3a915a5b4756590caff7faf43a9693) (cherry picked from commit 8158c87c36d5725818a2a9cda4270b8839553f86) (cherry picked from commit 6d33cf046a2064dd11ca9a1ee6d8f2d2356f4f10) (cherry picked from commit 756d41dac616e72e45a2b19b24305277c5efbd1f) (cherry picked from commit 8e901fe1f0e23840b717a55429fead996821985c) (cherry picked from commit 7f431d7c7cb6277cbf092f16b8032f73d449e8fd) --- src/home/homework-mount.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/home/homework-mount.c b/src/home/homework-mount.c index cd03f79a739..ced6bd42c8e 100644 --- a/src/home/homework-mount.c +++ b/src/home/homework-mount.c @@ -142,7 +142,9 @@ int home_move_mount(const char *mount_suffix, const char *target) { } else d = HOME_RUNTIME_WORK_DIR; - (void) mkdir_p(target, 0700); + r = mkdir_p(target, 0700); + if (r < 0) + return log_error_errno(r, "Failed to create directory '%s': %m", target); r = mount_nofollow_verbose(LOG_ERR, d, target, NULL, MS_BIND, NULL); if (r < 0) From cae797ec813b701b0e973a24216ea084834f96ed Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Tue, 27 May 2025 14:56:32 +0100 Subject: [PATCH 10/10] test: fix test_qdisc_tbf regex with iproute2 v6.15 iproute2 v6.15 fixed some rounding errors in the reported stats: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=d947f365602b30657d1b797e7464000d0ab88d5a so the current regex doesn't work anymore. Fix it to check for both old and new values. systemd-networkd-tests.py[523]: FAIL: test_qdisc_tbf (__main__.NetworkdTCTests.test_qdisc_tbf) systemd-networkd-tests.py[523]: ---------------------------------------------------------------------- systemd-networkd-tests.py[523]: Traceback (most recent call last): systemd-networkd-tests.py[523]: File "/usr/lib/systemd/tests/testdata/test-network/systemd-networkd-tests.py", line 5402, in test_qdisc_tbf systemd-networkd-tests.py[523]: self.assertRegex(output, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms') systemd-networkd-tests.py[523]: ~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ systemd-networkd-tests.py[523]: AssertionError: Regex didn't match: 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms' not found in 'qdisc tbf 35: root refcnt 2 rate 1Gbit burst 5000b peakrate 100Gbit minburst 999200b lat 70ms \nqdisc pfifo 37: parent 35: limit 100000p' (cherry picked from commit f9a85b74903f5588d08f54ea7d9b53edc639b824) (cherry picked from commit 6e67969b10d111177f72a53f9f7158bf9f14d2a3) (cherry picked from commit 587f84aad9628733d31a9be0ce78f43ba3e1c3d6) (cherry picked from commit 3d68612d164fc524415560eaf44e626b1458bc0b) (cherry picked from commit ad6db744ab059411e9b3873751ee55a92ca013c4) (cherry picked from commit f52d79565e7c61840a0d7eb0f942f869037daa8f) --- test/test-network/systemd-networkd-tests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/test-network/systemd-networkd-tests.py b/test/test-network/systemd-networkd-tests.py index 1c7dedc2090..9d9086b8866 100755 --- a/test/test-network/systemd-networkd-tests.py +++ b/test/test-network/systemd-networkd-tests.py @@ -3772,7 +3772,7 @@ def test_qdisc_tbf(self): output = check_output('tc qdisc show dev dummy98') print(output) self.assertRegex(output, 'qdisc tbf 35: root') - self.assertRegex(output, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst 987500b lat 70(.0)?ms') + self.assertRegex(output, 'rate 1Gbit burst 5000b peakrate 100Gbit minburst (987500b|999200b) lat 70(.0)?ms') @expectedFailureIfModuleIsNotAvailable('sch_teql') def test_qdisc_teql(self):