Devilish Spirits [Wed, 29 Jan 2025 20:54:27 +0000 (21:54 +0100)]
Fix inversion of timesyncd_usec/epoch_usec variables in clock-warp.c
In clock_apply_epoch() function, the /usr/lib/clock-epoch timestamp was set to timesyncd_usec instead of epoch_usec and vice-versa which produced a misleading log message about the clock source systemd used for early clock sanitization. This trivial commit fix the mistake.
Adam Williamson [Fri, 10 Jan 2025 21:01:47 +0000 (13:01 -0800)]
kbd-model-map: add a georgian mapping
https://github.com/legionus/kbd/pull/127 adds a Georgian mapping
to kbd. console-setup already has one. Let's support it here, so
it's used for Georgian installs on distros that use this table.
Yu Watanabe [Wed, 15 Jan 2025 16:29:04 +0000 (01:29 +0900)]
random-util: fix compilation error
Fixes the following error:
```
../src/basic/random-util.c: In function "fallback_random_bytes":
../src/basic/random-util.c:45:26: error: initializer-string for array of "char" is too long [-Werror=unterminated-string-initialization]
45 | .label = "systemd fallback random bytes v1",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
```
Luca Boccassi [Fri, 24 Jan 2025 23:37:33 +0000 (23:37 +0000)]
man: fix reference to non-existing ukify parameter
The --extend parameter was removed by https://github.com/systemd/systemd/pull/34608
and a --join-profile was added instead, fix leftover reference in manpage
Yu Watanabe [Fri, 24 Jan 2025 19:05:51 +0000 (04:05 +0900)]
machine: revert type change of "leader" in io.systemd.Machine.Register method
The varlink method io.systemd.Machine.Register() is in v256, hence type
of "leader" cannot be changed.
Let's revert the change by 755cb018c9b3e93245afb86ec94223756ddd70e4, and
introduce another field "leaderProcessId", which takes detailed information
of the process.
The commit reworked job merging logic so that reload jobs
won't get merged. However, they might get dropped from
transaction due to being deemed redundant, i.e. way before
it even hits job_install(). Let's make sure reload jobs
are always kept during transaction construction stage, too.
The documentation and code agree on the same name, since always, but
when I put together the IDL I made a mistake and insert a "Not" that
wasn't supposed to be there.
We were missing one service result (oom-kill), and the ratelimit one is
called differently. Correct that so that we generate proper log messages
for these cases.
Luca Boccassi [Fri, 10 Jan 2025 21:02:55 +0000 (21:02 +0000)]
stub: drop PE sections parsing cap
This was added originally as it was thought that Windows applied
the same cap. Nowadays the specs do not mention it, and it is
believed Windows no longer applies it either, so drop it in order
to allow an arbitrary number of DTBs to be included
Yu Watanabe [Mon, 6 Jan 2025 08:26:52 +0000 (17:26 +0900)]
core/device: do not drop backslashes in SYSTEMD_WANTS=/SYSTEMD_USER_WANTS=
Let consider the following udev rules:
===
PROGRAM="/usr/bin/systemd-escape foo-bar-baz", ENV{SYSTEMD_WANTS}+="test1@$result.service"
PROGRAM="/usr/bin/systemd-escape aaa-bbb-ccc", ENV{SYSTEMD_WANTS}+="test2@$result.service"
===
Then, a device expectedly gains a property:
===
SYSTEMD_WANTS=test1@foo\x2dbar\x2dbaz.service test2@aaa\x2dbbb\x2dccc.service
===
After the event being processed by udevd, PID1 processes the device, the
property previously was parsed with extract_first_word(EXTRACT_UNQUOTE),
then the device unit gained the following dependencies:
===
Wants=test1@foox2dbarx2dbaz.service test2@aaax2dbbbx2dccc.service
===
So both '%i' and '%I' for the template services did not match with the original
data, and it was hard to use systemd-escape in PROGRAM= udev rule token.
This makes the property parsed with extract_first_word(EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE),
hence the device unit now gains the following dependencies:
===
Wants=test1@foo\x2dbar\x2dbaz.service test2@aaa\x2dbbb\x2dccc.service
===
and '%I' for the template services match with the original data.
wrvsrx [Sat, 7 Dec 2024 02:32:15 +0000 (10:32 +0800)]
efivars: deal with uncommitted efi variables
Unfortunately kernel reports EOF if there's an inconsistency between efivarfs var list
and what's actually stored in firmware, c.f. #34304. A zero size env var is not allowed in
efi and hence the variable doesn't really exist in the backing store as long as it is zero
sized, and the kernel calls this "uncommitted". Hence we translate EOF back to ENOENT here,
as with kernel behavior before
https://github.com/torvalds/linux/commit/3fab70c165795431f00ddf9be8b84ddd07bd1f8f
If the kernel changes behaviour (to flush dentries on resume), we can drop
this at some point in the future. But note that the commit is 11
years old at this point so we'll need to deal with the current behaviour for
a long time.
Daan De Meyer [Fri, 24 Jan 2025 16:28:15 +0000 (17:28 +0100)]
HACKING: Move OBS section further down
HACKING.md should first and foremost tell someone how to hack on
systemd, installing packages from OBS isn't the most likely section
a new contributor will be interested in, so let's move it further
down.
Daan De Meyer [Fri, 24 Jan 2025 09:54:51 +0000 (10:54 +0100)]
mkosi: Drop usage of _systemd_QUIET in arch build script
We dropped the variable in the packaging specs for Arch to keep the
integration points as minimal as possible so let's stop using it in
the build script as well.
Daan De Meyer [Wed, 22 Jan 2025 14:58:13 +0000 (15:58 +0100)]
mkosi: Update to latest
With the latest mkosi, mkosi takes care of making sure it is
available within mkosi sandbox so we get rid of all the --preserve-env=
options when we invoke mkosi sandbox with sudo as these are not
required anymore. It also doesn't matter anymore if mkosi is installed
in /usr on the host so we get rid of the documentation around that as
well.
Daan De Meyer [Wed, 22 Jan 2025 21:24:36 +0000 (22:24 +0100)]
mkosi: Run two more mkosi commands with sudo
Running some mkosi commands as root and other not can lead to cache
invalidations with the latest version, so make sure we run everything
as root after we've built the tools tree.
Daan De Meyer [Wed, 22 Jan 2025 13:55:45 +0000 (14:55 +0100)]
test: Make sure we run lcov from the meson source directory
In ac75c5192797082c1965ab30be4711490f2937bc, we accidentally changed
the working directory that the tools executed in the wrapper script
are invoked in. This broke our invocations of lcov. Let's explicitly
run those in the meson source directory again to fix the coverage
workflow.
Daan De Meyer [Tue, 21 Jan 2025 12:48:13 +0000 (13:48 +0100)]
TEST-74-AUX-UTILS: Move run0 pcrlock test to TEST-70-TPM
On CentOS Stream 9/10 booting mkosi qemu with --firmware=linux doesn't
add the virtual TPM to the virtual machine which means TEST-74-AUX-UTILS.run.sh
fails because it requires a TPM.
Let's move the systemd-pcrlock logic that requires a TPM to
TEST-70-TPM.pcrlock to avoid the problem.
Daan De Meyer [Mon, 20 Jan 2025 12:57:02 +0000 (13:57 +0100)]
mkosi: Run more commands as root
zypper has some new rather questionable userspace level permission
checking that blows ups completely when operating as root on an
cache directory owned by a non-root user, so let's build the tools
tree and set up meson as root to avoid the issue.
(https://github.com/openSUSE/libzypp/issues/603)
Also drop a leftover debug message from coverage.yml while we're at
it.
Daan De Meyer [Wed, 15 Jan 2025 11:58:36 +0000 (12:58 +0100)]
ci: Stop archiving packages
This takes up a lot of storage space and we're almost hitting the
limit so since nobody's actually using these and we just started
doing nightly builds in OBS, let's drop this and point people towards
OBS for nightly packages in the future.
Daan De Meyer [Wed, 15 Jan 2025 09:21:33 +0000 (10:21 +0100)]
test: Drop sandbox() from integration test wrapper
With the latest changes, this is not required anymore as mkosi sandbox
will set up the proper $PATH to make sure the executables from the build
directory are used.
Daan De Meyer [Tue, 14 Jan 2025 15:05:33 +0000 (16:05 +0100)]
man: Clarify systemd-notify and sd_notify() PID documentation
Let's clarify more explicitly that privileged calls to
systemd-notify --pid= and sd_pid_notify() effectively override any
configured NotifyAccess=main|exec for a service.
Daan De Meyer [Tue, 14 Jan 2025 12:53:26 +0000 (13:53 +0100)]
mkosi: Install libxslt on CentOS/Fedora instead of xsltproc
Same package, but xsltproc is a very recently introduced Provides
for libxslt, and isn't available on CentOS Stream 9, so let's install
the package directly instead.
Daan De Meyer [Fri, 10 Jan 2025 14:26:54 +0000 (15:26 +0100)]
fmf: Use different heuristic on beefy systems
If we save journals in /tmp, we can run a larger number of tests in
parallel so let's make use of the larger number of CPUs if the tests
run on a beefy machine.
Daan De Meyer [Fri, 10 Jan 2025 13:51:24 +0000 (14:51 +0100)]
test: Move StateDirectory= directive into dropin
The integration-test-setup calls require StateDirectory= but some
tests override the test unit used which then won't have StateDirectory=
so let's move StateDirectory= into the dropin as well to avoid this
issue.
Daan De Meyer [Fri, 10 Jan 2025 13:27:33 +0000 (14:27 +0100)]
test: Add option to save in progress test journals to /tmp
The journal isn't the best at being fast, especially when writing
to disk and not to memory, which can cause integration tests to
grind to a halt on beefy systems due to all the systemd-journal-remote
instances not being able to write journal entries to disk fast enough.
Let's introduce an option to allow writing in progress test journals
to use /tmp which can be used on beefy systems with lots of memory to
speed things up.
Daan De Meyer [Thu, 9 Jan 2025 10:28:15 +0000 (11:28 +0100)]
test: Only plug in integration-test-setup.sh in interactive mode
If we're not running interactively, there's no point in the features
from integration-test-setup.sh which are intended for interactive
development and debugging so lets skip adding it in that case.
Daan De Meyer [Wed, 8 Jan 2025 12:31:11 +0000 (13:31 +0100)]
TEST-06-SELINUX: Add knob to allow checking for AVCs
When running the integration tests downstream, it's useful to be
able to test that a new systemd version doesn't introduce any AVC
denials, so let's add a knob to make that possible.
Luca Boccassi [Tue, 7 Jan 2025 00:40:02 +0000 (00:40 +0000)]
obs: also trigger Fedora package builds
The package is logistically separated, as the rpm sources conflict from Fedora
conflict with the rpm sources from SUSE (some files have the same name and
location but different, incompatible content), so Fedora builds can't be
triggered from the same package. The result is the same.
Daan De Meyer [Tue, 7 Jan 2025 15:25:03 +0000 (16:25 +0100)]
Revert "mkosi: Fix opensuse build"
The commit that changes the name from README.testsuite to README.md
was never backported (and shouldn't as it would break opensuse's spec)
so revert the corresponding change in the mkosi opensuse build script.
Luca Boccassi [Sun, 22 Dec 2024 13:31:36 +0000 (13:31 +0000)]
test: answer 2nd mdadm --create question for compat with new version
New version of mdadm now asks a second question, so send 'y' twice
to it in the test scripts
[ 5.253483] TEST-64-UDEV-STORAGE.sh[684]: + echo y
[ 5.254412] TEST-64-UDEV-STORAGE.sh[685]: + mdadm --create /dev/md/mdmirror --name mdmirror --uuid aaaaaaaa:bbbbbbbb:cccccccc:00000001 /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadm0 /dev/disk/by-id/scsi-0systemd_foobar_deadbeefmdadm1 -v -f --level=1 --raid-devices=2
[ 5.254759] TEST-64-UDEV-STORAGE.sh[685]: To optimalize recovery speed, it is recommended to enable write-indent bitmap, do you want to enable it now? [y/N]? mdadm: Note: this array has metadata at the start and
[ 5.255085] TEST-64-UDEV-STORAGE.sh[685]: may not be suitable as a boot device. If you plan to
[ 5.255418] TEST-64-UDEV-STORAGE.sh[685]: store '/boot' on this device please ensure that
[ 5.255745] TEST-64-UDEV-STORAGE.sh[685]: your boot-loader understands md/v1.x metadata, or use
[ 5.256285] TEST-64-UDEV-STORAGE.sh[685]: --metadata=0.90
[ 5.256672] TEST-64-UDEV-STORAGE.sh[685]: mdadm: size set to 64512K
[ 5.257063] TEST-64-UDEV-STORAGE.sh[685]: Continue creating array [y/N]? mdadm: create aborted.
This is backward compatible with the older version that asks just one
question
Luca Boccassi [Fri, 27 Dec 2024 15:06:39 +0000 (15:06 +0000)]
creds: fix use-after-free in varlink interface
All other usages of sd_varlink_call* do not free the json return parameter,
and it is owned by the varlink object instead. Do the same here.
TEST-54-CREDS.sh[1074]: ==1074==ERROR: AddressSanitizer: heap-use-after-free on address 0x50c00000095a at pc 0x55cf8cd18a0f bp 0x7ffd7b9d4f10 sp 0x7ffd7b9d4f08
TEST-54-CREDS.sh[1074]: READ of size 2 at 0x50c00000095a thread T0 ((sd-mkdcreds))
TEST-54-CREDS.sh[1074]: #0 0x55cf8cd18a0e in sd_json_variant_unref /usr/src/debug/systemd/src/libsystemd/sd-json/sd-json.c:887:16
TEST-54-CREDS.sh[1074]: #1 0x55cf8cd4cecb in varlink_clear_current /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:593:22
TEST-54-CREDS.sh[1074]: #2 0x55cf8cd4975e in varlink_clear /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:614:9
TEST-54-CREDS.sh[1074]: #3 0x55cf8cd3dc3c in varlink_destroy /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:651:9
TEST-54-CREDS.sh[1074]: #4 0x55cf8cd3dc3c in sd_varlink_unref /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:657:1
TEST-54-CREDS.sh[1074]: #5 0x55cf8cb47a82 in sd_varlink_unrefp /usr/src/debug/systemd/src/systemd/sd-varlink.h:279:1
TEST-54-CREDS.sh[1074]: #6 0x55cf8cb47a82 in ipc_decrypt_credential /usr/src/debug/systemd/src/shared/creds-util.c:1660:1
TEST-54-CREDS.sh[1074]: #7 0x55cf8caca99a in maybe_decrypt_and_write_credential /usr/src/debug/systemd/src/core/exec-credential.c:486:29
TEST-54-CREDS.sh[1074]: #8 0x55cf8cac790b in load_credential /usr/src/debug/systemd/src/core/exec-credential.c:713:16
TEST-54-CREDS.sh[1074]: #9 0x55cf8cac5403 in acquire_credentials /usr/src/debug/systemd/src/core/exec-credential.c:819:29
TEST-54-CREDS.sh[1074]: #10 0x55cf8cac5403 in setup_credentials_internal /usr/src/debug/systemd/src/core/exec-credential.c:1023:13
TEST-54-CREDS.sh[1074]: #11 0x55cf8cac42d4 in exec_setup_credentials /usr/src/debug/systemd/src/core/exec-credential.c:1168:21
TEST-54-CREDS.sh[1074]: #12 0x55cf8ca59569 in exec_invoke /usr/src/debug/systemd/src/core/exec-invoke.c:4866:13
TEST-54-CREDS.sh[1074]: #13 0x55cf8ca428d8 in run /usr/src/debug/systemd/src/core/executor.c:244:13
TEST-54-CREDS.sh[1074]: #14 0x55cf8ca428d8 in main /usr/src/debug/systemd/src/core/executor.c:275:13
TEST-54-CREDS.sh[1074]: #15 0x7f64b40110c7 in __libc_start_call_main (/lib64/libc.so.6+0x40c7) (BuildId: 159846287d47eef88f2a478f59803f6e8fc81d05)
TEST-54-CREDS.sh[1074]: #16 0x7f64b401118a in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x418a) (BuildId: 159846287d47eef88f2a478f59803f6e8fc81d05)
TEST-54-CREDS.sh[1074]: #17 0x55cf8ca41cb4 (/usr/lib/systemd/systemd-executor+0x124cb4) (BuildId: 24f2b1608c3aaee3226cdd14fa2b6e6741156222)
TEST-54-CREDS.sh[1074]: 0x50c00000095a is located 26 bytes inside of 120-byte region [0x50c000000940,0x50c0000009b8)
TEST-54-CREDS.sh[1074]: freed by thread T0 ((sd-mkdcreds)) here:
TEST-54-CREDS.sh[1074]: #0 0x7f64b48d57ea in free (/usr/lib/clang/19/lib/x86_64-redhat-linux-gnu/libclang_rt.asan.so+0xd57ea) (BuildId: c59bbd28ceb74038a60373d4a8cd4c258bcf0b4e)
TEST-54-CREDS.sh[1074]: #1 0x55cf8cd188ab in sd_json_variant_unref /usr/src/debug/systemd/src/libsystemd/sd-json/sd-json.c:895:25
TEST-54-CREDS.sh[1074]: #2 0x55cf8cb47a4c in sd_json_variant_unrefp /usr/src/debug/systemd/src/systemd/sd-json.h:98:1
TEST-54-CREDS.sh[1074]: #3 0x55cf8cb47a4c in ipc_decrypt_credential /usr/src/debug/systemd/src/shared/creds-util.c:1660:1
TEST-54-CREDS.sh[1074]: #4 0x55cf8caca99a in maybe_decrypt_and_write_credential /usr/src/debug/systemd/src/core/exec-credential.c:486:29
TEST-54-CREDS.sh[1074]: #5 0x55cf8cac790b in load_credential /usr/src/debug/systemd/src/core/exec-credential.c:713:16
TEST-54-CREDS.sh[1074]: #6 0x55cf8cac5403 in acquire_credentials /usr/src/debug/systemd/src/core/exec-credential.c:819:29
TEST-54-CREDS.sh[1074]: #7 0x55cf8cac5403 in setup_credentials_internal /usr/src/debug/systemd/src/core/exec-credential.c:1023:13
TEST-54-CREDS.sh[1074]: #8 0x55cf8cac42d4 in exec_setup_credentials /usr/src/debug/systemd/src/core/exec-credential.c:1168:21
TEST-54-CREDS.sh[1074]: #9 0x55cf8ca59569 in exec_invoke /usr/src/debug/systemd/src/core/exec-invoke.c:4866:13
TEST-54-CREDS.sh[1074]: #10 0x55cf8ca428d8 in run /usr/src/debug/systemd/src/core/executor.c:244:13
TEST-54-CREDS.sh[1074]: #11 0x55cf8ca428d8 in main /usr/src/debug/systemd/src/core/executor.c:275:13
TEST-54-CREDS.sh[1074]: #12 0x7f64b40110c7 in __libc_start_call_main (/lib64/libc.so.6+0x40c7) (BuildId: 159846287d47eef88f2a478f59803f6e8fc81d05)
TEST-54-CREDS.sh[1074]: #13 0x7f64b401118a in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x418a) (BuildId: 159846287d47eef88f2a478f59803f6e8fc81d05)
TEST-54-CREDS.sh[1074]: #14 0x55cf8ca41cb4 (/usr/lib/systemd/systemd-executor+0x124cb4) (BuildId: 24f2b1608c3aaee3226cdd14fa2b6e6741156222)
TEST-54-CREDS.sh[1074]: previously allocated by thread T0 ((sd-mkdcreds)) here:
TEST-54-CREDS.sh[1074]: #0 0x7f64b48d5a83 in malloc (/usr/lib/clang/19/lib/x86_64-redhat-linux-gnu/libclang_rt.asan.so+0xd5a83) (BuildId: c59bbd28ceb74038a60373d4a8cd4c258bcf0b4e)
TEST-54-CREDS.sh[1074]: #1 0x55cf8cd16bb7 in malloc_multiply /usr/src/debug/systemd/src/basic/alloc-util.h:119:16
TEST-54-CREDS.sh[1074]: #2 0x55cf8cd16bb7 in sd_json_variant_new_object /usr/src/debug/systemd/src/libsystemd/sd-json/sd-json.c:737:13
TEST-54-CREDS.sh[1074]: #3 0x55cf8cd32e58 in json_parse_internal /usr/src/debug/systemd/src/libsystemd/sd-json/sd-json.c:3161:29
TEST-54-CREDS.sh[1074]: #4 0x55cf8cd37326 in sd_json_parse_with_source /usr/src/debug/systemd/src/libsystemd/sd-json/sd-json.c:3408:16
TEST-54-CREDS.sh[1074]: #5 0x55cf8cd37326 in sd_json_parse /usr/src/debug/systemd/src/libsystemd/sd-json/sd-json.c:3437:16
TEST-54-CREDS.sh[1074]: #6 0x55cf8cd3f753 in varlink_parse_message /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:962:13
TEST-54-CREDS.sh[1074]: #7 0x55cf8cd3f753 in sd_varlink_process /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:1466:13
TEST-54-CREDS.sh[1074]: #8 0x55cf8cd4c0a9 in sd_varlink_call_full /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:2160:21
TEST-54-CREDS.sh[1074]: #9 0x55cf8cd4d617 in sd_varlink_callb_ap /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:2237:16
TEST-54-CREDS.sh[1074]: #10 0x55cf8cd4da3c in sd_varlink_callb /usr/src/debug/systemd/src/libsystemd/sd-varlink/sd-varlink.c:2251:13
TEST-54-CREDS.sh[1074]: #11 0x55cf8cb47686 in ipc_decrypt_credential /usr/src/debug/systemd/src/shared/creds-util.c:1623:13
TEST-54-CREDS.sh[1074]: #12 0x55cf8caca99a in maybe_decrypt_and_write_credential /usr/src/debug/systemd/src/core/exec-credential.c:486:29
TEST-54-CREDS.sh[1074]: #13 0x55cf8cac790b in load_credential /usr/src/debug/systemd/src/core/exec-credential.c:713:16
TEST-54-CREDS.sh[1074]: #14 0x55cf8cac5403 in acquire_credentials /usr/src/debug/systemd/src/core/exec-credential.c:819:29
TEST-54-CREDS.sh[1074]: #15 0x55cf8cac5403 in setup_credentials_internal /usr/src/debug/systemd/src/core/exec-credential.c:1023:13
TEST-54-CREDS.sh[1074]: #16 0x55cf8cac42d4 in exec_setup_credentials /usr/src/debug/systemd/src/core/exec-credential.c:1168:21
TEST-54-CREDS.sh[1074]: #17 0x55cf8ca59569 in exec_invoke /usr/src/debug/systemd/src/core/exec-invoke.c:4866:13
TEST-54-CREDS.sh[1074]: #18 0x55cf8ca428d8 in run /usr/src/debug/systemd/src/core/executor.c:244:13
TEST-54-CREDS.sh[1074]: #19 0x55cf8ca428d8 in main /usr/src/debug/systemd/src/core/executor.c:275:13
TEST-54-CREDS.sh[1074]: #20 0x7f64b40110c7 in __libc_start_call_main (/lib64/libc.so.6+0x40c7) (BuildId: 159846287d47eef88f2a478f59803f6e8fc81d05)
TEST-54-CREDS.sh[1074]: #21 0x7f64b401118a in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x418a) (BuildId: 159846287d47eef88f2a478f59803f6e8fc81d05)
TEST-54-CREDS.sh[1074]: #22 0x55cf8ca41cb4 (/usr/lib/systemd/systemd-executor+0x124cb4) (BuildId: 24f2b1608c3aaee3226cdd14fa2b6e6741156222)
TEST-54-CREDS.sh[1074]: SUMMARY: AddressSanitizer: heap-use-after-free /usr/src/debug/systemd/src/libsystemd/sd-json/sd-json.c:887:16 in sd_json_variant_unref
TEST-54-CREDS.sh[1074]: Shadow bytes around the buggy address:
TEST-54-CREDS.sh[1074]: 0x50c000000680: 00 00 00 00 00 00 00 00 fa fa fa fa fa fa fa fa
TEST-54-CREDS.sh[1074]: 0x50c000000700: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
TEST-54-CREDS.sh[1074]: 0x50c000000780: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
TEST-54-CREDS.sh[1074]: 0x50c000000800: 00 00 00 00 00 00 00 00 fa fa fa fa fa fa fa fa
TEST-54-CREDS.sh[1074]: 0x50c000000880: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa
TEST-54-CREDS.sh[1074]: =>0x50c000000900: fa fa fa fa fa fa fa fa fd fd fd[fd]fd fd fd fd
TEST-54-CREDS.sh[1074]: 0x50c000000980: fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa
TEST-54-CREDS.sh[1074]: 0x50c000000a00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
TEST-54-CREDS.sh[1074]: 0x50c000000a80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
TEST-54-CREDS.sh[1074]: 0x50c000000b00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
TEST-54-CREDS.sh[1074]: 0x50c000000b80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
TEST-54-CREDS.sh[1074]: Shadow byte legend (one shadow byte represents 8 application bytes):
TEST-54-CREDS.sh[1074]: Addressable: 00
TEST-54-CREDS.sh[1074]: Partially addressable: 01 02 03 04 05 06 07
TEST-54-CREDS.sh[1074]: Heap left redzone: fa
TEST-54-CREDS.sh[1074]: Freed heap region: fd
TEST-54-CREDS.sh[1074]: Stack left redzone: f1
TEST-54-CREDS.sh[1074]: Stack mid redzone: f2
TEST-54-CREDS.sh[1074]: Stack right redzone: f3
TEST-54-CREDS.sh[1074]: Stack after return: f5
TEST-54-CREDS.sh[1074]: Stack use after scope: f8
TEST-54-CREDS.sh[1074]: Global redzone: f9
TEST-54-CREDS.sh[1074]: Global init order: f6
TEST-54-CREDS.sh[1074]: Poisoned by user: f7
TEST-54-CREDS.sh[1074]: Container overflow: fc
TEST-54-CREDS.sh[1074]: Array cookie: ac
TEST-54-CREDS.sh[1074]: Intra object redzone: bb
TEST-54-CREDS.sh[1074]: ASan internal: fe
TEST-54-CREDS.sh[1074]: Left alloca redzone: ca
TEST-54-CREDS.sh[1074]: Right alloca redzone: cb
Yu Watanabe [Sat, 28 Dec 2024 02:38:24 +0000 (11:38 +0900)]
machine: GC machine when no leader PID is set
After d8854ff1aca4434db0d7d6dcaf9fcf2f38105fb4, if a serialized
leader PID of a machine is already dead when deserialized, then the
leader PID and PIDFD are unset for the machine, and subsequent
machine_start() -> machine_watch_pidfd() will trigger an assertion.
This makes a Machine object without leader PID GCed.
projects / thirdparty / systemd.git / log
