Comment 0 for bug 1233441

When daemonizing, the child process segfault and the parent acts oddly.

To reproduce:

stop rsyslog
mv /var/spool/rsyslog /var/spool/rsyslog.bak
tar -xf var-spool-rsyslog.tar.gz -C /

gdb /usr/sbin/rsyslog
set follow-fork-mode child
run -c5

(gdb) bt
#0 strmFlushInternal (pThis=0x0) at stream.c:1236
#1 0x00000000004291b9 in strmSerialize (pThis=0x0, pStrm=0x676150) at stream.c:1569
#2 0x000000000042ee02 in qqueuePersist (pThis=0x675a10, bIsCheckpoint=0) at queue.c:2015
#3 0x000000000042f026 in qqueueDestruct (ppThis=0x674d78) at queue.c:2153
#4 0x0000000000432660 in StartDA (pThis=0x674b50) at queue.c:353
#5 InitDA (pThis=0x674b50, bLockMutex=<optimized out>) at queue.c:402
#6 qqueueStart (pThis=0x674b50) at queue.c:1914
#7 0x0000000000437987 in actionConstructFinalize (pThis=0x674a60) at ../action.c:405
#8 0x000000000043977e in addAction (ppAction=0x7fffffff8ca8, pMod=<optimized out>, pModData=0x673910, pOMSR=0x6732f0, bSuspended=0)
    at ../action.c:1779
#9 0x0000000000416934 in cflineDoAction (ppAction=<synthetic pointer>, p=0x7fffffff8c90) at conf.c:1105
#10 cflineClassic (ppRule=0x7fffffff8d10, p=0x7fffffff8d5c "") at conf.c:1172
#11 cfline (line=<optimized out>, pfCurr=0x7fffffff8d10) at conf.c:1207
#12 0x00000000004171a5 in processConfFile (pConfFile=0x671af0 "/etc/rsyslog.d/40-loghost-client.conf") at conf.c:464
#13 0x0000000000417586 in doIncludeLine (pp=<optimized out>, pVal=<optimized out>) at conf.c:234
#14 0x0000000000435771 in cslchCallHdlr (ppConfLine=0x7fffffffa858, pThis=<optimized out>) at cfsysline.c:724
#15 processCfSysLineCommand (pCmdName=<optimized out>, p=0x7fffffffa898) at cfsysline.c:936
#16 0x00000000004166b1 in cfsysline (p=0x7fffffffa99f "/etc/rsyslog.d/*.conf") at conf.c:371
#17 0x0000000000416a29 in cfline (line=0x7fffffffa991 "IncludeConfig /etc/rsyslog.d/*.conf", pfCurr=0x7fffffffa980) at conf.c:1204
#18 0x00000000004171a5 in processConfFile (pConfFile=0x44204c "/etc/rsyslog.conf") at conf.c:464
#19 0x000000000040aa53 in init () at syslogd.c:1620
#20 0x000000000040e0ce in mainThread () at syslogd.c:2179
#21 realMain (argc=<optimized out>, argv=<optimized out>) at syslogd.c:2914
#22 0x00007ffff71fc76d in __libc_start_main (main=0x40af80 <main>, argc=2, ubp_av=0x7fffffffe508, init=<optimized out>,
    fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe4f8) at libc-start.c:226
#23 0x000000000040afc9 in _start ()

Now of course, you need our syslog config.

cat /etc/rsyslog.conf
$PreserveFQDN on

$ModLoad imuxsock
$ModLoad imklog
$ModLoad immark

$umask 0000

$CreateDirs on

$DirOwner root
$DirGroup root
$DirCreateMode 0755

$EscapeControlCharactersOnReceive off

$FileOwner root
$FileGroup root
$FileCreateMode 0644

$MarkMessagePeriod 600

$IncludeConfig /etc/rsyslog.d/*.conf

antarus@antarus-z620:/var/lib/chaps$ cat /etc/rsyslog.d/40-loghost-client.conf

$WorkDirectory /var/spool/rsyslog
$ActionQueueFileName loghost-client
$ActionQueueCheckpointInterval 100
  # A 100000µs delay effects a rate limit of 10 messages per second.
$ActionQueueDequeueSlowdown 100000
  $ActionQueueMaxDiskSpace 1g
$ActionQueueSaveOnShutdown on
$ActionQueueType LinkedList
# Do not suspend the retry on machines assumed to be connected
# (I.e., stick to once per second.)
$ActionResumeRetryCount -1
$ActionResumeInterval 1

*.* @@REDACTED_LOGHOST.:514;RSYSLOG_ForwardFormat

I will attach the busted spool files as well.

root@antarus-z620:/etc# lsb_release -rd
Description: Ubuntu 12.04.2 LTS
Release: 12.04

root@antarus-z620:/etc# apt-cache policy rsyslog
rsyslog:
  Installed: 5.8.6-1ubuntu8.5
  Candidate: 5.8.6-1ubuntu8.5

I expect rsyslog to not crash, and instead detect bad spool files and tell me.

Instead it crashed.