Bug 1884236

Summary: gensnippet_if segfaults on fcos 32.20200923.2.0
Product: [Fedora] Fedora Reporter: Sanne Raymaekers <sraymaek>
Component: console-login-helper-messagesAssignee: Kelvin Fan <kfan>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 32CC: admiller, dustymabe, jlebon, kasal, kdudka, kfan, robertthomasfairley, ssbarnea, svashisht
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: console-login-helper-messages-0.20.1-1.fc32 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-10-10 21:58:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
journal excerpt
none
full journal
none
coredump none

Description Sanne Raymaekers 2020-10-01 12:27:02 UTC 
Created attachment 1718160 [details]
journal excerpt

Description of problem:
/usr/bin/libexec/gensnippet_f segfaults, I'm not sure why however. Encountered on a machine that is offline, and consequently starts the cockpit/ws container (with podman). However it seems to happen when starting any container, even with network access.


Version-Release number of selected component (if applicable):
State: idle
Deployments:
● ostree://fedora:fedora/x86_64/coreos/testing
                   Version: 32.20200923.2.0 (2020-09-24T14:57:37Z)
                BaseCommit: 3c833a0ce8f9319e6a994e18dcb1d3d540a84c14b609bd1ddd9ed108ed93aa42
              GPGSignature: Valid signature by 97A1AE57C3A2372CCA3A4ABA6C13026D12C944D0
           LayeredPackages: dnsmasq
             LocalPackages: cockpit-tests-229.3.g04e6398d4-1.wip.fc32.x86_64 cockpit-bridge-229.3.g04e6398d4-1.wip.fc32.x86_64
                            cockpit-dashboard-229.3.g04e6398d4-1.wip.fc32.noarch cockpit-networkmanager-229.3.g04e6398d4-1.wip.fc32.noarch
                            cockpit-system-229.3.g04e6398d4-1.wip.fc32.noarch

  ostree://fedora:fedora/x86_64/coreos/testing
                   Version: 32.20200923.2.0 (2020-09-24T14:57:37Z)
                BaseCommit: 3c833a0ce8f9319e6a994e18dcb1d3d540a84c14b609bd1ddd9ed108ed93aa42
              GPGSignature: Valid signature by 97A1AE57C3A2372CCA3A4ABA6C13026D12C944D0
           LayeredPackages: cockpit-bridge cockpit-networkmanager cockpit-system dnsmasq


Reproduce:
1. Pull a container, say fedora
2. Run it, podman will add an interface
3. gensnippet_if crashes
Comment 1 Dusty Mabe 2020-10-01 13:50:30 UTC 
Since it's not a lot of data I'm just going to copy the error message here:

```
kernel: gensnippet_if[1019]: segfault at 7ffc52d82bd0 ip 00005591c33f4531 sp 00007ffc52d82b90 error 6 in bash[5591c33e7000+b6000]
kernel: audit: type=1701 audit(1601553177.676:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:initrc_t:s0 pid=1019 comm="gensnippet_if" exe="/usr/bin/bash" sig=11 res=1
audit[1019]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 subj=system_u:system_r:initrc_t:s0 pid=1019 comm="gensnippet_if" exe="/usr/bin/bash" sig=11 res=1
systemd-coredump[4789]: Resource limits disable core dumping for process 1019 (gensnippet_if).
systemd-coredump[4789]: Process 1019 (gensnippet_if) of user 0 dumped core.
nm-dispatcher[1018]: /etc/NetworkManager/dispatcher.d/90-console-login-helper-messages-gensnippet_if: line 13:  1019 Segmentation fault      (core dumped) /usr/libexec/console-login-helper-messages/gensnippet_if "${interface}" "${action}"
```
Comment 2 Jonathan Lebon 2020-10-01 14:44:03 UTC 
Hmm, this looks like bash itself is getting a SIGSEGV? Or I guess it's possible that something is explictly sending a `SIGSEGV` to us. A coredump would help differentiate I think.

@Sanne, could you try to get a coredump from bash? From the logs it looks like it might be limited (what does `ulimit -c` say?).
Comment 3 Jonathan Lebon 2020-10-01 14:44:55 UTC 
Sorry, I didn't mean to change component on this just yet. We can keep this under c-l-h-m until we have more info.
Comment 4 Sanne Raymaekers 2020-10-01 15:37:09 UTC 
Created attachment 1718204 [details]
full journal
Comment 5 Sanne Raymaekers 2020-10-01 15:37:44 UTC 
Created attachment 1718205 [details]
coredump
Comment 6 Sanne Raymaekers 2020-10-01 15:41:27 UTC 
I added the full journal and ran it again without coredump limits. It does seem that bash itself crashes?
Comment 7 Kelvin Fan 2020-10-01 15:55:26 UTC 
I think it is indeed a problem with console-login-helper-messages. gensnippet_if contains a recursive call that is probably overflowing the stack. In bash, infinite recursion in a function call does cause a segmentation fault.
Comment 8 Fedora Update System 2020-10-02 19:28:39 UTC 
FEDORA-2020-6a8030eeee has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-6a8030eeee
Comment 9 Fedora Update System 2020-10-03 02:09:28 UTC 
FEDORA-2020-6a8030eeee has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-6a8030eeee`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-6a8030eeee

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 10 Fedora Update System 2020-10-10 21:58:23 UTC 
FEDORA-2020-6a8030eeee has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.