1639135 – boltd segfaults when authorizing device

Bug 1639135 - boltd segfaults when authorizing device

Summary: boltd segfaults when authorizing device

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	bolt
Sub Component:
Version:	29
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Christian Kellner
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-10-15 06:41 UTC by Bernie Innocenti
Modified:	2019-01-03 05:29 UTC (History)
CC List:	1 user (show)
Fixed In Version:	bolt-0.7-1.fc29
Clone Of:
Environment:
Last Closed:	2019-01-03 05:29:31 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Bernie Innocenti 2018-10-15 06:41:07 UTC

boltd from bolt-0.5-1.fc29.x86_64 segfaults repeatably when I issue "boltctl authorize <device>". Stacktrace:

Thread 1 "boltd" received signal SIGSEGV, Segmentation fault.
0x00007ffff7bb4895 in __strlen_avx2 () from target:/lib64/libc.so.6
(gdb) bt
#0  0x00007ffff7bb4895 in __strlen_avx2 () from target:/lib64/libc.so.6
#1  0x00007ffff7ed1893 in g_log_writer_journald () from target:/lib64/libglib-2.0.so.0
#2  0x000055555556cc5f in bolt_log_journal (ctx=ctx@entry=0x5555555ee980, log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, flags=flags@entry=0) at ../boltd/bolt-log.c:551
#3  0x00005555555607a8 in daemon_logger (level=G_LOG_LEVEL_CRITICAL, fields=<optimized out>, n_fields=<optimized out>, user_data=<optimized out>) at ../boltd/bolt-daemon.c:82
#4  0x00007ffff7ed0047 in g_log_structured_array () from target:/lib64/libglib-2.0.so.0
#5  0x00007ffff7ed0491 in g_log_default_handler () from target:/lib64/libglib-2.0.so.0
#6  0x00007ffff7ed06df in g_logv () from target:/lib64/libglib-2.0.so.0
#7  0x00007ffff7ed08d3 in g_log () from target:/lib64/libglib-2.0.so.0
#8  0x0000555555572362 in bolt_domain_get_security (domain=0x0) at ../boltd/bolt-domain.c:266
#9  0x000055555556ab33 in handle_authorize (object=<optimized out>, params=<optimized out>, inv=0x7fffe800ca40, error=0x7fffffffe968) at ../boltd/bolt-device.c:1043
#10 0x0000555555573f7c in dispatch_method_call (method=<optimized out>, error=0x7fffffffe968, inv=0x7fffe800ca40, exported=0x5555555dc060) at ../boltd/bolt-exported.c:516
#11 query_authorization_done (source_object=<optimized out>, res=<optimized out>, user_data=0x5555555bcd80) at ../boltd/bolt-exported.c:553
#12 0x00007ffff7d63f74 in ?? () from target:/lib64/libgio-2.0.so.0
#13 0x00007ffff7d63fad in ?? () from target:/lib64/libgio-2.0.so.0
#14 0x00007ffff7ec5b7b in ?? () from target:/lib64/libglib-2.0.so.0
#15 0x00007ffff7ec926d in g_main_context_dispatch () from target:/lib64/libglib-2.0.so.0
#16 0x00007ffff7ec9638 in ?? () from target:/lib64/libglib-2.0.so.0
#17 0x00007ffff7ec9962 in g_main_loop_run () from target:/lib64/libglib-2.0.so.0
#18 0x00005555555603fa in main (argc=<optimized out>, argv=<optimized out>) at ../boltd/bolt-daemon.c:217

This might be caused by a kernel bug in 4.18.13-300.fc29.x86_64, because I'm also getting errors in dmesg as soon as I plug the usb-c dock:

[152045.125455] snd_hda_intel 0000:00:1f.3: azx_get_response timeout, switching to polling mode: last cmd=0x002f0600
[162715.019687] thunderbolt 0000:08:00.0: current switch config:
[162715.019696] thunderbolt 0000:08:00.0:  Switch: 8086:15d3 (Revision: 6, TB Version: 2)
[162715.019699] thunderbolt 0000:08:00.0:   Max Port Number: 11
[162715.019702] thunderbolt 0000:08:00.0:   Config:
[162715.019708] thunderbolt 0000:08:00.0:    Upstream Port Number: 3 Depth: 1 Route String: 0x1 Enabled: 1, PlugEventsDelay: 254ms
[162715.019712] thunderbolt 0000:08:00.0:    unknown1: 0x0 unknown4: 0x0
[162715.362005] thunderbolt 0000:08:00.0: 1: reading drom (length: 0x83)
[162715.838180] thunderbolt 0000:08:00.0: 1: drom data crc32 mismatch (expected: 0x47457c83, got: 0x5244dec0), continuing
[162715.838688] thunderbolt 0000:08:00.0: 1: drom buffer overrun, aborting
[162715.838690] thunderbolt 0000:08:00.0: 1: tb_eeprom_read_rom failed

I can get boltd to work again by rebooting the machine. Reloading the thunderbolt module also made the issue disappear once, but doesn't seem to be working any more now. I'll update the bug if I can figure the exact sequence to reproduce this.

Comment 1 Bernie Innocenti 2018-10-15 06:50:10 UTC

The journal doesn't contain any messages from boltd just before the crash.

Comment 2 Bernie Innocenti 2018-10-15 07:14:24 UTC

Bug #1585744 is the likely root cause, but there might also be a bug with error logging in boltd.

Comment 3 Christian Kellner 2018-10-22 13:24:00 UTC

Thanks, filed as https://gitlab.freedesktop.org/bolt/bolt/issues/118

Comment 4 Christian Kellner 2018-10-23 12:04:58 UTC

The root cause of the crash is actually issue #119. Which is trigger by the an assertion that should not happen, i.e. bug (#118).


https://gitlab.freedesktop.org/bolt/bolt/issues/119

Comment 5 Fedora Update System 2019-01-01 18:04:10 UTC

bolt-0.7-1.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2019-e4c7e2bfc4

Comment 6 Fedora Update System 2019-01-02 02:49:22 UTC

bolt-0.7-1.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2019-e4c7e2bfc4

Comment 7 Fedora Update System 2019-01-03 05:29:31 UTC

bolt-0.7-1.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.