ipmitool crashed with SIGSEGV

Bug #1817307 reported by Manoj Iyer on 2019-02-22
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ipmitool (Debian)
Fix Released
Unknown
ipmitool (Ubuntu)
High
Andreas Hasenack
Cosmic
Undecided
Unassigned

Bug Description

I am running ipmitool -I lanplus -H 10.245.71.111 -P 0penBmc sol activate, where 10.245.71.111 is a IBM Power9 Withersoon system running openbmc (that is compliant with ipmi 2.0). I see data transfer from the server to the ipmi session for a few seconds and the it segfaults.

$ ipmitool -I lanplus -H 10.245.71.111 -P 0penBmc sol activate
[SOL Session operational. Use ~? for help]

--== Welcome to Hostboot hostboot-d033213-p8b99fdc/hbicore.bin ==--

  4.01081|secure|SecureROM valid - eSegmentation fault (core dumped)

ProblemType: Crash
DistroRelease: Ubuntu 19.04
Package: ipmitool 1.8.18-6build1
ProcVersionSignature: Ubuntu 4.19.0-13.14-generic 4.19.20
Uname: Linux 4.19.0-13-generic x86_64
ApportVersion: 2.20.10-0ubuntu21
Architecture: amd64
CurrentDesktop: GNOME
Date: Fri Feb 22 06:35:50 2019
ExecutablePath: /usr/bin/ipmitool
ExecutableTimestamp: 1547496056
InstallationDate: Installed on 2012-09-20 (2346 days ago)
InstallationMedia: Ubuntu 12.10 "Quantal Quetzal" - Alpha amd64 (20120919)
ProcCmdline: ipmitool -I lanplus -H 10.245.71.111 -P XXXXXXX sol activate
ProcCwd: /home/manjo
ProcEnviron:
 SHELL=/bin/bash
 LANG=en_US.UTF-8
 TERM=xterm-256color
 XDG_RUNTIME_DIR=<set>
 PATH=(custom, user)
Signal: 11
SourcePackage: ipmitool
StacktraceTop:
 ?? ()
 ?? ()
 ?? ()
 ?? ()
 ?? ()
Title: ipmitool crashed with SIGSEGV
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo vboxusers
mtime.conffile..etc.default.ipmievd: 2018-10-01T14:41:34.751450
separator:

Related branches

Manoj Iyer (manjo) wrote :

StacktraceTop:
 memmove (__len=<optimized out>, __src=0x564d10980b75 <rsp+21>, __dest=0x564d10980b61 <rsp+1>) at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:40
 ipmi_lan_poll_single (intf=intf@entry=0x564d1097d720 <ipmi_lanplus_intf>) at lanplus.c:878
 ipmi_lan_poll_recv (intf=0x564d1097d720 <ipmi_lanplus_intf>) at lanplus.c:913
 ipmi_lanplus_recv_sol (intf=0x564d1097d720 <ipmi_lanplus_intf>) at lanplus.c:2693
 ipmi_sol_red_pill (intf=intf@entry=0x564d1097d720 <ipmi_lanplus_intf>, instance=instance@entry=1) at ipmi_sol.c:1650

tags: removed: need-amd64-retrace
Manoj Iyer (manjo) on 2019-02-25
information type: Private → Public
Changed in ipmitool (Ubuntu):
assignee: nobody → Jörg Frings-Fürst (jff-de)
Andreas Hasenack (ahasenack) wrote :

I wonder if it's this upstream bug: https://github.com/ipmitool/ipmitool/issues/72

Andreas Hasenack (ahasenack) wrote :

With the patch being:
https://github.com/pjdhpe/ipmitool/commit/815aae70cf8dc9f0e1ba1923fc4ec3cc16d0d2f1

Can you easily test that? Do you need a package?

Andreas Hasenack (ahasenack) wrote :

Package with that patch building in this PPA: https://launchpad.net/~ahasenack/+archive/ubuntu/ipmitool-segfault-1817307

Completely untested

Changed in ipmitool (Ubuntu):
status: New → In Progress
status: In Progress → Triaged
Manoj Iyer (manjo) wrote :

I tested the ipmitool in the above PPA on the same machine this crash was reported from, and I was able to power off/on the system who's output triggered this crash. I can report that ipmi sol does not crash and the console connection is persistent.

Changed in ipmitool (Ubuntu):
assignee: Jörg Frings-Fürst (jff-de) → Andreas Hasenack (ahasenack)
status: Triaged → In Progress
importance: Critical → High

@Manoj - Andreas is working on getting this into Disco. But since upstream releases [1] rareley or lets call it sporadic could you plesae file a bug in Debian as well to ensure we can somewhen into 19.10 drop the Delta?

[1]: https://github.com/pjdhpe/ipmitool/releases

Manoj Iyer (manjo) wrote :

@paelzer, yes will do

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ipmitool - 1.8.18-6ubuntu1

---------------
ipmitool (1.8.18-6ubuntu1) disco; urgency=medium

  * d/p/0130-fix-segfault.patch: Correct lanplus segment violation for
    truncated response. (LP: #1817307)

 -- Andreas Hasenack <email address hidden> Thu, 28 Feb 2019 11:21:41 -0300

Changed in ipmitool (Ubuntu):
status: In Progress → Fix Released
Andreas Hasenack (ahasenack) wrote :

Cosmic is EOL

Changed in ipmitool (Ubuntu Cosmic):
status: New → Won't Fix

As nothing happened I reported it to Debian myself now.
Bug is linked above (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945764)

Changed in ipmitool (Debian):
status: Unknown → New
Changed in ipmitool (Debian):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.