Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-56728

traps: polkitd[1470] general protection fault ip:7ff36a1bf030 sp:7ffc77bd6220 error:0 in libmozjs-78.so[7ff36a0ed000+aa0000]

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • rhel-9.4
    • polkit
    • None
    • No
    • Moderate
    • rhel-sst-cs-plumbers
    • ssg_core_services
    • 3
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      Description:
      Polkit with custom rules failing

      Steps to Reproduce:

      # cat /etc/polkit-1/rules.d/10-icinga2-systemd.rules
      polkit.addRule(function(action, subject) {
        polkit.log(action);
        polkit.log(subject);
        polkit.log(action.lookup("unit"));
        polkit.log(subject.isInGroup("icinga"));
        if (action.id == "org.freedesktop.systemd1.manage-units" &&
            subject.isInGroup("icinga")) {
          return polkit.Result.YES;
        }
      });
      
      # systemctl restart polkit
      # su - icinga
      $(icinga) systemctl restart sshd
      <polkit will crash>
      $(icinga) exit

      Issue is in Javascript libraries as per GDB:

      (gdb) bt
      #0  js::gc::CellHeaderWithLengthAndFlags::flagsField (this=0x53c703d56d100) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/gc/Cell.h:597
      
      #1  JSString::flags (this=<optimized out>, this=<optimized out>) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/StringType.h:382
      
      #2  JSString::isLinear (this=<optimized out>, this=<optimized out>) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/StringType.h:446
      
      #3  JSString::ensureLinear (cx=0x55967579bde0, this=0x53c703d56d100) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/StringType.h:1722
      
      #4  js::StringToNewUTF8CharsZ (str=..., maybecx=0x55967579bde0) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/StringType.h:1432
      
      #5  JS_EncodeStringToUTF8 (cx=0x55967579bde0, str=...) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/jsapi.cpp:4546
      
      #6  0x0000559673caaa52 in js_polkit_log (cx=0x55967579bde0, argc=<optimized out>, vp=0x559675968e40) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/dist/include/js/RootingAPI.h:1152
      
      #7  0x00007f35c754c5a6 in CallJSNative (args=..., reason=<optimized out>, native=0x559673caa9b0 <js_polkit_log(JSContext*, unsigned int, JS::Value*)>, cx=0x55967579bde0)
      
          at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/Interpreter.cpp:493
      
      #8  js::InternalCallOrConstruct (cx=0x55967579bde0, args=..., construct=<optimized out>, reason=<optimized out>) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/Interpreter.cpp:585
      
      #9  0x00007f35c753cb2a in js::CallFromStack (args=..., cx=<optimized out>) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/Interpreter.cpp:652
      
      #10 Interpret (cx=0x55967579bde0, state=...) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/Interpreter.cpp:3312
      
      #11 0x00007f35c754bf7e in js::RunScript (cx=0x55967579bde0, state=...) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/Interpreter.cpp:465
      
      #12 0x00007f35c754c3d1 in js::InternalCallOrConstruct (cx=0x55967579bde0, args=..., construct=js::NO_CONSTRUCT, reason=<optimized out>) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/Interpreter.cpp:620
      
      #13 0x00007f35c754ca32 in InternalCall (reason=<optimized out>, args=..., cx=0x55967579bde0) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/Interpreter.cpp:648
      
      #14 js::Call (cx=0x55967579bde0, fval=..., thisv=..., args=..., rval=..., reason=<optimized out>) at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/vm/Interpreter.cpp:665
      
      #15 0x00007f35c75bb52b in JS_CallFunctionName (cx=0x55967579bde0, obj=obj@entry=..., name=name@entry=0x559673cb179b "_runRules", args=..., rval=..., rval@entry=...)
      
          at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/dist/include/js/RootingAPI.h:1152
      
      #16 0x0000559673cb0596 in call_js_function_with_runaway_killer(_PolkitBackendJsAuthority*, char const*, JS::HandleValueArray const&, JS::Rooted<JS::Value>*) [clone .constprop.0] (authority=0x5596757650b0,  
          function_name=0x559673cb179b "_runRules", args=..., rval=0x7ffdc68623b0) at /usr/src/debug/polkit-0.117-11.el9.x86_64/src/polkitbackend/polkitbackendjsauthority.cpp:1091
      
      #17 0x0000559673caa1c1 in polkit_backend_js_authority_check_authorization_sync (_authority=<optimized out>, caller=<optimized out>, subject=0x5596758e3140, user_for_subject=0x55967578c590, subject_is_local=0, subject_is_active=1,  
      ^[[A    action_id=0x5596758c1a24 "org.freedesktop.systemd1.manage-units", details=0x55967585c5a0, implicit=POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED)
      
          at /usr/src/debug/polkit-0.117-11.el9.x86_64/firefox-78.10.0/js/src/dist/include/js/ValueArray.h:104
      
      #18 0x0000559673cb0881 in polkit_backend_interactive_authority_check_authorization_sync (implicit=POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED, details=0x55967585c5a0,  
          action_id=0x5596758c1a24 "org.freedesktop.systemd1.manage-units", subject_is_active=1, subject_is_local=0, user_for_subject=0x55967578c590, subject=0x5596758e3140, caller=0x55967576c340, authority=0x5596757650b0)
      
          at /usr/src/debug/polkit-0.117-11.el9.x86_64/src/polkitbackend/polkitbackendinteractiveauthority.c:1391
      
      #19 check_authorization_sync.isra.0 (authority=0x5596757650b0, caller=0x55967576c340, subject=0x5596758e3140, action_id=0x5596758c1a24 "org.freedesktop.systemd1.manage-units", details=0x55967585c5a0,  
          out_implicit_authorization=0x7ffdc68625f0, checking_imply=0, error=0x7ffdc68625f8, flags=<optimized out>) at /usr/src/debug/polkit-0.117-11.el9.x86_64/src/polkitbackend/polkitbackendinteractiveauthority.c:1164
       

              jrybar@redhat.com Jan Rybar
              rhn-support-smahanga Shreyas Mahangade
              Jan Rybar Jan Rybar
              Frantisek Sumsal Frantisek Sumsal
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: