Skip to content

segfault at 0 ip 00007f18c3c6ac10 sp 00007ffefaef9178 error 4 in libqmi-glib.so.5.6.0[7f18c3bea000+27e000]

I created a ticket in Modem Manager about a segmentation fault but after running MM in GDB, it looks like the issue is in libqmi.

We are using Modem Manager and Network Manager for Quectel EG25G modem. Internet can be established successfully but there are scenarios in which modem just doesn't recover unless a power cycle is done. To power cycle the modem, I'm currently using "mmcli -m 0 --reset". But the command does not seem to be stable as there are times when ModemManager crashes. Attaching debug logs when this crash occurred MM.log

MM version: 1.12.8
NM version: 1.22.10
Modem version: Quectel EG25GGBR07A07M2G

Steps:

  1. Add connection profile via nmcli nmcli c add type gsm con-name mobilecon ifname cdc-wdm0 ipv4.method auto autoconnect yes apn broadband ipv6.method disabled
  2. Wait for modem to get connected mmcli -m 0
  3. Test if internet works ping www.google.com -I wwan0
  4. Reset modem mmcli -m 0 --reset

Expected:

  1. Connection is added. Simple connect is triggered in MM log
  2. mmcli -m 0 shows modem state as CONNECTED after a few seconds from step 1
  3. ping is successful
  4. modem is reset
  5. modem gets reconnected

Actual Steps 1-4 pass. Step 5 is sometimes successful and sometimes result to MM crash.

Syslog shows: kernel: ModemManager[25583]: segfault at 0 ip 00007f18c3c6ac10 sp 00007ffefaef9178 error 4 in libqmi-glib.so.5.6.0[7f18c3bea000+27e000]

Run MM in GDB and found the method where crash is occurring:

ModemManager[21067]: <info>  Simple connect state (8/8): All done
ModemManager[21067]: transaction 0xd aborted, building abort request...

Thread 1 "ModemManager" received signal SIGSEGV, Segmentation fault.
0x00007ffff72dbc10 in qmi_endpoint_is_open () from /usr/lib/libqmi-glib.so.5

BT output shows:

(gdb) bt
#0  0x00007ffff72dbc10 in qmi_endpoint_is_open () from /usr/lib/libqmi-glib.so.5
#1  0x00007ffff72d8796 in qmi_device_command_abortable () from /usr/lib/libqmi-glib.so.5
#2  0x00007ffff72d8dcb in qmi_device_command_full () from /usr/lib/libqmi-glib.so.5
#3  0x00007ffff72d8e91 in ?? () from /usr/lib/libqmi-glib.so.5
#4  0x00007ffff72d9035 in ?? () from /usr/lib/libqmi-glib.so.5
#5  0x00007ffff62ae033 in ?? () from /usr/lib/libglib-2.0.so.0
#6  0x00007ffff62ad5e5 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#7  0x00007ffff62ad988 in ?? () from /usr/lib/libglib-2.0.so.0
#8  0x00007ffff62adc92 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
#9  0x0000000000441d63 in main ()

This is a duplicate of ModemManager#222 (closed). I'll be closing the MM ticket first. Let me know if it is more appropriate to be checked on MM level first.

Regards, Hira

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information