upowerd crashed with SIGSEGV in g_variant_is_trusted()

Bug #1547793 reported by Matt Austin on 2016-02-20
This bug affects 25 people
Affects Status Importance Assigned to Milestone
Ubuntu Kylin
Fix Released
upower (Debian)
Fix Released
upower (Ubuntu)
Martin Pitt

Bug Description

Crash when connecting laptop to charger.

ProblemType: Crash
DistroRelease: Ubuntu 16.04
Package: upower 0.99.4-1
ProcVersionSignature: Ubuntu 4.4.0-4.19-generic 4.4.1
Uname: Linux 4.4.0-4-generic x86_64
NonfreeKernelModules: wl
ApportVersion: 2.20-0ubuntu3
Architecture: amd64
CrashCounter: 1
Date: Sat Feb 20 16:18:04 2016
ExecutablePath: /usr/lib/upower/upowerd
InstallationDate: Installed on 2015-04-07 (319 days ago)
InstallationMedia: Ubuntu-GNOME 15.04 "Vivid Vervet" - Beta amd64 (20150326)
ProcCmdline: /usr/lib/upower/upowerd
 PATH=(custom, no user)
 Segfault happened at: 0x7fdb12e38ee0: mov 0x20(%rdi),%eax
 PC (0x7fdb12e38ee0) ok
 source "0x20(%rdi)" (0x00000020) not located in a known VMA region (needed readable region)!
 destination "%eax" ok
SegvReason: reading NULL VMA
Signal: 11
SourcePackage: upower
 ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
 g_variant_builder_add_value () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
 ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
 g_variant_new_va () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
 g_variant_new () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
Title: upowerd crashed with SIGSEGV in g_variant_builder_add_value()
UpgradeStatus: No upgrade log present (probably fresh install)

Matt Austin (mattaustin) wrote :

 g_variant_is_trusted () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
 g_variant_builder_add_value () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
 g_variant_valist_new () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
 g_variant_new_va () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
 g_variant_new () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0

Changed in upower (Ubuntu):
importance: Undecided → Medium
summary: - upowerd crashed with SIGSEGV in g_variant_builder_add_value()
+ upowerd crashed with SIGSEGV in g_variant_is_trusted()
tags: removed: need-amd64-retrace
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in upower (Ubuntu):
status: New → Confirmed
information type: Private → Public
Martin Pitt (pitti) on 2016-02-23
Changed in upower (Ubuntu):
status: Confirmed → In Progress
assignee: nobody → Martin Pitt (pitti)
importance: Medium → High
Ubuntu QA Website (ubuntuqa) wrote :

This bug has been reported on the Ubuntu ISO testing tracker.

A list of all reports related to this bug can be found here:

tags: added: iso-testing
Changed in upower (Debian):
status: Unknown → New
Download full text (5.1 KiB)

0.99.4 has a major regression, it crashes very often with

#0 0x00007fdb12e38ee0 in g_variant_is_trusted () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#1 0x00007fdb12e358b4 in g_variant_builder_add_value () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#2 0x00007fdb12e375b6 in g_variant_valist_new () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#3 0x00007fdb12e37a42 in g_variant_new_va () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#4 0x00007fdb12e37cbd in g_variant_new () from /tmp/apport_sandbox_GBFpqZ/lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#5 0x0000556372c30515 in up_exported_daemon_complete_get_display_device (object=<optimized out>, invocation=0x5563746435e0, device=<optimized out>) at up-daemon-generated.c:1157
No locals.
#6 0x0000556372c28107 in up_daemon_get_critical_action (skeleton=0x55637463f100, invocation=0x5563746435e0, daemon=<optimized out>) at up-daemon.c:438
No locals.
#7 0x00007fdb11941e40 in ffi_call_unix64 () from /tmp/apport_sandbox_GBFpqZ/usr/lib/x86_64-linux-gnu/libffi.so.6
No symbol table info available.
#8 0x00007fdb119418ab in ffi_call () from /tmp/apport_sandbox_GBFpqZ/usr/lib/x86_64-linux-gnu/libffi.so.6
No symbol table info available.
#9 0x00007fdb130d57c9 in g_cclosure_marshal_generic () from /tmp/apport_sandbox_GBFpqZ/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
No symbol table info available.
#10 0x00007fdb130d4fa5 in g_closure_invoke () from /tmp/apport_sandbox_GBFpqZ/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
No symbol table info available.
#11 0x00007fdb130e6ff1 in signal_emit_unlocked_R () from /tmp/apport_sandbox_GBFpqZ/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
No symbol table info available.
#12 0x00007fdb130eed71 in g_signal_emitv () from /tmp/apport_sandbox_GBFpqZ/usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0
No symbol table info available.
#13 0x0000556372c31569 in _up_exported_daemon_skeleton_handle_method_call (connection=<optimized out>, sender=<optimized out>, object_path=<optimized out>, interface_name=0x7fdafc0067f0 "org.freedesktop.UPower", method_name=0x7fdafc007f60 "GetCriticalAction", parameters=<optimized out>, invocation=0x5563746435e0, user_data=0x55637463f100) at up-daemon-generated.c:1722
        skeleton = <optimized out>
        info = 0x556372e50da0 <_up_exported_daemon_method_info_get_critical_action>
        iter = {x = {140578507495472, 0, 0, 0, 140578507489120, 140578894309087, 0, 3579507750, 93885615510416, 140578910142288, 93885642809936, 93885642885536, 140578507491840, 140578891213488, 0, 140578910112173}}
        child = 0x0
        paramv = 0x5563746840b0
        num_params = <optimized out>
        num_extra = <optimized out>
        n = <optimized out>
        signal_id = 13
        return_value = {g_type = 20, data = {{v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_uint64 = 0, v_float = 0, v_double = 0, v_pointer = 0x0}, {v_int = 0, v_uint = 0, v_long = 0, v_ulong = 0, v_int64 = 0, v_u...


up-daemon-generated.c has this code:

1158 g_variant_new ("(o)",
1159 device));

(gdb) p device
$1 = (const gchar *) 0x555555588af2 "PowerOff"

which is indeed not a valid object path. This should certainly not crash with a segfault but trigger an assertion, so there's a glib bug as well.

Ah, this is a copy&paste error in src/up-daemon.c:

static gboolean
up_daemon_get_critical_action (UpExportedDaemon *skeleton,
                               GDBusMethodInvocation *invocation,
                               UpDaemon *daemon)
        up_exported_daemon_complete_get_display_device (skeleton, invocation,
                                                        up_backend_get_critical_action (daemon->priv->backend));

Jean-Baptiste Lallement (jibel) wrote :

Setting to critical because it blocks the release of Xenial Beta 1

Changed in upower (Ubuntu):
importance: High → Critical
Changed in upower:
importance: Unknown → Critical
status: Unknown → In Progress
Changed in upower (Ubuntu):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package upower - 0.99.4-2

upower (0.99.4-2) xenial; urgency=high

  * Urgency high as this is a targetted fix for RC bug in testing.
  * Fix copy&paste error that called the wrong _complete_ function
    for up_daemon_get_critical_action(), causing a segfault.
    (Closes: #815590, LP: #1547793)

 -- Martin Pitt <email address hidden> Tue, 23 Feb 2016 09:58:09 +0100

Changed in upower (Ubuntu):
status: Fix Committed → Fix Released
ek0892 (kranich) wrote :

For me with upower - 0.99.4-2 the problem is not solve.

I test with 5 notebooks :

 If remove battery , install is OK

but with battery inside + AD/DC power , ubiquity Crash !

Paul White (paulw2u) wrote :

Tested on two laptops using latest Xubuntu build - 20160223 - no change to what I was seeing previously, Ubiquity only starts with battery removed. Confirmed using upower 0.99.4-2.

Martin Pitt (pitti) wrote :

Do you still get the crash?

Paul White (paulw2u) wrote :

Yes, the crash dialog appears whether I start the install process from the main menu or from the desktop icon.

Jane Atkinson (irihapeti) wrote :

Still crashing on Asus EeePC 900. I've not tried with the battery removed.

Dave Morley (davmor2) wrote :

Still crashing here with proposed version of upower and libupower-glib3 + service upower restart

Hi, Martin:

Not fixed - but some progress, thanks. Excuse the approximate
description; I abandoned the test results and rebooted into Ubuntu
15.10 to write to you, so I'm writing from memory.

I downloaded the daily-live of xenial-desktop-amd64.iso about 10AM
-0500, confirmed with sha256sum, and burned it to a USB flash drive.

Booting from that USB drive seems to work well, but still lacks the
Ubuntu Software Center.Attempting an Ubuntu 16.04 install to hard disk
(actually, a SSD) failed, but more nicely than yesterday; now it starts
to install a new icon low in the Launcher, but then removes it and
simply stops the install while continuing to behave smoothly as before.
No hang and no error message, but no install, either.

Exploring further,I opened the Gnome Software Center and saw, in
System>Other, a Gnome system installer that wouldn't install. I found a
lot of Update files; after updating (but not restarting; how can I,
running as a Live USB, while keeping those changes?), it seemed neither
better nor worse.

About six hours later now, I've checked and see no newer version.
Perhaps tomorrow's daily will be better.

Martin, one more thought, and it may be useful: A few days ago, my wife
Jill points out, we tried the daily-live on two older PC /desktop/
computers here - one pre-UEFI, one not. And we just repeated those tests
now. The pre-UEFI desktop did not detect the Live USB, then or now. The
UEFI desktop did and does detect; upon loading Ubuntu 16.04, it does not
close out the Shortcut Keys window by clicking outside of it OR by
clicking its X icon, but clicking the System Settings icon in the upper
right did close it. From there on, all proceeded well until we attempted
an Ubuntu installation. The other day, that failed and we think it
failed just like the "battery-in" problem we've been discussing-
although no battery was involved! (Hmm. Is this the first you've heard
of THAT?) Today, that same Ubuntu installation (but using today's
daily-live) works fine! That is, we abandoned it upon reaching
partitioning (for the first time in a week), but see no reason it would
not have worked.

Cheers from
--Dick Miller, Partner, MMS <<email address hidden>
<mailto:<email address hidden>>>
*| A. Richard & Jill A. Miller | MILLER MICROCOMPUTER SERVICES |
| Mailto:<email address hidden> | 61 Lake Shore Road |
| Web: http://www.millermicro.com/ | Natick, MA 01760-2099, USA |
| Voice: 508/653-6136, 9AM-9PM -0500(EST)| NMEA N 42.29993°, W 71.36558° |*

On 02/23/2016 02:18 PM, Martin Pitt wrote:
> Do you still get the crash?

Changed in ubuntukylin:
milestone: none → xenial-beta1
amjjawad  (amjjawad) wrote :

Hi, I am testing < Install (entire disk) in Ubuntu GNOME Desktop i386 in Xenial Daily 20160224.1 > on Oracle VirtualBox. I see the attached screenshot.

We did 2 re-spin but still nothing happened.

amjjawad  (amjjawad) wrote :

Adding to comment #20

Attached is the 'next' screen/window/message I see after the screenshot I posted on comment #20.

After that, the system will login to the Live Session and when I try to install Ubuntu GNOME from the Live Session, the exact same error shows up. The same 2 screenshots I am posting here and the one I posted on comment #20.

After that, nothing happens. I can't install.

sudodus (nio-wiklund) wrote :


Ubiquity still does not work with Ubuntu Gnome i386 version (dated 20160224.1) in my Toshiba laptop with a battery.

amjjawad  (amjjawad) wrote :

Following up with comment #20 and comment #21 ... I confirm that on Oracle VirtualBox testing Ubuntu GNOME Desktop i386 in Xenial Daily 20160224.1 - Install (entire disk) - after removing the battery, I no longer see this bug anymore. However, as you may know, that's not a fix, it is just a workaround.

Thank you!

Kev Bowring (flocculant) wrote :

@amjjawad - are you seeing the same issue in virtualbox? I'm not that works fine here.

If you mean you've got vbox on a laptop - that shouldn't affect this, which is installing to the laptop. That crashes immediately.

Changed in upower (Debian):
status: New → Fix Released
Martin Pitt (pitti) wrote :

Note, the ubiquity crash is bug 1547956. upower is fixed now.

ek0892 (kranich) wrote :

problem if install with notebook.

but if use virtualbos it's Ok (because virtualbox no detecte battery)

ek0892 (kranich) wrote :

it's not possible update Ubiquity 2.21.45 for Upower 0.99.4-2

because "build error" : https://launchpad.net/ubuntu/+source/ubiquity/2.21.45

amjjawad  (amjjawad) wrote :


Yes, I was seeing the very same issue on Oracle VirtualBox which is installed on my laptop. Wxl suggested to remove the battery and try and indeed, it did not happen when I removed the battery. I thought because it's a virtual machine, that won't affect or happen when I remove the battery but I was wrong. So, once you remove the battery whether on real hardware or virtual, you won't see this. As long as the battery is plugged in, you will see it.

However, it seems it is fixed now :)

I'm installing and so far so good.

Testing this testcase: Install (entire disk with lvm and encryption) in Ubuntu GNOME Desktop i386 in Xenial Daily (http://iso.qa.ubuntu.com/qatracker/milestones/357/builds/113245/testcases/1451/results)

Richard Holmes (7-richard) wrote :

Started with Daily Build 24th Feb, still crashed, can't remove the battery on my Dell XPS so can't test that.

Ran upgrade on the daily build USB and after the install starts correctly. Will try with the daily build ISO once available today.

Richard Holmes (7-richard) wrote :

Downloaded and ran the daily build ISO and install is starting fine both on start-up and when run from the try ubuntu desktop

Changed in upower:
status: In Progress → Fix Released
Changed in ubuntukylin:
milestone: xenial-beta1 → xenial-beta2
Walter Lapchynski (wxl) wrote :

@jiaowen520li, please tell me you're not seeing this problem still in Beta2.

jiaowen520li (jiaowen520li) wrote :

@Walter Lapchynski (wxl), this bug is fixed in UK16.04-daily-0301.

Changed in ubuntukylin:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.