upowerd assert failure: *** glibc detected *** /usr/lib/upower/upowerd: double free or corruption (out): 0x00d13ec0 ***

Bug #648414 reported by Lutz on 2010-09-26
468
This bug affects 54 people
Affects Status Importance Assigned to Milestone
OEM Priority Project
High
Chris Van Hoof
upower (Ubuntu)
High
Martin Pitt
Maverick
High
Martin Pitt

Bug Description

Binary package hint: upower

short after wireless net login

ProblemType: Crash
DistroRelease: Ubuntu 10.10
Package: upower 0.9.5-3
ProcVersionSignature: Ubuntu 2.6.35-22.33-generic 2.6.35.4
Uname: Linux 2.6.35-22-generic i686
Architecture: i386
AssertionMessage: *** glibc detected *** /usr/lib/upower/upowerd: double free or corruption (out): 0x00d13ec0 ***
Date: Sun Sep 26 22:44:21 2010
ExecutablePath: /usr/lib/upower/upowerd
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Beta i386 (20100901.1)
ProcCmdline: /usr/lib/upower/upowerd
ProcEnviron:

Signal: 6
SourcePackage: upower
StacktraceTop:
 __kernel_vsyscall ()
 raise () from /lib/libc.so.6
 abort () from /lib/libc.so.6
 ?? () from /lib/libc.so.6
 ?? () from /lib/libc.so.6
Title: upowerd assert failure: *** glibc detected *** /usr/lib/upower/upowerd: double free or corruption (out): 0x00d13ec0 ***
UserGroups:

Related branches

Lutz (lutz-goad) wrote :

StacktraceTop:
 __kernel_vsyscall ()
 *__GI_raise (sig=6)
 *__GI_abort () at abort.c:92
 __libc_message (do_abort=2,
 malloc_printerr (action=<value optimized out>,

Changed in upower (Ubuntu):
importance: Undecided → Medium
tags: removed: need-i386-retrace
tags: added: iso-testing
tags: added: bugpattern-needed
visibility: private → public
Mario Limonciello (superm1) wrote :

The CoreDump has been removed, setting as public.

MarcRandolph (mrand) wrote :

Marking as Triaged since there is a valid looking stack trace. Lots of reports in a VERY short period of time is worrisome for major impact, so marking importance as critical for now. If it is determined to have lower impact that what I think, feel free to lower importance.

Changed in upower (Ubuntu):
importance: Medium → Critical
status: New → Triaged
Zdenko Eštok (mabuss11) wrote :

Happend to me after selecting TRY netbook remix, right after login. I am booting from USB using USB creator default in Ubuntu and I set it up to save settings on the usb. After I installed my language and rebooted the crash didn't occur. Just the first time I booted.

Martin Pitt (pitti) on 2010-10-06
Changed in upower (Ubuntu Maverick):
assignee: nobody → Martin Pitt (pitti)
status: Triaged → In Progress
Changed in upower (Ubuntu Maverick):
milestone: none → maverick-updates
Martin Pitt (pitti) wrote :

Since upowerd autorespawns at the next request, and this only happens if there is a policykit failure (which shouldn't happen in a regular desktop environment), this shouldn't actually break things too much. Downgrading to high.

Changed in upower (Ubuntu Maverick):
importance: Critical → High
milestone: maverick-updates → none
Martin Pitt (pitti) wrote :

This can be reproduced by editing /usr/share/polkit-1/actions/org.freedesktop.upower.policy and damaging the suspend privilege name, e. g.

    <action id="org.freedesktop.upower.suspendx">

then the polkit call will throw an error, which leads to a segfault:

$ sudo killall upowerd
$ sudo /usr/lib/upower/upowerd -v

In another terminal, do "upower --dump", and see upowerd crash with

(upowerd:13852): GLib-WARNING **: GError set over the top of a previous GError or uninitialized memory.
This indicates a bug in someone's code. You must ensure an error is NULL before it's set.
The overwriting error message was: Remote Exception invoking org.freedesktop.PolicyKit1.Authority.CheckAuthorization() on /org/freedesktop/PolicyKit1/Authority at name org.freedesktop.PolicyKit1: org.freedesktop.PolicyKit1.Error.Failed: Action org.freedesktop.upower.suspend is not registered
Segmentation fault

Looks like this was fixed in

  http://cgit.freedesktop.org/upower/commit/?id=a4e099c5bff9f9fdb9067a0a6bb206d4c34745ae

Martin Pitt (pitti) wrote :

Fix uploaded to Debian sid, and (fake)synced into maverick, so it's in the unapproved queue now.

@release team: if this is too late for maverick final, please reject, and I'll prepare an ubuntu specific package as an SRU.

Changed in upower (Ubuntu Maverick):
status: In Progress → Fix Committed
milestone: none → maverick-updates
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package upower - 0.9.5-4

---------------
upower (0.9.5-4) unstable; urgency=low

  * Add 00git_initialize_polkit_gerror.patch: Ensure we've initialized errors
    when calling into PolicyKit. Patch cherrypicked from upstream git head.
    (LP: #648414)
  * 00git_fix_double_dbus_return.patch: Unfuzz to apply on top of previous
    patch; now it exactly matches the upstream commit.
 -- Martin Pitt <email address hidden> Wed, 06 Oct 2010 11:40:25 +0200

Changed in upower (Ubuntu Maverick):
status: Fix Committed → Fix Released
Chris Van Hoof (vanhoof) wrote :

Marking OEM-Priority task Fix Released

Changed in oem-priority:
status: New → Fix Released
importance: Undecided → High
assignee: nobody → Chris Van Hoof (vanhoof)
To post a comment you must log in.