Bug 89476

Summary: Crash when running "upower -d" if device has no history
Product: upower Reporter: Jason Gerecke <killertofu>
Component: generalAssignee: Richard Hughes <richard>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: medium CC: chat-to-me
Version: unspecified   
Hardware: Other   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: Patch to fix issue

Description Jason Gerecke 2015-03-06 19:34:36 UTC 
Created attachment 114095 [details]
Patch to fix issue

If the command `upower -d` is run while a device with no history is attached, the command can crash with a segfault.

Relevant backtrace when compiled from the master branch (f3706d7) with debugging:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff76d8444 in g_variant_unref () from /usr/lib/libglib-2.0.so.0
(gdb) bt
#0  0x00007ffff76d8444 in g_variant_unref () from /usr/lib/libglib-2.0.so.0
#1  0x00007ffff7bc27b2 in up_device_get_history_sync (device=0x7ffff0003c70, 
    type=0x7ffff7bd23af "charge", timespec=120, resolution=10, cancellable=0x0, 
    error=0x0) at up-device.c:484
#2  0x00007ffff7bc192d in up_device_to_text_history (device=0x7ffff0003c70, 
    string=0x7ffff0001920, type=0x7ffff7bd23af "charge") at up-device.c:194
#3  0x00007ffff7bc2391 in up_device_to_text (device=0x7ffff0003c70)
    at up-device.c:375
#4  0x0000000000401d14 in main (argc=1, argv=0x7fffffffe748) at up-tool.c:321
(gdb) 

This appears to be caused by the fact that if the call to 'up_device_glue_call_get_history_sync' within the 'up_device_get_history_sync' function fails, the 'gva' variable will be left uninitialized. The function later tries to call 'g_variant_unref' on it and fails.

A patch which initializes 'gva' to NULL is attached and resolves the issue for me. A similar fix may also be needed for the 'up_device_get_statistics_sync' function (which follows the same pattern of leaving 'gva' uninitialized).
Comment 1 Martin Pitt 2015-03-13 12:21:20 UTC 
*** Bug 89514 has been marked as a duplicate of this bug. ***
Comment 2 Martin Pitt 2015-03-13 12:23:36 UTC 
I came here from a downstream report/patch, so I didn't take your patch, sorry.

Fixed in master now:

http://cgit.freedesktop.org/upower/commit/?id=2510148b16

Thanks!

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.