hald segfaults when helpers from DBus fail to run

John (J5) Palmieri johnp at redhat.com
Fri Jan 20 10:03:35 PST 2006 

I can confirm this is an issue with HAL 0.5.6.  We had SELinux blocking
scripts from executing which would bring down HAL.

On Fri, 2006-01-20 at 15:07 +1000, Rohan McGovern wrote:
> Hi,
> 
> hald ( 0.5.5.1, but probably 0.5.6 too ) will segmentation fault
> if it fails to run a program invoked as a result of a DBus call.
> 
> Try:
> (as root)
> # chmod a-x /usr/sbin/hal-system-power-hibernate
> (as user with sufficient dbus permissions)
> # dbus-send --system --dest=org.freedesktop.Hal \
>     --type=method_call /org/freedesktop/Hal/devices/computer \
>     org.freedesktop.Hal.Device.SystemPowerManagement.Hibernate
> 
> On my system, HAL segfaults at this point:
> 
> 14:52:44.870 [I] hald_dbus.c:2900: OK for method 'Hibernate' with signature
>   '' on interface 'org.freedesktop.Hal.Device.SystemPowerManagement' for
>   UDI '/org/freedesktop/Hal/devices/computer' and execpath
>   'hal-system-power-hibernate'
> 14:52:44.871 [E] util.c:731: Couldn't spawn 'hal-system-power-hibernate'
>    err=Failed to execute child process
>    "hal-system-power-hibernate" (Permission denied)!
> zsh: segmentation fault  hald --daemon=no --verbose=yes
> 
> Backtrace:
> #0  0x0804deb6 in hal_device_num_properties ()
> #1  0x0804d3ca in hal_util_helper_invoke_with_pipes ()
> #2  0x0804d64b in hal_util_helper_invoke ()
> #3  0x0804d375 in callout_do_next ()
> #4  0x0804d5a1 in hal_util_helper_invoke_with_pipes ()
> #5  0x08055626 in hald_dbus_filter_handle_methods ()
> #6  0x08055800 in hald_dbus_filter_function ()
> #7  0x4a9d5c0c in dbus_connection_dispatch () from /usr/lib/libdbus-1.so.1
> #8  0x4a9fd583 in message_queue_dispatch () 
>      from /usr/lib/libdbus-glib-1.so.1
> #9  0x4bed90d6 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
> #10 0x4beda45e in g_main_context_iterate () from /usr/lib/libglib-2.0.so.0
> #11 0x4beda6b7 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
> #12 0x08051e40 in main ()
> 
> From looking at the source, the problem seems to originate from util.c line 
> 735: 
> 
>   callout_failed(ed);
> 
> callout_failed assumes that the data1 parameter passed to 
> hal_util_helper_invoke_with_pipes is a pointer to Callout, but when called 
> from hald_dbus_filter_handle_methods it is a pointer to DBusMesage.  This 
> eventually results in hal_util_helper_invoke_with_pipes being called again 
> with a pointer to a bogus HalDevice.
> 
> Since hal_util_helper_invoke_with_pipes isn't documented, I wasn't sure 
> whether callout_failed or hald_dbus_filter_handle_methods is the one using 
> the wrong type, so I didn't attempt a fix.  Also, my apologies if this is 
> no longer an issue in HAL 0.5.6.
> 
> Rohan
> _______________________________________________
> hal mailing list
> hal at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/hal
--

More information about the hal mailing list