[Aptitude-devel] Bug#801488: aptitude: crash when removing package which apt-get can remove without problem

Nick Black nick.black at sprezzatech.com
Mon Oct 12 20:22:55 UTC 2015 

Control: merge 801430

Yeah, this does indeed look like a duplicate of 801430. gdb shows a stack
overflow amidst what looks like an infinite loop:

#0  0x00007ffff7b77251 in Configuration::Lookup(Configuration::Item*, char const*, unsigned long const&, bool const&) ()
   from /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16
#1  0x00007ffff7b7731b in Configuration::Lookup(char const*, bool const&) ()
   from /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16
#2  0x00007ffff7b77a57 in Configuration::FindB(char const*, bool const&) const
    () from /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16
#3  0x00005555555c1d1a in signalling_config::FindB (this=0x555555b5aed0, 
    Name=0x555555855813 "aptitude::Purge-Unused", Default=false)
    at ../../src/generic/apt/config_signal.h:146
#xxx 0x0000xxxxxxxxxx in aptitudeDepCache::internal_mark_delete (
    this=this at entry=0x555555b61ba0, Pkg=..., Purge=Purge at entry=false, 
    unused_delete=unused_delete at entry=true)
    at ../../../../src/generic/apt/aptcache.cc:1328

(this=this at entry=val never changes. the stack offset does.)

Running valgrind memcheck similarly logs a stack overflow, though not before
logging a good number of jumps/moves based on uninitialized values. These
seem disturbing, though probably unrelated; would you like another bug for
them? I've attached valgrind output, including the uses of uninitialized
values. If these latter aren't yet addressed upstream, I'd be interested in
taking a look.

-- 
nick black -=- http://www.nick-black.com
to make an apple pie from scratch, you need first invent a universe.
-------------- next part --------------
==31564== Memcheck, a memory error detector
==31564== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==31564== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==31564== Command: aptitude purge wine
==31564== 
==31564== Conditional jump or move depends on uninitialised value(s)
==31564==    at 0x6F3CA06: re_compile_fastmap_iter.isra.25 (regcomp.c:328)
==31564==    by 0x6F44C8C: re_compile_fastmap (regcomp.c:280)
==31564==    by 0x6F45360: regcomp (regcomp.c:512)
==31564==    by 0x4F20CC2: Configuration::MatchAgainstConfig::MatchAgainstConfig(char const*) (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x4EE3683: pkgDepCache::GetRootSetFunc() (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x2D209A: aptitudeDepCache::GetRootSetFunc() (in /usr/bin/aptitude-curses)
==31564==    by 0x2D263B: pkgDepCache::MarkAndSweep() (in /usr/bin/aptitude-curses)
==31564==    by 0x2D0918: aptitudeDepCache::build_selection_list(OpProgress&, bool, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x2D1EEB: aptitudeCacheFile::Open(OpProgress&, bool, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x2E0D78: apt_load_cache(OpProgress*, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x260C3E: cmdline_do_action(int, char**, char const*, bool, bool, bool, bool, bool, bool, bool, bool, bool, bool, resolver_mode_tp, bool, bool, bool, std::vector<aptitude::cmdline::tag_application, std::allocator<aptitude::cmdline::tag_application> > const&, bool, bool, int) (in /usr/bin/aptitude-curses)
==31564==    by 0x16A0E8: main (in /usr/bin/aptitude-curses)
==31564== 
==31564== Conditional jump or move depends on uninitialised value(s)
==31564==    at 0x6F3CA06: re_compile_fastmap_iter.isra.25 (regcomp.c:328)
==31564==    by 0x6F44CAC: re_compile_fastmap (regcomp.c:282)
==31564==    by 0x6F45360: regcomp (regcomp.c:512)
==31564==    by 0x4F20CC2: Configuration::MatchAgainstConfig::MatchAgainstConfig(char const*) (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x4EE3683: pkgDepCache::GetRootSetFunc() (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x2D209A: aptitudeDepCache::GetRootSetFunc() (in /usr/bin/aptitude-curses)
==31564==    by 0x2D263B: pkgDepCache::MarkAndSweep() (in /usr/bin/aptitude-curses)
==31564==    by 0x2D0918: aptitudeDepCache::build_selection_list(OpProgress&, bool, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x2D1EEB: aptitudeCacheFile::Open(OpProgress&, bool, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x2E0D78: apt_load_cache(OpProgress*, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x260C3E: cmdline_do_action(int, char**, char const*, bool, bool, bool, bool, bool, bool, bool, bool, bool, bool, resolver_mode_tp, bool, bool, bool, std::vector<aptitude::cmdline::tag_application, std::allocator<aptitude::cmdline::tag_application> > const&, bool, bool, int) (in /usr/bin/aptitude-curses)
==31564==    by 0x16A0E8: main (in /usr/bin/aptitude-curses)
==31564== 
==31564== Conditional jump or move depends on uninitialised value(s)
==31564==    at 0x4EFB006: ??? (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x4EFB5B0: pkgTagSection::Scan(char const*, unsigned long) (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x38B027: aptitude::apt::load_tasks(OpProgress&) (in /usr/bin/aptitude-curses)
==31564==    by 0x2E1054: apt_load_cache(OpProgress*, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x260C3E: cmdline_do_action(int, char**, char const*, bool, bool, bool, bool, bool, bool, bool, bool, bool, bool, resolver_mode_tp, bool, bool, bool, std::vector<aptitude::cmdline::tag_application, std::allocator<aptitude::cmdline::tag_application> > const&, bool, bool, int) (in /usr/bin/aptitude-curses)
==31564==    by 0x16A0E8: main (in /usr/bin/aptitude-curses)
==31564== 
==31564== Conditional jump or move depends on uninitialised value(s)
==31564==    at 0x4EFB00B: ??? (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x4EFB5B0: pkgTagSection::Scan(char const*, unsigned long) (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x38B027: aptitude::apt::load_tasks(OpProgress&) (in /usr/bin/aptitude-curses)
==31564==    by 0x2E1054: apt_load_cache(OpProgress*, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x260C3E: cmdline_do_action(int, char**, char const*, bool, bool, bool, bool, bool, bool, bool, bool, bool, bool, resolver_mode_tp, bool, bool, bool, std::vector<aptitude::cmdline::tag_application, std::allocator<aptitude::cmdline::tag_application> > const&, bool, bool, int) (in /usr/bin/aptitude-curses)
==31564==    by 0x16A0E8: main (in /usr/bin/aptitude-curses)
==31564== 
==31564== Conditional jump or move depends on uninitialised value(s)
==31564==    at 0x4EFB006: ??? (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x4EFB5B0: pkgTagSection::Scan(char const*, unsigned long) (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x3844A9: insert_tags(pkgCache::VerIterator const&, pkgCache::VerFileIterator const&) [clone .constprop.133] (in /usr/bin/aptitude-curses)
==31564==    by 0x384EA6: aptitude::apt::load_tags(OpProgress*) (in /usr/bin/aptitude-curses)
==31564==    by 0x2E108D: apt_load_cache(OpProgress*, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x260C3E: cmdline_do_action(int, char**, char const*, bool, bool, bool, bool, bool, bool, bool, bool, bool, bool, resolver_mode_tp, bool, bool, bool, std::vector<aptitude::cmdline::tag_application, std::allocator<aptitude::cmdline::tag_application> > const&, bool, bool, int) (in /usr/bin/aptitude-curses)
==31564==    by 0x16A0E8: main (in /usr/bin/aptitude-curses)
==31564== 
==31564== Conditional jump or move depends on uninitialised value(s)
==31564==    at 0x4EFB00B: ??? (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x4EFB5B0: pkgTagSection::Scan(char const*, unsigned long) (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==    by 0x3844A9: insert_tags(pkgCache::VerIterator const&, pkgCache::VerFileIterator const&) [clone .constprop.133] (in /usr/bin/aptitude-curses)
==31564==    by 0x384EA6: aptitude::apt::load_tags(OpProgress*) (in /usr/bin/aptitude-curses)
==31564==    by 0x2E108D: apt_load_cache(OpProgress*, bool, char const*) (in /usr/bin/aptitude-curses)
==31564==    by 0x260C3E: cmdline_do_action(int, char**, char const*, bool, bool, bool, bool, bool, bool, bool, bool, bool, bool, resolver_mode_tp, bool, bool, bool, std::vector<aptitude::cmdline::tag_application, std::allocator<aptitude::cmdline::tag_application> > const&, bool, bool, int) (in /usr/bin/aptitude-curses)
==31564==    by 0x16A0E8: main (in /usr/bin/aptitude-curses)
==31564== 
==31564== Stack overflow in thread #1: can't grow stack to 0xffe801000
==31564== Stack overflow in thread #1: can't grow stack to 0xffe801000
==31564== Can't extend stack to 0xffe8010a8 during signal delivery for thread 1:
==31564==   no stack segment
==31564== 
==31564== Process terminating with default action of signal 11 (SIGSEGV)
==31564==  Access not within mapped region at address 0xFFE8010A8
==31564== Stack overflow in thread #1: can't grow stack to 0xffe801000
==31564==    at 0x4F0A775: stringcasecmp(__gnu_cxx::__normal_iterator<char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, __gnu_cxx::__normal_iterator<char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, char const*, char const*) (in /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16.0)
==31564==  If you believe this happened as a result of a stack
==31564==  overflow in your program's main thread (unlikely but
==31564==  possible), you can try to increase the size of the
==31564==  main thread stack using the --main-stacksize= flag.
==31564==  The main thread stack size used in this run was 8388608.
==31564== 
==31564== HEAP SUMMARY:
==31564==     in use at exit: 68,550,738 bytes in 170,886 blocks
==31564==   total heap usage: 974,052 allocs, 803,166 frees, 140,192,635 bytes allocated
==31564== 
==31564== LEAK SUMMARY:
==31564==    definitely lost: 0 bytes in 0 blocks
==31564==    indirectly lost: 0 bytes in 0 blocks
==31564==      possibly lost: 15,988 bytes in 39 blocks
==31564==    still reachable: 68,534,750 bytes in 170,847 blocks
==31564==                       of which reachable via heuristic:
==31564==                         length64           : 173,368 bytes in 450 blocks
==31564==                         newarray           : 45,431,040 bytes in 6 blocks
==31564==                         multipleinheritance: 408 bytes in 3 blocks
==31564==         suppressed: 0 bytes in 0 blocks
==31564== Rerun with --leak-check=full to see details of leaked memory
==31564== 
==31564== For counts of detected and suppressed errors, rerun with: -v
==31564== Use --track-origins=yes to see where uninitialised values come from
==31564== ERROR SUMMARY: 188 errors from 6 contexts (suppressed: 0 from 0)

More information about the Aptitude-devel mailing list