[Aptitude-devel] Bug #832710: aptitude: segfault in arm* qemu environments

Christian Seiler christian at iwakd.de
Thu Jul 28 11:46:32 UTC 2016 

Control: reassign -1 qemu/2.5+dfsg-4
Control: retitle -1 qemu-user: aptitude segfaults in qemu-user environments

[Gianfranco Costamagna <locutusofborg at debian.org> wrote:]
> Hi, since some months, the default pbuilder installation (the default uses aptitude resolver) crashes
> when under a qemu environment.
> 
> steps to reproduce
> pbuilder-dist sid arm64 create
> pbuilder-dist sid arm64 update
> 
> crash.

I have encountered this on multiple architectures when using qemu-user.
I'm not sure if it's all of them, but at least the majority of them.

> gdb aptitude
> also strace seems to have some issues here

qemu-user doesn't support ptrace() - and I'm not sure it can really be
supported properly, for technical reasons. But you can try to debug
this issue in other ways.

You can get an strace-like output by manually running the qemu-user
binary with the -strace option:

When doing that, you see that it crashes directly after forking off
for the http method:

qemu-aarch64-static -strace /usr/bin/aptitude update
[...]
23345 clone(CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|0x11,child_stack=0x0000000000000000,parent_tidptr=0x0000000000000000,tls=0x0000000000000000,child_tidptr=0x0000004001768030) = 23363
[... stuff in 23363 ...]
23363 execve("/usr/lib/apt/methods/http",{"/usr/lib/apt/methods/http",NULL}) = 1
23345 read(18,0xbc5e78,64000) = 64
23345 close(18) = 0
23345 close(21) = 0
23345 kill(23363,SIGINT) = 0
23345 wait4(23363,274890316036,0,0,0,274902450016) = 23363
23345 getuid(274902605280,1,274902605312,275055216368,275055216384,274890317704) = 0
23345 openat(AT_FDCWD,"/etc/passwd",O_RDONLY|O_CLOEXEC) = 18
23345 lseek(18,0,1,274900423224,274900420968,0) = 0
23345 fstat(18,0x0000004000bd5cc0) = 0
23345 mmap(NULL,1239,PROT_READ,MAP_SHARED,18,0) = 0x000000401636a000
23345 lseek(18,1239,0,1,18,0) = 1239
23345 munmap(0x000000401636a000,1239) = 0
23345 close(18) = 0
23345 geteuid(274901310048,1,0,0,274902592764,0) = 0
23345 getegid(0,1,0,0,274902592764,0) = 0
23345 openat(AT_FDCWD,"/proc/sys/kernel/ngroups_max",O_RDONLY) = 18
23345 read(18,0xbd6010,31) = 6
23345 close(18) = 0
23345 getgroups(65536,275198263312,0,274901301668,275198263312,0) = 1
23345 tgkill(23345,23359,33,274890317832,275064042064,0) = 0
Segmentation fault

You can also have qemu-user run a gdb server:

qemu-aarch64-static -g 15555 /usr/bin/aptitude update
(other shell:)
gdb /usr/bin/aptitude
(gdb) target remote localhost:15555
(gdb) continue
Continuing.
Remote connection closed

(On the other shell, you see Segmentation Fault.)

To me, it appears that there's a bug in qemu-user, and not in aptitude,
because if the segfault were in the program itself, qemu-user would
catch that and it would give a slightly different error message.

Regards,
Christian

More information about the Aptitude-devel mailing list