Ubuntu
packagekit package

/usr/lib/packagekit/packagekitd:11:std::__cxx11::basic_string:AptIntf::providesCodec:backend_what_provides_thread:pk_backend_job_thread_setup:g_thread_proxy

Bug #1790671 reported by errors.ubuntu.com bug bridge
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
packagekit (Ubuntu)
Fix Released
High
Julian Andres Klode
Bionic
Fix Released
Undecided
Unassigned

Bug Description

[Impact]
pkcon what-provides and other tools querying codecs do not work, they crash (unless you happen to be lucky with your apt cache). Also, cancalled transactions crash as well, even if you're lucky with your apt cache, as the "matcher" object is deleted twice.

There are two reasons: A duplicate delete statement in providesCodec entered when cancelling the lookup, and a invalid pointer dereference in there.

[Test case]
The daemon should not crash as below, but should print a useful message.

$ lxc launch -e ubuntu:bionic bbb
$ lxc exec bbb apt update
$ lxc exec bbb -- apt -y install packagekit
$ lxc exec bbb pkcon what-provides "gstreamer1.0(decoder-audio/ac3)"
[...] The daemon crashed mid-transaction!

(empty lxd container seems to be able to reproduce easily)

This only tests the pointer dereference, I don't have a test for the duplicate. But the code is obviously correct:

 for ... [
   if (m_cancel) {
     // here used to be "delete matcher" - that's deleted
     break;
   }
 }
 delete matcher;

That is, matcher is always deleted once now, and was always deleted twice when cancelling before.

[Regression potential]
I don't think it's possible to have a regression here, given the nature of the fix, but if there were one, we'd see different behavior in codec lookup.

For the duplicate delete on cancelled transactions, you'd be looking at memory leaks if there were a regression.

[Other info]
The Ubuntu Error Tracker has been receiving reports about a problem regarding packagekit. This problem was most recently seen with package version 1.1.10-1ubuntu2, the problem page at https://errors.ubuntu.com/problem/46649a8a55e07e74b9d522c9bc9d71a74905ccc2 contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports.
If you do not have access to the Ubuntu Error Tracker and are a software developer, you can request it at http://forms.canonical.com/reports/.

See original description
Revision history for this message
Julian Andres Klode (juliank) wrote :

seems fairly obvious:

        pkgCache::VerIterator ver = m_cache->findVer(pkg);
        arch = string(ver.Arch());
        if (ver.end() == true) {
            ver = m_cache->findCandidateVer(pkg);
            if (ver.end() == true) {
                continue;
            }
        }

ver.Arch() is called even if ver is not valid.

Changed in packagekit (Ubuntu):
status: New → Triaged
status: Triaged → In Progress
assignee: nobody → Julian Andres Klode (juliank)
importance: Undecided → High
Revision history for this message
Julian Andres Klode (juliank) wrote :

Sent fix upstream: https://github.com/hughsie/PackageKit/pull/273

Changed in packagekit (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Julian Andres Klode (juliank) wrote :

Uploaded

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package packagekit - 1.1.10-1ubuntu4

---------------
packagekit (1.1.10-1ubuntu4) cosmic; urgency=medium

  * debian/patches/aptcc-Fix-invalid-version-dereference-in-AptInf-prov.patch:
    Fix dereferencing of invalid version in providesCodec() (LP: #1790671)

 -- Julian Andres Klode <email address hidden> Tue, 04 Sep 2018 18:18:05 +0200

Changed in packagekit (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Julian Andres Klode (juliank) wrote :

Oh misread, xenial was not affected.

Changed in packagekit (Ubuntu Xenial):
status: New → Invalid
no longer affects: packagekit (Ubuntu Xenial)
Julian Andres Klode (juliank)
description: updated
Julian Andres Klode (juliank)
description: updated
Changed in packagekit (Ubuntu Bionic):
status: New → Triaged
Revision history for this message
Robie Basak (racb) wrote : Please test proposed package

Hello errors.ubuntu.com, or anyone else affected,

Accepted packagekit into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/packagekit/1.1.9-1ubuntu2.18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in packagekit (Ubuntu Bionic):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-bionic
Revision history for this message
Julian Andres Klode (juliank) wrote :

Before: packagekit (1.1.9-1ubuntu2.18.04.1)
jak@jak-t480s:~:master$ lxc exec bbb pkcon what-provides "gstreamer1.0(decoder-audio/ac3)"
Getting provides [=========================]
Loading cache [=========================]
Querying [ ] (0%) The daemon crashed mid-transaction!

After Unpacking packagekit-tools (1.1.9-1ubuntu2.18.04.2) over (1.1.9-1ubuntu2.18.04.1) ...:
$ lxc exec bbb pkcon what-provides "gstreamer1.0(decoder-audio/ac3)"
Getting provides [=========================]
Loading cache [=========================]
Querying [=========================]
Finished [=========================]
Available gstreamer1.0-plugins-good-1.14.1-1ubuntu1~ubuntu18.04.1.amd64 (ubuntu-bionic-updates-main) GStreamer plugins from the "good" set
Available gstreamer1.0-plugins-ugly-1.14.1-1~ubuntu18.04.1.amd64 (ubuntu-bionic-updates-universe) GStreamer plugins from the "ugly" set

Looks good!

tags: added: verification-done verification-done-bionic
removed: verification-needed verification-needed-bionic
Revision history for this message
Rik Mills (rikmills) wrote :

As LP: #1790613 pakagekit remains unfixed, this update crashes the packagekit daemon mid way through installing updates on Kubuntu. Discover/Updater uses packagekit.

This will leave large numbers of Kubuntu users with a broken upgrade, requiring command line fixing with 'dpkg --configure -a' before any more updates or packages (using either apt directly or packagekit) can installed or seen to be available.

Revision history for this message
Julian Andres Klode (juliank) wrote :

Putting this on hold a bit; once we have a fix for the other PackageKit bug in the SRU queue, so we don't cause breakage again.

tags: added: block-proposed
Revision history for this message
Brian Murray (brian-murray) wrote :

Hello errors.ubuntu.com, or anyone else affected,

Accepted packagekit into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/packagekit/1.1.9-1ubuntu2.18.04.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed verification-needed-bionic
removed: verification-done verification-done-bionic
Revision history for this message
Julian Andres Klode (juliank) wrote :

Well, timing broke the test - it no longer fails in the unfixed version. ugh.

tags: removed: block-proposed
Revision history for this message
Julian Andres Klode (juliank) wrote :

But well, the verification of 2.18.04.2 is still valid, the change to the postinst does not invalidate it, so let's ignore that I'm not lucky enough to end up with a broken apt cache.

tags: added: verification-done verification-done-bionic
removed: verification-needed verification-needed-bionic
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for packagekit has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package packagekit - 1.1.9-1ubuntu2.18.04.3

---------------
packagekit (1.1.9-1ubuntu2.18.04.3) bionic; urgency=medium

  * Pass --no-restart-after-upgrade to dh_installsystemd to avoid PackageKit
    restarting while upgrading under PackageKit (LP: #1790613)

packagekit (1.1.9-1ubuntu2.18.04.2) bionic; urgency=medium

  * debian/patches/frontend-locking.diff:
    Implement frontend locking in a simple way. Will need some more
    work to upstream, and possibly some error checking. (LP: #1795614)
  * Bump libapt-pkg-dev build-dep to >= 1.6.5~ for frontend locking
  * debian/patches/aptcc-Fix-invalid-version-dereference-in-AptInf-prov.patch,
    aptcc-removing-duplicate-delete-call.patch:
    Fix invalid dereference and delete wrong (duplicate) "delete"
    statement in providesCodec (LP: #1790671)

 -- Julian Andres Klode <email address hidden> Mon, 15 Oct 2018 15:46:47 +0200

Changed in packagekit (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.