Deb's created with cpack contain corrupted content tarball.

Bug #972419 reported by Philip Marc Schwartz on 2012-04-03
This bug affects 8 people
Affects Status Importance Assigned to Milestone
cmake (Ubuntu)
Brian Murray

Bug Description

I have tried to build 3 different projects that use cmake + cpack to create deb files. All packages created with the repository version of cmake contain corrupted content tarballs.

Downloading of 2.8.7 source from the website and building it for use results in valid working packages being generated.

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: cmake 2.8.7-0ubuntu4
ProcVersionSignature: User Name 3.2.0-21.34-virtual 3.2.13
Uname: Linux 3.2.0-21-virtual x86_64
ApportVersion: 2.0-0ubuntu2
Architecture: amd64
Date: Tue Apr 3 13:00:42 2012
Ec2AMI: ami-00000034
Ec2AMIManifest: FIXME
Ec2AvailabilityZone: nova
Ec2InstanceType: m2.medium
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
SourcePackage: cmake
UpgradeStatus: No upgrade log present (probably fresh install)

All packages and tar files built with libarchive from files which contain file flags are corrupted by the compression used. This affects all DEB packages, and possibly other package formats too. Bug has been fixed upstream

Download and extract archive cpack_test_case.tar.gz from comment #7
This contains a sample CMakeLists.txt file for the CMake project, a dummy C++ file (DistanceBetweenPoints.cxx) and a dummy file directory with many files (tmp). When extracted, the tmp dir should have the 'I' file flag set when running lsattr:

lsattr cpack_test_case/tmp

If the 'I' flag is not present on this directory, more dummy files should be created in this directory, until the directory

To test the packaging:

# cd build

# cmake ../

# make package

# sudo dpkg -i DistanceBetweenPoints.deb

The package currently does not install, with error message:

Selecting previously unselected package distancebetweenpoints.
(Reading database ... 381484 files and directories currently installed.)
Unpacking distancebetweenpoints (from DistanceBetweenPoints-0.1.1-Linux.deb) ...

dpkg: error processing DistanceBetweenPoints-0.1.1-Linux.deb (--install):
 corrupted filesystem tarfile - corrupted package archive

Errors were encountered while processing:

With the patch applied, this package should install fine.


There is little risk of regression, packages/tar files created with CMake could not be unpacked regardless, so this fix will not regress any behaviour with these files.


Discussion of this bug, and another test case can be found:

Related branches

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in cmake (Ubuntu):
status: New → Confirmed
David Dunsmore (dynamite-a-d) wrote :

This bug has been identified as an issue with libarchive12 and CMake. For a disucssion, please see:

The required fix for this has been changed upstream, in commit:;a=commitdiff;h=a34015d3

Is there any chance this change can be patched to this package, and updated, so that this bug is solved? It would be a great help.


Brian Murray (brian-murray) wrote :
Changed in cmake (Ubuntu Precise):
status: New → Triaged
importance: Undecided → High
Changed in cmake (Ubuntu):
status: Confirmed → Fix Released
importance: Undecided → High
Brian Murray (brian-murray) wrote :

This bug needs some additional information before it can be uploaded to precise-proposed. Please see for the details.

description: updated
David Dunsmore (dynamite-a-d) wrote :
description: updated
Brian Murray (brian-murray) wrote :

I was unable to get the testcase to work as the tmp dir never had the I flag set.

David Dunsmore (dynamite-a-d) wrote :

The I flag is set by the kernel when the filesystem is using a hash tree to store the directory index ( It only happens when using an ext4 filesystem, or ext3 with the dir_index mount option set, but I believe if you continue to add new files to the tmp directory it will eventually use a hash tree to index the directory, at which point the I flag will be set and cpack will fail to create a valid debian package

Changed in cmake (Ubuntu Precise):
status: Triaged → In Progress
assignee: nobody → Brian Murray (brian-murray)

Hello Philip, or anyone else affected,

Accepted into quantal-proposed. The package will build now and be available in a few hours in the -proposed repository.

Please help us by testing this new package. See for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at . Thank you in advance!

tags: added: verification-needed
David Dunsmore (dynamite-a-d) wrote :

Tested the package in -proposed, fixes this bug, no regressions noted

tags: added: verification-done
removed: verification-needed
Changed in cmake (Ubuntu Precise):
status: In Progress → Fix Committed

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cmake - 2.8.7-0ubuntu5

cmake (2.8.7-0ubuntu5) precise-proposed; urgency=low

  * Fix corrupted tarballs when using DEB generator in CPack.
    (LP: #972419)
 -- David Dunsmore <email address hidden> Thu, 06 Sep 2012 14:36:50 +0100

Changed in cmake (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers