/usr/lib/packagekit/packagekitd:11:std::__cxx11::basic_string:AptIntf::providesCodec:backend_what_provides_thread:pk_backend_job_thread_setup:g_thread_proxy

Bug #1790671 reported by errors.ubuntu.com bug bridge on 2018-09-04
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
packagekit (Ubuntu)
High
Julian Andres Klode
Bionic
Undecided
Unassigned

Bug Description

[Impact]
pkcon what-provides and other tools querying codecs do not work, they crash (unless you happen to be lucky with your apt cache). Also, cancalled transactions crash as well, even if you're lucky with your apt cache, as the "matcher" object is deleted twice.

There are two reasons: A duplicate delete statement in providesCodec entered when cancelling the lookup, and a invalid pointer dereference in there.

[Test case]
The daemon should not crash as below, but should print a useful message.

$ lxc launch -e ubuntu:bionic bbb
$ lxc exec bbb apt update
$ lxc exec bbb -- apt -y install packagekit
$ lxc exec bbb pkcon what-provides "gstreamer1.0(decoder-audio/ac3)"
[...] The daemon crashed mid-transaction!

(empty lxd container seems to be able to reproduce easily)

This only tests the pointer dereference, I don't have a test for the duplicate. But the code is obviously correct:

 for ... [
   if (m_cancel) {
     // here used to be "delete matcher" - that's deleted
     break;
   }
 }
 delete matcher;

That is, matcher is always deleted once now, and was always deleted twice when cancelling before.

[Regression potential]
I don't think it's possible to have a regression here, given the nature of the fix, but if there were one, we'd see different behavior in codec lookup.

For the duplicate delete on cancelled transactions, you'd be looking at memory leaks if there were a regression.

[Other info]
The Ubuntu Error Tracker has been receiving reports about a problem regarding packagekit. This problem was most recently seen with package version 1.1.10-1ubuntu2, the problem page at https://errors.ubuntu.com/problem/46649a8a55e07e74b9d522c9bc9d71a74905ccc2 contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports.
If you do not have access to the Ubuntu Error Tracker and are a software developer, you can request it at http://forms.canonical.com/reports/.

Julian Andres Klode (juliank) wrote :

seems fairly obvious:

        pkgCache::VerIterator ver = m_cache->findVer(pkg);
        arch = string(ver.Arch());
        if (ver.end() == true) {
            ver = m_cache->findCandidateVer(pkg);
            if (ver.end() == true) {
                continue;
            }
        }

ver.Arch() is called even if ver is not valid.

Changed in packagekit (Ubuntu):
status: New → Triaged
status: Triaged → In Progress
assignee: nobody → Julian Andres Klode (juliank)
importance: Undecided → High
Julian Andres Klode (juliank) wrote :
Changed in packagekit (Ubuntu):
status: In Progress → Fix Committed
Julian Andres Klode (juliank) wrote :

Uploaded

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package packagekit - 1.1.10-1ubuntu4

---------------
packagekit (1.1.10-1ubuntu4) cosmic; urgency=medium

  * debian/patches/aptcc-Fix-invalid-version-dereference-in-AptInf-prov.patch:
    Fix dereferencing of invalid version in providesCodec() (LP: #1790671)

 -- Julian Andres Klode <email address hidden> Tue, 04 Sep 2018 18:18:05 +0200

Changed in packagekit (Ubuntu):
status: Fix Committed → Fix Released
Julian Andres Klode (juliank) wrote :

Oh misread, xenial was not affected.

Changed in packagekit (Ubuntu Xenial):
status: New → Invalid
no longer affects: packagekit (Ubuntu Xenial)
description: updated
description: updated
Changed in packagekit (Ubuntu Bionic):
status: New → Triaged

Hello errors.ubuntu.com, or anyone else affected,

Accepted packagekit into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/packagekit/1.1.9-1ubuntu2.18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in packagekit (Ubuntu Bionic):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-bionic
Julian Andres Klode (juliank) wrote :

Before: packagekit (1.1.9-1ubuntu2.18.04.1)
jak@jak-t480s:~:master$ lxc exec bbb pkcon what-provides "gstreamer1.0(decoder-audio/ac3)"
Getting provides [=========================]
Loading cache [=========================]
Querying [ ] (0%) The daemon crashed mid-transaction!

After Unpacking packagekit-tools (1.1.9-1ubuntu2.18.04.2) over (1.1.9-1ubuntu2.18.04.1) ...:
$ lxc exec bbb pkcon what-provides "gstreamer1.0(decoder-audio/ac3)"
Getting provides [=========================]
Loading cache [=========================]
Querying [=========================]
Finished [=========================]
Available gstreamer1.0-plugins-good-1.14.1-1ubuntu1~ubuntu18.04.1.amd64 (ubuntu-bionic-updates-main) GStreamer plugins from the "good" set
Available gstreamer1.0-plugins-ugly-1.14.1-1~ubuntu18.04.1.amd64 (ubuntu-bionic-updates-universe) GStreamer plugins from the "ugly" set

Looks good!

tags: added: verification-done verification-done-bionic
removed: verification-needed verification-needed-bionic
Rik Mills (rikmills) wrote :

As LP: #1790613 pakagekit remains unfixed, this update crashes the packagekit daemon mid way through installing updates on Kubuntu. Discover/Updater uses packagekit.

This will leave large numbers of Kubuntu users with a broken upgrade, requiring command line fixing with 'dpkg --configure -a' before any more updates or packages (using either apt directly or packagekit) can installed or seen to be available.

Julian Andres Klode (juliank) wrote :

Putting this on hold a bit; once we have a fix for the other PackageKit bug in the SRU queue, so we don't cause breakage again.

tags: added: block-proposed
Brian Murray (brian-murray) wrote :

Hello errors.ubuntu.com, or anyone else affected,

Accepted packagekit into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/packagekit/1.1.9-1ubuntu2.18.04.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed verification-needed-bionic
removed: verification-done verification-done-bionic
Julian Andres Klode (juliank) wrote :

Well, timing broke the test - it no longer fails in the unfixed version. ugh.

tags: removed: block-proposed
Julian Andres Klode (juliank) wrote :

But well, the verification of 2.18.04.2 is still valid, the change to the postinst does not invalidate it, so let's ignore that I'm not lucky enough to end up with a broken apt cache.

tags: added: verification-done verification-done-bionic
removed: verification-needed verification-needed-bionic
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers