Ubuntu
unattended-upgrades package

[SRU] Rewinding cache triggers obsolete adjustments consuming a lot of CPU

Bug #1877769 reported by Balint Reczey
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
unattended-upgrades (Debian)
Fix Released
Unknown
unattended-upgrades (Ubuntu)
Fix Released
Medium
Unassigned
Focal
Fix Released
Undecided
Unassigned

Bug Description

[Impact]

 * Unattended-upgrades consumes excessive amount of CPU when rewinding cache trying to mark packages to upgrade or install even when they are already marked to be upgraded or installed. This can be triggered by packages held back.

[Test Case]

 * Run test_rewind.py:
   -Fixed output:
$ python3 test_rewind.py
INFO:root:Allowed origins are: o=Ubuntu,a=lucid-security
INFO:root:Initial blacklist: ant-doc
INFO:root:Initial whitelist (not strict):
DEBUG:root:Marking not allowed <apt_pkg.PackageFile object: filename:'/home/rbalint/projects/deb/unattended-upgrades/test/root.rewind/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-amd64_Packages' a=lucid-updates,c=main,v=10.04,o=Ubuntu,l=Ubuntu arch='amd64' site='archive.ubuntu.com' IndexType='Debian Package Index' Size=894 ID:0> with -32768 pin
DEBUG:root:Applying pinning: PkgFilePin(id=0, priority=-32768)
DEBUG:root:Applying pin -32768 to package_file: <apt_pkg.PackageFile object: filename:'/home/rbalint/projects/deb/unattended-upgrades/test/root.rewind/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-amd64_Packages' a=lucid-updates,c=main,v=10.04,o=Ubuntu,l=Ubuntu arch='amd64' site='archive.ubuntu.com' IndexType='Debian Package Index' Size=894 ID:0>
DEBUG:root:Applying pinning: PkgPin(pkg='/^ant-doc/', priority=-32768)
DEBUG:root:APT::VersionedKernelPackages is not set
DEBUG:root:adjusting candidate version: test-package=2.0
DEBUG:root:adjusting candidate version: test2-package=2.0
DEBUG:root:falling back to adjusting test2-package's dependencies
DEBUG:root:falling back to adjusting z-package's dependencies
DEBUG:root:sanity check failed for: set() : no package is selected to be upgraded or installed
.
----------------------------------------------------------------------
Ran 1 test in 0.022s

OK

  - Not fixed output:
 $ python3 test_rewind.py
INFO:root:Allowed origins are: o=Ubuntu,a=lucid-security
INFO:root:Initial blacklist: ant-doc
INFO:root:Initial whitelist (not strict):
DEBUG:root:Marking not allowed <apt_pkg.PackageFile object: filename:'/home/rbalint/projects/deb/unattended-upgrades/test/root.rewind/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-amd64_Packages' a=lucid-updates,c=main,v=10.04,o=Ubuntu,l=Ubuntu arch='amd64' site='archive.ubuntu.com' IndexType='Debian Package Index' Size=894 ID:0> with -32768 pin
DEBUG:root:Applying pinning: PkgFilePin(id=0, priority=-32768)
DEBUG:root:Applying pin -32768 to package_file: <apt_pkg.PackageFile object: filename:'/home/rbalint/projects/deb/unattended-upgrades/test/root.rewind/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-amd64_Packages' a=lucid-updates,c=main,v=10.04,o=Ubuntu,l=Ubuntu arch='amd64' site='archive.ubuntu.com' IndexType='Debian Package Index' Size=894 ID:0>
DEBUG:root:Applying pinning: PkgPin(pkg='/^ant-doc/', priority=-32768)
DEBUG:root:APT::VersionedKernelPackages is not set
DEBUG:root:adjusting candidate version: test-package=2.0
DEBUG:root:adjusting candidate version: test2-package=2.0
DEBUG:root:falling back to adjusting test2-package's dependencies
DEBUG:root:falling back to adjusting z-package's dependencies
DEBUG:root:sanity check failed for: set() : no package is selected to be upgraded or installed
DEBUG:root:falling back to adjusting test-package's dependencies
DEBUG:root:falling back to adjusting test2-package's dependencies
DEBUG:root:falling back to adjusting test3-package's dependencies
DEBUG:root:falling back to adjusting test-package's dependencies
DEBUG:root:falling back to adjusting test2-package's dependencies
DEBUG:root:falling back to adjusting test3-package's dependencies
.
----------------------------------------------------------------------
Ran 1 test in 0.024s

(Note the extra "DEBUG:root:falling back to adjusting" ... lines)

[Regression Potential]

 * Minimal. The very small change fixes how call_checked() verifies that the package to be upgrades/installed is indeed marked to either being installed or upgraded.
In the worst case, if call_checked() erroneously returns success for a package as a result of a regression, unattended-upgrades does not fall back to adjusting packages to make marking successful. Later unattended-upgrades finds out that the package could not be marked and should be treated as kept back.

See original description
Bug Watch Updater (bug-watch-updater)
Changed in unattended-upgrades (Debian):
status: Unknown → Confirmed
Balint Reczey (rbalint)
description: updated
Bug Watch Updater (bug-watch-updater)
Changed in unattended-upgrades (Debian):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unattended-upgrades - 2.4

---------------
unattended-upgrades (2.4) unstable; urgency=medium

  * Fix checking if an upgrade/install marking succeeded.
    The false negative result caused unattended-upgrades trying to apply
    workarounds to upgrade/install the package using excessive amount of CPU
    time. (Closes: #958883) (LP: #1877769)
  * Treat "-" and ":" as valid parts of both Python and POSIX regular
    expressions

 -- Balint Reczey <email address hidden> Sat, 09 May 2020 16:14:14 +0200

Changed in unattended-upgrades (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Balint, or anyone else affected,

Accepted unattended-upgrades into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/2.3ubuntu0.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in unattended-upgrades (Ubuntu Focal):
status: New → Fix Committed
tags: added: verification-needed verification-needed-focal
Revision history for this message
Balint Reczey (rbalint) wrote :

Verified 2.3ubuntu0.1 on Focal:

https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-focal/focal/amd64/u/unattended-upgrades/20200722_172955_59a0f@/log.gz :

...
Running ./test_rewind.py with python3
INFO:root:Allowed origins are: o=Ubuntu,a=lucid-security
INFO:root:Initial blacklist: ant-doc
INFO:root:Initial whitelist (not strict):
DEBUG:root:Marking not allowed <apt_pkg.PackageFile object: filename:'/tmp/autopkgtest.QeV87E/build.hoM/src/test/root.rewind/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-amd64_Packages' a=lucid-updates,c=main,v=10.04,o=Ubuntu,l=Ubuntu arch='amd64' site='archive.ubuntu.com' IndexType='Debian Package Index' Size=894 ID:0> with -32768 pin
DEBUG:root:Applying pinning: PkgFilePin(id=0, priority=-32768)
DEBUG:root:Applying pin -32768 to package_file: <apt_pkg.PackageFile object: filename:'/tmp/autopkgtest.QeV87E/build.hoM/src/test/root.rewind/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-amd64_Packages' a=lucid-updates,c=main,v=10.04,o=Ubuntu,l=Ubuntu arch='amd64' site='archive.ubuntu.com' IndexType='Debian Package Index' Size=894 ID:0>
DEBUG:root:APT::VersionedKernelPackages is not set
DEBUG:root:adjusting candidate version: test-package=2.0
DEBUG:root:adjusting candidate version: test2-package=2.0
DEBUG:root:falling back to adjusting test2-package's dependencies
DEBUG:root:falling back to adjusting z-package's dependencies
DEBUG:root:sanity check failed for: set() : no package is selected to be upgraded or installed
.
----------------------------------------------------------------------
Ran 1 test in 0.063s

OK
...

tags: added: verification-done verification-done-focal
removed: verification-needed verification-needed-focal
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unattended-upgrades - 2.3ubuntu0.1

---------------
unattended-upgrades (2.3ubuntu0.1) focal; urgency=medium

  [ Balint Reczey ]
  * Fix checking if an upgrade/install marking succeeded.
    The false negative result caused unattended-upgrades trying to apply
    workarounds to upgrade/install the package using excessive amount of CPU
    time. (Closes: #958883) (LP: #1877769)
  * Fix indentation and type error (LP: #1883082)

  [ Jose Manuel Santamaria Lema ]
  * Fix crash occuring when strict whitelist is in use (LP: #1883082)

 -- Balint Reczey <email address hidden> Tue, 21 Jul 2020 17:20:12 +0200

Changed in unattended-upgrades (Ubuntu Focal):
status: Fix Committed → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for unattended-upgrades has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

ali (alli1998)
information type: Public → Public Security
information type: Public Security → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.