Ubuntu
aptitude package

aptitude assert failure: *** glibc detected *** aptitude: double free or corruption (!prev): 0x08f9d658 ***

Bug #515525 reported by Eric Casteleijn
This bug affects 264 people
Affects Status Importance Assigned to Milestone
aptitude (Ubuntu)
Fix Released
Medium
Darlyn Smith
Ubuntu ubuntu-10.04-beta-2
Lucid
Fix Released
Medium
Unassigned
Ubuntu ubuntu-10.04-beta-2

Bug Description

Binary package hint: aptitude

aptitude dumps core when running dist-upgrades sometimes.

Backtrace:

*** glibc detected *** aptitude: double free or corruption (!prev): 0x08f9d658 ***
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(+0x6b5e1)[0xb726b5e1]
/lib/tls/i686/cmov/libc.so.6(+0x6ce38)[0xb726ce38]
/lib/tls/i686/cmov/libc.so.6(cfree+0x6d)[0xb726fefd]
/usr/lib/libstdc++.so.6(_ZdlPv+0x21)[0xb7450271]
aptitude[0x8186e8d]
aptitude[0x81830c2]
aptitude[0x8148e00]
aptitude[0x8120af4]
aptitude[0x805f24f]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb7216bd6]
aptitude[0x805c631]
======= Memory map: ========
08048000-08250000 r-xp 00000000 08:05 29386 /usr/bin/aptitude
08250000-08251000 r--p 00208000 08:05 29386 /usr/bin/aptitude
08251000-08252000 rw-p 00209000 08:05 29386 /usr/bin/aptitude
08252000-08254000 rw-p 00000000 00:00 0
08d46000-09064000 rw-p 00000000 00:00 0 [heap]
b53b5000-b5428000 rw-p 00000000 00:00 0
b5428000-b5429000 ---p 00000000 00:00 0
b5429000-b5c29000 rw-p 00000000 00:00 0
b5da7000-b5db1000 r-xp 00000000 08:05 2623430 /lib/tls/i686/cmov/libnss_files-2.11.1.so
b5db1000-b5db2000 r--p 00009000 08:05 2623430 /lib/tls/i686/cmov/libnss_files-2.11.1.so
b5db2000-b5db3000 rw-p 0000a000 08:05 2623430 /lib/tls/i686/cmov/libnss_files-2.11.1.so
b5db3000-b5dbb000 r-xp 00000000 08:05 2623432 /lib/tls/i686/cmov/libnss_nis-2.11.1.so
b5dbb000-b5dbc000 r--p 00008000 08:05 2623432 /lib/tls/i686/cmov/libnss_nis-2.11.1.so
b5dbc000-b5dbd000 rw-p 00009000 08:05 2623432 /lib/tls/i686/cmov/libnss_nis-2.11.1.so
b5dbd000-b5dd0000 r-xp 00000000 08:05 2623427 /lib/tls/i686/cmov/libnsl-2.11.1.so
b5dd0000-b5dd1000 r--p 00012000 08:05 2623427 /lib/tls/i686/cmov/libnsl-2.11.1.so
b5dd1000-b5dd2000 rw-p 00013000 08:05 2623427 /lib/tls/i686/cmov/libnsl-2.11.1.so
b5dd2000-b5dd4000 rw-p 00000000 00:00 0
b5dd4000-b5dda000 r-xp 00000000 08:05 2623428 /lib/tls/i686/cmov/libnss_compat-2.11.1.so
b5dda000-b5ddb000 r--p 00006000 08:05 2623428 /lib/tls/i686/cmov/libnss_compat-2.11.1.so
b5ddb000-b5ddc000 rw-p 00007000 08:05 2623428 /lib/tls/i686/cmov/libnss_compat-2.11.1.so
b6f00000-b6f21000 rw-p 00000000 00:00 0
b6f21000-b7000000 ---p 00000000 00:00 0
b70c8000-b70c9000 rw-p 00000000 00:00 0
b70c9000-b7108000 r--p 00000000 08:05 525462 /usr/lib/locale/en_US.utf8/LC_CTYPE
b7108000-b71f5000 r--p 00000000 08:05 529893 /usr/lib/locale/en_US.utf8/LC_COLLATE
b71f5000-b71f7000 rw-p 00000000 00:00 0
b71f7000-b71f9000 r-xp 00000000 08:05 2623424 /lib/tls/i686/cmov/libdl-2.11.1.so
b71f9000-b71fa000 r--p 00001000 08:05 2623424 /lib/tls/i686/cmov/libdl-2.11.1.so
b71fa000-b71fb000 rw-p 00002000 08:05 2623424 /lib/tls/i686/cmov/libdl-2.11.1.so
b71fb000-b71fc000 rw-p 00000000 00:00 0
b71fc000-b71fe000 r-xp 00000000 08:05 2623440 /lib/tls/i686/cmov/libutil-2.11.1.so
b71fe000-b71ff000 r--p 00001000 08:05 2623440 /lib/tls/i686/cmov/libutil-2.11.1.so
b71ff000-b7200000 rw-p 00002000 08:05 2623440 /lib/tls/i686/cmov/libutil-2.11.1.so
b7200000-b734d000 r-xp 00000000 08:05 2623421 /lib/tls/i686/cmov/libc-2.11.1.so
b734d000-b734e000 ---p 0014d000 08:05 2623421 /lib/tls/i686/cmov/libc-2.11.1.so
b734e000-b7350000 r--p 0014d000 08:05 2623421 /lib/tls/i686/cmov/libc-2.11.1.so
b7350000-b7351000 rw-p 0014f000 08:05 2623421 /lib/tls/i686/cmov/libc-2.11.1.so
b7351000-b7354000 rw-p 00000000 00:00 0
b7354000-b7370000 r-xp 00000000 08:05 1936 /lib/libgcc_s.so.1
b7370000-b7371000 r--p 0001b000 08:05 1936 /lib/libgcc_s.so.1
b7371000-b7372000 rw-p 0001c000 08:05 1936 /lib/libgcc_s.so.1
b7372000-b7396000 r-xp 00000000 08:05 2623425 /lib/tls/i686/cmov/libm-2.11.1.so
b7396000-b7397000 r--p 00023000 08:05 2623425 /lib/tls/i686/cmov/libm-2.11.1.so
b7397000-b7398000 rw-p 00024000 08:05 2623425 /lib/tls/i686/cmov/libm-2.11.1.so
b7398000-b747e000 r-xp 00000000 08:05 10162 /usr/lib/libstdc++.so.6.0.13
b747e000-b747f000 ---p 000e6000 08:05 10162 /usr/lib/libstdc++.so.6.0.13
b747f000-b7483000 r--p 000e6000 08:05 10162 /usr/lib/libstdc++.so.6.0.13
b7483000-b7484000 rw-p 000ea000 08:05 10162 /usr/lib/libstdc++.so.6.0.13
b7484000-b748b000 rw-p 00000000 00:00 0
b748b000-b74a0000 r-xp 00000000 08:05 2623435 /lib/tls/i686/cmov/libpthread-2.11.1.so
b74a0000-b74a1000 r--p 00014000 08:05 2623435 /lib/tls/i686/cmov/libpthread-2.11.1.so
b74a1000-b74a2000 rw-p 00015000 08:05 2623435 /lib/tls/i686/cmov/libpthread-2.11.1.so
b74a2000-b74a5000 rw-p 00000000 00:00 0
b74a5000-b74b8000 r-xp 00000000 08:05 35648 /lib/libz.so.1.2.3.3
b74b8000-b74b9000 r--p 00012000 08:05 35648 /lib/libz.so.1.2.3.3
b74b9000-b74ba000 rw-p 00013000 08:05 35648 /lib/libz.so.1.2.3.3
b74ba000-b75ff000 r-xp 00000000 08:05 8611 /usr/lib/libxapian.so.15.6.8
b75ff000-b7602000 r--p 00144000 08:05 8611 /usr/lib/libxapian.so.15.6.8
b7602000-b7603000 rw-p 00147000 08:05 8611 /usr/lib/libxapian.so.15.6.8
b7603000-b7672000 r-xp 00000000 08:05 32161 /usr/lib/libept.so.0.5.30
b7672000-b7673000 r--p 0006f000 08:05 32161 /usr/lib/libept.so.0.5.30
b7673000-b7674000 rw-p 00070000 08:05 32161 /usr/lib/libept.so.0.5.30
b7674000-b772d000 r-xp 00000000 08:05 29379 /usr/lib/libcwidget.so.3.0.0
b772d000-b772e000 ---p 000b9000 08:05 29379 /usr/lib/libcwidget.so.3.0.0
b772e000-b7731000 r--p 000b9000 08:05 29379 /usr/lib/libcwidget.so.3.0.0
b7731000-b7732000 rw-p 000bc000 08:05 29379 /usr/lib/libcwidget.so.3.0.0
b7732000-b7737000 r-xp 00000000 08:05 33150 /usr/lib/libsigc-2.0.so.0.0.0
b7737000-b7738000 r--p 00004000 08:05 33150 /usr/lib/libsigc-2.0.so.0.0.0
b7738000-b7739000 rw-p 00005000 08:05 33150 /usr/lib/libsigc-2.0.so.0.0.0
b7739000-b773a000 rw-p 00000000 00:00 0
b773a000-b777a000 r-xp 00000000 08:05 593 /lib/libncursesw.so.5.7
b777a000-b777c000 r--p 00040000 08:05 593 /lib/libncursesw.so.5.7
b777c000-b777d000 rw-p 00042000 08:05 593 /lib/libncursesw.so.5.7
b777d000-b7840000 r-xp 00000000 08:05 3720 /usr/lib/libapt-pkg-libc6.10-6.so.4.8.0
b7840000-b7842000 r--p 000c2000 08:05 3720 /usr/lib/libapt-pkg-libc6.10-6.so.4.8.0
b7842000-b7843000 rw-p 000c4000 08:05 3720 /usr/lib/libapt-pkg-libc6.10-6.so.4.8.0
b7847000-b7848000 rw-p 00000000 00:00 0
b7848000-b7849000 r--p 00000000 08:05 525463 /usr/lib/locale/en_US.utf8/LC_NUMERIC
b7849000-b784a000 r--p 00000000 08:05 529974 /usr/lib/locale/en_DK.utf8/LC_TIME
b784a000-b784b000 r--p 00000000 08:05 535672 /usr/lib/locale/en_US.utf8/LC_MONETARY
b784b000-b784c000 r--p 00000000 08:05 529895 /usr/lib/locale/en_US.utf8/LC_MESSAGES/SYS_LC_MESSAGES
b784c000-b784d000 r--p 00000000 08:05 529896 /usr/lib/locale/en_US.utf8/LC_PAPERAborted (core dumped)

ProblemType: Crash
Architecture: i386
AssertionMessage: *** glibc detected *** aptitude: double free or corruption (!prev): 0x08f9d658 ***
Date: Mon Feb 1 09:24:16 2010
DistroRelease: Ubuntu 10.04
ExecutablePath: /usr/bin/aptitude
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
NonfreeKernelModules: nvidia
Package: aptitude 0.4.11.11-1ubuntu8
ProcAttrCurrent: unconfined (enforce)
ProcCmdline: aptitude dist-upgrade
ProcEnviron:
 PATH=(custom, no user)
 LANG=en_US.utf8
 LC_TIME=en_DK.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: Ubuntu 2.6.32-11.15-generic-pae
Signal: 6
SourcePackage: aptitude
StacktraceTop:
 __kernel_vsyscall ()
 raise () from /lib/tls/i686/cmov/libc.so.6
 abort () from /lib/tls/i686/cmov/libc.so.6
 ?? () from /lib/tls/i686/cmov/libc.so.6
 ?? () from /lib/tls/i686/cmov/libc.so.6
Title: aptitude assert failure: *** glibc detected *** aptitude: double free or corruption (!prev): 0x08f9d658 ***
Uname: Linux 2.6.32-11-generic-pae i686
UserGroups:

Revision history for this message
Eric Casteleijn (thisfred) wrote :
Revision history for this message
Apport retracing service (apport) wrote :

StacktraceTop:
 __kernel_vsyscall ()
 *__GI_raise (sig=6)
 *__GI_abort () at abort.c:92
 __libc_message (do_abort=2,
 malloc_printerr (action=<value optimized out>,

Revision history for this message
Apport retracing service (apport) wrote : Stacktrace.txt
Revision history for this message
Apport retracing service (apport) wrote : ThreadStacktrace.txt
Changed in aptitude (Ubuntu):
importance: Undecided → Medium
tags: removed: need-i386-retrace
Daniel Hahler (blueyed)
Changed in aptitude (Ubuntu):
status: New → Triaged
visibility: private → public
Revision history for this message
IKT (ikt) wrote :

aptitude assert failure: *** glibc detected *** aptitude: double free or corruption (!prev): 0x09a61510 ***

I'm experiencing a similar issue when doing 'aptitude update'.

Revision history for this message
MaxistXXL (maxistxxl) wrote :

I experienced this bug when I tried to install subversion.

Revision history for this message
haeckse (haeckse) wrote :

Since today I get this every single time I run "sudo aptitude get-upgrade".

Revision history for this message
haeckse (haeckse) wrote :

Since today I get this every single time I run "sudo aptitude get-upgrade".

Revision history for this message
Nizuri (h-jmedicke) wrote :

Downgrading to http://launchpadlibrarian.net/37134135/aptitude_0.4.11.11-1ubuntu8_i386.deb fixed the issue for me.
(regression compared to -8 )
http://paste.ubuntu.com/383688/
Thanks to mvo_ and gronmefreak in the irc.

Michael Vogt (mvo)
Changed in aptitude (Ubuntu):
milestone: none → ubuntu-10.04-beta-1
Revision history for this message
ec (ecroes) wrote :
Download full text (6.6 KiB)

experiencing same issue when running 'sudo aptitude update':

*** glibc detected *** aptitude: free(): invalid next size (fast): 0x0000000001c03280 ***
======= Backtrace: =========
/lib/libc.so.6(+0x77406)[0x7f9ba2667406]
/lib/libc.so.6(cfree+0x73)[0x7f9ba266dc93]
aptitude[0x526aa9]
aptitude[0x5459ed]
aptitude[0x542fb7]
aptitude[0x506297]
aptitude[0x501f1d]
aptitude[0x41bb76]
/lib/libc.so.6(__libc_start_main+0xfd)[0x7f9ba260ec4d]
aptitude[0x419619]
======= Memory map: ========
00400000-00626000 r-xp 00000000 08:07 424680 /usr/bin/aptitude
00825000-00826000 r--p 00225000 08:07 424680 /usr/bin/aptitude
00826000-00828000 rw-p 00226000 08:07 424680 /usr/bin/aptitude
00828000-0082c000 rw-p 00000000 00:00 0
0189c000-01cb4000 rw-p 00000000 00:00 0 [heap]
7f9b98000000-7f9b98021000 rw-p 00000000 00:00 0
7f9b98021000-7f9b9c000000 ---p 00000000 00:00 0
7f9b9f684000-7f9b9f685000 rw-p 00000000 00:00 0
7f9b9f685000-7f9b9f686000 ---p 00000000 00:00 0
7f9b9f686000-7f9ba0b3c000 rw-p 00000000 00:00 0
7f9ba0b3c000-7f9ba18c1000 rw-p 00000000 08:07 897700 /var/cache/apt/pkgcache.bin
7f9ba18c1000-7f9ba18cd000 r-xp 00000000 08:07 498806 /lib/libnss_files-2.11.1.so
7f9ba18cd000-7f9ba1acc000 ---p 0000c000 08:07 498806 /lib/libnss_files-2.11.1.so
7f9ba1acc000-7f9ba1acd000 r--p 0000b000 08:07 498806 /lib/libnss_files-2.11.1.so
7f9ba1acd000-7f9ba1ace000 rw-p 0000c000 08:07 498806 /lib/libnss_files-2.11.1.so
7f9ba1ace000-7f9ba1ad8000 r-xp 00000000 08:07 498808 /lib/libnss_nis-2.11.1.so
7f9ba1ad8000-7f9ba1cd7000 ---p 0000a000 08:07 498808 /lib/libnss_nis-2.11.1.so
7f9ba1cd7000-7f9ba1cd8000 r--p 00009000 08:07 498808 /lib/libnss_nis-2.11.1.so
7f9ba1cd8000-7f9ba1cd9000 rw-p 0000a000 08:07 498808 /lib/libnss_nis-2.11.1.so
7f9ba1cd9000-7f9ba1cf0000 r-xp 00000000 08:07 498801 /lib/libnsl-2.11.1.so
7f9ba1cf0000-7f9ba1eef000 ---p 00017000 08:07 498801 /lib/libnsl-2.11.1.so
7f9ba1eef000-7f9ba1ef0000 r--p 00016000 08:07 498801 /lib/libnsl-2.11.1.so
7f9ba1ef0000-7f9ba1ef1000 rw-p 00017000 08:07 498801 /lib/libnsl-2.11.1.so
7f9ba1ef1000-7f9ba1ef3000 rw-p 00000000 00:00 0
7f9ba1ef3000-7f9ba1efb000 r-xp 00000000 08:07 498802 /lib/libnss_compat-2.11.1.so
7f9ba1efb000-7f9ba20fa000 ---p 00008000 08:07 498802 /lib/libnss_compat-2.11.1.so
7f9ba20fa000-7f9ba20fb000 r--p 00007000 08:07 498802 /lib/libnss_compat-2.11.1.so
7f9ba20fb000-7f9ba20fc000 rw-p 00008000 08:07 498802 /lib/libnss_compat-2.11.1.so
7f9ba20fc000-7f9ba21e9000 r--p 00000000 08:07 532868 /usr/lib/locale/nl_NL.utf8/LC_COLLATE
7f9ba21e9000-7f9ba21eb000 r-xp 00000000 08:07 498798 /lib/libdl-2.11.1.so
7f9ba21eb000-7f9ba23eb000 ---p 00002000 08:07 498798 /lib/libdl-2.11.1.so
7f9ba23eb000-7f9ba23ec000 r--p 00002000 08...

Read more...

Apport retracing service (apport)
tags: added: bugpattern-needed
Revision history for this message
Ixzat (chrazy) wrote :

Got this error when running aptitude update. One source was really slow or something and it just sat at recieving headers for awhile and the got about the same error message.

Brian Murray (brian-murray)
tags: added: bugpattern-written
removed: bugpattern-needed
Revision history for this message
vmc (vmclark) wrote :

Using this command:
"sudo aptitude update && sudo aptitude safe-upgrade"

Right after it completes the first part, it crashes.

apt-get completes without error.

Last part of message just before the crash:
Hit http://us.archive.ubuntu.com lucid-updates/multiverse Sources
Fetched 11.1MB in 2min 3s (90.3kB/s)
*** glibc detected *** aptitude: double free or corruption (!prev): 0x09116d78 ***

Revision history for this message
IKT (ikt) wrote :

What's going on with this bug? It's actually quite a pain, is a regression planned?

Revision history for this message
Roman Yepishev (rye) wrote :

*** glibc detected *** /usr/bin/aptitude: double free or corruption (!prev): 0x0852c6d0 ***

(gdb) bt
#0 0x00110832 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1 0x0064b601 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#2 0x0064ea62 in *__GI_abort () at abort.c:92
#3 0x0068256d in __libc_message (do_abort=2, fmt=0x7518b8 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#4 0x0068c611 in malloc_printerr (action=<value optimized out>, str=0x6 <Address 0x6 out of bounds>, ptr=0x852c6d0) at malloc.c:6264
#5 0x0068de68 in _int_free (av=<value optimized out>, p=<value optimized out>) at malloc.c:4792
#6 0x00690f2d in *__GI___libc_free (mem=0x852c6d0) at malloc.c:3738
#7 0x005a3731 in operator delete(void*) () from /usr/lib/libstdc++.so.6
#8 0x005a378d in operator delete[](void*) () from /usr/lib/libstdc++.so.6
#9 0x081693bf in ~AcqTextStatus (this=0x852c690, __in_chrg=<value optimized out>) at acqprogress.cc:42
#10 0x081872dd in sigc::internal::signal_emit1<void, download_signal_log&, sigc::nil>::emit (this=0x852c5f0)
    at /usr/include/sigc++-2.0/sigc++/signal.h:1010
#11 sigc::signal1<void, download_signal_log&, sigc::nil>::emit (this=0x852c5f0) at /usr/include/sigc++-2.0/sigc++/signal.h:2777
#12 sigc::signal1<void, download_signal_log&, sigc::nil>::operator() (this=0x852c5f0) at /usr/include/sigc++-2.0/sigc++/signal.h:2785
#13 download_signal_log::Complete (this=0x852c5f0) at download_signal_log.cc:133
#14 0x0818490e in download_update_manager::finish (this=0xbffff524, res=pkgAcquire::Continue, progress=...) at download_update_manager.cc:275
#15 0x081492a0 in cmdline_do_download (m=0xbffff524, verbose=0) at cmdline_util.cc:404
#16 0x08144ea1 in cmdline_update (argc=1, argv=0xbffff898, verbose=0) at cmdline_update.cc:54
#17 0x0805efce in main (argc=2, argv=0xbffff894) at main.cc:596

Complete output is attached.
It looks like something is wrong with command line progress meter (acqprogress) when its destructor is called.

Revision history for this message
Roman Yepishev (rye) wrote :

Temporary workaround - start aptitude with -q flag that will disable the progress meter and will allow it to work fine until the issue is fixed.

Revision history for this message
Steffen Barszus (steffenbpunkt) wrote :

i can confirm its not crashing with -q

Revision history for this message
Florian Klug (flurl) wrote :

i can confirm this too, no crash with -q

Revision history for this message
Hacknslash (hack-n-slash) wrote :

I also can confirm there is no crash with the -q flag, I have the backtrace of the original error if required.

Revision history for this message
vmc (vmclark) wrote :

Yes "-q" works. Hopefully we will be getting a real fix soon.

Revision history for this message
Neil Perry (nperry) wrote :

As in comment 15, running with flag "q" seems to fix the issue.

Revision history for this message
Henrik (neu242) wrote :

I looked into a weird workaround from bug #191094 which works in this case as well.

This bug is related to the current terminal size.

If I resize the terminal to 203x24, aptitude update works. 204x24 and 212x24 crashes. 200x24, 201x24, 202x24 and 205x24 works.

Revision history for this message
Mazy (mazy-honda) wrote :

confirm. odd terminal size (100x40,120x40) causes crash. even (101x40, 120x40) - does not affects ..

Revision history for this message
jerrylamos (jerrylamos) wrote :

Lucid Beta 1 linux 2.6.32-16 aptitude fails each and every time, crash report, dump, you name it. Thinkpad R31 with i830 intel graphics. One of the key execs which is failing has "nvidia" in it. ??

Had alpha 3 installed, updated, got aptitude failure.

Fresh install of Lucid Beta 1 aptitude failure. Real struggle to get booted.

Let me try the -q

Jerry

Revision history for this message
jerrylamos (jerrylamos) wrote :

Lucid Beta 1 linux 2.6.32-16 did manage to get thru aptitude with -q and safe-upgrade.

Anyone have any idea how "-q" avoids a crash?

Jerry

Revision history for this message
Henrik (neu242) wrote :

jerrylamos: By using "-q" the progress bar doesn't show. The progress bar is probably what causes this problem, and it only crashes on certain terminal sizes (as seen in #22 and #21).

Revision history for this message
Alexander Fortin (alexander-fortin) wrote :

I got this same error installing "pwgen" running aptitude install from console.
Lucid Beta1 fully updated on a Dell Mini9

Revision history for this message
Oliver Herrmann (oliver-herrmann80) wrote :

Thanks for the good Bugtrace here... saved me a lot of time searching what i did wrong ;)

One big "hooorrrraaaayyyy" to the Ubuntu Community!!!

Revision history for this message
Dennis Schridde (devurandom) wrote :

Issue still present in 10.04_beta2

Steve Langasek (vorlon)
Changed in aptitude (Ubuntu Lucid):
milestone: ubuntu-10.04-beta-1 → ubuntu-10.04-beta-2
Revision history for this message
Corey Quinn (kb1jwq) wrote :

Can confirm it exists here. Changing terminal size resolved it.

Revision history for this message
Andreas Ntaflos (daff) wrote :

Can also confirm the problem still exists and that changing terminal size "fixed" it.

I only used the commandline interface of aptitude, i.e. the non-ncurses one. I am somewhat baffled, how can the terminal size crash a program? Never heard of that before :)

Revision history for this message
Matthias (m-kaeppler) wrote :

still exists in Beta 2, but only when I run it using the Tilda terminal emulator. In the Terminal app, it doesn't crash.

Revision history for this message
Matthias (m-kaeppler) wrote :

sorry, in Beta 1

Revision history for this message
Ulrik Mikaelsson (rawler) wrote :

Spent some time with this, and found the cause. The error is a bit mis-leading, it's not a double-free-problem. Rather, it's a problem with the implementation failing to allocate space for null-termination when allocating buffer for an empty screen-line, therefore the connection to terminal size.

The allocation is most likely rounded up to even numbers, so for an odd number, the null-character will be allocated anyways (or the glib corruption-sensors only reacts on every odd byte).

In any case, here's a patch that solves it.

Revision history for this message
Ulrik Mikaelsson (rawler) wrote :
Revision history for this message
Kevin Yang (yangxq) wrote :

I applied the patch. No core dump till now.

Brian Murray (brian-murray)
tags: added: patch
Revision history for this message
Kevin Yang (yangxq) wrote :

core dump again.

Revision history for this message
Kevin Yang (yangxq) wrote :

Sorry, I found my patched version was overwritten by original version after upgrade. Ignore my last post.

Revision history for this message
Ulrik Mikaelsson (rawler) wrote :

Great! I were about to ask you for a stacktrace or coredump, to verify it's not an unrelated bug. :)

Revision history for this message
Ronald Evers (ronaldpaulusevers-deactivatedaccount) wrote :

Similar issues here: aptitude crashes sometimes. It just crashed on me as I tried to 'sudo aptitude update'. But in my case, when I rerun 'sudo aptitude update' it updates fine.

I have not been able to reproduce any aptitude crash, every time I rerun the command, it works fine. Hope this is the same issue!

Revision history for this message
HughDaniel (hugh-toad) wrote :
Download full text (12.5 KiB)

Right now I have this bug repeatable, so I am not making changes to my system in case someone wants deeper debugging info, but I did trap it in GDB and here are the results:

# gdb aptitude update
GNU gdb (GDB) 7.1-ubuntu
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/aptitude...Reading symbols from /usr/lib/debug/usr/bin/aptitude...done.
done.
/home/auser/update: No such file or directory.
(gdb) run update
Starting program: /usr/bin/aptitude update
[Thread debugging using libthread_db enabled]
[New Thread 0xb69fdb70 (LWP 12574)]
Hit http://security.ubuntu.com lucid-security Release.gpg
Ign http://security.ubuntu.com/ubuntu/ lucid-security/main Translation-en_US
Ign http://security.ubuntu.com/ubuntu/ lucid-security/restricted Translation-en_US
Hit http://us.archive.ubuntu.com lucid Release.gpg
Ign http://us.archive.ubuntu.com/ubuntu/ lucid/main Translation-en_US
Ign http://security.ubuntu.com/ubuntu/ lucid-security/universe Translation-en_US
Ign http://security.ubuntu.com/ubuntu/ lucid-security/multiverse Translation-en_US
Hit http://security.ubuntu.com lucid-security Release
Ign http://us.archive.ubuntu.com/ubuntu/ lucid/restricted Translation-en_US
Ign http://us.archive.ubuntu.com/ubuntu/ lucid/universe Translation-en_US
Ign http://us.archive.ubuntu.com/ubuntu/ lucid/multiverse Translation-en_US
Hit http://us.archive.ubuntu.com lucid-updates Release.gpg
Ign http://us.archive.ubuntu.com/ubuntu/ lucid-updates/main Translation-en_US
Ign http://us.archive.ubuntu.com/ubuntu/ lucid-updates/restricted Translation-en_US
Ign http://us.archive.ubuntu.com/ubuntu/ lucid-updates/universe Translation-en_US
Ign http://us.archive.ubuntu.com/ubuntu/ lucid-updates/multiverse Translation-en_US
Hit http://us.archive.ubuntu.com lucid Release
Hit http://us.archive.ubuntu.com lucid-updates Release
Hit http://security.ubuntu.com lucid-security/main Packages
Hit http://us.archive.ubuntu.com lucid/main Packages
Hit http://us.archive.ubuntu.com lucid/restricted Packages
Hit http://us.archive.ubuntu.com lucid/main Sources
Hit http://us.archive.ubuntu.com lucid/restricted Sources
Hit http://us.archive.ubuntu.com lucid/universe Packages
Hit http://security.ubuntu.com lucid-security/restricted Packages
Hit http://security.ubuntu.com lucid-security/main Sources
Hit http://security.ubuntu.com lucid-security/restricted Sources
Hit http://security.ubuntu.com lucid-security/universe Packages
Hit http://us.archive.ubuntu.com lucid/universe Sources
Hit http://us.archive.ubuntu.com lucid/multiverse Packages
Hit http://us.archive.ubuntu.com lucid/multiverse Sources
Hit http://us.archive.ubuntu.com lucid-updates/main Packages
Hit http://us.archive.ubuntu.com lucid-updates/restricted Packages
Hit http://us.archive.ubuntu.com lucid-updates/main Sourc...

Revision history for this message
Anders Kaseorg (andersk) wrote :

This was introduced by the patch from bug 391035 (13_screensize.dpatch). That patch is wrong, not only because ScreenWidth should have been ScreenWidth + 1, but also because ScreenWidth is a reference to an integer that may be updated at any time by the SIGWINCH signal handler.

Revision history for this message
Anders Kaseorg (andersk) wrote :

This debdiff replaces 13_screensize.dpatch with a correct patch.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package aptitude - 0.4.11.11-1ubuntu10

---------------
aptitude (0.4.11.11-1ubuntu10) lucid; urgency=low

  * 13_screensize.dpatch:
    - Fix to avoid overflowing the BlankLine buffer. (LP: #515525)
 -- Anders Kaseorg <email address hidden> Thu, 08 Apr 2010 00:28:08 -0400

Changed in aptitude (Ubuntu Lucid):
status: Triaged → Fix Released
Revision history for this message
HughDaniel (hugh-toad) wrote :

I just discovered that this bug is _always_ being triggered if I use GNOME Terminal 2.29.6 (2.29.6-0ubuntu5, why it's not 2.30 I have no idea) to run aptitude, yet on the same box if I run aptitude from xterm it works _unless_ I resize the xterm while aptitude is running, then I get this backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x0023e240 in sigc::slot_base::~slot_base() () from /usr/lib/libsigc-2.0.so.0
(gdb) bt
#0 0x0023e240 in sigc::slot_base::~slot_base() () from /usr/lib/libsigc-2.0.so.0
#1 0x0023d5af in std::_List_base<sigc::slot_base, std::allocator<sigc::slot_base> >::_M_clear() () from /usr/lib/libsigc-2.0.so.0
#2 0x0023d54d in sigc::signal_base::~signal_base() () from /usr/lib/libsigc-2.0.so.0
#3 0x08185a7d in ~signal4 (this=0x841e128, __in_chrg=<value optimized out>)
    at /usr/include/sigc++-2.0/sigc++/signal.h:3068
#4 ~download_signal_log (this=0x841e128, __in_chrg=<value optimized out>)
    at download_signal_log.cc:30
#5 0x08149203 in ~auto_ptr (m=0xbffff454, verbose=0)
    at /usr/include/c++/4.4/backward/auto_ptr.h:168
#6 cmdline_do_download (m=0xbffff454, verbose=0) at cmdline_util.cc:418
#7 0x08144ea1 in cmdline_update (argc=1, argv=0xbffff7c8, verbose=0)
    at cmdline_update.cc:54
#8 0x0805efce in main (argc=2, argv=0xbffff7c4) at main.cc:596
(gdb)

  I can confirm that KDE Konsole only fails when the window is resized. Xfce-terminal can fail, but it's very hard to make it fail, and it's about as hard in xterm. Whats interesting here is that GNOME terminal seems to be emitting spurious SIGWICH's as well as aptitude failing.

Darlyn Smith (darlyn13)
Changed in aptitude (Ubuntu):
assignee: nobody → Darlyn Smith (darlyn13)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.