#159503 dselect: dselect core dumps

Package:
dselect
Source:
dpkg
Description:
Debian package management front-end
Submitter:
Adam Heath
Date:
2005-07-18 03:08:16 UTC
Severity:
wishlist
#159503#5
Date:
2002-08-31 20:56:39 UTC
From:
To:
after going into select trying to exit dselect or trying to go back
to select causes dselect to core dump.
--- Begin /etc/dpkg/dselect.cfg (modified conffile)
expert
--- End /etc/dpkg/dselect.cfg
#159503#10
Date:
2002-08-31 21:24:49 UTC
From:
To:
Grr.  The unstripped dselect does *NOT* segfault, but the stripped one does.
#159503#15
Date:
2002-09-01 04:48:58 UTC
From:
To:
tag 159023 + pending
thanks

1.10.5 was modified to call nffreeall(), and, only for dselect, does this
segfault.

The fix is to not call it at all, until I can figure out why freeing memory
causes the segfault to occur.

#159503#22
Date:
2002-09-01 09:41:14 UTC
From:
To:
Attaching two files, select-select.strace and select-exit.strace. The first
is an strace of dselect while choosing Select, accepting the setup, and then
choosing Select again (resulting in a segfault). The second is the same
except the last step is Quit instead of Select (resulting in a segfault).

#159503#27
Date:
2002-09-01 09:45:03 UTC
From:
To:
I guess it would help if I actually attached the files.
Hope they are of some use.

#159503#32
Date:
2002-09-01 18:11:50 UTC
From:
To:
This is already fixed in cvs, and already uploaded(as 1.10.6, sitting in
incoming)

#159503#43
Date:
2002-09-02 17:13:22 UTC
From:
To:
We believe that the bug you reported is fixed in the latest version of
dpkg, which is due to be installed in the Debian FTP archive:

dpkg-dev_1.10.6_all.deb
  to pool/main/d/dpkg/dpkg-dev_1.10.6_all.deb
dpkg-doc_1.10.6_all.deb
  to pool/main/d/dpkg/dpkg-doc_1.10.6_all.deb
dpkg_1.10.6.dsc
  to pool/main/d/dpkg/dpkg_1.10.6.dsc
dpkg_1.10.6.tar.gz
  to pool/main/d/dpkg/dpkg_1.10.6.tar.gz
dpkg_1.10.6_i386.deb
  to pool/main/d/dpkg/dpkg_1.10.6_i386.deb
dselect_1.10.6_i386.deb
  to pool/main/d/dpkg/dselect_1.10.6_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 159023@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adam Heath <doogie@debian.org> (supplier of updated dpkg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


Format: 1.7
Date: Sun,  1 Sep 2002 00:19:18 -0500
Source: dpkg
Binary: dpkg-static dselect dpkg-dev dpkg-doc dpkg
Architecture: source all i386
Version: 1.10.6
Distribution: unstable
Urgency: low
Maintainer: Dpkg Development <debian-dpkg@lists.debian.org>
Changed-By: Adam Heath <doogie@debian.org>
Description:
 dpkg       - Package maintenance system for Debian
 dpkg-dev   - Package building tools for Debian
 dpkg-doc   - Dpkg Internals Documentation
 dselect    - a user tool to manage Debian packages
Closes: 159023
Changes:
 dpkg (1.10.6) unstable; urgency=low
 .
   * Don't call nffreeall, in any of the c/c++ programs.  It appears dselect
     slightly corrupts it's memory enough that it can't be freed without
     segfaulting.  Closes: #159023.
Files:
 a3f9f309dfa28cba469f26ae41bf8dbd 716 base required dpkg_1.10.6.dsc
 0f936a8d0dd6577d1cf3364c154d090a 1568314 base required dpkg_1.10.6.tar.gz
 ad8d401ea225a3b3e41393a92d3473c8 1136442 base required dpkg_1.10.6_i386.deb
 e49633133570c6cadb7cba6fb1f97dbc 89606 base required dselect_1.10.6_i386.deb
 2618ba4506c158cb125477135bac2283 1127206 byhand - dpkg-1.10.6_i386.nondebbin.tar.gz
 845434dcad2837b171501122ca6054a5 1629193 byhand - dpkg-1.10.6_i386-static.nondebbin.tar.gz
 dde81872c365e9c2305356020c746c2e 111740 utils standard dpkg-dev_1.10.6_all.deb
 b8cd200149a42234f542850add666723 10688 doc optional dpkg-doc_1.10.6_all.deb
 0f936a8d0dd6577d1cf3364c154d090a 1568314 byhand - dpkg-1.10.6.tar.gz
iD8DBQE9cabniix9wovUpIkRAqdZAJoDBUi99QO446GWfzM0/+C6Z5IuCQCdGTXB
OfWN8jaacJ+0GX9RLQ2/KPo=
=HjVK
-----END PGP SIGNATURE-----

#159503#58
Date:
2002-09-03 19:03:27 UTC
From:
To:
ah ha!

dselect calls resetpackages() when exiting select.  This calls nffreeall().
Dselect then also calls nffreeall when exiting(this was new in 1.10.5).

So, this shows that obstacks don't support double free.

A little investigation, and I have made a patch to fix obstacks(bug#159493).

Now, the next problem, is that at the time resetpackages is called, curses is
on, so any output is lost.

And when nffreeall is called when dselect exits, all the memory has already
been freed, so --memstat produces no useful output.

A possible solution is to call resetpackages before going into select.

In any event, this will not be done on the 1.10 branch.