Bug#81881: dpkg: cannot unpack packages on Linux 2.2.0 to 2.2.10
Package: dpkg
Version: 1.8.0
Severity: critical
The new buffer_read(), buffer_copy(), etc. family of functions in dpkg
(lib/mlib.c) interact nastily with a bug in Linux 2.2 kernels before
2.2.11, in which kernel version that bug was reportedly fixed. The
symptoms are that, while unpacking, dpkg gets EAGAIN while reading from
its pipe to dpkg-deb, and promptly segfaults. As best as I can tell,
this happens with all packages, and I had to unpack dpkg manually in the
root directory to recover. Further details of the symptoms are in the
debian-dpkg thread starting at
http://lists.debian.org/debian-dpkg-0101/msg00016.html, and a full
strace of the dpkg session is at
http://www.chiark.greenend.org.uk/~cjwatson/dpkg-strace. While at that
point I'd only seen the problem in 2.2.5, somebody else mailed me
privately saying he'd had the same problems with 2.2.10.
http://www.tux.org/hypermail/linux-kernel/1999week24/0199.html is almost
certainly relevant here; apparently, zero-length reads on non-empty
pipes incorrectly returned -1 and EAGAIN instead of the correct 0. I
notice from the strace (near the end) that dpkg is trying to do a read()
of length 0; perhaps this read should be suppressed?
http://www.linux.org.uk/VERSION/relnotes.2211.html reports the following
change in Linux 2.2.11:
Pipes
A technical violation of the SuSv2 specification when preading
0 bytes from a pipe has been fixed.
... so you should be able to reproduce this in any 2.2 kernel before
that.
HTH,
--
Colin Watson [cjw44@flatline.org.uk]
Reply to: