Bug ID 1189590
Summary YaST crashes in libzypp when evaluating upgrade
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Critical
Priority P5 - None
Component Installation
Assignee yast2-maintainers@suse.de
Reporter fvogt@suse.com
QA Contact jsrain@suse.com
CC bzeller@suse.com, ma@suse.com
Found By ---
Blocker --- 

Starting two days ago, the upgrade_staging test in Tumbleweed stagings fails in
most cases (there are a few random successful ones as well).
When showing the installation overview, yast causes a crash in libzypp
(libsolv).
Example: https://openqa.opensuse.org/tests/1878709 (yast logs attached).
This unfortunately blocks all recent stagings, so Tumbleweed can't accept any
new changes until this is fixed.

Backtrace:

2021-08-18 02:28:48 <1> install(3808) [zypp::solver]
SATResolver.cc(solving):522 Checking droplists ...
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
Error: signal 11
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[hd]: (-3) /lib64/libzypp.so.1722 : zypp::dumpBacktrace(std::ostream&)+0x39
[0x7f7e97405ae9]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[hd]: (-2) /lib64/libzypp.so.1722 : +0x356696 [0x7f7e973da696]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[hd]: (-1) /lib64/libc.so.6 : +0x3d3a0 [0x7f7ea53733a0]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
vvvvvvvvvv----------------------------------------
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (0) /lib64/libc.so.6 : +0xa9af2 [0x7f7ea53dfaf2]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (1) /lib64/libzypp.so.1722 : +0x472392 [0x7f7e974f6392]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (2) /lib64/libzypp.so.1722 : +0x470f8c [0x7f7e974f4f8c]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (3) /lib64/libzypp.so.1722 : zypp::IdString::IdString(char const*)+0x21
[0x7f7e9734aa01]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (4) /lib64/libzypp.so.1722 : +0x3601b9 [0x7f7e973e41b9]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (5) /lib64/libzypp.so.1722 : +0x46b601 [0x7f7e974ef601]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (6) /lib64/libzypp.so.1722 : +0x2aa6c2 [0x7f7e9732e6c2]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (7) /lib64/libzypp.so.1722 :
zypp::Capability::Capability(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&, zypp::Rel, zypp::Edition
const&, zypp::ResKind const&)+0x30 [0x7f7e9732ea80]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (8) /lib64/libzypp.so.1722 :
zypp::sat::Solvable::valuesOfNamespace(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&) const+0x397
[0x7f7e973e5957]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (9) /lib64/libzypp.so.1722 :
zypp::solver::detail::SATResolver::solving(std::unordered_set<zypp::Capability,
std::hash<zypp::Capability>, std::equal_to<zypp::Capability>,
std::allocator<zypp::Capability> > const&, std::unordered_set<zypp::Capability,
std::hash<zypp::Capability>, std::equal_to<zypp::Capability>,
std::allocator<zypp::Capability> > const&)+0x12d5 [0x7f7e9730f325]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (10) /lib64/libzypp.so.1722 :
zypp::solver::detail::SATResolver::resolvePool(std::unordered_set<zypp::Capability,
std::hash<zypp::Capability>, std::equal_to<zypp::Capability>,
std::allocator<zypp::Capability> > const&, std::unordered_set<zypp::Capability,
std::hash<zypp::Capability>, std::equal_to<zypp::Capability>,
std::allocator<zypp::Capability> > const&, std::__cxx11::list<zypp::PoolItem,
std::allocator<zypp::PoolItem> > const&, std::set<zypp::Repository,
std::less<zypp::Repository>, std::allocator<zypp::Repository> > const&)+0x992
[0x7f7e97310b52]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (11) /usr/lib64/YaST2/plugin/libpy2Pkg.so.2 :
PkgFunctions::PkgUpdateAll(YCPMap const&)+0x391 [0x7f7e9772baf1]
2021-08-18 02:28:48 <5> install(3808) [zypp] ZYppFactory.cc(sigsegvHandler):58
[bt]: (12) /usr/lib64/YaST2/plugin/libpy2Pkg.so.2 :
Y2PkgFunction::evaluateCall()+0x126f4 [0x7f7e97794f24]

I'm occasionally able to reproduce it (openQA triggers it fairly reliably) and
was able to gdb into the crashing process once.
It's visible that libsolv's stringpool is intact, but the to be inserted string
pointer points into deallocated (unmapped) space.

It can also be seen that the crashed process has a open file handle to a
deleted solv cache:

35 -> /var/cache/zypp/solv/openSUSE-1-0/solv (deleted)
37 -> /mnt/var/cache/zypp/solv/@System/solv

That implies that it deleted an in-use pool, which seems dangerous and seems
related to bug 1183711.

You are receiving this mail because: