Hi! This one was difficult for me to track down because of problems with checking in gdb what is going on in call stack when the problem was reproduced, especially in 1.0.9.7.
I was able to find a last commit in which the problem reproduces. It was 03bcd80f, in version 1.2.7. The next commit is this: https://salsa.debian.org/apt-team/apt/-/commit/f40fdaa43271edf98b80c08e20f401b5da591501 The reproduction in 03bcd80f (compiled with DEB_CXXFLAGS_SET="-ggdb -O0" debuild -i -us -uc -b) looks like this: acerion@debian:~/ticket/1.2.7_pre_artifacts$ apt search -o "APT::Default-Release=stretch" scowl Sorting... Done Full Text Search... Done scowl/oldoldstable 7.1-1 all Spell-Checker Oriented Word Lists acerion@debian:~/ticket/1.2.7_pre_artifacts$ apt search -o "APT::Default-Release=invalid" scowl Segmentation fault acerion@debian:~/ticket/1.2.7_pre_artifacts$ gdb --args apt search -o "APT::Default-Release=invalid" scowl GNU gdb (Debian 7.12-6) 7.12.0.20161007-git [...] Reading symbols from apt...Reading symbols from /usr/lib/debug/.build-id/6a/124b6f149eb6c5c8ee50fdda25b9aaa2cb9b2f.debug...done. done. (gdb) r Starting program: /usr/bin/apt search -o APT::Default-Release=invalid scowl [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Sorting... 0% Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7a642ba in pkgDepCache::StateCache::CandidateVerIter (this=0x1bcf60, Cache=...) at ../build/include/apt-pkg/depcache.h:265 warning: Source file is more recent than executable. 265 {return VerIterator(Cache,CandidateVer);}; (gdb) bt #0 0x00007ffff7a642ba in pkgDepCache::StateCache::CandidateVerIter (this=0x1bcf60, Cache=...) at ../build/include/apt-pkg/depcache.h:265 #1 0x00007ffff7a787b2 in APT::VersionContainerInterface::getCandidateVer (Cache=..., Pkg=..., helper=...) at /home/acerion/ticket/1.2.7_pre/apt/apt-pkg/cacheset.cc:687 #2 0x00007ffff7a77b38 in APT::VersionContainerInterface::FromPackage (vci=0x7fffffffe080, Cache=..., P=..., fallback=APT::CacheSetHelper::CANDIDATE, helper=...) at /home/acerion/ticket/1.2.7_pre/apt/apt-pkg/cacheset.cc:531 #3 0x00007ffff76982e8 in GetLocalitySortedVersionSet (CacheFile=..., vci=0x7fffffffe080, matcher=..., progress=0x7fffffffdf80) at /home/acerion/ticket/1.2.7_pre/apt/apt-private/private-cacheset.cc:80 #4 0x00007ffff7697ef2 in GetLocalitySortedVersionSet (CacheFile=..., vci=0x7fffffffe080, progress=0x7fffffffdf80) at /home/acerion/ticket/1.2.7_pre/apt/apt-private/private-cacheset.cc:26 #5 0x00007ffff76cbbb3 in FullTextSearch (CmdL=...) at /home/acerion/ticket/1.2.7_pre/apt/apt-private/private-search.cc:65 #6 0x00007ffff76cd368 in DoSearch (CmdL=...) at /home/acerion/ticket/1.2.7_pre/apt/apt-private/private-search.cc:331 #7 0x00007ffff7a877f2 in CommandLine::DispatchArg (this=0x7fffffffe460, Map=0x555555772f80, NoMatch=true) at /home/acerion/ticket/1.2.7_pre/apt/apt-pkg/contrib/cmndline.cc:369 #8 0x00007ffff76a3809 in DispatchCommandLine (CmdL=..., Cmds=std::vector of length 27, capacity 32 = {...}) at /home/acerion/ticket/1.2.7_pre/apt/apt-private/private-cmndline.cc:511 #9 0x0000555555555d1c in main (argc=5, argv=0x7fffffffe588) at /home/acerion/ticket/1.2.7_pre/apt/cmdline/apt.cc:118 (gdb) frame 0 #0 0x00007ffff7a642ba in pkgDepCache::StateCache::CandidateVerIter (this=0x1bcf60, Cache=...) at ../build/include/apt-pkg/depcache.h:265 265 {return VerIterator(Cache,CandidateVer);}; (gdb) print *this Cannot access memory at address 0x1bcf60 (gdb) up #1 0x00007ffff7a787b2 in APT::VersionContainerInterface::getCandidateVer (Cache=..., Pkg=..., helper=...) at /home/acerion/ticket/1.2.7_pre/apt/apt-pkg/cacheset.cc:687 warning: Source file is more recent than executable. 687 Cand = Cache[Pkg].CandidateVerIter(Cache); (gdb) print Cache $1 = (pkgCacheFile &) @0x7fffffffe110: {_vptr.pkgCacheFile = 0x7ffff7dc8710 <vtable for pkgCacheFile+16>, d = 0x0, ExternOwner = false, Map = 0x5555557792b0, Cache = 0x555555774ef0, DCache = 0x555555780100, SrcList = 0x555555773a30, Policy = 0x55555577eba0} (gdb) print Cache[Pkg] $2 = (pkgDepCache::StateCache &) <error reading variable> (gdb) print Pkg.end() $3 = false (gdb) I'm not sure that the "error reading variable" at the bottom is, but looks like an invalid C++ reference to me. I have also tested this in sid, and there is no crash: acerion@debian:~$ apt --version apt 2.9.35 (amd64) acerion@debian:~$ apt search scowl scowl/unstable 2020.12.07-4 all Spell-Checker Oriented Word Lists acerion@debian:~$ apt search -o "APT::Default-Release=invalid" scowl Error: The value 'invalid' is invalid for APT::Default-Release as such a release is not available in the sources Error: The value 'invalid' is invalid for APT::Default-Release as such a release is not available in the sources acerion@debian:~$ Kamil
