sscanf always calls realloc/causes deadlock in google-perftools

Bug #1028038 reported by James Page on 2012-07-23
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
eglibc (Ubuntu)
High
Adam Conrad
Precise
High
Adam Conrad

Bug Description

SRU Justification:

[Impact]
When using google-perftools eglibc causes a deadlock.

[Development Fix]
This is fixed in quantal.

[Stable Fix]
A fix can be backported from quantal into precise.

[Test Case]
Run google-perftools.

[Regression Potential]
Patch introduces changes in stdio-common/vfscanf.c.

--

This is currently causing a deadlock in the google-perftools testing.

The fix has been committed to glibc 2.16 - http://cygwin.com/ml/libc-alpha/2012-01/msg00026.html

It would be great if either glibc could be upgraded to 2.16 or this patch applied to the version in quantal.

I have verified locally that this resolves the deadlock issue in google-perftools.

ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: libc6 2.15-0ubuntu15
ProcVersionSignature: Ubuntu 3.5.0-5.5-generic 3.5.0-rc7
Uname: Linux 3.5.0-5-generic x86_64
ApportVersion: 2.4-0ubuntu5
Architecture: amd64
Date: Mon Jul 23 17:33:24 2012
SourcePackage: eglibc
UpgradeStatus: Upgraded to quantal on 2012-06-11 (42 days ago)

James Page (james-page) wrote :
summary: - sscanf always calls realloc
+ sscanf always calls realloc/causes deadlock in google-perftools
Changed in eglibc (Ubuntu):
importance: Undecided → High
Adam Conrad (adconrad) on 2012-07-24
Changed in eglibc (Ubuntu Precise):
assignee: nobody → Adam Conrad (adconrad)
Changed in eglibc (Ubuntu):
assignee: nobody → Adam Conrad (adconrad)
Benjamin Kerensa (bkerensa) wrote :

Thanks for reporting this bug and any supporting documentation. Since this bug has enough information provided for a developer to begin work, I'm going to mark it as confirmed and let them handle it from here. Thanks for taking the time to make Ubuntu better!

Changed in eglibc (Ubuntu):
status: New → Confirmed
Adam Conrad (adconrad) on 2012-07-25
Changed in eglibc (Ubuntu):
status: Confirmed → Triaged
Changed in eglibc (Ubuntu Precise):
status: New → Triaged
importance: Undecided → High
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package eglibc - 2.15-0ubuntu17

---------------
eglibc (2.15-0ubuntu17) quantal; urgency=low

  * Backport fix from 2.16 for sscanf/realloc deadlock (LP: #1028038)
  * Backport for bogus FPE on underflow for exp(double) (LP: #1007457)
 -- Adam Conrad <email address hidden> Thu, 09 Aug 2012 20:25:35 -0600

Changed in eglibc (Ubuntu):
status: Triaged → Fix Released
Chris J Arges (arges) on 2012-09-12
description: updated

Hello James, or anyone else affected,

Accepted eglibc into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in eglibc (Ubuntu Precise):
status: Triaged → Fix Committed
tags: added: verification-needed
Brian Murray (brian-murray) wrote :

Hello James, or anyone else affected,

Accepted eglibc into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

James Page (james-page) wrote :

I rebuilt google-perftools from quantal on precise with -proposed enabled; the test that originally failed now passes just fine (see attached build log).

tags: added: verification-done
removed: verification-needed

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Adam Conrad (adconrad) wrote :

This bug was fixed in the package eglibc - 2.15-0ubuntu10.3

---------------
eglibc (2.15-0ubuntu10.3) precise; urgency=low

  * Backport fixes for dbl-64 and ldbl-128 issues (LP: #1000498)
  * Backport another FMA support patch from glibc master branch.

eglibc (2.15-0ubuntu10.2) precise-security; urgency=low

  * SECURITY UPDATE: stack buffer overflow in vfprintf handling
    (LP: #1031301)
    - debian/patches/any/CVE-2012-3406.patch: switch to malloc when
      array grows too large to handle via alloca extension
    - CVE-2012-3406
  * SECURITY UPDATE: stdlib strtod integer/buffer overflows
    - debian/patches/any/CVE-2012-3480.patch: rearrange calculations
      and modify types to void integer overflows
    - CVE-2012-3480

eglibc (2.15-0ubuntu10.1) precise; urgency=low

  * Backport fix from 2.16 to fix htons() conversion errors on non-x86
    architectures, by correctly casting to uint16_t (LP: #1016349)
  * Restore missing AT_EMPTY_PATH definition in fnctl.h (LP: #1010069)
  * Backport FMA4/AVX detection from glibc 2.16 (LP: #956051, #979003)
  * Backport fixups to AVX-using code to match the detection backport.
  * Backport fix from 2.16 for sscanf/realloc deadlock (LP: #1028038)
  * Backport for bogus FPE on underflow for exp(double) (LP: #1007457)
 -- Adam Conrad <email address hidden> Wed, 03 Oct 2012 15:58:02 -0600

Changed in eglibc (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers