Calling printf with %f format from rtld-audit bound functions results in a segfault.

Bug #1871762 reported by Marcus Borkenhagen
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
glibc (Ubuntu)
New
Undecided
Unassigned

Bug Description

Calling printf functions from an rtld-audit wrapped function - not even the wrapper itself - results in a segfault from apparently ld-linux.so.

[A complete example will be attached to this bugreport.]

When the following function is called via a rtld-audit rebound wrapper, a segfault will occur on the last printf-call (the one with the %f format.) This segfault apparently happens on return from the dynamic linker itself, which seems to break its stack.

 ,-----
 | int fourtytwo(void) {
 | printf("42.%s\n", __func__);
 | printf("42.%s The current float is %a\n", __func__, 42.1618);
 | printf("42.%s The current float is %f\n", __func__, 42.1618);
 | return 42;
 | }
 `-----

Ubuntu Version:
Description: Ubuntu 19.10
Release: 19.10

Package Version:
libc6:
  Installed: 2.30-0ubuntu2.1
  Candidate: 2.30-0ubuntu2.1
  Version table:
 *** 2.30-0ubuntu2.1 500
        500 http://de.archive.ubuntu.com/ubuntu eoan-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     2.30-0ubuntu2 500
        500 http://de.archive.ubuntu.com/ubuntu eoan/main amd64 Packages

Revision history for this message
Marcus Borkenhagen (mborkenhagen-aox-tech) wrote :

Further testing showed that the attached rtld-audit-repro.tar.xz did not reproduce the described behavior.

An updated and much simpler repro in audit.c wich does actually reproduce the described issue.

Revision history for this message
Marcus Borkenhagen (mborkenhagen-aox-tech) wrote :

New repro that actually works.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.