severity 561279 important
thanks
Hello,
I can reproduce it, but it's complicated. First, udevadm really
segfaults even early in the initrd, making the system unusable!
Therefore, increasing the severity.
Second, to reproduce it, the log severity needs to be set to debug.
Third, gdb on the binary from the package didn't produce anything
useful besides of the knowledge that it's inside of vsprintf.c. Then I
recompiled the package (current Sid environment) and used the unstripped
binary, but this version did not crash. However, some of the debug
output looked suspicious (binary parts in the strings, i.e. typical
for broken printf format strings). And valgrind output seems to confirm
this (attached).
The result is still inconclusive, something is feeding broken format
strings into the log function. Maybe it's specific to 64bit plattform, I
don't know for sure yet.
Regards,
Eduard.
--
<Madkiss> Alfie[tm]: Ich gebs ja zu, ich hab mich mal wieder
unzusammenhängend ausgedrückt, und ich bin sowieso alles schuld!
<yarihm> Madkiss: ja, besonders dein schlechtes deutsch bist du schuld :)
==7745== Memcheck, a memory error detector
==7745== Copyright (C) 2002-2009, and GNU GPL'd, by Julian Seward et al.
==7745== Using Valgrind-3.5.0-Debian and LibVEX; rerun with -h for copyright
info
==7745== Command: ./udevadm info
==7745==
custom logging function 0x559b380 registered
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x5086A49: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40D602: udev_set_log_fn (libudev.c:323)
==7745== by 0x40AA64: main (udevadm.c:143)
==7745==
==7745== Use of uninitialised value of size 8
==7745== at 0x5084611: _itoa_word (_itoa.c:196)
==7745== by 0x50861F0: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40D602: udev_set_log_fn (libudev.c:323)
==7745== by 0x40AA64: main (udevadm.c:143)
==7745==
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x5084618: _itoa_word (_itoa.c:196)
==7745== by 0x50861F0: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40D602: udev_set_log_fn (libudev.c:323)
==7745== by 0x40AA64: main (udevadm.c:143)
==7745==
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x508776E: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40D602: udev_set_log_fn (libudev.c:323)
==7745== by 0x40AA64: main (udevadm.c:143)
==7745==
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x50862EA: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40D602: udev_set_log_fn (libudev.c:323)
==7745== by 0x40AA64: main (udevadm.c:143)
==7745==
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x5086350: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40D602: udev_set_log_fn (libudev.c:323)
==7745== by 0x40AA64: main (udevadm.c:143)
==7745==
selinux=0
==7745== Use of uninitialised value of size 8
==7745== at 0x508466B: _itoa_word (_itoa.c:195)
==7745== by 0x50861F0: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x4162E1: udev_selinux_init (libudev-selinux-private.c:29)
==7745== by 0x40AA6C: main (udevadm.c:144)
==7745==
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x5084675: _itoa_word (_itoa.c:195)
==7745== by 0x50861F0: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x4162E1: udev_selinux_init (libudev-selinux-private.c:29)
==7745== by 0x40AA6C: main (udevadm.c:144)
==7745==
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x50877AD: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x4162E1: udev_selinux_init (libudev-selinux-private.c:29)
==7745== by 0x40AA6C: main (udevadm.c:144)
==7745==
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x5086319: vfprintf (vfprintf.c:1600)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x4162E1: udev_selinux_init (libudev-selinux-private.c:29)
==7745== by 0x40AA6C: main (udevadm.c:144)
==7745==
calling: info
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x50857D0: vfprintf (vfprintf.c:1601)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40AC0A: main (udevadm.c:121)
==7745==
==7745== Use of uninitialised value of size 8
==7745== at 0x5088451: vfprintf (vfprintf.c:1601)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40AC0A: main (udevadm.c:121)
==7745==
==7745== Use of uninitialised value of size 8
==7745== at 0x50B2460: _IO_default_xsputn (genops.c:480)
==7745== by 0x5088565: vfprintf (vfprintf.c:1601)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40AC0A: main (udevadm.c:121)
==7745==
==7745== Conditional jump or move depends on uninitialised value(s)
==7745== at 0x50B2472: _IO_default_xsputn (genops.c:479)
==7745== by 0x5088565: vfprintf (vfprintf.c:1601)
==7745== by 0x510AABF: __vsyslog_chk (syslog.c:222)
==7745== by 0x40D5B0: udev_log (libudev.c:58)
==7745== by 0x40AC0A: main (udevadm.c:121)
==7745==
missing option
==7745==
==7745== HEAP SUMMARY:
==7745== in use at exit: 120 bytes in 1 blocks
==7745== total heap usage: 28 allocs, 27 frees, 30,850 bytes allocated
==7745==
==7745== LEAK SUMMARY:
==7745== definitely lost: 120 bytes in 1 blocks
==7745== indirectly lost: 0 bytes in 0 blocks
==7745== possibly lost: 0 bytes in 0 blocks
==7745== still reachable: 0 bytes in 0 blocks
==7745== suppressed: 0 bytes in 0 blocks
==7745== Rerun with --leak-check=full to see details of leaked memory
==7745==
==7745== For counts of detected and suppressed errors, rerun with: -v
==7745== Use --track-origins=yes to see where uninitialised values come from
==7745== ERROR SUMMARY: 43 errors from 14 contexts (suppressed: 4 from 4)
