Ubuntu
glibc package

libc6-prof description should say what profiling features are present

Bug #2042790 reported by Steve Langasek
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
glibc (Ubuntu)
Fix Released
Low
Unassigned
Noble
Fix Released
Low
Unassigned

Bug Description

We have a libc6-prof package in the archive whose only addition to the base description is:

 This package contains all libraries compiled for profiling.

This is opaque and doesn't explain at all what profiling features are enabled.

My understanding is that the key feature here is the use of -fno-omit-frame-pointer. But the package description should say.

'apt search omit-frame' returns no results, it would be good to fix it so it did. Putting this in the package description would achieve that.

See original description

CVE References

Steve Langasek (vorlon)
tags: added: rls-nn-incoming
description: updated
Julian Andres Klode (juliank)
tags: added: foundations-todo
removed: rls-nn-incoming
Simon Chopin (schopin)
Changed in glibc (Ubuntu Noble):
importance: Undecided → Low
status: New → In Progress
Revision history for this message
Simon Chopin (schopin) wrote :

FWIW, this is the new description in the git repo where the next version is being prepared:

Description: GNU C Library: Shared Libraries
 Contains the standard libraries that are used by nearly all programs on
 the system. This package includes shared versions of the standard C library
 and the standard math library, as well as many others.
 .
 This package contains all libraries compiled with frame pointer enabled,
 (-fno-omit-frame-pointer) which enables or enhances several profiling
 techniques, including eBPF-based ones.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package glibc - 2.39-0ubuntu1

---------------
glibc (2.39-0ubuntu1) noble; urgency=medium

  * New upstream release
    Contains fixes for the following CVEs:
    - CVE-2023-6246: Heap buffer overflow in __vsyslog_internal()
    - CVE-2023-6779: Heap buffer overflow in __vsyslog_internal()
    - CVE-2023-6780: Integer overflow in __vsyslog_internal()
    Patches:
    - Several patches refreshed
    - d/p/localedata/lv_LV-current.patch: dropped, applied upstream
    - d/p/lp{2031495,2032624}: dropped, applied upstream
    - d/p/any/git-c-utf-8-language.diff: dropped, applied upstream
  * d/p/ubuntu/submitted-tests-gracefully-handle-AppArmor-userns-containment.patch:
    Fix the tests in recent apparmor environments (LP: #2048375)
  * Drop libnss-nis and libnss-nisplus to Suggests (LP: #2045241)
  * Fix Replaces version for libsotruss.so file move (LP: #2042665)
  * Remove libc6-dev dependency on libtirpc-dev (LP: #2045763)
  * Dropped a lot of Ubuntu-specific xfails that are now passing.
  * Drop the -prof variant to instead use frame pointers on all 64-bit
    architectures by default to match the rest of the distro (LP: #2042790)

 -- Simon Chopin <email address hidden> Thu, 01 Feb 2024 09:44:24 +0100

Changed in glibc (Ubuntu Noble):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.