Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 638888

Summary: app-antivirus/clamav-0.99.2-r1: check1_clamscan.sh fails with SIGBUS
Product: Gentoo Linux Reporter: Rolf Eike Beer <eike>
Component: Current packagesAssignee: Antivirus Team <antivirus>
Status: RESOLVED FIXED    
Severity: normal CC: matoro_bugzilla_gentoo, mjo, sam, sparc
Priority: Normal Keywords: PATCH, PullRequest, TESTFAILURE
Version: unspecified   
Hardware: Sparc64   
OS: Linux   
URL: https://bugzilla.clamav.net/show_bug.cgi?id=12383
See Also: https://github.com/gentoo/gentoo/pull/26754
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 371525, 619302    
Attachments: build.log
test-suite.log
build.log for 0.99.4
build.log for 0.100.0
patch

Description Rolf Eike Beer archtester 2017-11-26 12:14:58 UTC
LibClamAV debug: FP SIGNATURE: aa15bcf478d165efd2065190eb473bcb:544:ClamAV-Test-File.UNOFFICIAL
LibClamAV debug: cli_magic_scandesc: returning 1  at line 2559
LibClamAV debug: hashtab: Freeing hashset, elements: 2, capacity: 1024
LibClamAV debug: ClamAV-Test-File.UNOFFICIAL found
LibClamAV debug: FP SIGNATURE: 85831fa179ee6d3a2417a9c10506813e:374784:ClamAV-Test-File.UNOFFICIAL
LibClamAV debug: cli_magic_scandesc: returning 1  at line 2559
LibClamAV debug: Cleaning up phishcheck
LibClamAV debug: Freeing phishcheck struct
LibClamAV debug: Phishcheck cleaned up
LibClamAV debug: entconv: Destroying iconv pool:0x5a658
LibClamAV debug: entconv: closing iconv:0x5b010
LibClamAV debug: entconv: closing iconv:0x5afa0
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.ea05.exe: ClamAV-Test-Icon-EA0X.UNOFFICIAL FOUND
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.ea06.exe: ClamAV-Test-Icon-EA0X.UNOFFICIAL FOUND
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_IScab_ext.exe: ClamAV-Test-Icon-IScab.UNOFFICIAL FOUND
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_IScab_int.exe: ClamAV-Test-Icon-IScab.UNOFFICIAL FOUND
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_ISmsi_ext.exe: Clam-VI-Test:Target.UNOFFICIAL FOUND
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_ISmsi_int.exe: Clam-VI-Test:Target.UNOFFICIAL FOUND
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.tar.gz: YARA.yara_at_offset.UNOFFICIAL FOUND
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_cache_emax.tgz: YARA.yara_at_offset.UNOFFICIAL FOUND
/var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/check_common.sh: line 93:   814 Bus error               $TOP/libtool --mode=execute $WRAPPER $*

***
*** Failed to run /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../clamscan/clamscan --gen-json --quiet -dtest-db/test.yara /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-aspack.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-fsg.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-mew.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-nsis.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-pespin.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-petite.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-upack.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-upx.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-v2.rar /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-v3.rar /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-wwpack.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam-yc.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.7z /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.arj /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.bin-be.cpio /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.bin-le.cpio /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.bz2.zip /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.cab /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.chm /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.d64.zip /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.ea05.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.ea06.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.exe.binhex /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.exe.bz2 /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.exe.html /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.exe.mbox.base64 /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.exe.mbox.uu /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.exe.rtf /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.exe.szdd /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.impl.zip /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.iso /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.mail /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.newc.cpio /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.odc.cpio /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.ole.doc /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.pdf /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.ppt /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.sis /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.tar.gz /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.tnef /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam.zip /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_IScab_ext.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_IScab_int.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_ISmsi_ext.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_ISmsi_int.exe /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clam_cache_emax.tgz /var/tmp/portage/app-antivirus/clamav-0.99.2-r1/work/clamav-0.99.2/unit_tests/../test/clamjol.iso --log=clamscan7.log, expected 1 exitcode, but was 138
***

Portage 2.3.8 (python 2.7.14-final-0, default/linux/sparc/13.0, gcc-6.4.0, glibc-2.25-r9, 4.14.2 sparc64)
=================================================================
                         System Settings
=================================================================
System uname: Linux-4.14.2-sparc64-sun4v-with-gentoo-2.3
KiB Mem:    33133616 total,  21468840 free
KiB Swap:          0 total,         0 free
Timestamp of repository gentoo: Sun, 26 Nov 2017 01:15:01 +0000
Head commit of repository gentoo: 57d39d4794da75dd7469590e964f83336f64acd1
sh bash 4.3_p48-r1
ld GNU ld (Gentoo 2.28.1 p1.0) 2.28.1
app-shells/bash:          4.3_p48-r1::gentoo
dev-lang/perl:            5.24.3::gentoo
dev-lang/python:          2.7.14::gentoo, 3.4.5::gentoo, 3.5.4::gentoo
dev-util/cmake:           3.8.2::gentoo
dev-util/pkgconfig:       0.29.2::gentoo
sys-apps/baselayout:      2.3::gentoo
sys-apps/openrc:          0.34.9::gentoo
sys-apps/sandbox:         2.10-r4::gentoo
sys-devel/autoconf:       2.13::gentoo, 2.69::gentoo
sys-devel/automake:       1.10.3-r2::gentoo, 1.11.6-r2::gentoo, 1.12.6-r1::gentoo, 1.13.4-r1::gentoo, 1.14.1-r1::gentoo, 1.15.1-r1::gentoo
sys-devel/binutils:       2.28.1::gentoo
sys-devel/gcc:            5.4.0-r3::gentoo, 6.4.0::gentoo
sys-devel/gcc-config:     1.8-r1::gentoo
sys-devel/libtool:        2.4.6-r3::gentoo
sys-devel/make:           4.2.1::gentoo
sys-kernel/linux-headers: 4.4::gentoo (virtual/os-headers)
sys-libs/glibc:           2.25-r9::gentoo
Repositories:

gentoo
    location: /usr/portage
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000

ACCEPT_KEYWORDS="sparc"
ACCEPT_LICENSE="* -@EULA"
CBUILD="sparc-unknown-linux-gnu"
CFLAGS="-O2 -mcpu=niagara2 -pipe"
CHOST="sparc-unknown-linux-gnu"
CONFIG_PROTECT="/etc /etc/omega.conf /usr/share/gnupg/qualified.txt /var/spool/torque"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.6/ext-active/ /etc/php/apache2-php7.0/ext-active/ /etc/php/cgi-php5.6/ext-active/ /etc/php/cgi-php7.0/ext-active/ /etc/php/cli-php5.6/ext-active/ /etc/php/cli-php7.0/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -mcpu=niagara2 -pipe"
DISTDIR="/usr/portage/distfiles"
FCFLAGS=""
FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS=""
GENTOO_MIRRORS="ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo"
LANG="en_US.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j20"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="acl berkdb big-endian bzip2 cli cracklib crypt cxx dri fortran gdbm iconv ipv6 modules ncurses nls nptl openmp pam pcre readline session sparc ssl tcpd unicode xattr zlib" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6 php7-0" POSTGRES_TARGETS="postgres9_5" PYTHON_SINGLE_TARGET="python3_4" PYTHON_TARGETS="python2_7 python3_4" RUBY_TARGETS="ruby21 ruby22" USERLAND="GNU" VIDEO_CARDS="fbdev glint mga r128 radeon dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

=================================================================
                        Package Settings
=================================================================

app-antivirus/clamav-0.99.2-r1::gentoo was built with the following:
USE="clamdtop ipv6 metadata-analysis-api milter static-libs -bzip2 -iconv -libressl (-selinux) (-uclibc)"


Reproducible: Always
Comment 1 Rolf Eike Beer archtester 2017-11-26 12:20:11 UTC
Created attachment 506716 [details]
build.log
Comment 2 Rolf Eike Beer archtester 2017-11-26 12:21:10 UTC
Created attachment 506718 [details]
test-suite.log
Comment 3 Thomas Raschbacher gentoo-dev 2018-04-20 12:17:04 UTC
please test this with current versions (preferrably 0.99.4 or 0.100.0)
Comment 4 Rolf Eike Beer archtester 2018-04-24 11:22:56 UTC
Created attachment 528416 [details]
build.log for 0.99.4

Error is still there.
Comment 5 Rolf Eike Beer archtester 2018-04-24 11:23:54 UTC
Created attachment 528418 [details]
build.log for 0.100.0

Error not in log. Given the many test errors I doubt it's really "fixed".
Comment 6 Rolf Eike Beer archtester 2019-03-04 21:39:45 UTC
I finally managed to get a backtrace. The problem the the unaligned cast to YR_RULE* as seen in the example and in the neighbor case.

#0  0xf7ced8ac in yr_execute_code (aclsig=0xf6d389b8, acdata=0xffffa934, context=0xffffa6c8, timeout=0, start_time=0) at yara_exec.c:434
#1  0xf7ae482c in yara_eval (ctx=0xffffaec4, root=0xf7218f44, acdata=0xffffa934, target_info=0xffffa880, hash=0xffffac70 "+\366\310@;[\nl\315\317\307Ǥ4P|", lsid=0) at matcher.c:840
#2  0xf7ae49b0 in cli_exp_eval (ctx=0xffffaec4, root=0xf7218f44, acdata=0xffffa934, target_info=0xffffa880, hash=0xffffac70 "+\366\310@;[\nl\315\317\307Ǥ4P|") at matcher.c:864
#3  0xf7ae5fbc in cli_fmap_scandesc (ctx=0xffffaec4, ftype=CL_TYPE_MSEXE, ftonly=0 '\000', ftoffset=0xffffab14, acmode=3, acres=0x0, refhash=0xffffac70 "+\366\310@;[\nl\315\317\307Ǥ4P|") at matcher.c:1244
#4  0xf7b1701c in cli_scanraw (ctx=0xffffaec4, type=CL_TYPE_MSEXE, typercg=1 '\001', dettype=0xffffac30, refhash=0xffffac70 "+\366\310@;[\nl\315\317\307Ǥ4P|") at scanners.c:2598
#5  0xf7b1b3f0 in magic_scandesc (ctx=0xffffaec4, type=CL_TYPE_MSEXE) at scanners.c:3674
#6  0xf7b1be40 in cli_base_scandesc (desc=4, filepath=0x700c6480 "/var/tmp/portage/app-antivirus/clamav-0.101.0/work/clamav-0.101.0/unit_tests/../test/clam-aspack.exe", ctx=0xffffaec4, type=CL_TYPE_ANY) at scanners.c:3824
#7  0xf7b1bed4 in cli_magic_scandesc (desc=4, filepath=0x700c6480 "/var/tmp/portage/app-antivirus/clamav-0.101.0/work/clamav-0.101.0/unit_tests/../test/clam-aspack.exe", ctx=0xffffaec4) at scanners.c:3836
#8  0xf7b1cf4c in scan_common (desc=4, map=0x0, filepath=0x700c5f00 "/var/tmp/portage/app-antivirus/clamav-0.101.0/work/clamav-0.101.0/unit_tests/../test/clam-aspack.exe", virname=0xffffb058, scanned=0x70038ad8 <info+20>, engine=0x70052048,
    scanoptions=0xffffb244, context=0xffffb074) at scanners.c:4112
#9  0xf7b1d0b0 in cl_scandesc_callback (desc=4, filename=0x700c5f00 "/var/tmp/portage/app-antivirus/clamav-0.101.0/work/clamav-0.101.0/unit_tests/../test/clam-aspack.exe", virname=0xffffb058, scanned=0x70038ad8 <info+20>, engine=0x70052048,
    scanoptions=0xffffb244, context=0xffffb074) at scanners.c:4261
#10 0x70010678 in scanfile (filename=0x700c5f00 "/var/tmp/portage/app-antivirus/clamav-0.101.0/work/clamav-0.101.0/unit_tests/../test/clam-aspack.exe", engine=0x70052048, opts=0x7004a650, options=0xffffb244) at manager.c:392
#11 0x70014530 in scanmanager (opts=0x7004a650) at manager.c:1206
#12 0x7000e7bc in main (argc=52, argv=0xffffb8e4) at clamscan.c:161
(gdb) l
429     #endif
430             break;
431
432           case OP_MATCH_RULE:
433             pop(r1);
434             rule = *(YR_RULE**)(ip + 1);
435             ip += sizeof(uint64_t);
436
437             if (!IS_UNDEFINED(r1) && r1)
438     #if REAL_YARA
Comment 7 Thomas Raschbacher gentoo-dev 2019-08-21 20:11:55 UTC
This version is not in the tree anymore, so closing it. if the problem still persists for you please reopen it.
Comment 8 Matt Turner gentoo-dev 2019-08-21 20:42:08 UTC
(In reply to Thomas Raschbacher from comment #7)
> This version is not in the tree anymore, so closing it. if the problem still
> persists for you please reopen it.

The absolute minimum you should do before closing a bug as OBSOLETE/UPSTREAM is at least a cursory glance at the source code to see if it's possible the problem has been fixed.

Rolf gave you a back trace and a line number of the exact spot the problem occurs. There's a pretty high likelihood that the problem is there, since yara_exec.c:434 still contains the exact same line.

Perhaps as the Gentoo maintainer you would be interested in reporting a bug upstream, or even attempting to fix the problem yourself? The surrounding code shows plenty of examples of how to do it.

Actually, upstream commit c0525b368b4e48e547f3969967adf0b01e939aa6 already fixed most of the issues, but for whatever reason did not fix this one (or the one above in the OP_PUSH_RULE case)

But seriously though: Bug opened nearly two years ago. Nothing from your side except a request for more testing (which the reporter did!) and then closing the bug, even when the reporter showed you exactly what the problem was. That's really bad.
Comment 9 Matt Turner gentoo-dev 2019-09-02 18:06:21 UTC
So we're back to just radio silence from the nominal maintainer?
Comment 10 Michael Orlitzky gentoo-dev 2019-09-03 02:39:55 UTC
Reported upstream at $URL. I also took a wild-ass guess at a patch, based on commit c0525b368b4 (thanks Matt). It doesn't crash my machine, so that's nice.
Comment 11 Thomas Raschbacher gentoo-dev 2019-09-27 11:21:25 UTC
(In reply to Matt Turner from comment #9)
> So we're back to just radio silence from the nominal maintainer?

sorry i seem to have missed some bug updates (yet again busy RL)
I closed the bug because that version was long out of the tree and I didn't have the time to look at the source code. -- and that'S also why I added to please re-open if it persists with newer versions, since I couldn't reproduce it on my machine


@mjo: seems that bug you linked is not publically accessible (i think clamav marks all bugs reported "private" until someone confirms it is not a security issue.
Comment 12 Michael Orlitzky gentoo-dev 2019-10-02 18:38:49 UTC
Yeah, I can't mark the bug as "public." There hasn't been any activity on it yet. The patch I suggested is below, although I should reiterate that I'm totally guessing.


index 94a477259..25ae7f135 100644
--- a/libclamav/yara_exec.c
+++ b/libclamav/yara_exec.c
@@ -420,7 +420,7 @@ int yr_execute_code(
         break;

       case OP_PUSH_RULE:
-        rule = *(YR_RULE**)(ip + 1);
+       memcpy(&rule, ip + 1, sizeof(YR_RULE*));
         ip += sizeof(uint64_t);
 #if REAL_YARA
         push(rule->t_flags[tidx] & RULE_TFLAGS_MATCH ? 1 : 0);
@@ -431,7 +431,7 @@ int yr_execute_code(

       case OP_MATCH_RULE:
         pop(r1);
-        rule = *(YR_RULE**)(ip + 1);
+       memcpy(&rule, ip + 1, sizeof(YR_RULE*));
         ip += sizeof(uint64_t);

         if (!IS_UNDEFINED(r1) && r1)
Comment 13 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-12-31 03:20:09 UTC
Did anything happen with this? bug is still private
Comment 14 Rolf Eike Beer archtester 2021-12-31 11:23:51 UTC
When testing with 0.104.1 I at least do not see any SIGBUS anymore, only test errors.
Comment 15 Matt Turner gentoo-dev 2022-02-19 01:13:33 UTC
mjo@: can you ping the upstream bug for us?
Comment 16 matoro archtester 2022-06-21 04:52:05 UTC
I've just tested the latest in-tree versions, and I don't see test errors on 0.104.2 or 0.104.3, at least on 64-bit.  Can I get a retest with the most recent in-tree?
Comment 17 Matt Turner gentoo-dev 2022-06-21 14:39:40 UTC
All the tests pass for me on 64-bit. I'll test 32-bit userland after I update my chroot.

I still see the same code in v0.104.3:

      case OP_PUSH_RULE:
        rule = *(YR_RULE**)(ip + 1);
...
      case OP_MATCH_RULE:
        pop(r1);
        rule = *(YR_RULE**)(ip + 1);


Maybe Cc'ing mjo@ directly will garner a response.
Comment 18 matoro archtester 2022-06-21 14:46:28 UTC
Tried 32-bit just now and tests do indeed fail there.  But SIGBUS seems gone, so if we want to solely keep this targeting 32-bit test failures we should drop the block on 371525 and instead block https://bugs.gentoo.org/843998
Comment 19 Michael Orlitzky gentoo-dev 2022-06-21 20:06:31 UTC
There hasn't been any activity on bugzilla, but the upstream development model is based on CADT. They've decided to rewrite in rust so this will be the least of your problems on sparc. I dropped myself as a maintainer from anything newer than the 0.103.x series that uses autotools and C.
Comment 20 matoro archtester 2022-06-21 21:38:11 UTC
I have a functioning rust toolchain on sparc, and I'm working with gyakolev on getting it published in https://bugs.gentoo.org/769467 (this is pending https://bugs.gentoo.org/842246 atm).  So we can worry about that when the time comes.

For the matter of this particular ticket, given that the issue directly addressed in the subject is gone, do you want to (a) close it as no longer present in in-tree versions or (b) change the ticket into tracking the test failures on 32-bit, and not consider it resolved until then?
Comment 21 Michael Orlitzky gentoo-dev 2022-06-21 21:57:57 UTC
(In reply to matoro from comment #20)
> 
> For the matter of this particular ticket, given that the issue directly
> addressed in the subject is gone, do you want to (a) close it as no longer
> present in in-tree versions or (b) change the ticket into tracking the test
> failures on 32-bit, and not consider it resolved until then?

Does this particular test still fail, but with something other than SIGBUS? Or are there other unrelated 32-bit sparc test failures?

In the first case I would say we should tweak the description of this bug, but in the second, this should be closed and a new bug can be used to track the failures and block bug 843998.
Comment 22 Matt Turner gentoo-dev 2022-06-21 22:11:08 UTC
The code has undefined behavior. It's just luck that it doesn't cause a problem on 64-bit SPARC.

I'll just write a patch since this is clearly not going to be fixed any other way.
Comment 23 Matt Turner gentoo-dev 2022-06-21 22:30:58 UTC
Created attachment 786614 [details, diff]
patch

You're right, the test no longer SIGBUSes, even without patching. Here is a patch to fix potential unaligned accesses, though it doesn't solve the test failures.
Comment 24 Michael Orlitzky gentoo-dev 2022-06-21 22:34:54 UTC
(In reply to Matt Turner from comment #23)
> Created attachment 786614 [details, diff] [details, diff]
> patch
> 
> You're right, the test no longer SIGBUSes, even without patching. Here is a
> patch to fix potential unaligned accesses, though it doesn't solve the test
> failures.

IMO you maximize your chances of getting this merged by submitting a PR to

  https://github.com/Cisco-Talos/clamav

It'll live to be a hundred if I post it to bugzilla.
Comment 25 matoro archtester 2022-07-30 16:49:02 UTC
(In reply to Matt Turner from comment #23)
> Created attachment 786614 [details, diff] [details, diff]
> patch
> 
> You're right, the test no longer SIGBUSes, even without patching. Here is a
> patch to fix potential unaligned accesses, though it doesn't solve the test
> failures.

Matt, what do you want to keep as the plan of action for this bug?  I see four options:

* Close as obsolete since the original alignment-related test failures are gone.
* Backport your patch to correct the UB, even though it's no longer causing visible problems, then close as obsolete.
* Mask as broken on 32-bit profiles only.  Leave unmasked on 64-bit since all tests pass there.
* Keep open until 32-bit test failures are resolved.  This would probably be indefinitely.
Comment 26 Larry the Git Cow gentoo-dev 2022-08-15 14:53:49 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=440f860fb3b880c3c2a90f46297a4b72ff2c69e4

commit 440f860fb3b880c3c2a90f46297a4b72ff2c69e4
Author:     matoro <matoro@users.noreply.github.com>
AuthorDate: 2022-08-06 02:42:39 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-08-15 14:53:40 +0000

    profiles/arch/sparc/32ul: mask app-antivirus/clamav
    
    Test failures on 32-bit, passes on 64-bit.
    
    Closes: https://bugs.gentoo.org/638888
    Closes: https://github.com/gentoo/gentoo/pull/26754
    Signed-off-by: Sam James <sam@gentoo.org>

 profiles/arch/sparc/32ul/package.mask     | 7 +++++++
 profiles/arch/sparc/32ul/package.use.mask | 9 +++++++++
 2 files changed, 16 insertions(+)