Bug 11896

Summary: bunzip2: bunzip fails testsuite on s390x Conditional jump or move depends on uninitialised value(s)
Product: Busybox Reporter: Dimitri John Ledkov <xnox>
Component: OtherAssignee: unassigned
Status: RESOLVED FIXED    
Severity: normal CC: busybox-cvs
Priority: P5    
Version: 1.30.x   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Host: Target:
Build:

Description Dimitri John Ledkov 2019-05-23 10:56:10 UTC 
Originally reported at https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/1828282 with initial suspicion at glibc, however later diagnosed to be a busybox issue.

The full analysis is at https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/1828282/comments/1

In short bz2_issue_11.bz2 test case always fails on s390x since bunzip2 depends on uninitialised values, which happen to always be "wrong" on s390x.

This is observable with valgrind too:

# valgrind busybox bunzip2 <bz2_issue_11.bz2 2>&1 >/dev/null
==40965== Memcheck, a memory error detector
==40965== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==40965== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==40965== Command: busybox bunzip2
==40965== 
==40965== Conditional jump or move depends on uninitialised value(s)
==40965==    at 0x17C1D4: get_next_block (decompress_bunzip2.c:393)
==40965==    by 0x17C37F: get_next_block (decompress_bunzip2.c:419)
==40965== 
bunzip2: bunzip error -5
==40965== 
==40965== HEAP SUMMARY:
==40965==     in use at exit: 0 bytes in 0 blocks
==40965==   total heap usage: 7 allocs, 7 frees, 4,539,696 bytes allocated
==40965== 
==40965== All heap blocks were freed -- no leaks are possible
==40965== 
==40965== For counts of detected and suppressed errors, rerun with: -v
==40965== Use --track-origins=yes to see where uninitialised values come from
==40965== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)


For the time being we are skipping the bz2_issue_11.bz2 test case in ubuntu.
Comment 1 Denys Vlasenko 2019-05-23 12:55:43 UTC 
Fixed in git, lots of thanks!
Comment 2 Dimitri John Ledkov 2019-05-23 14:07:05 UTC 
Nice!

It is valgrind clean now, but the testsuite fails:

$ ./bunzip2.tests 
PASS: bunzip2: doesnt exist
PASS: bunzip2: unknown suffix
PASS: bunzip2: already exists
PASS: bunzip2: stream unpack
PASS: bunzip2: delete src
PASS: bunzip2: test_bz2 file
PASS: bunzip2: pbzip_4m_zeros file
PASS: bunzip2: bz2_issue_11.bz2 corrupted example
FAIL: bunzip2: bz2_issue_12.bz2 corrupted example

Maybe, now that this is fixed, the issue_12 expectation should be changed?

It currently expects "bunzip2: bunzip error -3:1", yet we now generate "bunzip2: bunzip error -5:1" (just like issue_11 corrupted example)
Comment 3 Dimitri John Ledkov 2019-05-27 23:49:37 UTC 
Test suite got fixed in master too, all is good:
https://git.busybox.net/busybox/commit/?id=b2c123d484dbe261758f27ced213f4649173803b

Thanks a lot for the quick fixes! Included in Ubuntu devel series.