Ubuntu
reprepro package

reprepro feeds bad data to unzstd with libarchive 3.6.2 on s390x

Bug #2008508 reported by Simon Chopin
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
reprepro (Ubuntu)
Fix Released
High
Simon Chopin

Bug Description

I was only able to reproduce this using a single-threaded s390x VM with 2GB of RAM.

See https://autopkgtest.ubuntu.com/results/autopkgtest-lunar/lunar/s390x/r/reprepro/20230223_161449_e244d@/log.gz

autopkgtest [16:14:36]: test import-hello.sh: [-----------------------
Get:1 http://ftpmaster.internal/ubuntu lunar/main s390x hello s390x 2.10-3 [26.1 kB]
Fetched 26.1 kB in 1s (50.4 kB/s)
zstd: /*stdout*\: Broken pipe
Exporting indices...

Revision history for this message
Simon Chopin (schopin) wrote :

After a long investigation, it turns out the issue is not related to libarchive 3.6.2, but rather to a race condition between reprepro and the external decompression tool it invokes.

See https://salsa.debian.org/debian/reprepro/-/merge_requests/6 for a fix, currently building in https://launchpad.net/~schopin/+archive/ubuntu/reprepro

Simon Chopin (schopin)
Changed in reprepro (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package reprepro - 5.3.1-1ubuntu1

---------------
reprepro (5.3.1-1ubuntu1) lunar; urgency=medium

  * d/p/0001-uncompress-wait-until-the-child-as-exited-to-close-t.patch:
    Fix a race condition when using external decompressors (LP: #2008508)

 -- Simon Chopin <email address hidden> Tue, 28 Feb 2023 12:35:59 +0100

Changed in reprepro (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Christoph Fiehe (cfiehe) wrote :

I am not sure, if this fix is related to this issue: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056380

We are facing the same problem, that is described in the Debian bug report with every version of reprepro >= 5.3.1-1ubuntu1 on Ubuntu. reprepro occasionally hangs indefinitely waiting on unzstd.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.