check_clamav test fails

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

Hi Jean,
that matches the error in [1].
But please do note that this is only in artful-proposed and the error prevents it from migrating there. I can only assume that the uploader is working on it anyway.

Until then please use the older version that is released [2], although this was still build when there was no artful release yet. Maybe it became a FTBFS [3] due to other changes in artful and this is why Gianfranco is working on it.

I'll subscribe him so he can share what he knows.

[1]: https://launchpadlibrarian.net/317947922/buildlog_ubuntu-artful-amd64.clamav_0.99.2+dfsg-6ubuntu1_BUILDING.txt.gz
[2]: https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-6
[3]: http://packaging.ubuntu.com/html/fixing-ftbfs.html

The reasons for it not building are outside my knowledge, doko did a llvm-defaults transition without checking and rebuilding rdeps, so I don't know when this started to be broken, and I don't know how to fix it.
Just FYI, even zesty is broken right now, in the mean that a no-change rebuild of clamav has the same testsuite failure.

Just use the package in release pocket should work, because this change is mostly to pick up versioned symbols in llvm, but this change is retro-compatible (just you wont' benefit from the versioned symbols, and then you might have runtime segfaults in case you mess up with many llvm installations)

so, @paelzer, please try to ask somebody else how to debug when it started failing, I don't plan to do more work here, specially because I don't know how/where to start :(

I did ask to the Debian maintainer help for this, with no answer so far

For anybody else who is trying to build clamav in current artful, you will need at least the attached fixes to reach the reported test error stage.

Pardon the incomplete DEP3 header as this is work in progress.

I tried rebuilding with llvm 3.8 and the same test fails. Given that the debian unstable package uses LVM 3.8, something else is going on here in the case of artful.

I also rebuilt the debian package with llvm-3.9, and the test also passes.

I tried to build it with:

apt-cache policy llvm
llvm:
  Installed: 1:4.0-34ubuntu2

I also had no issue when building from the exact same clamav sources (0.99.2+dfsg-6) while on Ubuntu yakkety which uses llvm-3.9.

It seems that the issue originates from incompatibility(ies) between clamav and llvm-4.0.

No, the test fails in artful even with llvm 3.8 or 3.9. It's something else in the toolchain I believe.

The failed test is caused by zlib 1.2.11 in zesty. Downgrading to 1.2.8 allows it to build successfully.

This bug was fixed in the package clamav - 0.99.2+dfsg-6ubuntu2

---------------
clamav (0.99.2+dfsg-6ubuntu2) artful; urgency=medium

  * SECURITY UPDATE: DoS via crafted e-mail message
    - debian/patches/CVE-2017-6418.patch: fix invalid read in
      libclamav/message.c.
    - CVE-2017-6418
  * SECURITY UPDATE: DoS via WWPack compression
    - debian/patches/CVE-2017-6420.patch: add bounds checks to
      libclamav/wwunpack.c.
    - debian/patches/CVE-2017-6420-2.patch: fix unit tests in
      libclamav/wwunpack.c, unit_tests/check_jsnorm.c.
    - CVE-2017-6420
  * debian/patches/fix_newer_zlib.patch: fix compatibility with zlib
    1.2.9 and newer (LP: #1692073).

 -- Marc Deslauriers <email address hidden> Tue, 15 Aug 2017 16:04:46 -0400

Building 0.99.2+dfsg-6ubuntu2 in **Zesty**:

dpkg-shlibdeps: error: no dependency information found for /usr/lib/libxml2.so.2 (used by debian/libclamav7/usr/lib/x86_64-linux-gnu/libclamav.so.7.1.1)
Hint: check if the library actually comes from a package.
dh_shlibdeps: dpkg-shlibdeps -Tdebian/libclamav7.substvars debian/libclamav7/usr/lib/x86_64-linux-gnu/libclamav.so.7.1.1 returned exit code 2
dh_shlibdeps: Aborting due to earlier error
debian/rules:71: recipe for target 'binary' failed
make: *** [binary] Error 25
dpkg-buildpackage: error: fakeroot debian/rules binary gave error exit status 2

Although:
# apt-cache policy libxml2-dev
libxml2-dev:
  Installed: 2.9.4+dfsg1-2.2

It turns out that the requested file does not exist in Zesty:
# apt-file search /usr/lib/libxml2.so.2
#

However, the same requested lib file is offered in another location by libxml2:
1) in Zesty:
-----------
# apt-file search libxml2.so.2
...
libxml2: /usr/lib/x86_64-linux-gnu/libxml2.so.2
...

2) in Artful:
------------
# dpkg --contents libxml2_2.9.4+dfsg1-3build2_amd64.deb | grep libxml2.so.2
-rw-r--r-- root/root 1801528 2017-08-02 22:08 ./usr/lib/x86_64-linux-gnu/libxml2.so.2.9.4
lrwxrwxrwx root/root 0 2017-08-02 22:08 ./usr/lib/x86_64-linux-gnu/libxml2.so.2 -> libxml2.so.2.9.4

In both Ubuntu releases, the file libxml2.so.2 is located in:
/usr/lib/x86_64-linux-gnu

If, and only if, I add the following 2 lines to debian/rules, the build passes:
override_dh_shlibdeps:
        dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info