Ubuntu
clamav package

freshclam crashed with SIGSEGV

Bug #766519 reported by David
70
This bug affects 14 people
Affects Status Importance Assigned to Milestone
clamav (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: clamav

freshclam (antivirus) crashes every boot just after I logged in (i'm using the unity 3d interface)

david@overlord:~$ lsb_release -rd
Description: Ubuntu Natty (development branch)
Release: 11.04

david@overlord:~$ sudo aptitude show clamav
[sudo] password for david:
Package: clamav
State: installed
Automatically installed: no
Version: 0.97+dfsg-2ubuntu1
Priority: optional
Section: utils
Maintainer: Ubuntu Developers <email address hidden>
Uncompressed Size: 643 k
Depends: libc6 (>= 2.7), libclamav6 (>= 0.97+dfsg), zlib1g (>= 1:1.1.4),
         clamav-freshclam | clamav-data
Recommends: clamav-base
Suggests: clamav-docs
Description: anti-virus utility for Unix - command-line interface
 Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this
 software is the integration with mail servers (attachment scanning). The
 package provides a flexible and scalable multi-threaded daemon in the
 clamav-daemon package, a command-line scanner in the clamav package, and a tool
 for automatic updating via the Internet in the clamav-freshclam package. The
 programs are based on libclamav6, which can be used by other software.

 This package contains the command line interface. Features:
 * built-in support for various archive formats, including Zip, Tar, Gzip,
   Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others;
 * built-in support for almost all mail file formats;
 * built-in support for ELF executables and Portable Executable files compressed
   with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE,
   Y0da Cryptor and others;
 * built-in support for popular document formats including Microsoft Office and
   Mac Office files, HTML, RTF and PDF.

 For scanning to work, a virus database is needed. There are two options for
 getting it:
 * clamav-freshclam: updates the database from Internet. This is recommended
   with Internet access.
 * clamav-data: for users without Internet access. The package is not updated
   once installed. The clamav-getfiles package allows creating custom packages
   from an Internet-connected computer.
Homepage: http://www.clamav.net/

ProblemType: Crash
DistroRelease: Ubuntu 11.04
Package: clamav-freshclam 0.97+dfsg-2ubuntu1
ProcVersionSignature: Ubuntu 2.6.38-8.42-generic 2.6.38.2
Uname: Linux 2.6.38-8-generic x86_64
NonfreeKernelModules: nvidia
Architecture: amd64
CrashCounter: 1
Date: Mon Apr 18 20:13:34 2011
ExecutablePath: /usr/bin/freshclam
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Beta 1 amd64 (20110329.1)
ProcCmdline: /usr/bin/freshclam -d --quiet
ProcEnviron: PATH=(custom, no user)
SegvAnalysis:
 Segfault happened at: 0x7f0021bf6346: movzbl (%rdx,%rax,1),%r13d
 PC (0x7f0021bf6346) ok
 source "(%rdx,%rax,1)" (0x02502000) not located in a known VMA region (needed readable region)!
 destination "%r13d" ok
SegvReason: reading unknown VMA
Signal: 11
SourcePackage: clamav
StacktraceTop:
 ?? () from /usr/lib/libclamav.so.6
 ?? () from /usr/lib/libclamav.so.6
 ?? () from /usr/lib/libclamav.so.6
 ?? () from /usr/lib/libclamav.so.6
 ?? () from /usr/lib/libclamav.so.6
Title: freshclam crashed with SIGSEGV
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

Tags: natty
Revision history for this message
David (davilando) wrote :

some extra info:
it is a new laptop, and I installed a fresh ubuntu natty narwhal (11.04) beta 1
and updated all packages using 'sudo aptitude update && sudo aptitude safe-upgrade'

Revision history for this message
David (davilando) wrote :
Download full text (6.8 KiB)

some cpu info:

david@overlord:~$ cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
stepping : 7
cpu MHz : 800.000
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 x2apic popcnt xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 3991.39
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
stepping : 7
cpu MHz : 800.000
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 1
initial apicid : 1
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 x2apic popcnt xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 3990.93
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
stepping : 7
cpu MHz : 800.000
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 1
cpu cores : 4
apicid : 2
initial apicid : 2
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 x2apic popcnt xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 3990.94
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
stepping : 7
cpu MHz : 800.000
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 1
cpu cores : 4
apicid : 3
initial apicid : 3
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf p...

Read more...

visibility: private → public
Revision history for this message
Apport retracing service (apport) wrote : This bug is a duplicate

Thank you for taking the time to report this crash and helping to make Ubuntu better. This particular crash has already been reported and is a duplicate of bug #743608, so is being marked as such. Please look at the other bug report to see if there is any missing information that you can provide, or to see if there is a workaround for the bug. Additionally, any further discussion regarding the bug should occur in the other report. Please continue to report any other bugs you may find.

Sebastien Bacher (seb128)
tags: removed: need-amd64-retrace
tags: removed: apport-crash
tags: removed: amd64
Revision history for this message
Chuck Short (zulcss) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. Please try to obtain a backtrace following the instructions at http://wiki.ubuntu.com/DebuggingProgramCrash and upload the backtrace (as an attachment) to the bug report. This will greatly help us in tracking down your problem.

Changed in clamav (Ubuntu):
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for clamav (Ubuntu) because there has been no activity for 60 days.]

Changed in clamav (Ubuntu):
status: Incomplete → Expired
Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

After deleting every file in /var/lib/clamav/ clamav-freshclam can be restarted and it starts downloading the files again. The download seems to finish but I still get these:

kernel: [ 1165.168309] freshclam[3110]: segfault at 1691000 ip 00007fd6ca80d046 sp 00007fffff2cbff0 error 4 in libclamav.so.6.1.9[7fd6ca5b1000+995000]
jupiter kernel: [ 1342.524325] freshclam[3498]: segfault at 214f000 ip 00007fcca197f046 sp 00007fffe15fa9f0 error 4 in libclamav.so.6.1.9[7fcca1723000+995000]

Revision history for this message
Török Edwin (edwintorok) wrote : Re: [Bug 766519] Re: freshclam crashed with SIGSEGV

On 2011-08-11 23:15, rpkrawczyk wrote:
> After deleting every file in /var/lib/clamav/ clamav-freshclam can be
> restarted and it starts downloading the files again. The download seems
> to finish but I still get these:
>
> kernel: [ 1165.168309] freshclam[3110]: segfault at 1691000 ip 00007fd6ca80d046 sp 00007fffff2cbff0 error 4 in libclamav.so.6.1.9[7fd6ca5b1000+995000]
> jupiter kernel: [ 1342.524325] freshclam[3498]: segfault at 214f000 ip 00007fcca197f046 sp 00007fffe15fa9f0 error 4 in libclamav.so.6.1.9[7fcca1723000+995000]
>

Can you install the -dbg package for libclamav6, run freshclam again to get a better stacktrace?

Best regards,
--Edwin

Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

Hi Edwin!

There is no libclamav6-dbg package for Natty, I only found clamav-dbg but no further output was visible. I ran "catchsegv freshclam" and got the following:

ClamAV update process started at Sun Aug 14 21:35:27 2011
main.cvd is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
daily.cld is up to date (version: 13436, sigs: 173696, f-level: 60, builder: guitar)
Downloading bytecode.cvd [100%]
ERROR: During database load : *** Segmentation fault [...] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
ERROR: Database load killed by signal 11
ERROR: Failed to load new database: No viruses detected

What else can I do?
Ciao,
Robert

Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

Oh, I forgot ("dpkg -l '*clamav*'|grep ^ii"):

ii clamav 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - command-line interface
ii clamav-base 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - base package
ii clamav-dbg 0.97+dfsg-2ubuntu1.1 debug symbols for ClamAV
ii clamav-freshclam 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - virus database update utility
ii libclamav6 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - library

Revision history for this message
Török Edwin (edwintorok) wrote :

On 2011-08-14 22:38, rpkrawczyk wrote:
> Hi Edwin!
>
> There is no libclamav6-dbg package for Natty, I only found clamav-dbg
> but no further output was visible. I ran "catchsegv freshclam" and got
> the following:
>
> ClamAV update process started at Sun Aug 14 21:35:27 2011
> main.cvd is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
> daily.cld is up to date (version: 13436, sigs: 173696, f-level: 60, builder: guitar)
> Downloading bytecode.cvd [100%]
> ERROR: During database load : *** Segmentation fault [...] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
> ERROR: Database load killed by signal 11
> ERROR: Failed to load new database: No viruses detected

> What else can I do?

Try:
wget database.clamav.net/bytecode.cvd
clamscan -dbytecode.cvd /dev/null

> Ciao,
> Robert
>

Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

This is a strace of a freshclam run. Maybe this can pinpoint the problem. Interestingly the mmap and lseek give an "illegal seek", maybe there is the problem? Error of memory mapping the file? 64bit issue?

Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

Hi!

> Try:
> wget database.clamav.net/bytecode.cvd
> clamscan -dbytecode.cvd /dev/null

OK, this crashes also... I have attached the output of "catchsegv
clamscan -dbytecode.cvd /dev/null". Anything else?

Ciao,
Robert

Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

Had some problems sending the mail... The command:

> clamscan -dbytecode.cvd /dev/null

fails with SEGV, please find attached a catchsegv output.

Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

An munmap segfaults! See attachment...

Revision history for this message
Török Edwin (edwintorok) wrote :

On 2011-08-14 22:46, rpkrawczyk wrote:
> Oh, I forgot ("dpkg -l '*clamav*'|grep ^ii"):
>
> ii clamav 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - command-line interface
> ii clamav-base 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - base package
> ii clamav-dbg 0.97+dfsg-2ubuntu1.1 debug symbols for ClamAV
> ii clamav-freshclam 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - virus database update utility
> ii libclamav6 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - library
>

Why are you running 0.97? Latest is 0.97.2.
Even 0.97.1 contains a fix especially for your CPU (i7 with AVX extensions):

commit b25d747bae9a804499c33c85982a4b1b6220ab32
Author: Török Edvin <email address hidden>
Date: Wed May 4 13:58:55 2011 +0300

    LLVM: don't assert on AVX chips (cherry-pick from upstream), bb #2763

    LLVM was claiming it cannot lower MEMBARRIER on chips with AVX, because
    some debugging code was left behind that deactivated SSE2, even though these
    chips do have SSE2.
    Also regenerate the codegen tables.

Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

Hi Edwin!

> Why are you running 0.97? Latest is 0.97.2.
> Even 0.97.1 contains a fix especially for your CPU (i7 with AVX extensions):
>

Hmm, packages.ubuntu.com says for libclamav for Natty:

Package libclamav6

    * natty (libs): anti-virus utility for Unix - library
      0.97+dfsg-2ubuntu1.1 [security]: amd64 i386

Package libclamav6

    * natty-updates (libs): anti-virus utility for Unix - library
      0.97+dfsg-2ubuntu1.1: amd64 i386

Is this a problem with packaging? Or did I bork my sources.list? Will
check when at home...

Ciao,
Robert

--
 (o_  Dr. Robert P. Krawczyk
 //\
 V_/

Revision history for this message
Török Edwin (edwintorok) wrote :

On 08/15/2011 05:19 PM, Robert Krawczyk wrote:
> Hi Edwin!
>
>> Why are you running 0.97? Latest is 0.97.2.
>> Even 0.97.1 contains a fix especially for your CPU (i7 with AVX extensions):
>>
>
> Hmm, packages.ubuntu.com says for libclamav for Natty:
>
>
> Package libclamav6
>
> * natty (libs): anti-virus utility for Unix - library
> 0.97+dfsg-2ubuntu1.1 [security]: amd64 i386
>
> Package libclamav6
>
> * natty-updates (libs): anti-virus utility for Unix - library
> 0.97+dfsg-2ubuntu1.1: amd64 i386
>
>
>
> Is this a problem with packaging? Or did I bork my sources.list? Will
> check when at home...

The PPAs/backports may have newer packages

>
> Ciao,
> Robert
>

Revision history for this message
Scott Kitterman (kitterman) wrote :

No. The problem is busy maintainer didn't get a chance to package the update
for Natty yet.

Revision history for this message
Imre Gergely (cemc) wrote :

0.97.2 is not in Natty (yet). Could you please try it from the clamav PPA and let us know if it solves your problem?

You should just

sudo add-apt-repository ppa:ubuntu-clamav/ppa

and then 'apt-get update', this should update your clamav install with the one from the PPA (0.97.2).

Thanks.

Imre Gergely (cemc)
Changed in clamav (Ubuntu):
status: Expired → Incomplete
Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

Hi Imre!

That did the trick! Here is the output from clamav.log:

  -- 8< --
Mon Aug 15 21:59:41 2011 -> freshclam daemon 0.97.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Mon Aug 15 21:59:41 2011 -> ClamAV update process started at Mon Aug 15 21:59:41 2011
Mon Aug 15 21:59:41 2011 -> main.cvd is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
Mon Aug 15 21:59:41 2011 -> daily.cld is up to date (version: 13440, sigs: 174064, f-level: 60, builder: arnaud)
Mon Aug 15 21:59:41 2011 -> bytecode.cvd is up to date (version: 144, sigs: 41, f-level: 60, builder: edwin)
  -- 8< --

Do you need anything else?

Thank you all very much!

Revision history for this message
Imre Gergely (cemc) wrote :

Thanks for reporting back, I guess we can mark this as confirmed.

Changed in clamav (Ubuntu):
status: Incomplete → Confirmed
Revision history for this message
rpkrawczyk (rpkrawczyk) wrote :

This is fixed in 12.04!

Changed in clamav (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
Hans-Jörn Thöming (hjthoeming) wrote :

When will this be fixed in 10.04?

Revision history for this message
Scott Kitterman (kitterman) wrote :

A fixed package is available in lucid-backports for 10.04.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.