Ubuntu

freshclam crashed with SIGSEGV

Reported by David on 2011-04-19
66
This bug affects 13 people
Affects Status Importance Assigned to Milestone
clamav (Ubuntu)
Undecided
Unassigned

Bug Description

Binary package hint: clamav

freshclam (antivirus) crashes every boot just after I logged in (i'm using the unity 3d interface)

david@overlord:~$ lsb_release -rd
Description: Ubuntu Natty (development branch)
Release: 11.04

david@overlord:~$ sudo aptitude show clamav
[sudo] password for david:
Package: clamav
State: installed
Automatically installed: no
Version: 0.97+dfsg-2ubuntu1
Priority: optional
Section: utils
Maintainer: Ubuntu Developers <email address hidden>
Uncompressed Size: 643 k
Depends: libc6 (>= 2.7), libclamav6 (>= 0.97+dfsg), zlib1g (>= 1:1.1.4),
         clamav-freshclam | clamav-data
Recommends: clamav-base
Suggests: clamav-docs
Description: anti-virus utility for Unix - command-line interface
 Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this
 software is the integration with mail servers (attachment scanning). The
 package provides a flexible and scalable multi-threaded daemon in the
 clamav-daemon package, a command-line scanner in the clamav package, and a tool
 for automatic updating via the Internet in the clamav-freshclam package. The
 programs are based on libclamav6, which can be used by other software.

 This package contains the command line interface. Features:
 * built-in support for various archive formats, including Zip, Tar, Gzip,
   Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others;
 * built-in support for almost all mail file formats;
 * built-in support for ELF executables and Portable Executable files compressed
   with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE,
   Y0da Cryptor and others;
 * built-in support for popular document formats including Microsoft Office and
   Mac Office files, HTML, RTF and PDF.

 For scanning to work, a virus database is needed. There are two options for
 getting it:
 * clamav-freshclam: updates the database from Internet. This is recommended
   with Internet access.
 * clamav-data: for users without Internet access. The package is not updated
   once installed. The clamav-getfiles package allows creating custom packages
   from an Internet-connected computer.
Homepage: http://www.clamav.net/

ProblemType: Crash
DistroRelease: Ubuntu 11.04
Package: clamav-freshclam 0.97+dfsg-2ubuntu1
ProcVersionSignature: Ubuntu 2.6.38-8.42-generic 2.6.38.2
Uname: Linux 2.6.38-8-generic x86_64
NonfreeKernelModules: nvidia
Architecture: amd64
CrashCounter: 1
Date: Mon Apr 18 20:13:34 2011
ExecutablePath: /usr/bin/freshclam
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Beta 1 amd64 (20110329.1)
ProcCmdline: /usr/bin/freshclam -d --quiet
ProcEnviron: PATH=(custom, no user)
SegvAnalysis:
 Segfault happened at: 0x7f0021bf6346: movzbl (%rdx,%rax,1),%r13d
 PC (0x7f0021bf6346) ok
 source "(%rdx,%rax,1)" (0x02502000) not located in a known VMA region (needed readable region)!
 destination "%r13d" ok
SegvReason: reading unknown VMA
Signal: 11
SourcePackage: clamav
StacktraceTop:
 ?? () from /usr/lib/libclamav.so.6
 ?? () from /usr/lib/libclamav.so.6
 ?? () from /usr/lib/libclamav.so.6
 ?? () from /usr/lib/libclamav.so.6
 ?? () from /usr/lib/libclamav.so.6
Title: freshclam crashed with SIGSEGV
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

David (davilando) wrote :

some extra info:
it is a new laptop, and I installed a fresh ubuntu natty narwhal (11.04) beta 1
and updated all packages using 'sudo aptitude update && sudo aptitude safe-upgrade'

David (davilando) wrote :
Download full text (6.8 KiB)

some cpu info:

david@overlord:~$ cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
stepping : 7
cpu MHz : 800.000
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 x2apic popcnt xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 3991.39
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
stepping : 7
cpu MHz : 800.000
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 0
cpu cores : 4
apicid : 1
initial apicid : 1
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 x2apic popcnt xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 3990.93
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
stepping : 7
cpu MHz : 800.000
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 1
cpu cores : 4
apicid : 2
initial apicid : 2
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 x2apic popcnt xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 3990.94
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
stepping : 7
cpu MHz : 800.000
cache size : 6144 KB
physical id : 0
siblings : 8
core id : 1
cpu cores : 4
apicid : 3
initial apicid : 3
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf p...

Read more...

visibility: private → public

Thank you for taking the time to report this crash and helping to make Ubuntu better. This particular crash has already been reported and is a duplicate of bug #743608, so is being marked as such. Please look at the other bug report to see if there is any missing information that you can provide, or to see if there is a workaround for the bug. Additionally, any further discussion regarding the bug should occur in the other report. Please continue to report any other bugs you may find.

tags: removed: need-amd64-retrace
tags: removed: apport-crash
tags: removed: amd64
Chuck Short (zulcss) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. Please try to obtain a backtrace following the instructions at http://wiki.ubuntu.com/DebuggingProgramCrash and upload the backtrace (as an attachment) to the bug report. This will greatly help us in tracking down your problem.

Changed in clamav (Ubuntu):
status: New → Incomplete
Launchpad Janitor (janitor) wrote :

[Expired for clamav (Ubuntu) because there has been no activity for 60 days.]

Changed in clamav (Ubuntu):
status: Incomplete → Expired
rpkrawczyk (rpkrawczyk) wrote :

After deleting every file in /var/lib/clamav/ clamav-freshclam can be restarted and it starts downloading the files again. The download seems to finish but I still get these:

kernel: [ 1165.168309] freshclam[3110]: segfault at 1691000 ip 00007fd6ca80d046 sp 00007fffff2cbff0 error 4 in libclamav.so.6.1.9[7fd6ca5b1000+995000]
jupiter kernel: [ 1342.524325] freshclam[3498]: segfault at 214f000 ip 00007fcca197f046 sp 00007fffe15fa9f0 error 4 in libclamav.so.6.1.9[7fcca1723000+995000]

On 2011-08-11 23:15, rpkrawczyk wrote:
> After deleting every file in /var/lib/clamav/ clamav-freshclam can be
> restarted and it starts downloading the files again. The download seems
> to finish but I still get these:
>
> kernel: [ 1165.168309] freshclam[3110]: segfault at 1691000 ip 00007fd6ca80d046 sp 00007fffff2cbff0 error 4 in libclamav.so.6.1.9[7fd6ca5b1000+995000]
> jupiter kernel: [ 1342.524325] freshclam[3498]: segfault at 214f000 ip 00007fcca197f046 sp 00007fffe15fa9f0 error 4 in libclamav.so.6.1.9[7fcca1723000+995000]
>

Can you install the -dbg package for libclamav6, run freshclam again to get a better stacktrace?

Best regards,
--Edwin

rpkrawczyk (rpkrawczyk) wrote :

Hi Edwin!

There is no libclamav6-dbg package for Natty, I only found clamav-dbg but no further output was visible. I ran "catchsegv freshclam" and got the following:

ClamAV update process started at Sun Aug 14 21:35:27 2011
main.cvd is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
daily.cld is up to date (version: 13436, sigs: 173696, f-level: 60, builder: guitar)
Downloading bytecode.cvd [100%]
ERROR: During database load : *** Segmentation fault [...] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
ERROR: Database load killed by signal 11
ERROR: Failed to load new database: No viruses detected

What else can I do?
Ciao,
Robert

rpkrawczyk (rpkrawczyk) wrote :

Oh, I forgot ("dpkg -l '*clamav*'|grep ^ii"):

ii clamav 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - command-line interface
ii clamav-base 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - base package
ii clamav-dbg 0.97+dfsg-2ubuntu1.1 debug symbols for ClamAV
ii clamav-freshclam 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - virus database update utility
ii libclamav6 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - library

On 2011-08-14 22:38, rpkrawczyk wrote:
> Hi Edwin!
>
> There is no libclamav6-dbg package for Natty, I only found clamav-dbg
> but no further output was visible. I ran "catchsegv freshclam" and got
> the following:
>
> ClamAV update process started at Sun Aug 14 21:35:27 2011
> main.cvd is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
> daily.cld is up to date (version: 13436, sigs: 173696, f-level: 60, builder: guitar)
> Downloading bytecode.cvd [100%]
> ERROR: During database load : *** Segmentation fault [...] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
> ERROR: Database load killed by signal 11
> ERROR: Failed to load new database: No viruses detected

> What else can I do?

Try:
wget database.clamav.net/bytecode.cvd
clamscan -dbytecode.cvd /dev/null

> Ciao,
> Robert
>

rpkrawczyk (rpkrawczyk) wrote :

This is a strace of a freshclam run. Maybe this can pinpoint the problem. Interestingly the mmap and lseek give an "illegal seek", maybe there is the problem? Error of memory mapping the file? 64bit issue?

rpkrawczyk (rpkrawczyk) wrote :

Hi!

> Try:
> wget database.clamav.net/bytecode.cvd
> clamscan -dbytecode.cvd /dev/null

OK, this crashes also... I have attached the output of "catchsegv
clamscan -dbytecode.cvd /dev/null". Anything else?

Ciao,
Robert

rpkrawczyk (rpkrawczyk) wrote :

Had some problems sending the mail... The command:

> clamscan -dbytecode.cvd /dev/null

fails with SEGV, please find attached a catchsegv output.

rpkrawczyk (rpkrawczyk) wrote :

An munmap segfaults! See attachment...

On 2011-08-14 22:46, rpkrawczyk wrote:
> Oh, I forgot ("dpkg -l '*clamav*'|grep ^ii"):
>
> ii clamav 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - command-line interface
> ii clamav-base 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - base package
> ii clamav-dbg 0.97+dfsg-2ubuntu1.1 debug symbols for ClamAV
> ii clamav-freshclam 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - virus database update utility
> ii libclamav6 0.97+dfsg-2ubuntu1.1 anti-virus utility for Unix - library
>

Why are you running 0.97? Latest is 0.97.2.
Even 0.97.1 contains a fix especially for your CPU (i7 with AVX extensions):

commit b25d747bae9a804499c33c85982a4b1b6220ab32
Author: Török Edvin <email address hidden>
Date: Wed May 4 13:58:55 2011 +0300

    LLVM: don't assert on AVX chips (cherry-pick from upstream), bb #2763

    LLVM was claiming it cannot lower MEMBARRIER on chips with AVX, because
    some debugging code was left behind that deactivated SSE2, even though these
    chips do have SSE2.
    Also regenerate the codegen tables.

rpkrawczyk (rpkrawczyk) wrote :

Hi Edwin!

> Why are you running 0.97? Latest is 0.97.2.
> Even 0.97.1 contains a fix especially for your CPU (i7 with AVX extensions):
>

Hmm, packages.ubuntu.com says for libclamav for Natty:

Package libclamav6

    * natty (libs): anti-virus utility for Unix - library
      0.97+dfsg-2ubuntu1.1 [security]: amd64 i386

Package libclamav6

    * natty-updates (libs): anti-virus utility for Unix - library
      0.97+dfsg-2ubuntu1.1: amd64 i386

Is this a problem with packaging? Or did I bork my sources.list? Will
check when at home...

Ciao,
Robert

--
 (o_  Dr. Robert P. Krawczyk
 //\
 V_/

On 08/15/2011 05:19 PM, Robert Krawczyk wrote:
> Hi Edwin!
>
>> Why are you running 0.97? Latest is 0.97.2.
>> Even 0.97.1 contains a fix especially for your CPU (i7 with AVX extensions):
>>
>
> Hmm, packages.ubuntu.com says for libclamav for Natty:
>
>
> Package libclamav6
>
> * natty (libs): anti-virus utility for Unix - library
> 0.97+dfsg-2ubuntu1.1 [security]: amd64 i386
>
> Package libclamav6
>
> * natty-updates (libs): anti-virus utility for Unix - library
> 0.97+dfsg-2ubuntu1.1: amd64 i386
>
>
>
> Is this a problem with packaging? Or did I bork my sources.list? Will
> check when at home...

The PPAs/backports may have newer packages

>
> Ciao,
> Robert
>

Scott Kitterman (kitterman) wrote :

No. The problem is busy maintainer didn't get a chance to package the update
for Natty yet.

Imre Gergely (cemc) wrote :

0.97.2 is not in Natty (yet). Could you please try it from the clamav PPA and let us know if it solves your problem?

You should just

sudo add-apt-repository ppa:ubuntu-clamav/ppa

and then 'apt-get update', this should update your clamav install with the one from the PPA (0.97.2).

Thanks.

Imre Gergely (cemc) on 2011-08-15
Changed in clamav (Ubuntu):
status: Expired → Incomplete
rpkrawczyk (rpkrawczyk) wrote :

Hi Imre!

That did the trick! Here is the output from clamav.log:

  -- 8< --
Mon Aug 15 21:59:41 2011 -> freshclam daemon 0.97.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Mon Aug 15 21:59:41 2011 -> ClamAV update process started at Mon Aug 15 21:59:41 2011
Mon Aug 15 21:59:41 2011 -> main.cvd is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
Mon Aug 15 21:59:41 2011 -> daily.cld is up to date (version: 13440, sigs: 174064, f-level: 60, builder: arnaud)
Mon Aug 15 21:59:41 2011 -> bytecode.cvd is up to date (version: 144, sigs: 41, f-level: 60, builder: edwin)
  -- 8< --

Do you need anything else?

Thank you all very much!

Imre Gergely (cemc) wrote :

Thanks for reporting back, I guess we can mark this as confirmed.

Changed in clamav (Ubuntu):
status: Incomplete → Confirmed
rpkrawczyk (rpkrawczyk) wrote :

This is fixed in 12.04!

Changed in clamav (Ubuntu):
status: Confirmed → Fix Released

When will this be fixed in 10.04?

Scott Kitterman (kitterman) wrote :

A fixed package is available in lucid-backports for 10.04.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers