From owner-freebsd-ports@FreeBSD.ORG  Fri Aug 27 17:06:53 2010
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B551E1065697
	for <ports@freebsd.org>; Fri, 27 Aug 2010 17:06:53 +0000 (UTC)
	(envelope-from glen.j.barber@gmail.com)
Received: from mail-pz0-f54.google.com (mail-pz0-f54.google.com
	[209.85.210.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 814BB8FC21
	for <ports@freebsd.org>; Fri, 27 Aug 2010 17:06:53 +0000 (UTC)
Received: by pzk7 with SMTP id 7so1336623pzk.13
	for <ports@freebsd.org>; Fri, 27 Aug 2010 10:06:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:date:from
	:user-agent:mime-version:to:cc:subject:references:in-reply-to
	:x-enigmail-version:content-type:content-transfer-encoding;
	bh=Ecgj2tzkWycDKvkQ4D00o4JH4OTe2Iy1eAbvl9QZ76c=;
	b=fK58QcWNvikETomjT4jjFNtdhehXEHtXZIioWeuu7J65rOAXYl5edrNPV3qKn6ptRF
	6vupJ3Yfxq3pZNUwyRPnL/ocisjpVEn4svF4YyGi9uabV8cxEc+c162WjI/63F84I1Dv
	BbKFU4JYDz5pPI6cyNVj5j7xw/QO0PPZ0gRnI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:date:from:user-agent:mime-version:to:cc:subject
	:references:in-reply-to:x-enigmail-version:content-type
	:content-transfer-encoding;
	b=mLY13pkvgisvYU5DdL2wxoYpz2Psg30yUOY+OzkKZujdQwPTwVFPTZ8G6KskSCMbty
	XWV0cmRHr7JS7vq13v+qrZW11jXRyDl4I8P7UIvwFvDexwjpV5t4r1rMCCg2Y3VDQp3K
	wCi/Z8vZhs6By9k8JRuakuTzxy79q6oMMyBuA=
Received: by 10.143.43.11 with SMTP id v11mr1515158wfj.86.1282928812883;
	Fri, 27 Aug 2010 10:06:52 -0700 (PDT)
Received: from schism.local
	(173-161-130-225-Philadelphia.hfc.comcastbusiness.net
	[173.161.130.225])
	by mx.google.com with ESMTPS id p26sm1220634vcr.27.2010.08.27.10.06.50
	(version=SSLv3 cipher=RC4-MD5); Fri, 27 Aug 2010 10:06:51 -0700 (PDT)
Message-ID: <4C77F0A9.6030807@gmail.com>
Date: Fri, 27 Aug 2010 13:06:49 -0400
From: Glen Barber <glen.j.barber@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;
	rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: Jeremy Chadwick <freebsd@jdc.parodius.com>
References: <4C77DB15.5010501@gmail.com> <20100827163310.GD67795@home.opsec.eu>
	<4C77EBF8.9020405@gmail.com>
	<20100827165423.GA32102@icarus.home.lan>
In-Reply-To: <20100827165423.GA32102@icarus.home.lan>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: ports@freebsd.org, Kurt Jaeger <lists@opsec.eu>
Subject: Re: security/clamav: Segmentation fault when running clamav in a
 32-bit jail on a 64-bit host
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Aug 2010 17:06:53 -0000

On 8/27/10 12:54 PM, Jeremy Chadwick wrote:
> On Fri, Aug 27, 2010 at 12:46:48PM -0400, Glen Barber wrote:
>> On 8/27/10 12:33 PM, Kurt Jaeger wrote:
>>> Hi!
>>>
>>>> I have a few clamav instances running in jails on 32-bit hosts without
>>>> any issues.  A few days ago one of these jails was migrated to a 64-bit
>>>> host (8.1-RELEASE), where I noticed clamd (0.96.2_1) segfaults when queried.
>>>>
>>>> The issue seems specific to 32bit/64bit compatibility.  I have a gdb
>>>> session available here: http://gist.github.com/549964
>>>>
>>>> Any thoughts on if this is possible?
>>>
>>> Try
>>>
>>> Bytecode no
>>>
>>> in clamd.conf ?
>>>
>>
>> It was set to 'yes' initially.  I thought it was disabled with building
>> without JIT.  At any rate, no, it still segfaults with the same backtrace.
> 
> 1) Is clamd built with debugging symbols enabled?  If not, you might want
> to rebuild it with such, else it might be difficult to debug the
> problem.
> 

It wasn't initially, but is now.

> Also, if the segfault happens after performing the above, can you
> provide output from "bt full" instead of just "bt"?
> 

Of course.  The new backtrace is here: http://gist.github.com/553734

> 2) Was the software rebuilt from source after the upgrade from i386 to
> amd64, or are you expecting the software to work without any hitches
> running on amd64 with lib32 (32-bit compatibility libaries)?  The latter
> is not always possible/the case.
> 

clamav was rebuilt from ports.  I previously went as far as downgrading
to the previous version, to rule out something between 0.96.1 and
0.96.2; same results there.

> I have no familiarity with the software or functions in question, but an
> initial guess would be that some piece of the code is making assumptions
> about the size of pointers (expecting 4 (32-bit) rather than 8
> (64-bit)).  Speculative on my part, but I ponder such when seeing code
> like somefunc(sizeof(int)).
> 

Thanks and regards,

-- 
Glen Barber