Date: Fri, 27 Aug 2010 09:54:23 -0700 From: Jeremy Chadwick <freebsd@jdc.parodius.com> To: Glen Barber <glen.j.barber@gmail.com> Cc: ports@freebsd.org, Kurt Jaeger <lists@opsec.eu> Subject: Re: security/clamav: Segmentation fault when running clamav in a 32-bit jail on a 64-bit host Message-ID: <20100827165423.GA32102@icarus.home.lan> In-Reply-To: <4C77EBF8.9020405@gmail.com> References: <4C77DB15.5010501@gmail.com> <20100827163310.GD67795@home.opsec.eu> <4C77EBF8.9020405@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 27, 2010 at 12:46:48PM -0400, Glen Barber wrote: > On 8/27/10 12:33 PM, Kurt Jaeger wrote: > > Hi! > > > >> I have a few clamav instances running in jails on 32-bit hosts without > >> any issues. A few days ago one of these jails was migrated to a 64-bit > >> host (8.1-RELEASE), where I noticed clamd (0.96.2_1) segfaults when queried. > >> > >> The issue seems specific to 32bit/64bit compatibility. I have a gdb > >> session available here: http://gist.github.com/549964 > >> > >> Any thoughts on if this is possible? > > > > Try > > > > Bytecode no > > > > in clamd.conf ? > > > > It was set to 'yes' initially. I thought it was disabled with building > without JIT. At any rate, no, it still segfaults with the same backtrace. 1) Is clamd built with debugging symbols enabled? If not, you might want to rebuild it with such, else it might be difficult to debug the problem. Also, if the segfault happens after performing the above, can you provide output from "bt full" instead of just "bt"? 2) Was the software rebuilt from source after the upgrade from i386 to amd64, or are you expecting the software to work without any hitches running on amd64 with lib32 (32-bit compatibility libaries)? The latter is not always possible/the case. I have no familiarity with the software or functions in question, but an initial guess would be that some piece of the code is making assumptions about the size of pointers (expecting 4 (32-bit) rather than 8 (64-bit)). Speculative on my part, but I ponder such when seeing code like somefunc(sizeof(int)). -- | Jeremy Chadwick jdc@parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100827165423.GA32102>