Date: Fri, 27 Aug 2010 10:32:10 -0700 From: Jeremy Chadwick <freebsd@jdc.parodius.com> To: Glen Barber <glen.j.barber@gmail.com> Cc: ports@freebsd.org, Kurt Jaeger <lists@opsec.eu> Subject: Re: security/clamav: Segmentation fault when running clamav in a 32-bit jail on a 64-bit host Message-ID: <20100827173210.GA33018@icarus.home.lan> In-Reply-To: <4C77F0A9.6030807@gmail.com> References: <4C77DB15.5010501@gmail.com> <20100827163310.GD67795@home.opsec.eu> <4C77EBF8.9020405@gmail.com> <20100827165423.GA32102@icarus.home.lan> <4C77F0A9.6030807@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 27, 2010 at 01:06:49PM -0400, Glen Barber wrote: > On 8/27/10 12:54 PM, Jeremy Chadwick wrote: > > On Fri, Aug 27, 2010 at 12:46:48PM -0400, Glen Barber wrote: > >> On 8/27/10 12:33 PM, Kurt Jaeger wrote: > >>> Hi! > >>> > >>>> I have a few clamav instances running in jails on 32-bit hosts without > >>>> any issues. A few days ago one of these jails was migrated to a 64-bit > >>>> host (8.1-RELEASE), where I noticed clamd (0.96.2_1) segfaults when queried. > >>>> > >>>> The issue seems specific to 32bit/64bit compatibility. I have a gdb > >>>> session available here: http://gist.github.com/549964 > >>>> > >>>> Any thoughts on if this is possible? > >>> > >>> Try > >>> > >>> Bytecode no > >>> > >>> in clamd.conf ? > >>> > >> > >> It was set to 'yes' initially. I thought it was disabled with building > >> without JIT. At any rate, no, it still segfaults with the same backtrace. > > > > 1) Is clamd built with debugging symbols enabled? If not, you might want > > to rebuild it with such, else it might be difficult to debug the > > problem. > > > > It wasn't initially, but is now. > > > Also, if the segfault happens after performing the above, can you > > provide output from "bt full" instead of just "bt"? > > > > Of course. The new backtrace is here: http://gist.github.com/553734 I want to make sure I understand the environment -- on a native i386 (32-bit) FreeBSD host, the software works fine. But on a native amd64 (64-bit) FreeBSD host, the software segfaults. Correct? If so -- it appears as if the system you're providing the backtrace from is a 32-bit system, or within a 32-bit environment? I would expect to see 64-bit addresses in the backtrace, yet they're all 32-bit. I'm not familiar with jailed environments (or the concept/possibility of running a mixed-architecture jail (e.g. 64-bit host OS with 32-bit jails)). I don't use lib32 on my amd64 systems. I did take a look at the clamav code itself (I'd have to spend a few hundred lines outlining it here and would rather not). My guess is that there's a conflict between what the running OS architecture is and what the build process determines the architecture is. Given that you have jails, and possibly a mixed architecture environment on a single host (e.g. 64-bit host OS with 32-bit jails), can you explain exactly how you go about building clamav, followed by how you go about running it? Thanks. -- | Jeremy Chadwick jdc@parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100827173210.GA33018>