On 6/28/11 2:49 PM, Török Edwin wrote:
SOMETHING changed from 0.97 to 0.97.1 that affects 64bit, and/or amd64.
If you still have one of those hung 0.97.1 (or come across in the future) can
you run
$ gcore<pid>
This should generate a core file of the hung process that can be investigated
later
(as long as you still have the coresponding clamd and libclamav binaries too).
Best regards,
got one. amd64, freebsd 7.3
top:
20021 clamav 13 44 0 341M 0K umtxn 0 0:00 0.00% <clamd>
Reading databases from /var/db/clamav
Database correctly reloaded (1101167 signatures)
ClamAV update process started at Mon Jun 27 15:22:48 2011
main.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder:
sven)
Downloading daily-13244.cdiff [100%]
daily.cld updated (version: 13244, sigs: 131164, f-level: 60, builder: neo)
Downloading safebrowsing-30414.cdiff [100%]
safebrowsing.cld updated (version: 30414, sigs: 696689, f-level: 60,
builder: google)
bytecode.cld is up to date (version: 143, sigs: 40, f-level: 60,
builder: edwin)
Database updated (1674107 signatures) from db.us.clamav.net (IP:
209.222.131.222)
gcore 20021
gcore: /proc/20021/file: No such file or directory
gcore /usr/local/sbin/clamd 20021
gcore: cannot open /proc/20021/map: No such file or directory
spammertrap.carrolltoncityschools.net#
|mount -t procfs proc /proc
then:
gcore 20021
gcore: ill-formed line in /proc/20021/map starting at character 8170
ls -lt
total 0
-rw-r--r-- 1 root wheel 0 Jun 29 14:43 core.20021
killall -SIGQUIT clamd
spammertrap.carrolltoncityschools.net# ps -auxww | grep clam
clamav 19839 0.0 0.0 28696 0 ?? IWs - 0:00.00
/usr/local/bin/freshclam --daemon -p /var/run/clamav/freshclam.pid
clamav 20021 0.0 0.0 349440 208 ?? Is 21Jun11 14:54.61
/usr/local/sbin/clamd
gdb /usr/local/sbin/clamd 20021
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...(no debugging
symbols found)...
Attaching to program: /usr/local/sbin/clamd, process 20021
Reading symbols from /usr/local/lib/libclamav.so.7...(no debugging
symbols found)...done.
Loaded symbols for /usr/local/lib/libclamav.so.7
Reading symbols from /usr/local/lib/libltdl.so.7...(no debugging symbols
found)...done.
Loaded symbols for /usr/local/lib/libltdl.so.7
Reading symbols from /usr/lib/libstdc++.so.6...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libstdc++.so.6
Reading symbols from /lib/libz.so.4...(no debugging symbols found)...done.
Loaded symbols for /lib/libz.so.4
Reading symbols from /usr/lib/libbz2.so.3...(no debugging symbols
found)...done.
Loaded symbols for /usr/lib/libbz2.so.3
Reading symbols from /lib/libm.so.5...(no debugging symbols found)...done.
Loaded symbols for /lib/libm.so.5
Reading symbols from /lib/libthr.so.3...(no debugging symbols found)...done.
[New Thread 0x80bf080b0 (LWP 100364)]
[New Thread 0x801d04950 (LWP 100365)]
[New Thread 0x801d04630 (LWP 100361)]
[New Thread 0x801d044a0 (LWP 100360)]
[New Thread 0x801d03690 (LWP 100357)]
[New Thread 0x801d03500 (LWP 100356)]
[New Thread 0x801d031e0 (LWP 100355)]
[New Thread 0x801d03820 (LWP 100354)]
[New Thread 0x801d03050 (LWP 100353)]
[New Thread 0x801d03b40 (LWP 100351)]
[New Thread 0x801d03370 (LWP 100144)]
[New Thread 0x801d02ec0 (LWP 100139)]
[New Thread 0x801d020b0 (LWP 100315)]
Loaded symbols for /lib/libthr.so.3
Reading symbols from /lib/libc.so.7...(no debugging symbols found)...done.
Loaded symbols for /lib/libc.so.7
Reading symbols from /lib/libgcc_s.so.1...(no debugging symbols
found)...done.
Loaded symbols for /lib/libgcc_s.so.1
Reading symbols from /usr/local/lib/libclamunrar_iface.so...(no
debugging symbols found)...done.
Loaded symbols for /usr/local/lib/libclamunrar_iface.so
Reading symbols from /usr/local/lib/libclamunrar.so.7...(no debugging
symbols found)...done.
Loaded symbols for /usr/local/lib/libclamunrar.so.7
Reading symbols from /libexec/ld-elf.so.1...(no debugging symbols
found)...done.
Loaded symbols for /libexec/ld-elf.so.1
[Switching to Thread 0x80bf080b0 (LWP 100364)]
0x00000008018baf4a in __error () from /lib/libthr.so.3
(gdb)
|
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
