search

opnsense / ports

OPNsense ports on top of FreeBSD
https://opnsense.org/
Other
163 stars 116 forks source link

[clamd] bug in precompiled package #47

Closed Stephanowicz closed 6 years ago

Stephanowicz commented 7 years ago

Hi,

there seems to be a bug in the precompiled clam-av package. At least 1 person can confirm this --> https://forum.opnsense.org/index.php?topic=6147.0

I stumbled over this when downloading http://downloads.music-group.com/software/behringer/X32/Behringer_XUF_USB_Drv_V6_13_0_arch_signed.zip This crashed clamd with signal 11 I could reproduce this after a clean reboot and sometimes when restarting clamd.

Finally I installed the ports and recompiled and reinstalled clam-av - at moment I'm still observing this, but it seems that this fixed the problem.

Cheers, Stephan

fichtner commented 7 years ago

Stephan, did you use the freebsd or opnsense ports tree?

Stephanowicz commented 7 years ago

@fichtner I used the opsense port as You've described here

fichtner commented 7 years ago

that should make zero difference, except when the clamav build is pulling in machine-dependent assembler code...

Stephanowicz commented 7 years ago

I dunno^^ All I can say, that clamd crashed when scanning the mentioned file and after compiling it, it now seems to work... sry^^

fichtner commented 7 years ago

can you paste your first 20 lines of dmesg boot output for reference ? it's on the crash reporter page when you generate a report...

Stephanowicz commented 7 years ago 
Copyright (c) 1992-2016 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
    The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 11.0-RELEASE-p12 #0 02581be96(stable/17.7): Sat Aug 26 11:00:39 CEST 2017
    root@sensey64:/usr/obj/usr/src/sys/SMP amd64
FreeBSD clang version 3.8.0 (tags/RELEASE_380/final 262564) (based on LLVM 3.8.0)
SRAT: Ignoring memory at addr 108200000
SRAT: Ignoring memory at addr 1000000000
VT(vga): text 80x25
Hyper-V Version: 10.0.14393 [SP1]
  Features=0x2e7f<VPRUNTIME,TMREFCNT,SYNIC,SYNTM,APIC,HYPERCALL,VPINDEX,REFTSC,IDLE,TMFREQ>
  PM Features=0x0 [C2]
  Features3=0xed7b2<DEBUG,XMMHC,IDLE,NUMA,TMFREQ,SYNCMC,CRASH,NPIEP>
Timecounter "Hyper-V" frequency 10000000 Hz quality 2000
[HBSD ASLR] status: opt-out
[HBSD ASLR] mmap: 30 bit
[HBSD ASLR] exec base: 30 bit
[HBSD ASLR] stack: 42 bit
[HBSD ASLR] vdso: 28 bit
[HBSD ASLR] map32bit: 18 bit
[HBSD ASLR] disallow MAP_32BIT mode mmap: opt-out
[HBSD ASLR (compat)] status: opt-out
[HBSD ASLR (compat)] mmap: 14 bit
[HBSD ASLR (compat)] exec base: 14 bit
[HBSD ASLR (compat)] stack: 14 bit
[HBSD ASLR (compat)] vdso: 8 bit
[HBSD HARDENING] procfs hardening: enabled
[HBSD LOG] logging to system: enabled
[HBSD LOG] logging to user: disabled
[HBSD SEGVGUARD] status: opt-out
[HBSD SEGVGUARD] expiry: 120 sec
[HBSD SEGVGUARD] suspension: 600 sec
[HBSD SEGVGUARD] maxcrashes: 5
CPU: Intel(R) Xeon(R) CPU E5-2620 v4 @ 2.10GHz (2097.58-MHz K8-class CPU)
  Origin="GenuineIntel"  Id=0x406f1  Family=0x6  Model=0x4f  Stepping=1
  Features=0x1f83fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2,SS,HTT>
  Features2=0xfed83203<SSE3,PCLMULQDQ,SSSE3,FMA,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND,HV>
  AMD Features=0x2c100800<SYSCALL,NX,Page1GB,RDTSCP,LM>
  AMD Features2=0x121<LAHF,ABM,Prefetch>
  Structured Extended Features=0x1c2b38<BMI1,HLE,AVX2,BMI2,ERMS,RTM,NFPUSG,RDSEED,ADX,SMAP>
  XSAVE Features=0x1<XSAVEOPT>
Hypervisor: Origin = "Microsoft Hv"
real memory  = 4294967296 (4096 MB)
avail memory = 4110487552 (3920 MB)
Event timer "LAPIC" quality 400
ACPI APIC Table: <VRTUAL MICROSFT>
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
FreeBSD/SMP: 1 package(s) x 4 core(s)
Stephanowicz commented 7 years ago

Ok - thought the whole file would be helpful^^ Maybe the config.log could be also helpful? config.zip (I compiled it with debug enabled, as the guy from clamav.net suggested)

fichtner commented 6 years ago

we are about to ship 0.100.0, not sure if still the case... we can always reopen

Stephanowicz commented 6 years ago

Well, we're still using 17.7 - had no time to upgrade, yet. Then, we also wanted to change the vm-disk to fixed size, as I think that this 'could be' the problem

(btw - how do we upgrade? - only by concole? I think a quick note on this in the wiki would be great!)

Cheers, Stephan

fichtner commented 6 years ago

Hi Stephan,

When you are on 17.7.12_1 you can see the upgrade / EoL info box on the main firmware page where you would normally update. The process is therefor not documented, because it's the same mechanism.

Cheers, Franco