I'm running clamav on OpenBSD/amd64 5.5 (with various sanesecurity hdb's, if that matters). Built from ports (with LLVM 3.3).
Config is: LogSyslog true LogFacility LOG_MAIL TCPSocket 3310 TCPAddr 127.0.0.1 SelfCheck 600 User _clamav AllowSupplementaryGroups true This setup was stable with 0.98.1 but since updating to 0.98.3 I've seen several segfaults like below (debug, backtrace and a couple of prints from gdb included). Any ideas? Any requests for further information next time it happens? $THRMGR: queue (single) crossed low threshold -> signaling $THRMGR: queue (bulk) crossed low threshold -> signaling $Received POLLIN|POLLHUP on fd 8 $Got new connection, FD 13 $Received POLLIN|POLLHUP on fd 9 $fds_poll_recv: timeout after 5 seconds $Received POLLIN|POLLHUP on fd 13 $got command CONTSCAN /var/amavisd/tmp/amavis-20140512T125548-02478-meKXMAUm/parts (69, 7), argument: /var/amavisd/tmp/amavis-20140512T125548-02478-meKXMAUm/parts $mode -> MODE_WAITREPLY $THRMGR: queue (single) crossed low threshold -> signaling $Breaking command loop, mode is no longer MODE_COMMAND $THRMGR: queue (bulk) crossed low threshold -> signaling $Consumed entire command $Number of file descriptors polled: 1 fds $fds_poll_recv: timeout after 600 seconds LibClamAV debug: in cli_magic_scandesc (reclevel: 0/16) LibClamAV debug: Recognized Raw mail file LibClamAV debug: cache_check: 508dfbcb3a25db9c5b22eaa7ee97081e is negative LibClamAV debug: Starting cli_scanmail(), recursion = 1 LibClamAV debug: in mbox() LibClamAV debug: parseEmailFile LibClamAV debug: parseEmailFile: check 'Received: from localhost (unknown [123.16.129.96])' fullline 0x0 LibClamAV debug: parseEmailFile: check ' by [REDACTED] (Postfix) with ESMTP id 3gS1nn3QPBz74R3' fullline 0x0 LibClamAV debug: parseEmailFile: check ' for [REDACTED]; Mon, 12 May 2014 13:35:23 +0100 (BST)' fullline 0x0 LibClamAV debug: parseEmailFile: check 'Received: from [167.39.199.27] (helo=jnxfcznftn.fxztsfyhme.info)' fullline 0x0 LibClamAV debug: parseEmailFile: check ' by localhost with esmtpa (Exim 4.69)' fullline 0x0 LibClamAV debug: parseEmailFile: check ' (envelope-from )' fullline 0x0 LibClamAV debug: parseEmailFile: check ' id 1MMK6T-0496yb-WZ' fullline 0x0 LibClamAV debug: parseEmailFile: check ' for [REDACTED]; Mon, 12 May 2014 19:35:24 +0700' fullline 0x0 LibClamAV debug: parseEmailFile: check 'Date: Mon, 12 May 2014 19:35:24 +0700' fullline 0x0 LibClamAV debug: parseEmailFile: check 'From: "UPS Quantum View" <auto-not...@ups.com>' fullline 0x0 LibClamAV debug: parseEmailFile: check 'X-Mailer: The Bat! (v3.0.0.15) Professional' fullline 0x0 LibClamAV debug: parseEmailFile: check 'X-Priority: 3 (Normal)' fullline 0x0 LibClamAV debug: parseEmailFile: check 'Message-ID: <2465346162.j7a29kv6581...@moezlge.bpkpejifhl.net>' fullline 0x0 LibClamAV debug: parseEmailFile: check 'To: [REDACTED]' fullline 0x0 LibClamAV debug: parseEmailFile: check 'Cc: [REDACTED]' fullline 0x0 LibClamAV debug: parseEmailFile: check 'Subject: UPS Notification, Tracking Number 1484-527152' fullline 0x0 LibClamAV debug: parseEmailFile: check 'MIME-Version: 1.0' fullline 0x0 LibClamAV debug: parseEmailFile: check 'Content-Type: multipart/mixed;' fullline 0x0 LibClamAV debug: parseEmailFile: check ' boundary="----------9305594F5ADCAB39"' fullline 0x443d5bd6ce0 LibClamAV debug: parseEmailHeader 'Content-Type: multipart/mixed; boundary="----------9305594F5ADCAB39"' LibClamAV debug: parseMimeHeader: cmd='Content-Type', arg=' multipart/mixed; boundary="----------9305594F5ADCAB39"' LibClamAV debug: messageSetMimeType: 'multipart' LibClamAV debug: mimeArgs = ' boundary="----------9305594F5ADCAB39"' LibClamAV debug: Add arguments ' boundary="----------9305594F5ADCAB39"' LibClamAV debug: messageAddArgument, arg='boundary=----------9305594F5ADCAB39' LibClamAV debug: parseEmailFile: check '' fullline 0x0 LibClamAV debug: End of header information LibClamAV debug: newline_in_header, check "------------9305594F5ADCAB39" LibClamAV debug: getline_from_mbox: fmap need failed LibClamAV debug: parseEmailFile: return LibClamAV debug: in parseEmailBody, 0 files saved so far LibClamAV debug: Parsing mail file LibClamAV debug: mimeType = 5 LibClamAV debug: Content-type 'multipart' handler LibClamAV debug: boundaryStart: found ----------9305594F5ADCAB39 in ------------9305594F5ADCAB39 LibClamAV debug: Now read in part 0 LibClamAV debug: Multipart 0: About to parse folded header 'Content-Type: multipart/alternative; boundary="----------7F07E60B2BC74B5"' LibClamAV debug: parseEmailHeader 'Content-Type: multipart/alternative; boundary="----------7F07E60B2BC74B5"' LibClamAV debug: parseMimeHeader: cmd='Content-Type', arg=' multipart/alternative; boundary="----------7F07E60B2BC74B5"' LibClamAV debug: messageSetMimeType: 'multipart' LibClamAV debug: mimeArgs = ' boundary="----------7F07E60B2BC74B5"' LibClamAV debug: Add arguments ' boundary="----------7F07E60B2BC74B5"' LibClamAV debug: messageAddArgument, arg='boundary=----------7F07E60B2BC74B5' LibClamAV debug: Multipart 0: End of header information LibClamAV debug: boundaryStart: found ----------9305594F5ADCAB39 in ------------9305594F5ADCAB39 LibClamAV debug: Part 0 has 86 lines, rc = 1 LibClamAV debug: Mixed message part 0 is of type 5 LibClamAV debug: Found multipart inside multipart LibClamAV debug: in parseEmailBody, 0 files saved so far LibClamAV debug: Parsing mail file LibClamAV debug: mimeType = 5 LibClamAV debug: Content-type 'multipart' handler LibClamAV debug: boundaryStart: found ----------7F07E60B2BC74B5 in ------------7F07E60B2BC74B5 LibClamAV debug: Now read in part 0 LibClamAV debug: Multipart 0: About to parse folded header 'Content-Type: text/plain; charset=us-ascii' LibClamAV debug: parseEmailHeader 'Content-Type: text/plain; charset=us-ascii' LibClamAV debug: parseMimeHeader: cmd='Content-Type', arg=' text/plain; charset=us-ascii' LibClamAV debug: messageSetMimeType: 'text' LibClamAV debug: mimeArgs = ' charset=us-ascii' LibClamAV debug: Add arguments ' charset=us-ascii' LibClamAV debug: messageAddArgument, arg='charset=us-ascii' LibClamAV debug: Discarding unwanted argument 'charset=us-ascii' LibClamAV debug: Multipart 0: About to parse folded header 'Content-Transfer-Encoding: 7bit' LibClamAV debug: parseEmailHeader 'Content-Transfer-Encoding: 7bit' LibClamAV debug: parseMimeHeader: cmd='Content-Transfer-Encoding', arg=' 7bit' LibClamAV debug: messageSetEncoding: '7bit' LibClamAV debug: Encoding type 1 is "7bit" LibClamAV debug: Multipart 0: End of header information Program received signal SIGSEGV, Segmentation fault. 0x00000443d0135d0a in poll () at <stdin>:2 2 <stdin>: No such file or directory. (gdb) bt #0 0x00000443d0135d0a in poll () at <stdin>:2 #1 0x00000443d07e4c0d in poll (fds=0x443d1b96ed0, nfds=1, timeout=600000) at /usr/src/lib/librthread/rthread_cancel.c:334 #2 0x00000441c9419388 in fds_poll_recv (data=0x7f7fffff9c48, timeout=600000, check_signals=1, event=<optimized out>) at others.c:593 #3 0x00000441c94163d0 in recvloop_th (socketds=0x443cd8f9cd0, nsockets=1, engine=0x443d410b400, dboptions=8202, opts=0x443ce303600) at server-th.c:1210 #4 0x00000441c941172e in main (argc=<optimized out>, argv=<optimized out>) at clamd.c:721 (gdb) frame 2 #2 0x00000441c9419388 in fds_poll_recv (data=0x7f7fffff9c48, timeout=600000, check_signals=1, event=<optimized out>) at others.c:593 593 retval = poll (data->poll_data, n, timeout); (gdb) p *data $1 = {buf_mutex = 0x7f7fffff9d40, buf = 0x443ca054b00, nfds = 1, poll_data = 0x443d1b96ed0, poll_data_nfds = 1} (gdb) p *data->poll_data $2 = {fd = 9, events = 1, revents = 0} (gdb) p *data->buf $3 = {buffer = 0x0, bufsize = 0, off = 0, fd = 9, term = 0 '\000', got_newdata = 0, recvfd = -1, mode = MODE_COMMAND, id = 0, dumpfd = -1, chunksize = 0, quota = 0, dumpname = 0x0, timeout_at = 0, group = 0x0} (gdb) p *data->buf_mutex $4 = (pthread_mutex_t) 0x443d6269ac0 (gdb) p data->buf_mutex $5 = (pthread_mutex_t *) 0x7f7fffff9d40 (gdb) frame 3 #3 0x00000441c94163d0 in recvloop_th (socketds=0x443cd8f9cd0, nsockets=1, engine=0x443d410b400, dboptions=8202, opts=0x443ce303600) at server-th.c:1210 1210 new_sd = fds_poll_recv(fds, selfchk ? (int)selfchk : -1, 1, event_wake_recv); (gdb) p *engine $6 = {refcount = 2, sdb = 0, dboptions = 9226, dbversion = {18969, 1399893209}, ac_only = 0, ac_mindepth = 2, ac_maxdepth = 3, tmpdir = 0x0, keeptmp = 0, engine_options = 0, maxscansize = 104857600, maxfilesize = 26214400, maxreclevel = 16, maxfiles = 10000, min_cc_count = 3, min_ssn_count = 3, root = 0x443cd874348, hm_hdb = 0x443d7dbdeb8, hm_mdb = 0x443d3978898, hm_fp = 0x443d20a9380, cdb = 0x443e6202040, whitelist_matcher = 0x443ca3c7020, domainlist_matcher = 0x443d11a6000, phishcheck = 0x443cd8743e8, dconf = 0x443cd8743b8, ftypes = 0x443cd9a69e8, ptypes = 0x443cb9a5e48, ignored = 0x0, pua_cats = 0x0, iconcheck = 0x443d0716308, cache = 0x443cd874418, dbinfo = 0x0, mempool = 0x443cd874000, cmgr = {crts = 0x0, items = 0}, cb_pre_cache = 0x0, cb_pre_scan = 0x0, cb_post_scan = 0x0, cb_sigload = 0x0, cb_sigload_ctx = 0x0, cb_hash = 0x441c9417e20 <hash_callback>, cb_meta = 0x0, bcs = { all_bcs = 0x443c9c2f000, count = 41, engine = 0x0, env = {platform_id_a = 52514125, platform_id_b = 134217728, platform_id_c = 262657, c_version = 262657, cpp_version = 0, functionality_level = 77, dconf_level = 77, engine_version = "0.98.3", '\000' <repeats 58 times>, triple = '\000' <repeats 64 times>, cpu = '\000' <repeats 64 times>, sysname = "OpenBSD", '\000' <repeats 57 times>, release = "5.5", '\000' <repeats 61 times>, version = "GENERIC.MP#295", '\000' <repeats 50 times>, machine = "amd64", '\000' <repeats 59 times>, big_endian = 0 '\000', sizeof_ptr = 8 '\b', arch = 2 '\002', os_category = 3 '\003', os = 0 '\000', compiler = 1 '\001', has_jit_compiled = 0 '\000', os_features = 0 '\000', reserved0 = 0 '\000'}, inited = 1}, hooks = {0x0, 0x443c9b77ef0, 0x443c9b940f0, 0x443c9b94af0}, hooks_cnt = { 0, 3, 2, 1}, hook_lsig_ids = 4, bytecode_security = CL_BYTECODE_TRUST_SIGNED, bytecode_timeout = 5000, bytecode_mode = CL_BYTECODE_MODE_AUTO, maxembeddedpe = 10485760, maxhtmlnormalize = 10485760, maxhtmlnotags = 2097152, maxscriptnormalize = 5242880, maxziptypercg = 1048576, stats_data = 0x443c9bbfac0, cb_stats_add_sample = 0x0, cb_stats_remove_sample = 0x443cc0d9480 <clamav_stats_remove_sample>, cb_stats_decrement_count = 0x443cc0d9570 <clamav_stats_decrement_count>, cb_stats_submit = 0x0, cb_stats_flush = 0x443cc0d9900 <clamav_stats_flush>, cb_stats_get_num = 0x443cc0d9110 <clamav_stats_get_num>, cb_stats_get_size = 0x443cc0d9200 <clamav_stats_get_size>, cb_stats_get_hostid = 0x443cc0d91d0 <clamav_stats_get_hostid>, maxpartitions = 50, maxiconspe = 100} (gdb) p *socketds $7 = 8 (gdb) p *opts $8 = {name = 0x0, cmd = 0x443cf7d4fd0 "help", strarg = 0x0, numarg = 0, enabled = 0, active = 0, flags = 0, idx = 0, nextarg = 0x0, next = 0x443ce303e00, filename = 0x0} -rw-r--r-- 1 _clamav _clamav 24990 May 12 12:49 blurl.ndb -rw-r--r-- 1 _clamav _clamav 1462122 May 12 12:46 bofhland_cracked_URL.ndb -rw-r--r-- 1 _clamav _clamav 13960 May 12 10:49 bofhland_malware_URL.ndb -rw-r--r-- 1 _clamav _clamav 50659 May 12 10:49 bofhland_malware_attach.hdb -rw-r--r-- 1 _clamav _clamav 17116 May 12 12:46 bofhland_phishing_URL.ndb -rw-r--r-- 1 _clamav _clamav 345088 Feb 5 18:35 bytecode.cld -rw-r--r-- 1 _clamav _clamav 358337 May 12 12:46 crdfam.clamav.hdb -rw-r--r-- 1 _clamav _clamav 60596224 May 12 13:31 daily.cld -rw-r--r-- 1 _clamav _clamav 65 Jul 26 2013 doppelstern.hdb -rw-r--r-- 1 _clamav _clamav 1297 Mar 18 09:51 foxhole_filename.cdb -rw-r--r-- 1 _clamav _clamav 22549 Feb 15 2012 honeynet.hdb -rw-r--r-- 1 _clamav _clamav 5990949 May 12 08:49 junk.ndb -rw-r--r-- 1 _clamav _clamav 675757 May 12 12:49 jurlbl.ndb -rw-r--r-- 1 _clamav _clamav 163468288 Sep 17 2013 main.cld -rw-r--r-- 1 _clamav _clamav 260 May 12 13:31 mirrors.dat -rw-r--r-- 1 _clamav _clamav 3545696 May 12 11:49 phish.ndb -rw-r--r-- 1 _clamav _clamav 4279887 May 12 12:45 phishtank.ndb -rw-r--r-- 1 _clamav _clamav 226187 May 11 07:45 porcupine.ndb -rw-r--r-- 1 _clamav _clamav 60243 May 12 10:54 rogue.hdb -rw-r--r-- 1 _clamav _clamav 9849 Jan 27 10:00 sanesecurity.ftm -rw-r--r-- 1 _clamav _clamav 1846273 May 6 15:21 scam.ndb -rw-r--r-- 1 _clamav _clamav 21037450 May 12 05:49 securiteinfo.hdb -rw-r--r-- 1 _clamav _clamav 200405 Aug 21 2012 securiteinfobat.hdb -rw-r--r-- 1 _clamav _clamav 391274 Nov 28 13:02 securiteinfodos.hdb -rw-r--r-- 1 _clamav _clamav 75040 Jan 21 06:13 securiteinfoelf.hdb -rw-r--r-- 1 _clamav _clamav 5457344 Feb 19 17:58 securiteinfohtml.hdb -rw-r--r-- 1 _clamav _clamav 264154 Jan 15 2013 securiteinfooffice.hdb -rw-r--r-- 1 _clamav _clamav 468241 Aug 16 2012 securiteinfopdf.hdb -rw-r--r-- 1 _clamav _clamav 29520 Aug 21 2012 securiteinfosh.hdb -rw-r--r-- 1 _clamav _clamav 5082 May 7 10:55 sigwhitelist.ign2 -rw-r--r-- 1 _clamav _clamav 80 Feb 25 10:51 spamattach.hdb -rw-r--r-- 1 _clamav _clamav 2358 Apr 22 08:17 spamimg.hdb -rw-r--r-- 1 _clamav _clamav 104505 May 12 06:45 winnow.attachments.hdb -rw-r--r-- 1 _clamav _clamav 11601 May 12 12:45 winnow_bad_cw.hdb -rw-r--r-- 1 _clamav _clamav 647636 May 12 06:45 winnow_extended_malware.hdb -rw-r--r-- 1 _clamav _clamav 433522 May 12 06:45 winnow_malware.hdb -rw-r--r-- 1 _clamav _clamav 1640277 May 12 06:45 winnow_malware_links.ndb _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml