[Clamav-users] Clamav-milter CPU usage
I recently upgraded ClamAV from .86 to .87. Today, I noticed that clamav-milter is running using 99.6 Cpu utilization. the odd thing is that 47.5% is listed as user, and 53.4% listed as system. I have tried restarting clamav-milter, no luck. It instantly goes back to 100% cpu. my /etc/sysconfig is as follows: CLAMAV_FLAGS=" --config-file=/etc/clamd.conf --headers --max-children=10 --quiet --dont-log-clean --timeout=0 -lo local:/var/clamav/clmilter.socket I see nothing in the logs about errors. Any ideas? Thanks, Brian -- Brian Riffle System and Network Administrator Klamath Community College 7390 South 6th St Klamath Falls, OR 97603 Phone 541.880.2245 Fax 541.885.7758 ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav-milter CPU usage
On Wed, 28 Sep 2005, Brian Riffle wrote: I recently upgraded ClamAV from .86 to .87. Today, I noticed that clamav-milter is running using 99.6 Cpu utilization. the odd thing is that 47.5% is listed as user, and 53.4% listed as system. I have tried restarting clamav-milter, no luck. It instantly goes back to 100% cpu. my /etc/sysconfig is as follows: CLAMAV_FLAGS=" --config-file=/etc/clamd.conf --headers --max-children=10 --quiet --dont-log-clean --timeout=0 -lo local:/var/clamav/clmilter.socket I see nothing in the logs about errors. Any ideas? Care to tell us what OS/distro you're running? I'm guessing it's redhat-related? It would probably be wise to strace the process to see what it's doing. Checking obvious stuff like full partitions would also be a good idea. Damian Menscher -- -=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| <[EMAIL PROTECTED]> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav-milter CPU usage
Mine's doing the same. Solaris 9, clamav 0.87, blastwave build. I took a
look with truss and it seems to be looping doing this over and over and over
(I don't se any values changing here):
/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
/2: fstat64(7, 0xFEEFBD00) = 0
/2: fcntl(7, F_SETFD, 0x0001) = 0
/2: getdents64(7, 0x0196E678, 8192) = 208
/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
/2: getdents64(7, 0x0196E678, 8192) = 0
/2: close(7) = 0
/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
/2: fstat64(7, 0xFEEFBD00) = 0
/2: fcntl(7, F_SETFD, 0x0001) = 0
/2: getdents64(7, 0x0196E678, 8192) = 208
/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
/2: getdents64(7, 0x0196E678, 8192) = 0
/2: close(7) = 0
/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
/2: fstat64(7, 0xFEEFBD00) = 0
/2: fcntl(7, F_SETFD, 0x0001) = 0
/2: getdents64(7, 0x0196E678, 8192) = 208
/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
/2: getdents64(7, 0x0196E678, 8192) = 0
/2: close(7) = 0
/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
/2: fstat64(7, 0xFEEFBD00) = 0
/2: fcntl(7, F_SETFD, 0x0001) = 0
/2: getdents64(7, 0x0196E678, 8192) = 208
/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
/2: getdents64(7, 0x0196E678, 8192) = 0
/2: close(7) = 0
/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
my clamav-milter flags:
-q -lo --timeout 0 /opt/csw/share/clamav/clmilter.sock
--sendmail-cf=/opt/csw/et
c/mail/sendmail.cf
___
http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav-milter CPU usage
On Wed, 28 Sep 2005, Elizabeth Schwartz wrote:
Mine's doing the same. Solaris 9, clamav 0.87, blastwave build. I took a
look with truss and it seems to be looping doing this over and over and over
(I don't se any values changing here):
/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
/2: fstat64(7, 0xFEEFBD00) = 0
/2: fcntl(7, F_SETFD, 0x0001) = 0
/2: getdents64(7, 0x0196E678, 8192) = 208
/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
/2: getdents64(7, 0x0196E678, 8192) = 0
/2: close(7) = 0
my clamav-milter flags:
-q -lo --timeout 0 /opt/csw/share/clamav/clmilter.sock
--sendmail-cf=/opt/csw/etc/mail/sendmail.cf
Interesting... looks to me like the watchdog thread is stuck in a tight
loop. It's *supposed* to do that check when:
- the milter goes idle
- there are no free servers available
- once every readTimeout-1 seconds
Any chance you put ReadTimeout=0 or ReadTimeout=1 in your clamd.conf?
The milter only makes sure it's non-negative, not that it's greater than
1. (This is probably a bug, though I haven't thought about it enough to
be sure, so I'll leave that to Nigel.)
If you didn't set ReadTimeout to 0 or 1, the next step is probably to
enable debugging so we can get a better idea of exactly where it's
looping, and possibly even why it's looping.
Damian Menscher
--
-=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=-
-=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=-
-=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=-
-=#| <[EMAIL PROTECTED]> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=-
-=#| The above opinions are not necessarily those of my employers. |#=-
___
http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav-milter CPU usage
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Elizabeth Schwartz wrote:
|Mine's doing the same. Solaris 9, clamav 0.87, blastwave build. I took a
|look with truss and it seems to be looping doing this over and over
and over
|(I don't se any values changing here):
|
|
|/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
|/2: fstat64(7, 0xFEEFBD00) = 0
|/2: fcntl(7, F_SETFD, 0x0001) = 0
|/2: getdents64(7, 0x0196E678, 8192) = 208
|/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
|/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
|/2: getdents64(7, 0x0196E678, 8192) = 0
|/2: close(7) = 0
|/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
|/2: fstat64(7, 0xFEEFBD00) = 0
|/2: fcntl(7, F_SETFD, 0x0001) = 0
|/2: getdents64(7, 0x0196E678, 8192) = 208
|/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
|/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
|/2: getdents64(7, 0x0196E678, 8192) = 0
|/2: close(7) = 0
|/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
|/2: fstat64(7, 0xFEEFBD00) = 0
|/2: fcntl(7, F_SETFD, 0x0001) = 0
|/2: getdents64(7, 0x0196E678, 8192) = 208
|/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
|/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
|/2: getdents64(7, 0x0196E678, 8192) = 0
|/2: close(7) = 0
|/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
|/2: fstat64(7, 0xFEEFBD00) = 0
|/2: fcntl(7, F_SETFD, 0x0001) = 0
|/2: getdents64(7, 0x0196E678, 8192) = 208
|/2: stat("/opt/csw/share/clamav/main.cvd", 0xFEEFBDF8) = 0
|/2: stat("/opt/csw/share/clamav/daily.cvd", 0xFEEFBDF8) = 0
|/2: getdents64(7, 0x0196E678, 8192) = 0
|/2: close(7) = 0
|/2: open("/opt/csw/share/clamav", O_RDONLY|O_NDELAY|O_LARGEFILE) = 7
|
|my clamav-milter flags:
|
|-q -lo --timeout 0 /opt/csw/share/clamav/clmilter.sock
|--sendmail-cf=/opt/csw/et
|c/mail/sendmail.cf
|___
|http://lurker.clamav.net/list/clamav-users.html
What version of the kernel are you running?
If you kill clamav-milter does the usage go down?
I'm using Fedora FC1 with no problems.
CLAMAV_FLAGS=" --quiet \
~--dont-wait \
~--timeout=0 \
~--force-scan \
~--dont-log-clean \
~--server=localhost \
~--sign
- --signature-file=/etc/mail/clamav/clamav-signature \
~--pidfile=/var/run/clamav/clamav-milter.pid \
~local:/var/run/clamav/clamav-milter.sock \
~"
I have heard some of the newer kernels having problems with CPU
usage But that may be fixed with the latest 2.6.13 or 14 releases.
James Kosin
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDOxGdkNLDmnu1kSkRAwK8AJ0dqF2wj08y+pu6J7Iuzf8pSAyKZACfSTy6
f4J+ft+qPryqdvvrly9hna4=
=n73s
-END PGP SIGNATURE-
--
Scanned by ClamAV - http://www.clamav.net
___
http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav-milter CPU usage
Interesting... looks to me like the watchdog thread is stuck in a tight loop. It's *supposed* to do that check when: - the milter goes idle - there are no free servers available - once every readTimeout-1 seconds Any chance you put ReadTimeout=0 or ReadTimeout=1 in your clamd.conf? The milter only makes sure it's non-negative, not that it's greater than 1. (This is probably a bug, though I haven't thought about it enough to be sure, so I'll leave that to Nigel.) I am running Redhat EL3 with kernel 2.4.213.32.0.1. I just changed the ReadTimeout =5 (was at 0) and that seems to have done the trick.. The config file says that 0 disables the timeout, so I had it there. Thank you for your help.. And thanks Elizabeth for being so quick with the trace.. I had just started it when you had posted it. Mine had the same loop.. Thanks, Brian -- Brian Riffle System and Network Administrator Klamath Community College 7390 South 6th St Klamath Falls, OR 97603 Phone 541.880.2245 Fax 541.885.7758 ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav-milter CPU usage
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Brian Riffle wrote: | |> |> Interesting... looks to me like the watchdog thread is stuck in a |> tight loop. It's *supposed* to do that check when: - the milter |> goes idle - there are no free servers available - once every |> readTimeout-1 seconds |> |> Any chance you put ReadTimeout=0 or ReadTimeout=1 in your |> clamd.conf? The milter only makes sure it's non-negative, not |> that it's greater than 1. (This is probably a bug, though I |> haven't thought about it enough to be sure, so I'll leave that to |> Nigel.) | | | I am running Redhat EL3 with kernel 2.4.213.32.0.1. I just changed | the ReadTimeout =5 (was at 0) and that seems to have done the | trick.. | | The config file says that 0 disables the timeout, so I had it | there. Thank you for your help.. And thanks Elizabeth for being so | quick with the trace.. I had just started it when you had posted | it. Mine had the same loop.. | | Thanks, Brian | Maybe it needs to check that ReadTimeout - 1 is non negative. I bet if it is negative, it is suppose to not-timeout and non-negative delays (waits) that many seconds before timing out. James Kosin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDOxQnkNLDmnu1kSkRAyGOAJ9P4QhW24uPhzTEzVWn5ho1mWI0XgCfX7l3 BBHFuBkrFX5xnAOVXZRQNqw= =xtjD -END PGP SIGNATURE- -- Scanned by ClamAV - http://www.clamav.net ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav-milter CPU usage
Thanks all, for the fast responses! I had indeed set ReadTimeout to 0 at some point in the dim past. I have changed it to a positive number and clamav-milter seems MUCH happier. ___ http://lurker.clamav.net/list/clamav-users.html
