Bug 1016666

Summary: [abrt] clamav-0.98-1.fc20: memset: Process /usr/bin/clamscan was killed by signal 11 (SIGSEGV)
Product: [Fedora] Fedora Reporter: D. Charles Pyle <dcharlespyle>
Component: clamavAssignee: Nick Bebout <nb>
Status: CLOSED EOL QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: j, nathanael, nb, ondrejj, redhat-bugzilla, steve
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:c8549630570789316c93e85eac6ca0c253351360
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-06-29 12:35:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
File: backtrace
none
File: cgroup
none
File: core_backtrace
none
File: dso_list
none
File: environ
none
File: exploitable
none
File: limits
none
File: maps
none
File: open_fds
none
File: proc_pid_status
none
File: var_log_messages none

Description D. Charles Pyle 2013-10-08 13:41:21 UTC 
Description of problem:
Logged into Cinnamon Desktop and found this error waiting for me.  I was doing nothing previous to this and was running no applications.  So, I do not know the cause or how it may be reproduced.

Version-Release number of selected component:
clamav-0.98-1.fc20

Additional info:
reporter:       libreport-2.1.7
backtrace_rating: 4
cmdline:        /usr/bin/clamscan --exclude-dir=.thunderbird --exclude-dir=.mozilla-thunderbird --exclude-dir=.evolution --exclude-dir=Mail --exclude-dir=kmail --detect-pua -i -r /home/dcpyle --exclude-dir=/home/dcpyle/.clamtk/viruses --exclude-dir=/usr/lib/vmware/isoimages --exclude-dir=/usr/lib/python2.7/site-packages/virtualenv_support --log=/home/dcpyle/.clamtk/history/Oct-08-2013.log
crash_function: memset
executable:     /usr/bin/clamscan
kernel:         3.11.3-301.fc20.x86_64
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 memset at ../sysdeps/x86_64/memset.S:97
 #2 cl_fmap_open_handle at fmap.c:247
 #3 fmap_check_empty at fmap.c:87
 #4 fmap at fmap.c:717
 #5 cli_magic_scandesc at scanners.c:2801
 #6 scan_common at scanners.c:2933
 #7 cl_scandesc_callback at scanners.c:2952
 #8 scanfile at manager.c:295
 #9 scandirs at manager.c:427
 #12 scanmanager at manager.c:939
Comment 1 D. Charles Pyle 2013-10-08 13:41:32 UTC 
Created attachment 809291 [details]
File: backtrace
Comment 2 D. Charles Pyle 2013-10-08 13:41:40 UTC 
Created attachment 809292 [details]
File: cgroup
Comment 3 D. Charles Pyle 2013-10-08 13:41:48 UTC 
Created attachment 809293 [details]
File: core_backtrace
Comment 4 D. Charles Pyle 2013-10-08 13:41:54 UTC 
Created attachment 809294 [details]
File: dso_list
Comment 5 D. Charles Pyle 2013-10-08 13:42:00 UTC 
Created attachment 809295 [details]
File: environ
Comment 6 D. Charles Pyle 2013-10-08 13:42:08 UTC 
Created attachment 809296 [details]
File: exploitable
Comment 7 D. Charles Pyle 2013-10-08 13:42:11 UTC 
Created attachment 809297 [details]
File: limits
Comment 8 D. Charles Pyle 2013-10-08 13:42:17 UTC 
Created attachment 809298 [details]
File: maps
Comment 9 D. Charles Pyle 2013-10-08 13:42:23 UTC 
Created attachment 809299 [details]
File: open_fds
Comment 10 D. Charles Pyle 2013-10-08 13:42:28 UTC 
Created attachment 809300 [details]
File: proc_pid_status
Comment 11 D. Charles Pyle 2013-10-08 13:42:51 UTC 
Created attachment 809301 [details]
File: var_log_messages
Comment 12 D. Charles Pyle 2013-10-09 08:07:04 UTC 
Crash just happened again.  This time I was surfing the web using Firefox.
Comment 13 D. Charles Pyle 2013-10-09 09:57:18 UTC 
I am seeing these crashes fairly regularly.  I think I know the cause, now.  It looks like the crash occurs whenevere clamscan tries to scan a VMware Player Virtual Machine hard drive file.  Each and every time it segfaults as soon as I see the file's name listed in the output.  It is 100% reproducible.  I ended up having to remove my crontab so I wouldn't see this error every hour or so.  Here is the short version of the output when scanning the culprit directory:

$ clamscan --debug -rvi ~/.vmware 2>/dev/null
Scanning /home/dcpyle/.vmware/unity-helper.conf
Scanning /home/dcpyle/.vmware/playerUploadedData.log
Scanning /home/dcpyle/.vmware/preferences
Scanning /home/dcpyle/.vmware/Windows XP Mode/vmware-1.log
Scanning /home/dcpyle/.vmware/Windows XP Mode/vmmcores-2.gz
Scanning /home/dcpyle/.vmware/Windows XP Mode/Windows XP Mode.vmdk
Segmentation fault (core dumped)

reporter:       libreport-2.1.7
backtrace_rating: 4
cmdline:        clamscan --debug -rvi /home/dcpyle/.vmware
crash_function: memset
executable:     /usr/bin/clamscan
kernel:         3.11.3-301.fc20.x86_64
package:        clamav-0.98-1.fc20
reason:         Process /usr/bin/clamscan was killed by signal 11 (SIGSEGV)
reported_to:    uReport: BTHASH=a501f228e3437d8a03ea0f73e07ed1bf037e60a9
runlevel:       N 5
type:           CCpp
uid:            1000
Comment 14 Fedora End Of Life 2015-05-29 09:32:22 UTC 
This message is a reminder that Fedora 20 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 20. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '20'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora 20 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora, you are encouraged  change the 'version' to a later Fedora 
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 15 Fedora End Of Life 2015-06-29 12:35:18 UTC 
Fedora 20 changed to end-of-life (EOL) status on 2015-06-23. Fedora 20 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
bug.

Thank you for reporting this bug and we are sorry it could not be fixed.