[Pkg-clamav-devel] Bug#923867: freshclam daemon uses 100% CPU
Stanislav Maslovski
stanislav.maslovski at gmail.com
Wed Mar 6 13:15:46 GMT 2019
Package: clamav-freshclam
Version: 0.101.1+dfsg-3
Severity: important
Hi,
Since recently, freshclam daemon eats 100% CPU when downloading
updates. It is doing this right now on this machine:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
7764 clamav 20 0 69368 29224 8868 R 100.0 0.7 5:22.83 freshclam
This is what I see in the log:
Wed Mar 6 13:01:49 2019 -> freshclam daemon 0.101.1 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Wed Mar 6 13:01:49 2019 -> ClamAV update process started at Wed Mar 6 13:01:49 2019
Wed Mar 6 13:01:49 2019 -> main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Wed Mar 6 13:01:50 2019 -> Downloading daily-25378.cdiff [100%]
Wed Mar 6 13:01:50 2019 -> Downloading daily-25379.cdiff [100%]
Wed Mar 6 13:01:53 2019 -> Downloading daily-25380.cdiff [100%]
Here is the output of strace -t -p 7764 2>&1 :
strace: Process 7764 attached
strace: [ Process PID=7764 runs in x32 mode. ]
strace: [ Process PID=7764 runs in 64 bit mode. ]
13:11:28 read(5, "\371B\314\4\346Hr\227\243n\367W[D\314\24\260\17\255C&\326\206\376\301\213\31\310\32E\224E"..., 8192) = 8192
13:11:29 brk(0x55a4c6490000) = 0x55a4c6490000
13:11:30 read(5, "\276\360C\273\251\220\"x4)\207e\211\177\3064H\301\253|z\220d\371\263\vK:d\34\325\276"..., 8192) = 8192
13:11:32 read(5, "w]\233?4\235\5\177\211\235\275\266Zv|\340Y\10=\327O\211_;\315B\17'\212`$8"..., 8192) = 8192
13:11:34 read(5, "\366\313\37s$\204+\225Hkq\257\323O\217s$\206%\275\257\357\334\301G\356~{!\201]\23"..., 8192) = 8192
13:11:35 brk(0x55a4c64b1000) = 0x55a4c64b1000
13:11:36 read(5, "\343\265\275\373\2153\202\313\203\335\3467O\310\256\267\27c8\255{\231\360\245j\234|\357\310\4.n"..., 8192) = 8192
13:11:40 read(5, "\224P\336~\22\6l\245udr\333]\250\357>#L\220\n\335\206\246\271\265>\374IX\260;n"..., 8192) = 8192
13:11:40 brk(0x55a4c64d2000) = 0x55a4c64d2000
13:11:42 read(5, "\221\4\357\302\375\370\314\r\366J\316}\247l\357\273\336\333A\356\340{\27\33\26q\nw\177\372\5\304"..., 8192) = 8192
13:11:44 read(5, "\371.4u4\365\177:\231\20\305 at njUR\305l\266\375\366 \1}=Gv\343:<x?"..., 8192) = 8192
13:11:46 brk(0x55a4c64f3000) = 0x55a4c64f3000
13:11:46 read(5, "\fN\253\332\261,)\327\253\375!f\201\225\266\263\235j\341\315\273?\353)\\\3456c_\276\315\315"..., 8192) = 8192
13:11:48 read(5, "\v\316\312\16N:\343\266=\334\252\370\303K@\3569\327Xx\241h\236\267\177\234`+\20\205\206\17"..., 8192) = 8192
13:11:51 brk(0x55a4c6514000) = 0x55a4c6514000
13:11:52 read(5, "\257|t\21\206A\25\212;\311\32z\236\217\310D\2407'{\223t\221\237\372\314\2470q\260\367\306"..., 8192) = 8192
13:11:54 read(5, "\350\351x\342\5\315T\301j\311\272\367y\272\257\4Bs_\325S\304\332\370j\265\253\4Ag/\17"..., 8192) = 8192
13:11:56 read(5, "\351d\264\246\254\375\352c\32\206BS\357\332\324w\2358:\217\256\303\240ua\257\2136\233\376y\323"..., 8192) = 8192
13:11:57 brk(0x55a4c6535000) = 0x55a4c6535000
13:11:58 read(5, "\f%\370N\364\35y1\341\250\370\345\225\243\31\245n\367\217\334\254\204V\313\203\24\214{Y|\344{"..., 8192) = 8192
13:12:00 read(5, "\373\224\334\317z\1\215;M\17\n\247\356\217/\326(\241\225\221\7\317\314\221\225\357^\33\0254\262d"..., 8192) = 8192
And it is still running like that with 100% CPU usage...
BR,
Stanislav
-- Package-specific info:
--- configuration ---
#Automatically Generated by clamav-base postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-base
#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User clamav
AllowSupplementaryGroups true
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
LogSyslog false
LogRotate true
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav
SelfCheck 3600
Foreground false
Debug false
ScanPE true
MaxEmbeddedPE 10M
ScanOLE2 true
ScanHTML true
MaxHTMLNormalize 10M
MaxHTMLNoTags 2M
MaxScriptNormalize 5M
MaxZipTypeRcg 1M
ScanSWF true
DetectBrokenExecutables false
ExitOnOOM false
LeaveTemporaryFiles false
AlgorithmicDetection true
ScanELF true
IdleTimeout 30
PhishingSignatures true
PhishingScanURLs true
PhishingAlwaysBlockSSLMismatch false
PhishingAlwaysBlockCloak false
DetectPUA false
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
CommandReadTimeout 5
SendBufTimeout 200
MaxQueue 100
ExtendedDetectionInfo true
OLE2BlockMacros false
ScanOnAccess false
AllowAllMatchScan true
ForceToDisk false
DisableCertCheck false
StreamMaxLength 25M
LogFile /var/log/clamav/clamav.log
LogTime true
LogFileUnlock false
LogFileMaxSize 0
Bytecode true
BytecodeSecurity TrustSigned
BytecodeTimeout 60000
OfficialDatabaseOnly false
CrossFilesystems true
# Automatically created by the clamav-freshclam postinst
# Comments will get lost when you reconfigure the clamav-freshclam package
DatabaseOwner clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose false
LogSyslog false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogRotate true
LogTime true
Foreground false
Debug false
MaxAttempts 5
DatabaseDirectory /var/lib/clamav
DNSDatabaseInfo current.cvd.clamav.net
ConnectTimeout 30
ReceiveTimeout 30
TestDatabases yes
ScriptedUpdates yes
CompressLocalDatabase no
SafeBrowsing false
Bytecode true
NotifyClamd /etc/clamav/clamd.conf
# Check for new database 24 times a day
Checks 24
DatabaseMirror db.pt.clamav.net
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net
--- data dir ---
total 466524
-rw-r--r-- 1 clamav clamav 1013248 Jan 8 10:33 bytecode.cld
drwxr-xr-x 2 clamav clamav 4096 Mar 5 2018 clamav-151a253ec35e356cd2aa2ba0d1625bc6.tmp
drwxr-xr-x 3 clamav clamav 4096 Nov 14 2016 clamav-2566a45fd22eb7f1497f3e4323cf5c57.tmp
drwxr-xr-x 2 clamav clamav 4096 Apr 4 2017 clamav-50790279dd9c53168263335f1766ee55.tmp
drwxr-xr-x 3 clamav clamav 4096 Mar 6 13:01 clamav-9d718dc39c0cb8bef6f09d29d29bc78b.tmp
drwxr-xr-x 3 clamav clamav 4096 Mar 6 12:38 clamav-e044f44a3b614b1011fa0c0c88f56653.tmp
drwxr-xr-x 2 clamav clamav 4096 Apr 4 2017 clamav-e863db04fd33e149af758526084a54ce.tmp
-rw-r--r-- 1 clamav clamav 169158656 Mar 3 20:33 daily.cld
-rw-r--r-- 1 clamav clamav 307499008 Jun 12 2017 main.cld
-rw------- 1 clamav clamav 192 Mar 6 13:01 mirrors.dat
-- System Information:
Debian Release: buster/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'testing'), (500, 'oldstable'), (100, 'unstable'), (100, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), LANGUAGE=en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages clamav-freshclam depends on:
ii clamav-base 0.101.1+dfsg-3
ii debconf [debconf-2.0] 1.5.70
ii dpkg 1.19.5
ii libc6 2.28-7
ii libclamav9 0.101.1+dfsg-3
ii libssl1.1 1.1.1a-1
ii logrotate 3.14.0-4
ii lsb-base 10.2018112800
ii procps 2:3.3.15-2
ii ucf 3.0038+nmu1
ii zlib1g 1:1.2.11.dfsg-1
clamav-freshclam recommends no packages.
Versions of packages clamav-freshclam suggests:
ii apparmor 2.13.2-7
pn clamav-docs <none>
-- debconf information:
* clamav-freshclam/PrivateMirror:
* clamav-freshclam/http_proxy:
* clamav-freshclam/SafeBrowsing: false
* clamav-freshclam/LogRotate: true
clamav-freshclam/internet_interface:
* clamav-freshclam/Bytecode: true
* clamav-freshclam/NotifyClamd: true
* clamav-freshclam/local_mirror: db.pt.clamav.net (Portugal)
clamav-freshclam/proxy_user:
* clamav-freshclam/autoupdate_freshclam: daemon
* clamav-freshclam/update_interval: 24
More information about the Pkg-clamav-devel
mailing list