Skip to Main Content

Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

SIGBUS BUS_ADRALN, prescan.cgi and Sol 10

807567Nov 15 2005 — edited Feb 14 2006
Hello,

Apologies if this isn't the correct forum - it's partly kernel related and partly Solaris 10.

I have recently applied the latest security patches to one of my Solaris 10 boxes, and I am now having an issue with Trend's InterScan VirusWall prescan.cgi program (which downloads the latest virus definitions from Trend).

This binary program is run on an hourly cron job. However, now when it runs, it core dumps. The relevant truss output is below (I think):

...
20971: mprotect(0xFEC80000, 1039296, PROT_READ|PROT_WRITE|PROT_EXEC) = 0
20971: mprotect(0xFEC80000, 1039296, PROT_READ|PROT_EXEC) = 0
20971: munmap(0xFF030000, 8192) = 0
20971: mmap(0x00010000, 65536, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_
ANON|MAP_ALIGN, -1, 0) = 0xFF020000
20971: resolvepath("./", ".", 1024) = 1
20971: getcwd("/etc/iscan", 1024) = 0
20971: resolvepath("/etc/iscan", "/etc/iscan", 1024) = 10
20971: open("/etc/iscan/aucfg.ini", O_RDONLY) = 6
20971: lseek(6, 0, SEEK_CUR) = 0
20971: read(6, 0x000E79F0, 512) = 162
20971: ; f o r s e l f u p d a t e\n A U _ P R O D U C T _ I D =
20971: 5 5\n\n [ d e b u g ]\n ; t h e h i g h e r l e v e l , t
20971: h e l e s s i n f o\n l e v e l = 0\n ; s e t t o 0 i
20971: s n o n e l o g\n l o g _ m o d e = 1\n\n [ D o w n l o a d
20971: e r ]\n ; r e t r y d o w n l o a d t i m e\n R e t r y = 2
20971: \n\n
20971: schedctl() = 0xFF00C000
20971: lwp_mutex_timedlock(0x000E7530, 0x00000000) = 0
20971: Incurred fault #5, FLTACCESS %pc = 0xFEFB7C54
20971: siginfo: SIGBUS BUS_ADRALN addr=0x000000FF
20971: Received signal #10, SIGBUS [default]
20971: siginfo: SIGBUS BUS_ADRALN addr=0x000000FF
20970: waitid(P_ALL, 0, 0xFFBFE8B8, WEXITED|WTRAPPED) = 0
...

The program then goes on to perform some cleanup, including unlinking /dev/null!

...
20973: getpid() = 20973 [20970]
20973: setustack(0xFF392088)
20973: brk(0x000245D0) = 0
20973: brk(0x000265D0) = 0
20973: stat("/platform/SUNW,Ultra-250/lib/libc_psr.so.1", 0xFFBFF238) = 0
20973: resolvepath("/platform/SUNW,Ultra-250/lib/libc_psr.so.1", "/platform/sun
4u/lib/libc_psr.so.1", 1023) = 33
20973: open("/platform/SUNW,Ultra-250/lib/libc_psr.so.1", O_RDONLY) = 4
20973: mmap(0x00010000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_ALIGN, 4, 0)
= 0xFF380000
20973: mmap(0x00002000, 16384, PROT_NONE, MAP_PRIVATE|MAP_NORESERVE|MAP_ANON|MA
P_ALIGN, -1, 0) = 0xFF388000
20973: mmap(0xFF388000, 13512, PROT_READ|PROT_EXEC, MAP_PRIVATE|0x410, 4, 0) =
0xFF388000
20973: close(4) = 0
20973: mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_A
NON, -1, 0) = 0xFF270000
20973: munmap(0xFF380000, 8192) = 0
20973: getrlimit64(RLIMIT_NOFILE, 0xFFBFF9F8) = 0
20973: lstat64("/tmp/lpt*vpn.*", 0xFFBFF900) Err#2 ENOENT
20973: lstat64(">", 0xFFBFF900) Err#2 ENOENT
20973: lstat64("/dev/null", 0xFFBFF900) = 0
20973: unlink("/dev/null") = 0
20973: lstat64("2>&1", 0xFFBFF900) Err#2 ENOENT
20973: _exit(0)
20970: waitid(P_PID, 20973, 0xFFBFD7C0, WEXITED|WTRAPPED) = 0
20970: lseek(1, 0, SEEK_CUR) = 3727341
20970: lseek(2, 0, SEEK_CUR) = 3727341
20970: lseek(2, 0, SEEK_CUR) = 3727341
20970: llseek(3, 0xFFFFFFFFFFFFE0AA, SEEK_CUR) = 170
20970: _exit(0)


Any pointers about how I should go about resolving this? I could backout all the patches?

Thanks,

Ben.
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Mar 14 2006
Added on Nov 15 2005
1 comment
325 views