You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Giampaolo Tomassoni <g....@libero.it> on 2009/04/10 12:52:08 UTC
Segfaul on message
3.2.4 here.
This message:
http://www.spamcop.net/sc?id=z2777168254z0fdfee4493414fc9bde77b85d4d93f01z;a
ction=display
yields this:
kernel: amavisd[nnn]: segfault at bf5eae7c ip 081162a5 sp bf5eae80
error 6 in perl5.8.8[8048000+110000]
A segfault also happens when directly running the message through SA with -D
In -D mode, the output lines right before the segfault are:
[9632] dbg: check: running tests for priority: 500
[9632] dbg: dns: harvest_dnsbl_queries
[9632] dbg: async: timing: 0.007 . dns:A:253.22.130.217.iadb.isipp.com.
[9632] dbg: async: timing: 0.013 . dns:A:253.22.130.217.list.dnswl.org.
[9632] dbg: async: timing: 0.031 . dns:A:253.22.130.217.combined.njabl.org.
[9632] dbg: async: timing: 0.038 . NS:logitravel.com
[9632] dbg: async: timing: 0.043 . NS:logitravel.it
[9632] dbg: async: timing: 2.184 . A:ns1.comunitel.net.
[9632] dbg: async: timing: 2.186 . A:ns3.comunitel.net.
[9632] dbg: async: timing: 2.186 . A:ns2.comunitel.net.
[9632] dbg: async: timing: 2.215 .
dns:TXT:253.22.130.217.sa-trusted.bondedsender.org.
[9632] dbg: async: timing: 2.218 . dns:A:253.22.130.217.zen.spamhaus.org.
[9632] dbg: async: timing: 2.222 .
dns:A:253.22.130.217.sa-accredit.habeas.com.
[9632] dbg: async: timing: 2.224 . dns:A:253.22.130.217.dnsbl.sorbs.net.
[9632] dbg: async: timing: 2.229 . dns:TXT:253.22.130.217.bl.spamcop.net.
[9632] dbg: async: timing: 2.231 .
dns:A:253.22.130.217.bb.barracudacentral.org.
[9632] dbg: async: timing: 2.234 . asnlookup-0-asn.routeviews.org.
[9632] dbg: async: timing: 2.237 .
dns:A:253.22.130.217.plus.bondedsender.org.
[9632] dbg: async: timing: 2.238 . asnlookup-1-asn.routeviews.org.
[9632] dbg: async: timing: 2.238 . DNSBL:multi.uribl.com.:logitravel.com
[9632] dbg: async: timing: 2.240 . DNSBL:multi.surbl.org.:logitravel.com
[9632] dbg: async: timing: 2.240 . DNSBL:multi.surbl.org.:logitravel.it
[9632] dbg: async: timing: 2.246 . DNSBL:multi.uribl.com.:logitravel.it
[9632] dbg: async: timing: 2.248 .
DNSBL:dob.sibl.support-intelligence.net:logitravel.com
[9632] dbg: async: timing: 2.256 .
DNSBL:dob.sibl.support-intelligence.net:logitravel.it
[9632] dbg: async: timing: 2.310 . DNSBL:sbl.spamhaus.org.:97.4.145.212
[9632] dbg: async: timing: 2.311 . DNSBL:sbl.spamhaus.org.:141.159.145.212
[9632] dbg: async: timing: 2.313 . DNSBL:sbl.spamhaus.org.:98.4.145.212
[9632] dbg: rules: running one_line_body tests; score so far=2.451
[9632] dbg: rules: compiled one_line_body tests
[9632] dbg: zoom: run_body_fast_scan for body_500 start
[9632] dbg: zoom: run_body_fast_scan for body_500 done
[9632] dbg: rules: running head tests; score so far=2.451
[9632] dbg: rules: compiled head tests
[9632] dbg: rules: running body tests; score so far=2.451
[9632] dbg: rules: compiled body tests
[9632] dbg: rules: running uri tests; score so far=2.451
[9632] dbg: rules: compiled uri tests
[9632] dbg: rules: running rawbody tests; score so far=2.451
[9632] dbg: rules: compiled rawbody tests
--- segfault here ---
Any clue why?
Please note that the line endings you see in the message are the way they
are in the original one. Maybe this is the reason of the fault?
I got a couple of these messages in my MX queue and I had to delete them.
Thanks,
Giampaolo
RE: Segfaul on message
Posted by Mark <ad...@asarian-host.net>.
-----Original Message-----
From: Giampaolo Tomassoni [mailto:g.tomassoni@libero.it]
Sent: vrijdag 10 april 2009 12:53
To: users@spamassassin.apache.org
Subject: Segfaul on message
> 3.2.4 here.
>
> This message:
> kernel: amavisd[nnn]: segfault at bf5eae7c ip 081162a5 sp bf5eae80
> error 6 in perl5.8.8[8048000+110000]
>
> A segfault also happens when directly running the message through SA
> with -D
At first I thought it would be your milter, but as it also happens when
you run it directly through SA, I'd say your Perl is simply borked. Things
are not supposed to segfault, period. Probably a bad XS module. Since the
segfault occurs at "[9632] dbg: rules: compiled rawbody tests,"
Rule2XSBody might be a good place to start looking (if you're using that).
You could just temporarily disable that, for instance.
Btw, message runs through SA fine, here.
- Mark
Re: Segfault on message
Posted by Mark Martinec <Ma...@ijs.si>.
> Perl just doesn't segfault normally, even when a regex is
> (too) complex.
Wishful thinking. s/normally/usually/
The rules that come with SpamAssassin are resonably safe from
exploding - unlike some third party or home-grown rules.
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=4570
http://www.nntp.perl.org/group/perl.perl5.porters/2008/01/msg133347.html
http://www.mail-archive.com/perl5-porters@perl.org/msg87479.html
http://marc.info/?l=perl5-porters&m=116253514327063&w=2
http://www.perlmonks.org/?node_id=540307
Mark
RE: Segfault on message
Posted by Giampaolo Tomassoni <Gi...@Tomassoni.biz>.
> -----Original Message-----
> From: Mark [mailto:admin@asarian-host.net]
> Sent: Friday, April 10, 2009 3:02 PM
> To: users@spamassassin.apache.org
> Subject: RE: Segfault on message
>
> -----Original Message-----
> From: Giampaolo Tomassoni [mailto:g.tomassoni@libero.it]
> Sent: vrijdag 10 april 2009 14:46
> To: users@spamassassin.apache.org
> Subject: RE: Segfault on message
>
> > No, I actually I'm not comfortable installing SA 3.3 on a production
> > server.
> >
> > I'll try to pick and silence the rule regexp causing this.
>
> That doesn't seem like a good solution. On my SA 3.2.5, as stated,
> there's
> no segfault of any kind with that message. Honestly, just fix your Perl
> already .:) Perl just doesn't segfault normally, even when a regex is
> (too) complex.
No, not Perl itself, but it may because of a .so module which causes this.
I have to get closer to the fault cause in order to detect the problem.
I'm going to.
Thanks,
Giampaolo
> - Mark
RE: Segfault on message
Posted by Mark <ad...@asarian-host.net>.
-----Original Message-----
From: Giampaolo Tomassoni [mailto:g.tomassoni@libero.it]
Sent: vrijdag 10 april 2009 14:46
To: users@spamassassin.apache.org
Subject: RE: Segfault on message
> No, I actually I'm not comfortable installing SA 3.3 on a production
> server.
>
> I'll try to pick and silence the rule regexp causing this.
That doesn't seem like a good solution. On my SA 3.2.5, as stated, there's
no segfault of any kind with that message. Honestly, just fix your Perl
already .:) Perl just doesn't segfault normally, even when a regex is
(too) complex.
- Mark
RE: Segfault on message
Posted by Giampaolo Tomassoni <g....@libero.it>.
> -----Original Message-----
> From: Mark Martinec [mailto:Mark.Martinec+sa@ijs.si]
> Sent: Friday, April 10, 2009 1:56 PM
>
> ...omissis...
>
>
> > Any clue why?
> >
> > Please note that the line endings you see in the message are the way
> they
> > are in the original one. Maybe this is the reason of the fault?
> > I got a couple of these messages in my MX queue and I had to delete
> them.
>
> My suspect is a runaway regexp on long and nested HTML lables
> with no paragraph breaks. See:
> https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5486
Mmm, maybe the rule we spoke about some days ago (the one about "colored-in
table attack") could be the cause: it is ages I don't see a segfault from
SA.
> A workaround is in 3.3:
>
> r629888 | mmartinec | 2008-02-21 18:43:43 +0100 (Thu, 21 Feb 2008) |
> 1 line
> New sub Message::split_into_array_of_short_lines to nicely split a
> text into
> array of paragraph chunks of sizes between 1 kB and 2 kB; bugs: 5717,
> 5644,
> 5795, 5486, 5801, 5041
>
> The easiest is to install 3.3 from CVS:
> perl Makefile.PL; make; make test; make install
> sa-update
> amavisd reload
>
> or for a patch to 3.2.5 see:
> https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5717
> comment #11
No, I actually I'm not comfortable installing SA 3.3 on a production server.
I'll try to pick and silence the rule regexp causing this.
Thank you Mark for your hints.
Giampaolo
>
>
> Mark
Re: Segfault on message
Posted by Mark Martinec <Ma...@ijs.si>.
Giampaolo,
> 3.2.4 here.
> This message:
> http://www.spamcop.net/sc?id=z2777168254z0fdfee4493414fc9bde77b85d4d93f01z
> ;action=display
>
> yields this:
> kernel: amavisd[nnn]: segfault at bf5eae7c ip 081162a5 sp bf5eae80
> error 6 in perl5.8.8[8048000+110000]
> A segfault also happens when directly running the message through SA\
> with -D
> In -D mode, the output lines right before the segfault are:
>
> [9632] dbg: check: running tests for priority: 500
[...]
> [9632] dbg: rules: running rawbody tests; score so far=2.451
> [9632] dbg: rules: compiled rawbody tests
> --- segfault here ---
Seems it crashes during exacution of compiled rawbody tests at priority 500.
> Any clue why?
>
> Please note that the line endings you see in the message are the way they
> are in the original one. Maybe this is the reason of the fault?
> I got a couple of these messages in my MX queue and I had to delete them.
My suspect is a runaway regexp on long and nested HTML lables
with no paragraph breaks. See:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5486
A workaround is in 3.3:
r629888 | mmartinec | 2008-02-21 18:43:43 +0100 (Thu, 21 Feb 2008) | 1 line
New sub Message::split_into_array_of_short_lines to nicely split a text into
array of paragraph chunks of sizes between 1 kB and 2 kB; bugs: 5717, 5644,
5795, 5486, 5801, 5041
The easiest is to install 3.3 from CVS:
perl Makefile.PL; make; make test; make install
sa-update
amavisd reload
or for a patch to 3.2.5 see:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5717
comment #11
Mark
R: Segfaul on message
Posted by Giampaolo Tomassoni <g....@libero.it>.
> -----Messaggio originale-----
> Da: LuKreme [mailto:kremels@kreme.com]
> Inviato: sabato 11 aprile 2009 1.28
>
> On 10-Apr-2009, at 04:52, Giampaolo Tomassoni wrote:
> >
> http://www.spamcop.net/sc?id=z2777168254z0fdfee4493414fc9bde77b85d4d93f
> 01z;action=display
>
>
> No segfault here:
>
> Content analysis details: (7.4 points, 5.0 required)
>
> pts rule name description
> ---- ----------------------
> --------------------------------------------------
> 0.0 MISSING_MID Missing Message-Id: header
> 0.0 MISSING_DATE Missing Date: header
> -0.0 NO_RELAYS Informational: message was not relayed via
> SMTP
> 2.5 MISSING_HB_SEP Missing blank line between message header
> and body
> 1.6 MISSING_HEADERS Missing To: header
> 2.0 LARGETABLE RAW: Large HTML Table
> 1.3 MISSING_SUBJECT Missing Subject: header
> -0.0 NO_RECEIVED Informational: message has no Received
> headers
> 0.0 NO_HEADERS_MESSAGE Message appears to be missing most
> RFC-822 headers
>
> I believe the MISSING_HB_SEP and MISSING_HEADERS are because of
> Spamcop's obfuscation of the message.
I see also NO_RELAYS and MISSING_SUBJECT. I think there was a problem in the
cut-and-past you did in order to fetch the message.
Anyway, your run is interesting: the message fires LARGETABLE.
Thanks,
Giampaolo
Re: Segfaul on message
Posted by LuKreme <kr...@kreme.com>.
On 10-Apr-2009, at 04:52, Giampaolo Tomassoni wrote:
> http://www.spamcop.net/sc?id=z2777168254z0fdfee4493414fc9bde77b85d4d93f01z;action=display
No segfault here:
Content analysis details: (7.4 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
0.0 MISSING_MID Missing Message-Id: header
0.0 MISSING_DATE Missing Date: header
-0.0 NO_RELAYS Informational: message was not relayed via
SMTP
2.5 MISSING_HB_SEP Missing blank line between message header
and body
1.6 MISSING_HEADERS Missing To: header
2.0 LARGETABLE RAW: Large HTML Table
1.3 MISSING_SUBJECT Missing Subject: header
-0.0 NO_RECEIVED Informational: message has no Received
headers
0.0 NO_HEADERS_MESSAGE Message appears to be missing most
RFC-822 headers
I believe the MISSING_HB_SEP and MISSING_HEADERS are because of
Spamcop's obfuscation of the message.
--
It is one thing to be mistaken; it is quite another to be willfully
ignorant Cecil Adams