On Tue, 2005-01-25 at 16:08 +0100, [EMAIL PROTECTED] wrote: > > I just checked, and the problem is that clamd no more hangs but disapear. > So it may crash. > The problem is that it does run with / as current dir but not as uid root. > So it can't core dumps. > > I'm wondering what I can do...
You must use attach gdb to the running clamd process and then wait for
it to mis-behave:
Something like the following should work out ok:
1. Use 'ps' to get the PID of clamd:
ps -aux (ps -elf on SYSV)
clamav 24897 0.0 1.9 38032 10068 ? S Jan13 0:00 clamd
^---- pid
2. Attach gdb to the running process
gdb /usr/local/bin/clamd 24897
^--- path to ^--- process id, from above
clamd binary
3. you should now get the gdb prompt, as: (gdb)
4. type the command 'cont' to continue normal operation
5. wait for crash
6. you should now get the gdb prompt, as: (gdb)
7. the command 'bt' will give a backtrace for the current thread.
The command 'info threads' will tell you how many threads there are.
The command 'thread <n>' will change to the specified thread, after
which you
can use the 'bt' command again to get it's backtrace.
So, you basically want to do:
a. 'info threads' to get the number of threads and their id numbers
b. for each thread do:
thread <id number>
bt
8. exit from gdb with the 'quit' command. Reply 'y' to the question
about the
program still running.
-trog
signature.asc
Description: This is a digitally signed message part
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
