Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: nmap stuck in infinite loop
From: Michael Hornung <hornung () cac washington edu>
Date: Mon, 13 Feb 2006 13:11:51 -0800 (PST)

Ganga, I'm glad someone else has corroborated the same problem I reported 
on 26 January.  Unfortunately I have not fixed it but instead reverted to 
3.93 which still meets my needs and does not exhibit that problem.

-Mike

On Mon, 13 Feb 2006 at 10:24, Ganga Bhavani wrote:

|HI,
|
| I'm running nmap-3.95 in Windows xp system with the following command line parameter on Class B network. 
|
|nmap -O -F -debug -debug -debug -debug 10.10.191.0/16. 
|
|The nmap is executing in the infinite loop. It has been logging the following message for more than 30hrs. 
|
|**TIMING STATS**: IP, probes active/freshportsleft/retry_stack/outstanding/retra
|nwait/onbench, cwnd/ccthresh/delay, timeout/srtt/rttvar/
|   Groupstats (1/30 incomplete): 0/*/*/*/*/* 12.05/2/* 1890847/272571/404569
|   10.10.4.84: 0/0/4/0/0/0 1.00/2/0 1642338/346594/323936
|
|The code has been stuck in the following while loop in scan_engine.cc.
|  while(USI->numIncompleteHosts() != 0) {
|    doAnyPings(USI);
|    doAnyRetransmits(USI);
|    doAnyNewProbes(USI);
|    gettimeofday(&USI->now, NULL);
|    // printf("TRACE: Finished doAnyNewProbes() at %.4fs\n", o.TimeSinceStartMS(
|&USI->now) / 1000.0);
|    printAnyStats(USI);
|    waitForResponses(USI);
|    gettimeofday(&USI->now, NULL);
|    // printf("TRACE: Finished waitForResponses() at %.4fs\n", o.TimeSinceStartM
|S(&USI->now) / 1000.0);
|    processData(USI);
|  }
|
|I figured out that the probes active, freshports left,outstanding, retranwait,onbench are all 0 excpet the retry_stack 
is 4 and num of incomplete hosts is 1.When I further debugged, I found that it is not sending any probe or retransmit. 
|In this state, sendOK is returning false because the condition  if (TIMEVAL_MSEC_SUBTRACT(USI->now, last_wait) > 
to_ms) is true. And due to the failure of the sendOK, the functions in the "while" loop are not sending any 
probe/ping/retransmit.
|It does not remove the number of incomplete hosts as the retry stack size is more than 0. Due to this race condition, 
nmap goes into infinite loop and never recovers. 
|
|Can someone familiar with this part of the code help me fix this issue ?
|
|Thanks,
|Ganga
| 
|
|
|
|
|
|_______________________________________________
|Sent through the nmap-dev mailing list
|http://cgi.insecure.org/mailman/listinfo/nmap-dev
|
|


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]