Home page logo

nmap-dev logo Nmap Development mailing list archives

RE: nmap stuck in infinite loop
From: "Ganga Bhavani" <GBhavani () everdreamcorp com>
Date: Tue, 14 Feb 2006 13:24:18 -0800

Thanks. --host_timeout mitigates the problem by timing out, when the nmap hits the race condition. It would be great if 
the author can fix this problem.


-----Original Message-----
From: nmap-dev-bounces () insecure org
[mailto:nmap-dev-bounces () insecure org]On Behalf Of Michael Hornung
Sent: Monday, February 13, 2006 1:12 PM
To: nmap-dev () insecure org
Subject: Re: nmap stuck in infinite loop 

Ganga, I'm glad someone else has corroborated the same problem I reported 
on 26 January.  Unfortunately I have not fixed it but instead reverted to 
3.93 which still meets my needs and does not exhibit that problem.


On Mon, 13 Feb 2006 at 10:24, Ganga Bhavani wrote:

| I'm running nmap-3.95 in Windows xp system with the following command line parameter on Class B network. 
|nmap -O -F -debug -debug -debug -debug 
|The nmap is executing in the infinite loop. It has been logging the following message for more than 30hrs. 
|**TIMING STATS**: IP, probes active/freshportsleft/retry_stack/outstanding/retra
|nwait/onbench, cwnd/ccthresh/delay, timeout/srtt/rttvar/
|   Groupstats (1/30 incomplete): 0/*/*/*/*/* 12.05/2/* 1890847/272571/404569
| 0/0/4/0/0/0 1.00/2/0 1642338/346594/323936
|The code has been stuck in the following while loop in scan_engine.cc.
|  while(USI->numIncompleteHosts() != 0) {
|    doAnyPings(USI);
|    doAnyRetransmits(USI);
|    doAnyNewProbes(USI);
|    gettimeofday(&USI->now, NULL);
|    // printf("TRACE: Finished doAnyNewProbes() at %.4fs\n", o.TimeSinceStartMS(
|&USI->now) / 1000.0);
|    printAnyStats(USI);
|    waitForResponses(USI);
|    gettimeofday(&USI->now, NULL);
|    // printf("TRACE: Finished waitForResponses() at %.4fs\n", o.TimeSinceStartM
|S(&USI->now) / 1000.0);
|    processData(USI);
|  }
|I figured out that the probes active, freshports left,outstanding, retranwait,onbench are all 0 excpet the retry_stack 
is 4 and num of incomplete hosts is 1.When I further debugged, I found that it is not sending any probe or retransmit. 
|In this state, sendOK is returning false because the condition  if (TIMEVAL_MSEC_SUBTRACT(USI->now, last_wait) > 
to_ms) is true. And due to the failure of the sendOK, the functions in the "while" loop are not sending any 
|It does not remove the number of incomplete hosts as the retry stack size is more than 0. Due to this race condition, 
nmap goes into infinite loop and never recovers. 
|Can someone familiar with this part of the code help me fix this issue ?
|Sent through the nmap-dev mailing list

Sent through the nmap-dev mailing list

Sent through the nmap-dev mailing list

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]