Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Resource Cleanup Upon Thread Death
From: David Fifield <david () bamsoftware com>
Date: Tue, 2 Jun 2009 13:12:42 -0600

On Mon, Jun 01, 2009 at 11:11:26PM -0600, Patrick Donnelly wrote:
Attached is a patch to allow the cleanup of resources when a thread
dies for any reason (including normally). The current and only
resource we have in mind for this is mutexes. When a thread ends, any
mutex locked shall be unlocked immediately allowing for other threads
to avoid deadlock.

Feel free to test this (an example script is attached also) and report
what you think.

This patch nicely avoids a deadlock that used to exist in whois.nse. I
did the following:

nmap -iR 10000 -sL -n | gawk '/^Host / { print $2}' > 10000-hosts
svn update -r 13132 scripts/whois.nse # Restore the old deadlock.
# Apply the -PN -sP patch from http://www.bamsoftware.com/wiki/Nmap/EffectivenessOfPingProbes.
nmap --datadir . --script=whois -PN -sP -iL 10000-hosts -n -d3

This would deadlock consistently at the same point, because of the
following error:

NSE: ./scripts/whois.nse Ended Query at afrinic.
NSE: ./scripts/whois.nse pcall caught an exception in analyse_response: ./scripts/whois.nse:740: attempt 
to index local 'data' (a nil value).
NSE: 'whois' (thread: 0x858b0b0) threw an error!
./scripts/whois.nse:216: attempt to call field '?' (a nil value)
stack traceback:
        ./scripts/whois.nse:216: in function <./scripts/whois.nse:117>
        (tail call): ?

Completed NSE at 12:36, 15.04s elapsed
NSE: Script Scanning completed.
NSE: Starting 'whois' (thread: 0x8578a70) against
Stats: 0:04:15 elapsed; 256 hosts completed (272 up), 16 undergoing Script Scan
NSE: Active NSE Script Threads: 1 (1 waiting)

NSE Timing: About 93.75% done; ETC: 11:42 (0:00:04 remaining)
NSOCK (225.9010s) nsock_loop() started (timeout=50ms). 0 events pending
NSOCK (225.9190s) nsock_loop() started (timeout=50ms). 0 events pending
NSOCK (225.9420s) nsock_loop() started (timeout=50ms). 0 events pending
NSOCK (225.9830s) nsock_loop() started (timeout=50ms). 0 events pending died without releasing the afrinic mutex. When needed to contact afrinic, it would wait forever.

With your patch, the error still occurs, but does not
cause a deadlock later.

I will look at the code now and get back to you.

David Fifield

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]