Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Resource Cleanup Upon Thread Death
From: David Fifield <david () bamsoftware com>
Date: Tue, 2 Jun 2009 13:12:42 -0600

On Mon, Jun 01, 2009 at 11:11:26PM -0600, Patrick Donnelly wrote:
Attached is a patch to allow the cleanup of resources when a thread
dies for any reason (including normally). The current and only
resource we have in mind for this is mutexes. When a thread ends, any
mutex locked shall be unlocked immediately allowing for other threads
to avoid deadlock.

Feel free to test this (an example script is attached also) and report
what you think.

This patch nicely avoids a deadlock that used to exist in whois.nse. I
did the following:

nmap -iR 10000 -sL -n | gawk '/^Host / { print $2}' > 10000-hosts
svn update -r 13132 scripts/whois.nse # Restore the old deadlock.
# Apply the -PN -sP patch from http://www.bamsoftware.com/wiki/Nmap/EffectivenessOfPingProbes.
nmap --datadir . --script=whois -PN -sP -iL 10000-hosts -n -d3

This would deadlock consistently at the same point, because of the
following error:

NSE: ./scripts/whois.nse 197.147.194.90 Ended Query at afrinic.
NSE: ./scripts/whois.nse 197.147.194.90 pcall caught an exception in analyse_response: ./scripts/whois.nse:740: attempt 
to index local 'data' (a nil value).
NSE: 'whois' (thread: 0x858b0b0) threw an error!
./scripts/whois.nse:216: attempt to call field '?' (a nil value)
stack traceback:
        ./scripts/whois.nse:216: in function <./scripts/whois.nse:117>
        (tail call): ?

Completed NSE at 12:36, 15.04s elapsed
NSE: Script Scanning completed.
...
NSE: Starting 'whois' (thread: 0x8578a70) against 154.73.251.26.
...
Stats: 0:04:15 elapsed; 256 hosts completed (272 up), 16 undergoing Script Scan
NSE: Active NSE Script Threads: 1 (1 waiting)

NSE Timing: About 93.75% done; ETC: 11:42 (0:00:04 remaining)
NSOCK (225.9010s) nsock_loop() started (timeout=50ms). 0 events pending
NSOCK (225.9190s) nsock_loop() started (timeout=50ms). 0 events pending
NSOCK (225.9420s) nsock_loop() started (timeout=50ms). 0 events pending
NSOCK (225.9830s) nsock_loop() started (timeout=50ms). 0 events pending

197.147.194.90 died without releasing the afrinic mutex. When
154.73.251.26 needed to contact afrinic, it would wait forever.

With your patch, the 197.147.194.90 error still occurs, but does not
cause a deadlock later.

I will look at the code now and get back to you.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault