Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

nmap2.54b30 Darwin crashes

From: Matthew Rothenberg <matthew () kafkaesque com>
Date: Fri, 08 Mar 2002 20:47:59 -0500
I am in the process of writing a NmapFE port for OSX.  I have come across
this bug which does not occur in 2.53 but DOES occur in 2.54b30.

2.54b30 runs fine from the Darwin command line as far as I can tell, but
when executed from a NSTask (a sub-process call in Cocoa) it will generate a
SIGSEGV about 50% of the time.

There appears to be no rhyme or reason to when it happens... Sometimes it
does, sometimes it doesn't--even with identical arguments.

output:

Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
caught SIGSEGV signal, cleaning up


The following is a typical OSX crash reporter log.

**********
Date/Time:  2002-03-08 19:10:14 -0500
OS Version: 10.1.3 (Build 5Q45)
Host:       localhost

Command:    nmap
PID:        4600

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_INVALID_ADDRESS (0x0001) at 0x65353eda

Thread 0 Crashed:
#0   0x000153cc in shortfry
#1   0x000065fc in nmap_main
#2   0x0000264c in main
#3   0x00002288 in _start
#4   0x000020b8 in start

PPC Thread State:
srr0: 0x000153cc srr1: 0x0200d030                vrsave: 0x00000000
 xer: 0x0000000c   lr: 0x0001539c  ctr: 0x70003a00   mq: 0x00000000
  r0: 0x85cb954a   r1: 0xbfffc910   r2: 0xbfffc8f8   r3: 0x0000ba2e
  r4: 0x00042d2e   r5: 0x00000000   r6: 0x00000000   r7: 0xbfffc628
  r8: 0xffffffff   r9: 0xdf69a990  r10: 0x000e2580  r11: 0x65353eda
 r12: 0x70003a00  r13: 0x87859393  r14: 0xc24bc195  r15: 0x87859393
 r16: 0xc24bc195  r17: 0x87859393  r18: 0xc24bc195  r19: 0x87859393
 r20: 0xc24bc195  r21: 0x87859393  r22: 0xc24bc195  r23: 0x87859393
 r24: 0xc24bc195  r25: 0x87859393  r26: 0xbffffe88  r27: 0x00000014
 r28: 0x00000004  r29: 0x00047d90  r30: 0xbfffc910  r31: 0x00003140

**********


This is the info I was able to get by attaching GDB to the halted nmap
process.

(gdb) info threads
* 1 process 462 thread 0x1603  0x000153cc in shortfry (arr=0x751be526,
num_elem=1896164325) at utils.c:320
(gdb) info args
arr = (short unsigned int *) 0x751be526
num_elem = 1896164325
(gdb) info local
num = 42924
tmp = 1446
i = 1896164324
(gdb) bt
#0  0x000153cc in shortfry (arr=0x751be526, num_elem=1896164325) at
utils.c:320
#1  0x000065fc in nmap_main (argc=4, argv=0xbffffed8) at nmap.c:1101
#2  0x0000264c in main (argc=4, argv=0xbffffed8, envp=0xbffffeec) at
nmap.c:146
#3  0x00002288 in _start ()
#4  0x000020b8 in start ()


Any ideas?  This is basically the one thing keeping me from being able to
get a NmapFE port for OSX out the door.

Best regards,
-m

Matthew Rothenberg
matthew () kafkaesque com


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Previous By Date Next
Previous By Thread Next

Current thread: