Nmap Development mailing list archives
nmap crashes 2.6.9 kernel ?
From: "A.R." <r00t () northernfortress net>
Date: Tue, 26 Oct 2004 22:55:48 +0000
Hello list, I don't know if this is a known issue already, but I haven't found any documentation about it. Issuing a 'nmap -sT -p 1-50000 127.0.0.1' for a few times on a 2.6.9 Linux kernel can cause the machine to freeze (nmap 3.75 on a 2.6.9 Gentoo box). The problem seems to deal with the tcp_transmit_skb() function (in the net/ipv4/tcp_output.c file), which introduces in the latest kernel the following check: BUG_ON(!tcp_skb_pcount(skb)); For what I understand, the tcp_skb_pcount() function counts how many TCP packets are needed to send the buffered data. But sometimes, during a nmap scan, this function returns zero, and the BUG_ON macro causes the kernel to panic, as we see in the bug.h file: #define BUG() do { \ printk("kernel BUG at %s:%d!\n", __FILE__, __LINE__); \ panic("BUG!"); \ } while (0) ... #define BUG_ON(condition) do { if (unlikely((condition)!=0)) BUG(); } while(0) <disclaimer> I am not a kernel guru, so I might have misinterpreted the issue. </disclaimer> ;) Regards Alberto Revelli Northern Fortress, Inc. --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- nmap crashes 2.6.9 kernel ? A.R. (Oct 26)
- Re: nmap crashes 2.6.9 kernel ? Brancaleoni Matteo (Oct 30)
- Re: nmap crashes 2.6.9 kernel ? A.R. (Oct 30)
- Re: nmap crashes 2.6.9 kernel ? Brancaleoni Matteo (Oct 30)