Nmap Development mailing list archives
Re: 4.0 Segfault
From: Leif Tishendorf <ltishend () uoregon edu>
Date: Fri, 03 Feb 2006 13:19:06 -0700
Ran it a couple times, first time gave me this: Program received signal SIGSEGV, Segmentation fault. 0x0808112f in deal_with_timedout_reads () at nmap_dns.cc:686 686 tpserv->capacity = (int) (tpserv->capacity * CAPACITY_MINOR_DOWN_SCALE);; (gdb) bt #0 0x0808112f in deal_with_timedout_reads () at nmap_dns.cc:686 #1 0x08081ed8 in nmap_mass_rdns_core (targets=0x94c0598, num_targets=256) at nmap_dns.cc:1136 #2 0x0808232c in nmap_mass_rdns (targets=0x94c0598, num_targets=256) at nmap_dns.cc:1205 #3 0x080551bd in nexthost (hs=0x94c0138, exclude_group=0x0, ports=0x94bdc30, pingtype=0x80c59bc) at targets.cc:438 #4 0x0804eccd in nmap_main (argc=13, argv=0xbf9933b4) at nmap.cc:1114 #5 0x0804b6b8 in main (argc=13, argv=0xbf9933b4, envp=0xbf9933ec) at main.cc:245 Second gave this: Program received signal SIGSEGV, Segmentation fault. deal_with_timedout_reads () at /usr/lib/gcc/i386-redhat-linux/4.0.2/../../../../include/c++/4.0.2/bits/stl_list.h:148 148 _M_node = _M_node->_M_next; (gdb) bt #0 deal_with_timedout_reads () at /usr/lib/gcc/i386-redhat-linux/4.0.2/../../../../include/c++/4.0.2/bits/stl_list.h:148 #1 0x08081ed8 in nmap_mass_rdns_core (targets=0xa44e598, num_targets=256) at nmap_dns.cc:1136 #2 0x0808232c in nmap_mass_rdns (targets=0xa44e598, num_targets=256) at nmap_dns.cc:1205 #3 0x080551bd in nexthost (hs=0xa44e138, exclude_group=0x0, ports=0xa44bc30, pingtype=0x80c59bc) at targets.cc:438 #4 0x0804eccd in nmap_main (argc=13, argv=0xbfa05134) at nmap.cc:1114 #5 0x0804b6b8 in main (argc=13, argv=0xbfa05134, envp=0xbfa0516c) at main.cc:245 Ran the scan I gave previously trying to scan a /24 subnet. Fyodor wrote:
On Fri, Feb 03, 2006 at 11:28:22AM -0700, Leif Tishendorf wrote:With the latest 4.0 release I am getting a segfault when I am scanning more then one host at a time. Did a strace and got: --- SIGSEGV (Segmentation fault) @ 0 (0) --- write(2, "caught SIGSEGV signal, cleaning "..., 35caught SIGSEGV signal, cleaning up) = 35 close(1) = 0 munmap(0xb7f67000, 4096) = 0 rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0 write(3, "The SYN Stealth Scan took 625.25"..., 2577) = 2577 tgkill(2840, 2840, SIGABRT) = 0 --- SIGABRT (Aborted) @ 0 (0) --- +++ killed by SIGABRT +++ I'm running the following scan: /usr/local/nmap-4.00/nmap -vvvv --host_timeout 1500000 -oN - -oX <xml out> -sS -p 1-18,20-9099,9101-65535 -O <host>Could you try it with gdb instead? Go to (or remake) the source directory, 'make' Nmap, then do: gdb ./nmap r -vvvv --host_timeout 1500000 -oN - -oX <xml out> -sS -p 1-18,20-9099,9101-65535 -O <host> [ wait for crash, then press 'bt<enter>' ] Then would you send us a log of the output? If it is very long, sending just the 'bt' results may be enough. Thanks, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
-- Leif Tishendorf Network Security voice #: (541) 346-1666 Computing Center Room 239 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- 4.0 Segfault Leif Tishendorf (Feb 03)
- Re: 4.0 Segfault Fyodor (Feb 03)
- Re: 4.0 Segfault Leif Tishendorf (Feb 03)
- Re: 4.0 Segfault Fyodor (Feb 03)