Nmap Development mailing list archives

nmap stuck in infinite loop

From: "Ganga Bhavani" <GBhavani () everdreamcorp com>
Date: Mon, 13 Feb 2006 10:24:30 -0800

HI,

 I'm running nmap-3.95 in Windows xp system with the following command line parameter on Class B network. 

nmap -O -F -debug -debug -debug -debug 10.10.191.0/16. 

The nmap is executing in the infinite loop. It has been logging the following message for more than 30hrs. 

**TIMING STATS**: IP, probes active/freshportsleft/retry_stack/outstanding/retra
nwait/onbench, cwnd/ccthresh/delay, timeout/srtt/rttvar/
   Groupstats (1/30 incomplete): 0/*/*/*/*/* 12.05/2/* 1890847/272571/404569
   10.10.4.84: 0/0/4/0/0/0 1.00/2/0 1642338/346594/323936

The code has been stuck in the following while loop in scan_engine.cc.
  while(USI->numIncompleteHosts() != 0) {
    doAnyPings(USI);
    doAnyRetransmits(USI);
    doAnyNewProbes(USI);
    gettimeofday(&USI->now, NULL);
    // printf("TRACE: Finished doAnyNewProbes() at %.4fs\n", o.TimeSinceStartMS(
&USI->now) / 1000.0);
    printAnyStats(USI);
    waitForResponses(USI);
    gettimeofday(&USI->now, NULL);
    // printf("TRACE: Finished waitForResponses() at %.4fs\n", o.TimeSinceStartM
S(&USI->now) / 1000.0);
    processData(USI);
  }

I figured out that the probes active, freshports left,outstanding, retranwait,onbench are all 0 excpet the retry_stack 
is 4 and num of incomplete hosts is 1.When I further debugged, I found that it is not sending any probe or retransmit. 
In this state, sendOK is returning false because the condition  if (TIMEVAL_MSEC_SUBTRACT(USI->now, last_wait) > to_ms) 
is true. And due to the failure of the sendOK, the functions in the "while" loop are not sending any 
probe/ping/retransmit.
It does not remove the number of incomplete hosts as the retry stack size is more than 0. Due to this race condition, 
nmap goes into infinite loop and never recovers. 

Can someone familiar with this part of the code help me fix this issue ?

Thanks,
Ganga
 





_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

Current thread:

nmap stuck in infinite loop Ganga Bhavani (Feb 13)
- Re: nmap stuck in infinite loop Michael Hornung (Feb 13)
- Re: nmap stuck in infinite loop Fyodor (Feb 16)
  - Re: nmap stuck in infinite loop Sullo (Feb 24)
- <Possible follow-ups>
- RE: nmap stuck in infinite loop Ganga Bhavani (Feb 14)
- RE: nmap stuck in infinite loop Ganga Bhavani (Feb 17)
- RE: nmap stuck in infinite loop Ganga Bhavani (Feb 24)