Nmap Development mailing list archives
Re: Help debugging hang with epoll_engine
From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 07 Jun 2012 15:55:05 -0500
Ok, I've narrowed it down to a loop in function "run" in nse_main.lua. The call to l_loop (socket.loop in Lua) happens on line 937. I ran nse_main.lua through luac -l to generate opcodes, so here's my best guess at the execution trace:
OP_GETUPVAL OP_MOVE OP_CALL -- pairs(pending) OP_JMP OP_TFORCALL OP_TFORLOOP -- for co, thread in pairs(pending) do -- pending must be empty, because we move past it to: OP_GETUPVAL OP_LOADK OP_CALL -- collectgarbage "step" OP_JMP -- end -- loop back to line 850, while OP_GETUPVAL OP_MOVE OP_CALL OP_TEST -- next running OP_GETUPVAL OP_MOVE OP_CALL OP_TEST -- next waiting OP_TEST -- threads_iter --false, so fal through to line 863 OP_GETUPVAL OP_MOVE OP_CALL -- table_size --function table_size OP_LOADK -- local n=0 OP_GETUPVAL OP_MOVE OP_CALL -- pairs(t) OP_JMP OP_TFORCALL OP_TFORLOOP -- for _ in pairs(t) do OP_RETURN -- return 0, since t was empty OP_GETUPVAL OP_MOVE OP_CALL -- table_size --function table_size OP_LOADK -- local n=0 OP_GETUPVAL OP_MOVE OP_CALL -- pairs(t) OP_JMP OP_TFORCALL OP_TFORLOOP -- for _ in pairs(t) do OP_ADD -- n = n + 1 OP_TFORCALL OP_TFORLOOP -- for _ in pairs(t) do OP_RETURN -- return 1 -- back in run() at line 864 OP_GETTABUP OP_CALL -- cnse.key_was_pressed() OP_TEST -- false, go to line 878 OP_MOVE OP_LOADK OP_CALL -- elseif progress "mayBePrinted" then OP_TEST -- false, go to line 887 OP_GETUPVAL OP_MOVE OP_CALL -- pairs(waiting) OP_JMP OP_TFORCALL OP_TFORLOOP -- for co, thread in pairs(waiting) do OP_SELF OP_CALL -- thread:timed_out() -- line 300OP_GETTABLE OP_EQ OP_GETTABLE OP_EQ -- if self.type == "hostrule" or self.type == "portrule" thenOP_GETTABUP OP_GETTABLE -- return cnse.timedOut(self.host); OP_TAILCALL OP_RETURN -- back in run() line 888 OP_TEST -- false (not timed out) OP_TFORCALL OP_TFORLOOP -- for co, thread in pairs(waiting) do OP_GETUPVAL OP_MOVE OP_CALL -- pairs(running) OP_JMP OP_TFORCALL OP_TFORLOOP -- for co, thread in pairs(running) do -- No running threads OP_GETUPVAL OP_LOADK OP_CALL -- loop(50) Breakpoint 4, l_loop (L=0x8c56ad8) at nse_nsock.cc:401
So there is a problem where the thread is stuck in waiting state, and the socket won't timeout. I can't figure it out, and I need to move on to other things right now. I hope someone else can see what I can't.
Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Help debugging hang with epoll_engine Daniel Miller (Jun 07)
- Re: Help debugging hang with epoll_engine Daniel Miller (Jun 07)
- Re: Help debugging hang with epoll_engine Patrick Donnelly (Jun 07)
- Re: Help debugging hang with epoll_engine Daniel Miller (Jun 07)
- Re: Help debugging hang with epoll_engine Henri Doreau (Jun 08)
- Re: Help debugging hang with epoll_engine Daniel Miller (Jun 08)
- Re: Help debugging hang with epoll_engine Daniel Miller (Jun 07)