I am continuing to troubleshoot a SIGSEGV issue as described in a prior post.
In the prior post I mentioned having a SIGSEGV error in my openvassd log file.
Here is what shows in the log file:
[Fri Jan 24 19:45:34 2014][12467] user om starts a new scan. Target(s) :
10.10.10.46, with max_hosts = 20 and max_checks = 4
[Fri Jan 24 19:45:34 2014][12467] user om : testing 10.10.10.46
(::ffff:10.10.10.46) [12510]
[Fri Jan 24 19:45:35 2014][12510] user om : new KB will be saved as
/usr/local/var/lib/openvas/users/om/kbs/10.10.10.46
[Fri Jan 24 19:55:21 2014][12510] SIGSEGV occured !
[Fri Jan 24 19:55:21 2014][12467] user om : test complete
[Fri Jan 24 19:55:22 2014][12467] Total time to scan all hosts : 629 seconds
I have been unable to get a core dump. I might just not know how to get it to
happen. Can anyone tell me how to get a core dump to happen?
However, I did a strace of the openvassd process and captured the entire stack
trace. However, I can't interpret the data in the trace to make heads or tails
about what happened. Here is the trace information right around when the
SIGSEGV happened. Any ideas what actually "crashed"? I have plenty more trace
information if this does not contain everything needed to understand what
failed.
13537 13:55:21.954433 recvfrom(4, <unfinished ...>
12510 13:55:21.954519 write(5, "1390593321 1
SentData/1.3.6.1.4.1.25623.1.0.103997/LOG=<host><detail><name>best_os_txt</name><value>Windows
Server 2008 R2 Standard 7601 Service Pack 1</value><source><type>nvt</ty"...,
339) = 339
12510 13:55:21.954691 lseek(5, 0, SEEK_END) = 1710391
12510 13:55:21.954848 fstat(5, {st_mode=S_IFREG|0640, st_size=1710391, ...}) = 0
12510 13:55:21.955007 lseek(5, 0, SEEK_SET) = 0
12510 13:55:21.955333 read(5, "1390592735 3
Launched/1.3.6.1.4.1.25623.1.0.104086=1\n1390592735 3
Launched/1.3.6.1.4.1.25623.1.0.104060=1\n1390592736 3
Launched/1.3.6.1.4.1.25623.1.0.104061=1\n1390592737 3 Launched"..., 1710391) =
1710391
12510 13:55:21.955874 lseek(5, 1710391, SEEK_SET) = 1710391
12510 13:55:21.957906 gettimeofday( <unfinished ...>
12467 13:55:21.958194 <... select resumed> ) = 0 (Timeout)
12467 13:55:21.958376 select(7, [6], NULL, NULL, {0, 1000} <unfinished ...>
12510 13:55:21.958524 <... gettimeofday resumed> {1390593321, 958491}, NULL) = 0
12510 13:55:21.958646 write(5, "1390593321 3
Success/1.3.6.1.4.1.25623.1.0.103997=1\n", 52) = 52
12510 13:55:21.958820 gettimeofday({1390593321, 958882}, NULL) = 0
12510 13:55:21.958980 wait4(-1, NULL, WNOHANG, NULL) = 0
12510 13:55:21.959586 select(9, [8], NULL, NULL, {0, 500000} <unfinished ...>
12467 13:55:21.959919 <... select resumed> ) = 0 (Timeout)
12467 13:55:21.960085 wait4(-1, NULL, WNOHANG, NULL) = 0
12467 13:55:21.960338 kill(12510, SIG_0) = 0
12467 13:55:21.960603 select(8, [7], NULL, NULL, {0, 10000} <unfinished ...>
12510 13:55:21.960756 <... select resumed> ) = 1 (in [8], left {0, 499994})
12510 13:55:21.960888 recvfrom(8, "\1\0\1\0", 4, 0, NULL, NULL) = 4
12510 13:55:21.961149 sendto(8, "\2\0\1\0", 4, 0, NULL, 0 <unfinished ...>
13537 13:55:21.961368 <... recvfrom resumed> "\2\0\1\0", 4, 0, NULL, NULL) = 4
13537 13:55:21.961878 exit_group(0) = ?
12510 13:55:21.965031 <... sendto resumed> ) = 4
12510 13:55:21.965193 kill(13537, SIGTERM) = 0
12510 13:55:21.965369 gettimeofday({1390593321, 965435}, NULL) = 0
12510 13:55:21.965543 wait4(13537, <unfinished ...>
13537 13:55:21.965681 +++ exited with 0 +++
12510 13:55:21.965781 <... wait4 resumed> NULL, 0, NULL) = 13537
12510 13:55:21.965870 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED,
si_pid=13537, si_status=0, si_utime=40, si_stime=3} ---
12510 13:55:21.965959 wait4(-1, NULL, WNOHANG, NULL) = -1 ECHILD (No child
processes)
12510 13:55:21.966123 rt_sigreturn() = 13537
12510 13:55:21.966289 close(8) = 0
12510 13:55:21.966456 getppid() = 12467
12510 13:55:21.966614 wait4(12467, NULL, WNOHANG, NULL) = -1 ECHILD (No child
processes)
12510 13:55:21.966774 kill(12467, SIG_0) = 0
12510 13:55:21.966946 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR,
si_addr=0x3505} ---
12510 13:55:21.967034 rt_sigaction(SIGSEGV, {0x408790, [SEGV],
SA_RESTORER|SA_RESTART, 0x7f22f0871ff0}, {0x417e70, ~[KILL ALRM STOP RTMIN
RT_1], SA_RESTORER, 0x7f22f0871ff0}, 8) = 0
12510 13:55:21.967228 write(3, "[Fri Jan 24 19:55:21 2014][12510] SIGSEGV
occured ! \n", 53) = 53
12510 13:55:21.967535 getpgrp() = 12467
12510 13:55:21.967867 exit_group(0) = ?
Brian Diehl
Christensen Farms IT Manager
Phone: 507-794-8585
-----Original Message-----
From: Hani Benhabiles [mailto:[email protected]]
Sent: Thursday, January 02, 2014 10:08 AM
To: [email protected]
Subject: Re: [Openvas-discuss] OpenVas 6.0 Scans not showing as "Complete"
On 2014-01-02 14:42, Brian Diehl wrote:
> I am able to reproduce this at will. I have a single target I've
> tested with. The "not complete" problem happens with both a "OpenVas
> Default" and a "All IANA assigned TCP and UDP 2012-02-10" port list
> configuration for the target.
>
> As far as the core dump is concerned I'm not finding one. Any ideas
> where it should be if it is created? If it isn't getting created is
> there a configuration option I can turn on to get it to be written?
>
Depending on how you are starting the scanner / the shell you are using. You
can find many examples on google like [1].
[1] http://www.cyberciti.biz/tips/linux-core-dumps.html
Regards,
Hani.
_______________________________________________
Openvas-discuss mailing list
[email protected]
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
