Ubuntu
lua-lpeg package

  1. Bug #1580385
  2. Comment #4

Comment 4 for bug 1580385

Revision history for this message
Eric Desrochers (slashd) wrote :

It has been brought to my attention that 'nmap -sV' randomly segfault in Xenial.
I was also able to reproduce the situation.

It seems to be caused by a stack exhaustion due to a hascaptures() being called over and over.

GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.5) 7.11.1
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/nmap...(no debugging symbols found)...done.
[New LWP 17917]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `nmap -sV <IP_ADDRESS>'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f8e05b3f257 in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
(gdb) bt
#0 0x00007f8e05b3f257 in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#1 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#2 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#3 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#4 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#5 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#6 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#7 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#8 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#9 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#10 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#11 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#12 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#13 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
#14 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
....
#161459 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
......
#354107 0x00007f8e05b3f25c in hascaptures () from /usr/lib/x86_64-linux-gnu/liblua5.2-lpeg.so.2
...

0x00007f8e05b3f253 <+51>: lea 0x8(%rbx),%rdi
=> 0x00007f8e05b3f257 <+55>: callq 0x7f8e05b3f220 <hascaptures>
0x00007f8e05b3f25c <+60>: test %eax,%eax