Closed tmuncks closed 2 years ago
Can you provide a coredump?
Maybe you need also to add --cap-add=SYS_PTRACE
to docker run or eq in docker-compose file.
Maybe also this is related to https://github.com/greenbone/openvas-scanner/issues/825
I'll look into the test_alive_hosts_only = no
option and try to get a crash dump...
I checked all hosts.
Fun Fact: It not segfault on all hosts even if they run already for days with this version. But on some I see the same error.
That's odd... I'm running a couple of scans right now, to hopefully collect coredumps of the openvas segfault, nmap segfault and nmap trap.
I will check in the meantime if this also occurs with nmap 7.92.
Okay, so here are a couple of nmap coredumps, just to confirm it's the same problem in all of them. And a single openvas coredump, which was the only one encountered on this particular run.
Just adding another openvas dump, to see if these are different problems
thank you, hope that helps.
@tmuncks Can you please check the system side cpu microcode?
Sure. What would you like me to check? This is a virtual machine running under VMware ESXi.
Version? I'm not 100% sure, but maybe there is a problem. Because they some systems where i see the traps have different versions.
How much resources do you have assigned to your virtual machine.
The machines I have access to are mostly up to 192GiB, locally and on some client servers I have 16-32 GB and some are running almost at 80~95% RAM usage.
Do you think that there are peaks and that's why the segfaults and traps happen? At least I don't see any OOM messages.
My VM is much smaller at 6GB memory, but I'm only ever running a single scanning at a time (4 hosts, 4 NVTs simultaneously). Memory consumption does not look problematic here, however; No swapping, no OOM.
Version? I'm not 100% sure, but maybe there is a problem. Because they some systems where i see the traps have different versions.
VMware ESXi, 7.0.2, 17867351
Gut feeling is some compatibility issue between Ubuntu kernel/system libraries and the Alpine base image.
I have never seen anything like this before myself, but these guys are seeing something similar: https://github.com/soedinglab/hh-suite/issues/104 - Their solution has been a switch to a Debian base.
This doesn't explain the problem though, but FWIW, I tried a different GVM docker image based on Ubuntu, and I don't see any segfaults there.
Have switch to Debian. Closing this.
Describe the bug When scanning, often the process is "interrupted" before completing, and messages such as these shows up in
dmesg
on the host.openvas randomly segfaults, and nmap segfaults or traps. The results are unreliable, as hosts or services are missed, even if the scanning does not end up as interrupted.
To Reproduce Steps to reproduce the behavior:
Target has 32 IP addresses Alive Test: Consider Alive Scanning Config: Full and fast (unmodified)
Expected behavior Finalized scanning with no code errors, and all hosts covered in the result.
Host Device:
Image in use: