Fwd: Segmentation Fault: madwifi and hostapd
jkmaline at cc.hut.fi
Mon Jan 30 23:42:02 EST 2006
On Mon, Jan 30, 2006 at 07:24:56PM -0800, Chad Meister wrote:
> I've done some further investigations using gdb.
> Looking at the valgrind output, I decided to
> investigate the suspicious conditionals. One example
> is line 135 in hostap.c:
> if ((conf_syslog & module) && level >=
> valgrind output suggests that there is an unitialized
> value in this conditional, before it drops into
> vsyslog() and seg faults.
Hmm.. I did not notice messages about that line in the valgrind output.
The main warnings were being triggered inside glibc in vfprintf (called
> After further
> investigation, I think the uninitialized variable is
> the conf_syslog. The value of conf_syslog is based on
> the hostapd_config struct's unsigned int logger_syslog
> value - a variable used for bitwise operations. The
> default value of logger_syslog is an (unsigned int)
I don't see how this could be uninitialized.
> In my setup, this is where I think things go wrong.
> When hostapd sets logger_syslog value as a (unsigned
> int) -1, the value "4294967295" is assigned. Wrong.
This is the expected behavior and that (unsigned int) -1 is just a more
or less standard mechanism for setting a variable to a value with all
bits set to 1.
> I think this happens with all -1 (unsigned int)
> assignments on my machine. When I manually set
> conf_syslog to 0 back in gdb, hostapd does not
> segfault and descends into the radius code to create
> the connection.
The segfault is clearly related to vsyslog call. Setting conf_syslog to
0 is just skipping that call which avoids the problem.
> So what is going on here?
I'm not sure. I cannot reproduce the same behavior in my tests with
valgrind on x86. Just in case, I ran a test with hostapd on PowerPC;
though, I'm using different C library, so vsyslog is different.
One possible explanation could be that something is going wrong with
variable argument processing (va_start/va_list/va_end). hostapd_logger()
is passing variable arguments into two functions in your configuration
case. Could you please try what happens if you leave logger_syslog=-1,
but change logger_stdout=0 in the configuration. This will make only
vsyslog() to use the variable arguments.
Jouni Malinen PGP id EFC895FA
More information about the HostAP