Segmentation Fault

Vincent Maurin vincent.maurin at smartcom.com
Mon Sep 11 05:40:28 EDT 2006


Hi,

I think it is a driver problem in get_scan_results.

Scan results: 16915
Not enough room for all APs (16915 < 128)

Your get_scan_result return a huge number of AP (16915), and I think 
fill the memory with incoherent value that wpa supplicant will use. 
These bad values conduct to the segfault

Vincent



Andrea Scharfe a écrit :
> Hi there,
>  
> I have already tried sending an email to this list, but I got no 
> reply. As my problem is really urgent, I try again with a shorter email.
>  
> I am doing automated traffic tests with wpa_supplicant and from time 
> to time (sometimes after two hours, sometimes after 6 hours and 
> sometimes not at all) I get segmentation faults.
> I use a customized driver, maybe there is something wrong with my 
> driver, but there might be a problem with the wpa_supplicant as well.
>  
> Let's have a look at my debug output:
>  
> after scanning the following occurs:
>  
>  selected non-WPA AP 00:16:9d:7c:b5:e0 ssid='root2006_08_30__15_05_09'
> Trying to associate with 00:16:9d:7c:b5:e0 
> (SSID='root2006_08_30__15_05_09' freq=2447 MHz)
> Cancelling scan request
> WPA: clearing own WPA/RSN IE
> Automatic auth_alg selection: 0x1
> WPA: clearing AP WPA IE
> WPA: clearing AP RSN IE
> WPA: clearing own WPA/RSN IE
> No keys have been configured - skip key clearing
> State: SCANNING -> ASSOCIATING
> ioctl error HEOCDRIVPRIV!: Machine is not on the network
> Association request to the driver failed
> Setting authentication timeout: 5 sec 0 usec
> EAPOL: External notification - portControl=ForceAuthorized
> Wireless event: cmd=0x8c02 len=37
> Custom wireless event: 'EVENT-DISASSOC.indication '
> Added BSSID 00:00:00:00:00:00 into blacklist
> State: ASSOCIATING -> DISCONNECTED
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
> RX ctrl_iface - hexdump_ascii(len=16):
>      52 45 4d 4f 56 45 5f 4e 45 54 57 4f 52 4b 20 30   REMOVE_NETWORK 0
> CTRL_IFACE: REMOVE_NETWORK id=0
> State: DISCONNECTED -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> RX global ctrl_iface - hexdump_ascii(len=21):
>      49 4e 54 45 52 46 41 43 45 5f 52 45 4d 4f 56 45   INTERFACE_REMOVE
>      20 65 74 68 31                                     eth1
> CTRL_IFACE GLOBAL INTERFACE_REMOVE 'eth1'
> Removing interface eth1
> State: DISCONNECTED -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> No keys have been configured - skip key clearing
> Removed BSSID 00:00:00:00:00:00 from blacklist (clear)
> Removed BSSID 00:16:9d:7c:b5:e0 from blacklist (clear)
> Cancelling scan request
> ...
> wpa_supplicant is trying to scan two more times...
> ...
> No suitable AP found.
> Setting scan request: 5 sec 0 usec
> Starting AP scan (broadcast SSID)
> RX ctrl_iface - hexdump_ascii(len=16):
>      52 45 4d 4f 56 45 5f 4e 45 54 57 4f 52 4b 20 30   REMOVE_NETWORK 0
> CTRL_IFACE: REMOVE_NETWORK id=0
> State: SCANNING -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> RX global ctrl_iface - hexdump_ascii(len=21):
>      49 4e 54 45 52 46 41 43 45 5f 52 45 4d 4f 56 45   INTERFACE_REMOVE
>      20 65 74 68 31                                     eth1
> CTRL_IFACE GLOBAL INTERFACE_REMOVE 'eth1'
> Removing interface eth1
> State: DISCONNECTED -> DISCONNECTED
> No keys have been configured - skip key clearing
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> No keys have been configured - skip key clearing
> Cancelling scan request
> Scan timeout - try to get results
> ioctl error HEOCDRIVPRIV!: Bad file descriptor
> Scan results: 16915
> Not enough room for all APs (16915 < 128)
> Segmentation fault (core dumped)
> ------------------------------------
>  
> this comes from my driver:
> ioctl error HEOCDRIVPRIV!: Machine is not on the network 
>  
> But what does this mean? :
> Added BSSID 00:00:00:00:00:00 into blacklist
> ...
> Removed BSSID 00:00:00:00:00:00 from blacklist (clear)
> Removed BSSID 00:16:9d:7c:b5:e0 from blacklist (clear)
>  
> it seems like there are two scan requests at the same time. And this 
> seems to lead to the segmentation fault.
>  
> Any idea where I might start looking for a bug? Is it possible that 
> there is a bug in wpa_supplicant?
>  
> Please help me! I have to write my diploma thesis about this and right 
> now I am stuck with this :-(
>  
> Thank you!
> Andrea
>  
>  
>
>  
> ------------------------------------------------------------------------
>
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>   




More information about the HostAP mailing list