Re: Hostapd SIGSEGV with rt2x00

Petr Novak n_petr at seznam.cz
Sun Aug 3 21:18:32 EDT 2008 

> > Hello,
> > yesterday I recieved SIGSEGV from hostapd on:
> > kernel: 2.6.27-rc1-wl
> > driver: rt2500pci
> > version: 2.1.8
> > compiled: Aug 2 2008 18:48:26
> > 
> > # hostapd.conf
> > interface=wlan0
> > driver=nl80211
> > ssid=stealth
> > hw_mode=g
> > 
> > # hostapd -dd /etc/hostapd/hostapd.conf
> > Configuration file: /etc/hostapd/hostapd.conf
> > Failed to create interface mon.wlan0.
> > nl80211 driver initialization failed.
> > wlan0: Unable to setup interface.
> > Flushing old station entries
> > Deauthenticate all stations
> > Neoprávněný přístup do paměti (SIGSEGV)
> > 
> > # dmesg
> > [ 873.450929] hostapd[5818]: segfault at 0 ip 0804c6af sp bff23f60 error 4 in
> hostapd[8048000+53000]
> > [ 1950.047936] hostapd[6591]: segfault at 0 ip 0804c6af sp bfca1070 error 4 in
> hostapd[8048000+53000]
> > [ 1985.862599] hostapd[6610]: segfault at 0 ip 0804c6af sp bfe36a00 error 4 in
> hostapd[8048000+53000]
> > 
> > I am using Hostapd from git. You can see more info in:
> >
> http://sourceforge.net/mailarchive/forum.php?thread_name=1343.1215-14058-167311540-1217705175%40seznam.cz&forum_name=rt2400-devel
> > 
> > Is it sufficient report for fix this bug?
> 
> Umm, no. Compile with debugging information and run with gdb.
> 
> johannes

Dear Johannes,
thank you for hints. I have never used gdb, so now I reproduce my steps what I have done. If something wrong, please correct me:

I can not find ./configure in ~/hostap/hostapd/ for run "./configure --enable-debug=yes".

So i hacked Makefile on 6th line:
CFLAGS = -MMD -O2 -Wall -g >>> CFLAGS = -MMD -O2 -Wall -ggdb3
Save the file and run "make && make install".

I made two configure files:

/root/.gdbinit
set history filename /home/root/.gdb_history
set history save on

~/hostap/hostapd/.gdbinit
set env LD_PRELOAD=/usr/lib/libefence.so
#set env LD_LIBRARY_PATH ./gdk-pixbuf/.libs/:./gdk/.libs/:./gtk/.libs/
file ./hostapd
b main
b exit
run -dd /etc/hostapd/hostapd.conf
#run 2>/dev/null
#b gtkfontsel.c:754
#b gtk_button_get_props
#b cursed_theme_draw.c:755
cont

At the end I made two catches. One with commented libfense.so (gdb.txt) and second without commented libfence.so (gdb_ef.txt). Please see an attachement.

Best regards, Petr Novak.
-------------- next part --------------
... gdb without electric-fence ...
gdb
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
Breakpoint 1 at 0x804eec8: file hostapd.c, line 1858.
Function "exit" not defined.
Make breakpoint pending on future shared library load? (y or [n]) [answered N; input not from terminal]

Breakpoint 1, main (argc=1, argv=0xbff33f74) at hostapd.c:1858
1858    {
hostapd v0.6.3
User space daemon for IEEE 802.11 AP management,
IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Copyright (c) 2002-2008, Jouni Malinen <j at w1.fi> and contributors

usage: hostapd [-hdBKtv] [-P <PID file>] <configuration file(s)>

options:
   -h   show this usage
   -d   show more debug messages (-dd for even more)
   -B   run daemon in the background
   -P   PID file
   -K   include key data in debug messages
   -t   include timestamps in some debug messages
   -v   show hostapd version

Program exited with code 01.
(gdb) run -ddddd /etc/hostapd/hostapd.conf
Starting program: /mnt/Storage/_kernel_/2_8_2008/hostap/hostapd/hostapd -ddddd /etc/hostapd/hostapd.conf

Breakpoint 1, main (argc=3, argv=0xbfd11514) at hostapd.c:1858
1858    {
(gdb) bt
#0  main (argc=3, argv=0xbfd11514) at hostapd.c:1858
-------------- next part --------------
... gdb with electric-fense ...
gdb
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
Breakpoint 1 at 0x804eec8: file hostapd.c, line 1858.
Function "exit" not defined.
Make breakpoint pending on future shared library load? (y or [n]) [answered N; input not from terminal]
[Thread debugging using libthread_db enabled]

  Electric Fence 2.1 Copyright (C) 1987-1998 Bruce Perens.
[New Thread 0xb7d13aa0 (LWP 22944)]
[Switching to Thread 0xb7d13aa0 (LWP 22944)]

Breakpoint 1, main (argc=3, argv=0xbfab62a4) at hostapd.c:1858
1858    {
Configuration file: /etc/hostapd/hostapd.conf
Failed to create interface mon.wlan0.
nl80211 driver initialization failed.
wlan0: Unable to setup interface.
Flushing old station entries
Deauthenticate all stations

Program received signal SIGSEGV, Segmentation fault.
0x0804c6af in hostapd_flush_old_stations (hapd=0xb7c56950) at hostapd.c:176
176             if (os_strcmp(hapd->driver->name, "hostap") != 0) {
(gdb) bt
#0  0x0804c6af in hostapd_flush_old_stations (hapd=0xb7c56950) at hostapd.c:176
#1  0x0804f458 in main (argc=Cannot access memory at address 0x7
) at hostapd.c:1979

More information about the HostAP mailing list