Hostapd killed / RCU crash?

Keane, Ben (STRX) ben.keane at kaelus.com
Thu May 10 21:34:02 EDT 2012 

Hello,

I was running my hostapd setup overnight, and when I came into work this morning I found the following in dmesg:

...
[   56.603393] wlan0: moving STA 00:15:6d:84:57:cd to state 2
[   56.605133] ieee80211 phy0: Inserted STA 00:15:6d:84:57:cd
[   56.633728] wlan0: moving STA 00:15:6d:84:57:cd to state 3
[ 1843.123992] wlan0: moving STA 00:15:6d:84:57:cd to state 2
[ 1843.134674] wlan0: moving STA 00:15:6d:84:57:cd to state 1
[ 1843.134704] wlan0: moving STA 00:15:6d:84:57:cd to state 0
[ 1843.135162] ieee80211 phy0: Removed STA 00:15:6d:84:57:cd
[ 1843.135223] ieee80211 phy0: Destroyed STA 00:15:6d:84:57:cd
[12477.070678] select 1 (init), adj 0, size 45, to kill
[12477.070739] select 1039 (sh), adj 0, size 83, to kill
[12477.070770] select 1079 (udhcpd), adj 0, size 87, to kill
[12477.070770] select 1081 (hostapd), adj 0, size 120949, to kill
[12477.070800] send sigkill to 1081 (hostapd), adj 0, size 120949
[12477.232727] init: untracked pid 1081 exited
[12477.237365] ------------[ cut here ]------------
[12477.237396] WARNING: at kernel/rcutiny_plugin.h:714 synchronize_rcu+0x44/0x7c()
[12477.237426] Modules linked in:
[12477.237426] Backtrace:
[12477.237487] [<c00112f8>] (dump_backtrace+0x0/0x110) from [<c0425e84>] (dump_stack+0x18/0x1c)
[12477.237518]  r7:00000009 r6:000002ca r5:c007c5e0 r4:00000000
[12477.237548] [<c0425e6c>] (dump_stack+0x0/0x1c) from [<c002f50c>] (warn_slowpath_common+0x54/0x6c)
[12477.237579] [<c002f4b8>] (warn_slowpath_common+0x0/0x6c) from [<c002f548>] (warn_slowpath_null+0x24/0x2c)
[12477.237609]  r9:def21080 r8:00000000 r7:00000000 r6:00000000 r5:60000013
[12477.237640] r4:c064fa3c
[12477.237670] [<c002f524>] (warn_slowpath_null+0x0/0x2c) from [<c007c5e0>] (synchronize_rcu+0x44/0x7c)
[12477.237701] [<c007c59c>] (synchronize_rcu+0x0/0x7c) from [<c004ffb4>] (atomic_notifier_chain_unregister+0x84/0x8c)
[12477.237731]  r5:60000013 r4:c063fa7c
[12477.237762] [<c004ff30>] (atomic_notifier_chain_unregister+0x0/0x8c) from [<c005d574>] (task_handoff_unregister+0x18/0x20)
[12477.237792]  r7:00000000 r6:fffffffe r5:00000000 r4:00000000
[12477.237823] [<c005d55c>] (task_handoff_unregister+0x0/0x20) from [<c032c6e0>] (task_notify_func+0x2c/0x3c)
[12477.237884] [<c032c6b4>] (task_notify_func+0x0/0x3c) from [<c004f8cc>] (notifier_call_chain+0x34/0x78)
[12477.237915] [<c004f898>] (notifier_call_chain+0x0/0x78) from [<c004feac>] (__atomic_notifier_call_chain+0x40/0x54)
[12477.237945] [<c004fe6c>] (__atomic_notifier_call_chain+0x0/0x54) from [<c004fee0>] (atomic_notifier_call_chain+0x20/0x28)
[12477.237976]  r7:dec1f080 r6:c05b4000 r5:dec45940 r4:dec6c840
[12477.238006] [<c004fec0>] (atomic_notifier_call_chain+0x0/0x28) from [<c005d600>] (profile_handoff_task+0x1c/0x30)
[12477.238037] [<c005d5e4>] (profile_handoff_task+0x0/0x30) from [<c002ea74>] (__put_task_struct+0xac/0xc8)
[12477.238067] [<c002e9c8>] (__put_task_struct+0x0/0xc8) from [<c00535fc>] (finish_task_switch.clone.2+0x88/0x90)
[12477.238098]  r5:00000040 r4:dec6c840
[12477.238128] [<c0053574>] (finish_task_switch.clone.2+0x0/0x90) from [<c0427de8>] (__schedule+0x468/0x4d0)
[12477.238159]  r5:c05ca958 r4:c05b8b70
[12477.238189] [<c0427980>] (__schedule+0x0/0x4d0) from [<c04283e8>] (schedule+0x78/0x7c)
[12477.238220] [<c0428370>] (schedule+0x0/0x7c) from [<c000f1e8>] (cpu_idle+0xa8/0xc4)
[12477.238250] [<c000f140>] (cpu_idle+0x0/0xc4) from [<c041ef48>] (rest_init+0x80/0x98)
[12477.238250]  r7:bfffffff r6:c05a80a4 r5:c05fb980 r4:00000002
[12477.238311] [<c041eec8>] (rest_init+0x0/0x98) from [<c057f804>] (start_kernel+0x294/0x2e8)
[12477.238311]  r5:c05fb980 r4:c05b6998
[12477.238342] [<c057f570>] (start_kernel+0x0/0x2e8) from [<80008040>] (0x80008040)
[12477.238372] ---[ end trace b94d21b9dbba6075 ]---


I am using the 3.3.0 kernel with Android kernel options turned on. I am using a RT2800 based usb wireless dongle and hostapd from the development branch from commit 60691495f072c9053d98d9453381cf88b76dbf4f

I believe the Android Low Memory Killer is killing hostapd. From the dmesg, it shows the size to be 120949 ... Does this seem large? Is it indicative of a memory leak or is it just how much is required for hostapd?


- There seems to be a second issue show in the dmesg as well.. It seems the STA disconnected after 30 minutes ... I don't really understand the rekeying/reauth .. But I believe the reauth is set to 1hr by default?  Any reason why this disconnection happened after 30 mins?  Maybe on the WindowsXP STA side and not hostapd?


Any help is much appreciated.


Ben









PROPRIETARY: This e-mail contains proprietary information some or all of which may be legally privileged.  It is intended for the recipient only.  If an addressing or transmission error has misdirected this e-mail, please notify the authority by replying to this e-mail.  If you are not the intended recipient you must not use, disclose, distribute, copy, print, or rely on this e-mail.

More information about the HostAP mailing list