version 5.7 hostapd caused deauth error on madwifi driver and crashed with Oops

hong zhang henryzhang
Mon Mar 26 14:03:04 PDT 2007 

List,
   
  "hostapd ap_conf -dd" returns deauth error and crashed on madwifi driver 9.3. 
  No crash with ap_conf when some items are commented out see following but still has deauth error. Uncomment any item in the ap-conf will crash. Following has ap_conf and oops.
   
  *************ap_conf************************
   
  interface=ath0
  driver=madwifi
  logger_syslog=-1
  logger_syslog_level=2
  logger_stdout=-1
  logger_stdout_level=2
  #debug=0
  #dump_file=/tmp/hostapd.dump
  ctrl_interface=/var/run/hostapd
  ctrl_interface_group=0
  #ssid=wpa
  #macaddr_acl=0
  #auth_algs=3
  #eap_server=0
  #wpa=3
  #wpa_passphrase=meshsales
  #wpa_key_mgmt=WPA-PSK
  #wpa_pairwise=TKIP CCMP
   
  ****** Oops msg if any commented item is uncommented ****************
   
  # hostapd ap_wpa.conf -dd
  Configuration file: ap_wpa.conf
  ctrl_interface_group=0
  madwifi_set_iface_flags: dev_up=0
  madwifi_set_privacy: enabled=0
  BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits)
  SIOCGIWRANGE: WE(compiled)=19 WE(source)=13 enc_capa=0xf
  ath0: IEEE 802.11 Fetching hardware channel/rate support not supported.
  Flushing old station entries
  madwifi_sta_deauth: addr=ff:ff:ff:ff:ff:ff reason_code=3
  ioctl[IEEE80211_IOCTL_SETMLME]: Invalid argument
  madwifi_sta_deauth: Failed to deauth STA (addr ff:ff:ff:ff:ff:ff reason 3)
  Could not connect to kernel driver.
  Deauthenticate all stations
  madwifi_del_key: addr=00:00:00:00:00:00 key_idx=0
  madwifi_del_key: addr=00:00:00:00:00:00 key_idx=1
  madwifi_del_key: addr=00:00:00:00:00:00 key_idx=2
  madwifi_del_key: addr=00:00:00:00:00:00 key_idx=3
  Using interface ath0 with hwaddr 00:0b:6b:57:ad:75 and ssid 'wpa'
  SSID - hexdump_ascii(len=3):
  77 70 61 wpa
  PSK (ASCII passphrase) - hexdump_ascii(len=9):
  6d 65 73 68 73 61 6c 65 73 meshsales
  PSK (from passphrase) - hexdump(len=32): 3c 77 89 46 88 7d e9 16 34 fe 10 19 c6 1f 2b be 2c ed 0madwifi_set_ieee8021x: enabled=1
  madwifi_configure_wpa: group key cipher=1
  madwifi_cBad mode in data abort handler detected: mode IRQ_32
  Internal error: Oops - bad mode: 0 [#1]
  Modules linked in: wlan_ccmp wlan_acl wlan_tkip wlan_xauth wlan_wep mport if_child ath_pci wlaneCPU: 0
  PC is at 0xffff0204
  LR is at zz002db51c+0x44/0x3c8 [ath_hal]
  pc : [<ffff0204>] lr : [<bf0f3018>] Tainted: P
  sp : c3a43d10 ip : c3a43d58 fp : c3a43d78
  r10: c0378000 r9 : 00000006 r8 : c03ce000
  r7 : 00000000 r6 : c0378000 r5 : c0378000 r4 : c037a688
  r3 : c58a0000 r2 : c0378000 r1 : 00009930 r0 : c0378000
  Flags: nzCv IRQs off FIQs on Mode IRQ_32 Segment user
  Control: 39FF Table: 03CD8000 DAC: 00000015
  Process hostapd (pid: 844, stack limit = 0xc3a42194)
  Stack: (0xc3a43d10 to 0xc3a44000)
  3d00: c0378000 00009930 c0378000 c58a0000
  3d20: c037a688 c0378000 c0378000 00000000 c03ce000 00000006 c0378000 c3a43d78
  3d40: c3a43d58 c3a43d10 bf0f3018 ffff0204 20000092 ffffffff 00200000 c0378000
  3d60: c03cf188 00000000 c03ce000 c3a43dd0 c3a43d7c bf0ef350 bf0f2fe0 c0378000
  3d80: c3a43da0 00200000 00000000 01000000 00000000 c037871c 00000000 00018000
  3da0: 00000000 c31b1420 c03ce260 c03cf188 c0378000 c03cef2c c03ce000 00000000
  3dc0: 00000f2a c3a43e08 c3a43dd4 bf11d994 bf0ef12c c3a43ddc c3a43de4 c002d4b0
  3de0: c03ce000 00000000 c03a8260 c03ce000 00000000 00008914 c3a43eb4 c3a43e20
  3e00: c3a43e0c c017bdd4 bf11d8b0 c03a8000 c03ce260 c3a43e44 c3a43e24 bf0bd8c8
  3e20: c017bd44 c03a8000 00000000 00001002 00000000 ffffff9d c3a43e54 c3a43e48
  3e40: bf0bd8fc bf0bd7a8 c3a43e6c c3a43e58 c017bdd4 bf0bd8f4 c03a8000 00001003
  3e60: c3a43e8c c3a43e70 c017d7e8 c017bd44 00000000 be962d6c 00000000 c3a42000
  3e80: c3a43efc c3a43e90 c01bec60 c017d790 00000014 00000000 00000000 c03a8000
  3ea0: 00000000 10030000 00000000 00000000 00000000 61746830 00000000 00000000
  3ec0: 00000000 10030000 00000000 00000000 00000000 00008914 be962d6c ffffffe7
  3ee0: be962d6c c0021e64 c3a42000 00058770 c3a43f14 c3a43f00 c01c1084 c01be988
  3f00: be962d6c 00008914 c3a43f38 c3a43f18 c0171fdc c01c0efc be962d6c be962d6c
  3f20: ffffffe7 00008914 c0021e64 c3a43f58 c3a43f3c c008bbd0 c0171f24 c3bed6e0
  3f40: be962d6c 00000003 00000000 c3a43f80 c3a43f5c c008bd60 c008bb68 c3a43f74
  3f60: 00000000 fffffff7 be962d6c 00008914 c3bed6e0 c3a43fa4 c3a43f84 c008bf48
  3f80: c008bcf8 00000000 be962d6c 00059b00 00000001 00000036 00000000 c3a43fa8
  3fa0: c0021ce0 c008bf10 be962d6c 00059b00 00000003 00008914 be962d6c 00001003
  3fc0: be962d6c 00059b00 00000001 000593e0 000587f8 00000000 00058770 00000000
  3fe0: 00057a7c be962d6c 00032ee4 40212104 20000010 00000003 cc33cc33 cc33cc33
  Backtrace:
  [<bf0f2fd4>] (zz002db51c+0x0/0x3c8 [ath_hal]) from [<bf0ef350>] (zz0002dbd2+0x230/0xf90 [ath_ha) r8 = C03CE000 r7 = 00000000 r6 = C03CF188 r5 = C0378000
  r4 = 00200000
  [<bf0ef120>] (zz0002dbd2+0x0/0xf90 [ath_hal]) from [<bf11d994>] (ath_init+0xf0/0x27c [ath_pci])
  [<bf11d8a4>] (ath_init+0x0/0x27c [ath_pci]) from [<c017bdd4>] (dev_open+0x9c/0xcc)
  [<c017bd38>] (dev_open+0x0/0xcc) from [<bf0bd8c8>] (ieee80211_init+0x12c/0x14c [wlan])
  r5 = C03CE260 r4 = C03A8000
  [<bf0bd79c>] (ieee80211_init+0x0/0x14c [wlan]) from [<bf0bd8fc>] (ieee80211_open+0x14/0x18 [wla) r8 = FFFFFF9D r7 = 00000000 r6 = 00001002 r5 = 00000000
  r4 = C03A8000
  [<bf0bd8e8>] (ieee80211_open+0x0/0x18 [wlan]) from [<c017bdd4>] (dev_open+0x9c/0xcc)
  [<c017bd38>] (dev_open+0x0/0xcc) from [<c017d7e8>] (dev_change_flags+0x64/0x13c)
  r5 = 00001003 r4 = C03A8000
  [<c017d784>] (dev_change_flags+0x0/0x13c) from [<c01bec60>] (devinet_ioctl+0x2e4/0x628)
  r7 = C3A42000 r6 = 00000000 r5 = BE962D6C r4 = 00000000
  [<c01be97c>] (devinet_ioctl+0x0/0x628) from [<c01c1084>] (inet_ioctl+0x194/0x1e4)
  [<c01c0ef0>] (inet_ioctl+0x0/0x1e4) from [<c0171fdc>] (sock_ioctl+0xc4/0x2bc)
  r5 = 00008914 r4 = BE962D6C
  [<c0171f18>] (sock_ioctl+0x0/0x2bc) from [<c008bbd0>] (do_ioctl+0x74/0x8c)
  r8 = C0021E64 r7 = 00008914 r6 = FFFFFFE7 r5 = BE962D6C
  r4 = BE962D6C
  [<c008bb5c>] (do_ioctl+0x0/0x8c) from [<c008bd60>] (vfs_ioctl+0x74/0x218)
  r7 = 00000000 r6 = 00000003 r5 = BE962D6C r4 = C3BED6E0
  [<c008bcec>] (vfs_ioctl+0x0/0x218) from [<c008bf48>] (sys_ioctl+0x44/0x68)
  r7 = C3BED6E0 r6 = 00008914 r5 = BE962D6C r4 = FFFFFFF7
  [<c008bf04>] (sys_ioctl+0x0/0x68) from [<c0021ce0>] (ret_fast_syscall+0x0/0x2c)
  r7 = 00000036 r6 = 00000001 r5 = 00059B00 r4 = BE962D6C
  Code: 00000000 00000000 00000000 e24ee004 (e88d4001)
  onfigure_wpa: pairwise key ciphers=0xa
  madwifi_configure_wpa: key management algorithms=0x2
  madwifi_configure_wpa: rsn capabilities=0x0
  madwifi_configure_wpa: enable WPA=0x3
  madwifi_set_privacy: enabled=0
  WPA: group state machine entering state GTK_INIT (VLAN-ID 0)
  GMK - hexdump(len=32): [REMOVED]
  GTK - hexdump(len=32): [REMOVED]
  WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0)
  madwifi_set_key: alg=TKIP addr=00:00:00:00:00:00 key_idx=1
  madwifi_set_privacy: enabled=1
  madwifi_set_iface_flags: dev_up=1
  Segmentation fault
   
   
  ----henry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20070326/2e9815d2/attachment.htm

More information about the Hostap mailing list