Crash in hostapd_eid_time_adv with DFS CAC
michael-dev
michael-dev at fami-braun.de
Mon Mar 1 16:56:14 EST 2021
Hi,
I'm seeing the following and very similar backtrace in different hostapd
versions (based on 59e9794c or c7a9a574). I'll still need to reproduce
this with upstream (vanilla) hostapd, but was wondering, if there is any
hint on it yet? (as the locally applied patches do not alter beacon
setup or timeadv).
wpabuf.h:60 ist wpabuf_len, which is called from hostapd_eid_time_adv on
hapd->time_adv
#0 0x0fb5c4a8 in _wordcopy_fwd_dest_aligned () from /lib/libc.so.6
#1 0x0fb5c2e4 in memcpy () from /lib/libc.so.6
#2 0x10028d7c in (hapd=hapd at entry=0x106b07f0, eid=0x106cc6d9 <error
reading variable>) at ../src/utils/wpabuf.h:60
#3 0x1002ab58 in ieee802_11_build_ap_params
(hapd=hapd at entry=0x106b07f0, params=0xbffd0d30, params at entry=0xbffd0d40)
at ../src/ap/beacon.c:1532
#4 0x1002afe8 in ieee802_11_set_beacon (hapd=hapd at entry=0x106b07f0) at
../src/ap/beacon.c:1763
#5 0x100093b4 in hostapd_setup_bss (hapd=hapd at entry=0x106b07f0,
first=first at entry=0) at ../src/ap/hostapd.c:1377
#6 0x1000b500 in hostapd_setup_interface_complete_sync
(iface=0x106acf70, err=<optimized out>) at ../src/ap/hostapd.c:2089
#7 0x1000b5fc in hostapd_setup_interface_complete
(iface=iface at entry=0x106acf70, err=err at entry=0) at
../src/ap/hostapd.c:2260
#8 0x10082c48 in hostapd_dfs_complete_cac (iface=0x106acf70, success=1,
freq=5620, ht_enabled=<optimized out>, chan_offset=<optimized out>,
chan_width=2, cf1=5630, cf2=0) at ../src/ap/dfs.c:908
#9 0x10012388 in hostapd_event_dfs_cac_aborted (hapd=<optimized out>,
radar=<optimized out>) at ../src/ap/drv_callbacks.c:1713
#10 wpa_supplicant_event (ctx=0x106ad980, event=EVENT_DFS_CAC_FINISHED,
data=0xbffd1550) at ../src/ap/drv_callbacks.c:2004
#11 0x1006ce14 in mlme_event_dh_event (drv=<optimized out>,
bss=<optimized out>, tb=<optimized out>) at ../src/drivers/driver.h:6049
#12 do_process_drv_event (tb=0xbffd10c8, cmd=<optimized out>,
bss=<optimized out>) at ../src/drivers/driver_nl80211_event.c:2971
#13 process_global_event (msg=<optimized out>, arg=<optimized out>) at
../src/drivers/driver_nl80211_event.c:3030
#14 0x0fe3f988 in nl_cb_call (msg=<optimized out>, type=<optimized out>,
cb=<optimized out>) at ./include/netlink-private/netlink.h:144
#15 recvmsgs (cb=0x106b3390, sk=0x106b34b0) at lib/nl.c:1007
#16 nl_recvmsgs_report (sk=sk at entry=0x106b34b0, cb=cb at entry=0x106b3390)
at lib/nl.c:1058
#17 0x0fe3fc00 in nl_recvmsgs (sk=sk at entry=0x106b34b0,
cb=cb at entry=0x106b3390) at lib/nl.c:1082
#18 0x100545d8 in wpa_driver_nl80211_event_receive (sock=<optimized
out>, eloop_ctx=0x106b3390, handle=0x106b34b0) at
../src/drivers/driver_nl80211.c:1758
#19 0x1002d220 in eloop_sock_table_dispatch
(table=table at entry=0x100e1410 <eloop+8>, fds=fds at entry=0x106b8c70) at
../src/utils/eloop.c:603
#20 0x1002df9c in eloop_sock_table_dispatch (fds=<optimized out>,
table=0x100e1410 <eloop+8>) at ../src/utils/eloop.c:597
#21 eloop_run () at ../src/utils/eloop.c:1228
Regards,
M. Braun
More information about the Hostap
mailing list