SIGSEGV in Supplicant

abdoulaye berthe berthe.ab at gmail.com
Mon Jun 1 04:06:09 EDT 2015


Hi,

We have experienced a supplicant crash in dl_list_del(…). We have
disassemble the supplicant binary used and we got the following call
stack:

gas_query_free
radio_remove_works (from this one the call back gas_query_start_cb is called)
wpa_supplicant_deinit_iface
wpa_supplicant_remove_iface

the lines around the crash:

05-15 19:36:29.373 1484 1484 I wpa_supplicant: wlan0: GAS-QUERY-DONE
addr=74:91:1a:10:eb:59 dialog_token=2 freq=2422 status_code=0
result=TIMEOUT
05-15 19:36:29.373 1484 1484 I wpa_supplicant: wlan0: Starting ANQP
fetch for 74:91:1a:50:eb:58
05-15 19:36:29.374 1484 1484 I wpa_supplicant: wlan0: GAS-QUERY-START
addr=74:91:1a:50:eb:58 dialog_token=3 freq=2422
05-15 19:36:29.471 1484 1484 I wpa_supplicant: wlan0: CTRL-EVENT-SCAN-STARTED
05-15 19:36:30.056 1484 1484 I wpa_supplicant: p2p0: CTRL-EVENT-TERMINATING
05-15 19:36:30.124 1484 1484 I wpa_supplicant: wlan0: GAS-QUERY-DONE
addr=74:91:1a:50:eb:58 dialog_token=3 freq=2422 status_code=0
result=DELETED_AT_DEINIT
05-15 19:36:30.124 1484 1484 I wpa_supplicant: wlan0: ANQP fetch completed
05-15 19:36:30.124 1484 1484 I wpa_supplicant: wlan0:
INTERWORKING-NO-MATCH No network with matching credentials found
05-15 19:36:30.124 1484 1484 F libc : Fatal signal 11 (SIGSEGV), code
1, fault addr 0x4 in tid 1484 (wpa_supplicant)

Could it be due to an attempt to delete the head list twice with dl_list_del ?

Cheers


More information about the HostAP mailing list