Bug#914433: iwd: Crash on failed scan request
Control: tags -1 + moreinfo Hello Felipe Sateler, On Fri, Nov 23, 2018 at 09:25:08AM -0300, Felipe Sateler wrote: > Package: iwd > Version: 0.12-2~1.gbp11d954 [...] > I got a crash on iwd with the following trace: > > (gdb) bt > #0 0x5650f60e721d in l_dbus_message_new_error_valist (method_call=0x0, > name=0x5650f60ffcd0 "net.connman.iwd.Failed", format=0x5650f60ffcbf > "Operation failed", > args=args@entry=0x7ffdabdc4d60) at ell/dbus-message.c:364 > #1 0x5650f60e732f in l_dbus_message_new_error (method_call= out>, name=, format=) at ell/dbus-message.c:388 > #2 0x5650f60a7cf6 in station_dbus_scan_triggered (err=-100, > user_data=0x5650f8032de0) at src/station.c:1970 > #3 0x5650f60b1e25 in scan_request_trigger_failed > (sr=sr@entry=0x5650f803c930, err=err@entry=-100) at src/scan.c:130 > #4 0x5650f60b374c in scan_triggered (msg=, > userdata=0x5650f802d150) at src/scan.c:244 [...] Are you (still) able to reproduce this issue? What's the latest version of iwd you've tested? A number of stability fixes has gone in since the 0.12 release so I'd suspect that this issue might have been fixed since. If it's still an issue I'd like to know. Regards, Andreas Henriksson
Bug#914433: Bug #914433: iwd: Crash on failed scan request
Dear Maintainer, hello Felipe Sateler,
that output would match that output in bug #913859 from
the unmodified package iwd 0.10-1.
In your backtrace the paramter method_call=0x0.
Therefore I would suspect it belongs to line 366, where method_call
gets unconditionally dereferenced.
(gdb) list l_dbus_message_new_error_valist
359
360 LIB_EXPORT struct l_dbus_message *l_dbus_message_new_error_valist(
361 struct l_dbus_message
*method_call,
362 const char *name,
363 const char *format, va_list
args)
364 {
365 char str[1024];
366 struct dbus_header *hdr = method_call->header;
method_call == 0
(gdb) list l_dbus_message_new_error
378
379 LIB_EXPORT struct l_dbus_message *l_dbus_message_new_error(
380 struct l_dbus_message
*method_call,
...
388 reply = l_dbus_message_new_error_valist(method_call, name,
method_call == 0
389
format, args);
(gdb) list dbus_error_failed
63 struct l_dbus_message *dbus_error_failed(struct l_dbus_message *msg)
64 {
65 return l_dbus_message_new_error(msg, IWD_SERVICE ".Failed",
msg == 0
66 "Operation failed");
67 }
(gdb) list dbus_error_from_errno
155 struct l_dbus_message *dbus_error_from_errno(int err,
156 struct
l_dbus_message *msg)
157 {
158 switch (err) {
the switch statement contains no -ENETDOWN
...
186 return dbus_error_failed(msg);
msg == 0
(gdb) list station_dbus_scan_triggered
1961static void station_dbus_scan_triggered(int err, void *user_data)
...
1970reply = dbus_error_from_errno(err,
station->scan_pending); station->scan_pending == 0
/usr/include/asm-generic/errno.h:83:
#define ENETDOWN100 /* Network is down */
Kind regards,
Bernhard
Bug#914433: iwd: Crash on failed scan request
Package: iwd Version: 0.12-2~1.gbp11d954 Severity: normal Hi, Don't be scared about the version number, it is just my local version disabling the stacktrace printing. I got a crash on iwd with the following trace: (gdb) bt #0 0x5650f60e721d in l_dbus_message_new_error_valist (method_call=0x0, name=0x5650f60ffcd0 "net.connman.iwd.Failed", format=0x5650f60ffcbf "Operation failed", args=args@entry=0x7ffdabdc4d60) at ell/dbus-message.c:364 #1 0x5650f60e732f in l_dbus_message_new_error (method_call=, name=, format=) at ell/dbus-message.c:388 #2 0x5650f60a7cf6 in station_dbus_scan_triggered (err=-100, user_data=0x5650f8032de0) at src/station.c:1970 #3 0x5650f60b1e25 in scan_request_trigger_failed (sr=sr@entry=0x5650f803c930, err=err@entry=-100) at src/scan.c:130 #4 0x5650f60b374c in scan_triggered (msg=, userdata=0x5650f802d150) at src/scan.c:244 #5 0x5650f60e0c0e in process_unicast (nlmsg=0x7ffdabdc4f30, genl=0x5650f802dab0) at ell/genl.c:414 #6 received_data (io=, user_data=0x5650f802dab0) at ell/genl.c:546 #7 0x5650f60ddbd3 in io_callback (fd=, events=1, user_data=0x5650f802dc30) at ell/io.c:126 #8 0x5650f60dce8d in l_main_iterate (timeout=) at ell/main.c:389 #9 0x5650f60dcf5c in l_main_run () at ell/main.c:436 #10 l_main_run () at ell/main.c:418 #11 0x5650f60dd13b in l_main_run_with_signal (callback=, user_data=0x0) at ell/main.c:551 #12 0x5650f609ae2d in main (argc=, argv=) at src/main.c:509 AFAICT, I did not trigger that scan request, or at least not manually. I'm using the NM iwd plugin. -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages iwd depends on: ii libc6 2.27-8 ii libreadline7 7.0-5 iwd recommends no packages. iwd suggests no packages. -- no debconf information
