Checkbox Provider - Resource

80211 resource binary will crash on 16.04

Bug #1581474 reported by Po-Hsu Lin
20
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Checkbox Provider - Resource
Fix Released
High
Pierre Equoy
Checkbox Provider - Resource 0.30.0

Bug Description

CID: 201409-15485

When trying to run the 80211_resource binary, it will crash with:
ubuntu@ubuntu:~$ ./80211_resource
IBSS: supported
managed: supported
AP: supported
AP_VLAN: supported
WDS: supported
monitor: supported
mesh_point: supported
P2P_client: supported
P2P_GO: supported
Segmentation fault (core dumped)

It's not happening on every system, I only found this issue on this system

Related branches

~pieq/plainbox-provider-resource:fix_1581474
Sylvain Pineau (community): Approve
Diff: 12 lines (+1/-0)
1 file modified
src/80211_resource.c (+1/-0)
Revision history for this message
Yung Shen (kaxing) wrote :

also found on another system(SRU: 201301-12632).

did quick debug:
(gdb) r
Starting program: /usr/lib/plainbox-provider-resource-generic/bin/80211_resource
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
IBSS: supported
managed: supported
AP: supported
AP_VLAN: supported
WDS: supported
monitor: supported
mesh_point: supported
P2P_client: supported
P2P_GO: supported

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7637c80 in _IO_vfprintf_internal (s=0x7ffff79ad620 <_IO_2_1_stdout_>, format=<optimized out>, ap=ap@entry=0x7fffffffd418) at vfprintf.c:1632
1632 vfprintf.c: No such file or directory.

-
and found a possible resolution: http://stackoverflow.com/questions/33293475/segmentation-on-on-vprintf-c

tags: added: 201301-12632
tags: added: 201409-15485 taipei-lab
Changed in plainbox-provider-resource:
status: New → Confirmed
Revision history for this message
Yung Shen (kaxing) wrote :

Also found in SRU week 39-40:

$ sudo /usr/lib/plainbox-provider-resource-generic/bin/80211_resource
IBSS: supported
managed: supported
AP: supported
AP_VLAN: supported
WDS: supported
monitor: supported
mesh_point: supported
P2P_client: supported
P2P_GO: supported
Segmentation fault (core dumped)

$ uname -a
Linux 201210-11862 4.4.0-41-generic #61-Ubuntu SMP Tue Sep 27 17:27:48 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.1 LTS
Release: 16.04
Codename: xenial

$ arch
x86_64

Sylvain Pineau (sylvain-pineau)
Changed in plainbox-provider-resource:
importance: Undecided → High
Revision history for this message
Pierre Equoy (pieq) wrote :

I compiled a version of the binary with debugging symbols and I think I found the root cause of the issue.

In 80211_resource.c, we have the following:

static const char *ifmodes[] = {
 "unspecified",
 "IBSS",
 "managed",
 "AP",
 "AP_VLAN",
 "WDS",
 "monitor",
 "mesh_point",
 "P2P_client",
 "P2P_GO",
 "P2P_device",
};

ifmodes has 11 items.

However, in the nl80211.h headers used in Xenial (in package libnl-3-dev), we have this:

enum nl80211_iftype {
 NL80211_IFTYPE_UNSPECIFIED,
 NL80211_IFTYPE_ADHOC,
 NL80211_IFTYPE_STATION,
 NL80211_IFTYPE_AP,
 NL80211_IFTYPE_AP_VLAN,
 NL80211_IFTYPE_WDS,
 NL80211_IFTYPE_MONITOR,
 NL80211_IFTYPE_MESH_POINT,
 NL80211_IFTYPE_P2P_CLIENT,
 NL80211_IFTYPE_P2P_GO,
 NL80211_IFTYPE_P2P_DEVICE,
 NL80211_IFTYPE_OCB,

 /* keep last */
 NUM_NL80211_IFTYPES,
 NL80211_IFTYPE_MAX = NUM_NL80211_IFTYPES - 1
};

nl80211_iftype has more than 11 items.

On the devices where the problem happens, the program tries to reach ifmodes[NL80211_IFTYPE_OCB], which doesn't exist in our array!

Pierre Equoy (pieq)
Changed in plainbox-provider-resource:
assignee: nobody → Pierre Equoy (pierre-equoy)
status: Confirmed → Fix Committed
milestone: none → 0.29
Pierre Equoy (pieq)
Changed in plainbox-provider-resource:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.