From nobody Tue Oct 05 08:26:11 2021
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 6BCD417E7786
	for <net@mlmmj.nyi.freebsd.org>; Tue,  5 Oct 2021 08:26:12 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4HNrJh2KWfz4WBl
	for <net@FreeBSD.org>; Tue,  5 Oct 2021 08:26:12 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2F5C615C8
	for <net@FreeBSD.org>; Tue,  5 Oct 2021 08:26:12 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 1958QCLO010836
	for <net@FreeBSD.org>; Tue, 5 Oct 2021 08:26:12 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 1958QCdM010835
	for net@FreeBSD.org; Tue, 5 Oct 2021 08:26:12 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 258527] wpa_supplicant(8) from the base is not able to bring up
 wlan(4) interface correctly due to SIGSEGV after EAP/PEAP MSCHAPv2
 authentication
Date: Tue, 05 Oct 2021 08:26:11 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: 13.0-STABLE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: kami@freebsd.org
X-Bugzilla-Status: In Progress
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: cy@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-258527-7501-biqeLUVDVo@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-258527-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-258527-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@freebsd.org
MIME-Version: 1.0
X-ThisMailContainsUnwantedMimeParts: N

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D258527

Dominic Fandrey <kami@freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kami@freebsd.org

--- Comment #20 from Dominic Fandrey <kami@freebsd.org> ---
Just so you know, I'm affected, too. At least it looks like exactly the same
problem too me. Right now I'm using my phones Wifi via urndis to post this.

# lldb /usr/sbin/wpa_supplicant
(lldb) target create "/usr/sbin/wpa_supplicant"
Current executable set to '/usr/sbin/wpa_supplicant' (x86_64).
(lldb) run -i wlan0 -c /etc/wpa_supplicant.conf
Process 2100 launched: '/usr/sbin/wpa_supplicant' (x86_64)
Successfully initialized wpa_supplicant
ioctl[SIOCS80211, op=3D20, val=3D0, arg_len=3D7]: Invalid argument
ioctl[SIOCS80211, op=3D20, val=3D0, arg_len=3D7]: Invalid argument
wlan0: Trying to associate with xx:xx:xx:xx:xx:xx (SSID=3D'xxxxxxxx' freq=
=3D2412
MHz)
Failed to add supported operating classes IE
wlan0: Associated with xx:xx:xx:xx:xx:xx
wlan0: CTRL-EVENT-EAP-STARTED EAP authentication started
wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=3D0 method=3D25
wlan0: CTRL-EVENT-EAP-METHOD EAP vendor 0 method 25 (PEAP) selected
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=3D1 subject=3D'/C=3DXX/L=3DXxxxxxxx/O=
=3DXxxxxxx
A/S/CN=3DDanfoss Intermediate'
hash=3D3bd98e88f7577e8b90023e91a20b80af290b1713ed8ff07c95b792f516823a3f
wlan0: CTRL-EVENT-EAP-PEER-CERT depth=3D0 subject=3D'/CN=3DXXXXXXXXX.xxxxxx=
xxx.xxx'
hash=3D4629a4c514ab0635d965018515d30253bc60071699067c0cb6af92e58b0a37e8
wlan0: CTRL-EVENT-EAP-PEER-ALT depth=3D0 DNS:XXXXXXXX.xxxxxxxx.xxx
EAP-MSCHAPV2: Authentication succeeded
EAP-TLV: TLV Result - Success - EAP-TLV/Phase2 Completed
wlan0: CTRL-EVENT-EAP-SUCCESS EAP authentication completed successfully
Process 2100 stopped
* thread #1, name =3D 'wpa_supplicant', stop reason =3D signal SIGSEGV: inv=
alid
address (fault address: 0x8000000076)
    frame #0: 0x0000008000000076
error: memory read failed for 0x8000000000
(lldb) bt
* thread #1, name =3D 'wpa_supplicant', stop reason =3D signal SIGSEGV: inv=
alid
address (fault address: 0x8000000076)
  * frame #0: 0x0000008000000076
    frame #1: 0x00000000002c59f0 wpa_supplicant`wpa_sm_rx_eapol [inlined]
wpa_sm_key_mgmt_set_pmk(sm=3D0x0000000800e12700,
pmk=3D"\"\xe0m\xb8\U00000002b%\xb3\xe5\xd8\xf5r\xfe+\U0000001d\xbd-\xb8Yq\x=
a5M\xe3\xe3\x82\U00000013\x9f\xd1&\U0000000eJ\xfc",
pmk_len=3D32) at wpa_i.h:393:9
    frame #2: 0x00000000002c59e1 wpa_supplicant`wpa_sm_rx_eapol [inlined]
wpa_supplicant_key_mgmt_set_pmk(sm=3D0x0000000800e12700) at wpa.c:252
    frame #3: 0x00000000002c5993 wpa_supplicant`wpa_sm_rx_eapol at wpa.c:374
    frame #4: 0x00000000002c58aa wpa_supplicant`wpa_sm_rx_eapol [inlined]
wpa_supplicant_process_1_of_4(sm=3D<unavailable>, src_addr=3D<unavailable>,
key=3D0x0000000800e64a04, ver=3D<unavailable>, key_data=3D<unavailable>,
key_data_len=3D<unavailable>) at wpa.c:621
    frame #5: 0x00000000002c58aa
wpa_supplicant`wpa_sm_rx_eapol(sm=3D<unavailable>,
src_addr=3D"\xb4]P\x9e8@\x88\x8e\U00000001\U00000003",
buf=3D"\U00000001\U00000003", len=3D<unavailable>) at wpa.c:2438
    frame #6: 0x0000000000291592
wpa_supplicant`wpa_supplicant_rx_eapol(ctx=3D0x0000000800e2e000,
src_addr=3D"\xb4]P\x9e8@\x88\x8e\U00000001\U00000003",
buf=3D"\U00000001\U00000003", len=3D121) at wpa_supplicant.c:4303:3
    frame #7: 0x00000000002bf799
wpa_supplicant`l2_packet_receive(sock=3D<unavailable>,
eloop_ctx=3D0x0000000800e25be0, sock_ctx=3D<unavailable>) at
l2_packet_freebsd.c:98:2
    frame #8: 0x00000000002fa187 wpa_supplicant`eloop_run [inlined]
eloop_sock_table_dispatch(table=3D<unavailable>, fds=3D0x0000000800e64700) =
at
eloop.c:600:4
    frame #9: 0x00000000002fa132 wpa_supplicant`eloop_run at eloop.c:1223
    frame #10: 0x0000000000293254
wpa_supplicant`wpa_supplicant_run(global=3D0x0000000800e2a000) at
wpa_supplicant.c:6526:2
    frame #11: 0x0000000000281a54 wpa_supplicant`main(argc=3D<unavailable>,
argv=3D<unavailable>) at main.c:397:14
    frame #12: 0x000000000025e0f0 wpa_supplicant`_start(ap=3D<unavailable>,
cleanup=3D<unavailable>) at crt1_c.c:75:7
(lldb)

--=20
You are receiving this mail because:
You are on the CC list for the bug.=