On Thu, Apr 26, 2018 at 02:27:05PM +0200, Martin Willi wrote: > When removing an interface, hostapd_bss_deinit() frees all associated STAs. > If any of the stations is 40MHz intolerant, the cleanup invokes > ht40_intolerant_remove(), that in turn registers a 20->40MHz transition > timer for the last station. That timer is never canceled; once it executes, > the interface is gone, most likely resulting in a segfault when referencing > it. > > While hostapd_interface_deinit() cancels the transition timer, it does so > before cleaning up STAs. Move the cancellation after STA cleanup to cancel > any timer that was registered during that operation. Thanks, applied. > I'm not sure if this is the correct/best place for this cancellation, given > that hostapd_bss_deinit() is called from other locations. This code path > is rather easy to hit when using the ctrl interface, though. This looks like a reasonable change on its own. If something else is needed, that can be handled separately. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
