Project

General

Profile

Bug #3727

SGSN segfaults on network type change

Added by manatails 4 months ago. Updated 6 days ago.

Status:
New
Priority:
Normal
Assignee:
Category:
-
Target version:
-
Start date:
12/12/2018
Due date:
% Done:

0%

Spec Reference:

Description

When the phone changes its network type between GSM and UMTS osmo-sgsn crashes with the following log:

<0012> gprs_llc_parse.c:81 LLC SAPI=1 C U GEA0 IOV-UI=0x000000 FCS=0x760d06 CMD=UI DATA
<0002> gprs_gmm.c:1609 -> GMM RA UPDATE REQUEST type="RA updating"
<0002> gprs_gmm.c:1685 MM Looked up by matching TLLI and P_TMSI. BSSGP TLLI: b99cab1e, P-TMSI: f99cab1e (00000000), TLLI: 00000000 (00000000), RA: 450-09-1-1

Program received signal SIGSEGV, Segmentation fault.
0x0000000000409667 in gsm48_gmm_authorize (ctx=0x758600) at gprs_gmm.c:1051
1051 if (ctx->ran_type == MM_CTX_T_UTRAN_Iu && !ctx->iu.ue_ctx->integrity_active) {
(gdb)

History

#1 Updated by manatails 4 months ago

ctx->iu.ue_ctx is null at the time of crash

#2 Updated by laforge 12 days ago

  • Assignee set to lynxis

#3 Updated by lynxis 10 days ago

Can you create a backtrace when this problem happens (gdb cli: bt). It would be also nice if you can provide a pcap trace.
I would guess this problem happens when a MS/UE moves from 3G to 2G. Not sure if the SGSN also crashs the other way around :).

I should write a TTCN-3 test first to cover this.

#4 Updated by laforge 6 days ago

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)