https://projects.osmocom.org/
https://projects.osmocom.org/favicon.ico?1664741409
2019-07-23T13:50:20Z
Open Source Mobile Communications
OsmoPCU - Bug #4029: osmo-pcu: several runtime errors detected by ASan
https://projects.osmocom.org/issues/4029?journal_id=15389
2019-07-23T13:50:20Z
pespin
<ul><li><strong>Assignee</strong> set to <i>4368</i></li></ul><p>Seen again while starting PCU together with the whole 2G network:<br /><pre>
20190723154714063 DL1IF <0001> /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:125 Sending activate request: trx=0 ts=6
20190723154714063 DL1IF <0001> /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:569 PDCH: trx=0 ts=6
20190723154714063 DL1IF <0001> /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:125 Sending activate request: trx=0 ts=7
20190723154714063 DL1IF <0001> /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:569 PDCH: trx=0 ts=7
20190723154714063 DNS <000b> /home/pespin/dev/sysmocom/git/libosmocore/src/gb/gprs_ns.c:1355 NSVCI=1800 Rx NS RESET ACK (NSEI=1800, NSVCI=1800)
20190723154714063 DNS <000b> /home/pespin/dev/sysmocom/git/libosmocore/src/gb/gprs_ns.c:704 NSEI=1800 Tx NS UNBLOCK (NSVCI=1800)
20190723154714064 DNS <000b> /home/pespin/dev/sysmocom/git/libosmocore/src/gb/gprs_ns.c:1805 NSEI=1800 Rx NS UNBLOCK ACK
20190723154714064 DPCU <000d> /home/pespin/dev/sysmocom/git/osmo-pcu/src/gprs_bssgp_pcu.cpp:537 NS-VC 1800 is unblocked.
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/gprs_bssgp_pcu.cpp:816 Sending reset on BVCI 0
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/libosmocore/src/gb/gprs_bssgp_bss.c:300 BSSGP (BVCI=0) Tx BVC-RESET CAUSE=O&M intervention
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/gprs_bssgp_pcu.cpp:282 Rx BSSGP BVCI=-1 (SIGN) BVC_RESET_ACK
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/gprs_bssgp_pcu.cpp:824 Sending reset on BVCI 1800
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/libosmocore/src/gb/gprs_bssgp_bss.c:300 BSSGP (BVCI=1800) Tx BVC-RESET CAUSE=O&M intervention
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/gprs_bssgp_pcu.cpp:282 Rx BSSGP BVCI=-1 (SIGN) BVC_RESET_ACK
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/gprs_bssgp_pcu.cpp:832 Sending unblock on BVCI 1800
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/libosmocore/src/gb/gprs_bssgp_bss.c:280 BSSGP (BVCI=1800) Tx BVC-UNBLOCK
20190723154714064 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/gprs_bssgp_pcu.cpp:293 Rx BSSGP BVCI=-1 (SIGN) BVC_UNBLOCK_ACK
20190723154715034 DL1IF <0001> /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:390 RACH request received: sapi=1 qta=0, ra=120, fn=2270537, cur_fn=2270541, is_11bit=0
20190723154715034 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:979 Allocating UL TBF: MS_CLASS=0/0
20190723154715034 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:540 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=NULL) Setting Control TS 6
20190723154715034 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:925 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=NULL) Allocated: trx = 0, ul_slots = 40, dl_slots = 00
20190723154715034 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/bts.cpp:762 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=FLOW) set ass. type CCCH [prev CCCH:0, PACCH:0]
20190723154715034 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/bts.cpp:770 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=FLOW) TX: START Immediate Assignment Uplink (AGCH)
20190723154715287 DTBFUL <000a> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf_ul.cpp:295 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=FLOW) Decoded premier TLLI=0x00000000 of UL DATA TFI=0.
20190723154715310 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf_ul.cpp:392 LLC [PCU -> SGSN] TBF(TFI=0 TLLI=0xd01d83b2 DIR=UL STATE=FLOW) len=51
/home/pespin/dev/sysmocom/build/new/out/include/osmocom/core/msgb.h:543:2: runtime error: variable length array bound evaluates to non-positive value -1 <--------------------
20190723154715311 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/gprs_bssgp_pcu.cpp:160 LLC [SGSN -> PCU] = TLLI: 0xd01d83b2 IMSI: len: 12
20190723154715311 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:1071 Allocating DL TBF: MS_CLASS=0/0
20190723154715311 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:540 TBF(TFI=0 TLLI=0x00000000 DIR=DL STATE=NULL) Setting Control TS 6
20190723154715311 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:925 TBF(TFI=0 TLLI=0xd01d83b2 DIR=DL STATE=NULL) Allocated: trx = 0, ul_slots = 40, dl_slots = c0
</pre></p>
OsmoPCU - Bug #4029: osmo-pcu: several runtime errors detected by ASan
https://projects.osmocom.org/issues/4029?journal_id=15390
2019-07-23T14:57:53Z
Hoernchen
<ul></ul><p>This actually ubsan, exporting UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1 should help.</p>
OsmoPCU - Bug #4029: osmo-pcu: several runtime errors detected by ASan
https://projects.osmocom.org/issues/4029?journal_id=15391
2019-07-23T16:57:48Z
pespin
<ul></ul><pre>
20190723185650062 DL1IF <0001> /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:390 RACH request received: sapi=1 qta=0, ra=123, fn=750980, cur_fn=750984, is_11bit=0
20190723185650062 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:979 Allocating UL TBF: MS_CLASS=0/0
20190723185650063 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:540 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=NULL) Setting Control TS 6
20190723185650063 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf.cpp:925 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=NULL) Allocated: trx = 0, ul_slots = 40, dl_slots = 00
20190723185650063 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/bts.cpp:762 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=FLOW) set ass. type CCCH [prev CCCH:0, PACCH:0]
20190723185650063 DTBF <0008> /home/pespin/dev/sysmocom/git/osmo-pcu/src/bts.cpp:770 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=FLOW) TX: START Immediate Assignment Uplink (AGCH)
20190723185650375 DTBFUL <000a> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf_ul.cpp:295 TBF(TFI=0 TLLI=0x00000000 DIR=UL STATE=FLOW) Decoded premier TLLI=0x00000000 of UL DATA TFI=0.
20190723185650417 DBSSGP <000c> /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf_ul.cpp:392 LLC [PCU -> SGSN] TBF(TFI=0 TLLI=0x7f4d37b5 DIR=UL STATE=FLOW) len=54
/home/pespin/dev/sysmocom/build/new/out/include/osmocom/core/msgb.h:543:2: runtime error: variable length array bound evaluates to non-positive value -1
#0 0x559e4a77f2ed in msgb_alloc_headroom /home/pespin/dev/sysmocom/build/new/out/include/osmocom/core/msgb.h:543
#1 0x559e4a785a3b in gprs_rlcmac_ul_tbf::snd_ul_ud() /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf_ul.cpp:399
#2 0x559e4a78042a in gprs_rlcmac_ul_tbf::assemble_forward_llc(gprs_rlc_data const*) /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf_ul.cpp:98
#3 0x559e4a784637 in gprs_rlcmac_ul_tbf::rcv_data_block_acknowledged(gprs_rlc_data_info const*, unsigned char*, pcu_l1_meas*) /home/pespin/dev/sysmocom/git/osmo-pcu/src/tbf_ul.cpp:318
#4 0x559e4a7b3db3 in gprs_rlcmac_pdch::rcv_data_block(unsigned char*, unsigned char, unsigned int, pcu_l1_meas*, GprsCodingScheme) /home/pespin/dev/sysmocom/git/osmo-pcu/src/pdch.cpp:812
#5 0x559e4a7b401c in gprs_rlcmac_pdch::rcv_block_gprs(unsigned char*, unsigned char, unsigned int, pcu_l1_meas*, GprsCodingScheme) /home/pespin/dev/sysmocom/git/osmo-pcu/src/pdch.cpp:825
#6 0x559e4a7b3129 in gprs_rlcmac_pdch::rcv_block(unsigned char*, unsigned char, unsigned int, pcu_l1_meas*) /home/pespin/dev/sysmocom/git/osmo-pcu/src/pdch.cpp:745
#7 0x559e4a747871 in pcu_rx_data_ind_pdtch /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:253
#8 0x559e4a74892f in pcu_rx_data_ind /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:300
#9 0x559e4a751583 in pcu_rx(unsigned char, gsm_pcu_if*) /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_l1_if.cpp:629
#10 0x559e4a7e060f in pcu_sock_read /home/pespin/dev/sysmocom/git/osmo-pcu/src/osmobts_sock.cpp:162
#11 0x559e4a7e0ce3 in pcu_sock_cb /home/pespin/dev/sysmocom/git/osmo-pcu/src/osmobts_sock.cpp:229
#12 0x7f59a98a7893 in osmo_fd_disp_fds /home/pespin/dev/sysmocom/git/libosmocore/src/select.c:223
#13 0x7f59a98a7bb9 in osmo_select_main /home/pespin/dev/sysmocom/git/libosmocore/src/select.c:263
#14 0x559e4a71a369 in main /home/pespin/dev/sysmocom/git/osmo-pcu/src/pcu_main.cpp:361
#15 0x7f59a87c7ce2 in __libc_start_main (/usr/lib/libc.so.6+0x23ce2)
#16 0x559e4a716c7d in _start (/home/pespin/dev/sysmocom/build/new/out/bin/osmo-pcu+0x1efc7d)
</pre>
OsmoPCU - Bug #4029: osmo-pcu: several runtime errors detected by ASan
https://projects.osmocom.org/issues/4029?journal_id=16094
2019-09-26T15:53:20Z
pespin
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>90</i></li></ul><p>Should be fixed by <a class="external" href="https://gerrit.osmocom.org/c/libosmocore/+/15607">https://gerrit.osmocom.org/c/libosmocore/+/15607</a> msgb: Allow size==headroom in msgb_alloc_headroom*()</p>
<p>Once merged the ticket can be closed.</p>
OsmoPCU - Bug #4029: osmo-pcu: several runtime errors detected by ASan
https://projects.osmocom.org/issues/4029?journal_id=16095
2019-09-26T16:07:39Z
pespin
<ul></ul><p>The other runtime issue was already fixed by <a class="user active" href="https://projects.osmocom.org/users/52">Hoernchen</a> in osmo-pcu.git ab8b01effdce38a19385e6a58e3b719a57710b02</p>
OsmoPCU - Bug #4029: osmo-pcu: several runtime errors detected by ASan
https://projects.osmocom.org/issues/4029?journal_id=16096
2019-09-26T16:08:09Z
pespin
<ul><li><strong>Assignee</strong> changed from <i>4368</i> to <i>pespin</i></li></ul>
OsmoPCU - Bug #4029: osmo-pcu: several runtime errors detected by ASan
https://projects.osmocom.org/issues/4029?journal_id=16143
2019-10-03T14:46:30Z
pespin
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li><li><strong>% Done</strong> changed from <i>90</i> to <i>100</i></li></ul><p>Merged, closing.</p>