Actions
Bug #2613
closedvty crashes on tab-completion
Start date:
11/02/2017
Due date:
% Done:
0%
Spec Reference:
Description
The problem is located in libosmocore, so it exists in all our products. It
looks like it is somehow liked to the tab-completion. The problem can be
triggered for example by logging into a vty and try to tab-complete some
items of the help menu, it seems to bail at the second level of tab completion.
Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. Welcome to the osmo-stp control interface Copyright (C) 2015-2017 by Harald Welte <laforge@gnumonks.org> Contributions by Holger Freyther, Neels Hofmeyr License GPLv2+: GNU GPL Version 2 or later <http://gnu.org/licenses/gpl-2.0.html> This is free software: you are free ot change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Free Software lives by contribution. If you use this, please contribute! osmo-stp> show Show running system information list Print command list exit Exit current mode and down to previous mode help Description of the interactive help system enable Turn on privileged mode command terminal Set terminal line parameters who Display who is on vty logging Configure log message to this terminal osmo-stp> h osmo-stp> help
Attached the logtext including backtrace.
Files
Updated by laforge over 6 years ago
- Priority changed from Normal to Immediate
Please try to revert
commit e9e9e427b78271941a25a63567fc2ec2bb9e4433 Author: Pau Espin Pedrol <pespin@sysmocom.de> Date: Mon Oct 23 19:19:13 2017 +0200
It touches that very line.
Updated by pespin over 6 years ago
It seems Neels already reverted the commit yesterday night:
Author: Neels Hofmeyr <nhofmeyr@sysmocom.de>
Date: Wed Nov 1 22:35:37 2017 +0000
Revert "vty: Fix bad use of vector_slot()"
The patch seemed sensible, but introduces a segfault when hitting tab
on the interactive VTY. Reproduction example:
osmo-msc
telnet 127.0.0.1 4254
OsmoMSC> enable <TAB>
So we need to understand what that line of code actually intends to do.
Until then, revert this to avoid the segfault.
The segfault happens at:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7bc0894 in cmd_complete_command_real (vline=0x5555558d59e0, vty=0x5555558d57b0, status=0x7fffffffe024) at ../../../../src/libosmocore/src/vty/command.c:1953
1953 if (*(char *)vector_slot(vline, index) == '\0')
This reverts commit e9e9e427b78271941a25a63567fc2ec2bb9e4433.
Change-Id: I3fe213bdfb96de9469aae64e67000dafee59302e
Updated by pespin over 6 years ago
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff731c17a in cmd_complete_command_real (vline=vline@entry=0x55555597bc50, status=0x7fffffffde2c,
vty=<optimized out>) at /home/pespin/dev/sysmocom/bin/../git/libosmocore/src/vty/command.c:1953
1953 if (*(char *)vector_slot(vline, index) == '\0')
(gdb) bt
#0 0x00007ffff731c17a in cmd_complete_command_real (vline=vline@entry=0x55555597bc50, status=0x7fffffffde2c,
vty=<optimized out>) at /home/pespin/dev/sysmocom/bin/../git/libosmocore/src/vty/command.c:1953
#1 0x00007ffff731d2b9 in cmd_complete_command (vline=vline@entry=0x55555597bc50, vty=vty@entry=0x555555962980,
status=status@entry=0x7fffffffde2c) at /home/pespin/dev/sysmocom/bin/../git/libosmocore/src/vty/command.c:2039
#2 0x00007ffff731fb32 in vty_complete_command (vty=0x555555962980)
at /home/pespin/dev/sysmocom/bin/../git/libosmocore/src/vty/vty.c:1004
#3 vty_read (vty=<optimized out>) at /home/pespin/dev/sysmocom/bin/../git/libosmocore/src/vty/vty.c:1428
#4 0x00007ffff7321789 in client_data (fd=0x55555597c908, what=1)
at /home/pespin/dev/sysmocom/bin/../git/libosmocore/src/vty/telnet_interface.c:132
#5 0x00007ffff6ee6731 in osmo_fd_disp_fds (_eset=0x7fffffffe1d0, _wset=0x7fffffffe150, _rset=0x7fffffffe0d0)
at /home/pespin/dev/sysmocom/bin/../git/libosmocore/src/select.c:213
#6 osmo_select_main (polling=<optimized out>) at /home/pespin/dev/sysmocom/bin/../git/libosmocore/src/select.c:253
#7 0x00005555555655c7 in main (argc=<optimized out>, argv=0x7fffffffe3a8)
at /home/pespin/dev/sysmocom/bin/../git/osmo-bsc/src/osmo-bsc/osmo_bsc_main.c:303
(gdb) print vline
$1 = (vector) 0x55555597bc50
(gdb) print *vline
$2 = {active = 2, alloced = 2, index = 0x55555597b9e0}
(gdb) print index
$3 = 1
(gdb) print (char*)vline->index[0]
$5 = 0x55555597c880 "help"
(gdb) print (char*)vline->index[1]
$7 = 0x0
Which means vector_slot(vline, index) is NULL and not a empty string. Now the question is whether that's expected or if it should be an empty string.
Updated by laforge over 6 years ago
We neeed to immediately tag + release a 0.10.2 for this fix,
there's no point in people having crashing VTYs. I'll take care of it.
Updated by pespin over 6 years ago
I pushed a new patch to address the compilation warning properly: https://gerrit.osmocom.org/#/c/4672/
Actions
