Bug #3196
closed
misaligned write in abis_nm_ipaccess_rsl_connect()
Added by neels almost 6 years ago.
Updated almost 6 years ago.
Description
20180423130614810 DNM DEBUG abis_nm.c:1966 OC=BASEBAND-TRANSCEIVER(04) INST=(00,00,ff): Sending OPSTART
../../../../src/osmo-bsc/src/libbsc/abis_nm.c:2794:24: runtime error: store to misaligned address 0x7fffffff3756 for type 'uint32_t', which requires 4 byte alignment
0x7fffffff3756: note: pointer points here
81 0b bb 80 00 00 00 00 7f 55 55 55 00 00 60 79 6b f6 ff 7f 00 00 88 7a 7f 55 55 55 00 00 50 38
^
here
int abis_nm_ipaccess_rsl_connect(struct gsm_bts_trx *trx,
uint32_t ip, uint16_t port, uint8_t stream)
{
...
attr[4] = port & 0xff;
*(uint32_t *)(attr+6) = ia.s_addr;
...............................^ here
Seen when starting up the network using address sanitizer build on debian testing.
gcc (Debian 7.3.0-16) 7.3.0
- Status changed from New to In Progress
- Assignee set to stsp
I have seen this, too, when starting osmo-bsc to run BTS TTCN3 tests:
Tue May 22 12:01:33 2018 DNM <0005> abis_nm.c:573 OC=BTS(01) INST=(00,ff,ff): BTS0: ARI reported sw[0/1]: TRX_PHY_VERSION is Unknown
Tue May 22 12:01:33 2018 DRSL <0004> acc_ramp.c:162 (bts=0,trx=0) ACC RAMP: administrative state Unlocked -> Unlocked
Tue May 22 12:01:33 2018 DRSL <0004> acc_ramp.c:166 (bts=0,trx=0) ACC RAMP: operational state NULL -> Disabled
Tue May 22 12:01:33 2018 DRSL <0004> acc_ramp.c:175 (bts=0,trx=0) ACC RAMP: ignoring state change because RSL link is down
abis_nm.c:2802:24: runtime error: store to misaligned address 0x7ffc95396706 for type 'uint32_t', which requires 4 byte alignment
0x7ffc95396706: note: pointer points here
81 0b bb 80 00 00 00 00 ed 79 28 56 00 00 e0 9c 00 00 a0 61 00 00 60 01 00 00 70 62 00 00 70 67
^
Tue May 22 12:01:33 2018 DRSL <0004> acc_ramp.c:162 (bts=0,trx=0) ACC RAMP: administrative state Unlocked -> Unlocked
<pre>
This problem can be fixed by using memcpy() instead of writing to a pointer with a cast. I'm preparing a patch.
- Status changed from In Progress to Resolved
Above patch has been merged.
Also available in: Atom
PDF
