Project

General

Profile

Bug #4507

ubsan error in trxd

Added by Hoernchen 3 months ago. Updated 15 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
-
Target version:
-
Start date:
04/21/2020
Due date:
% Done:

100%

Spec Reference:

Description

pretty much upon startup, b210:

proto_trxd.c:65:18: runtime error: 128 is outside the range of representable values of type 'char'
    #0 0x4197c8 in trxd_fill_burst_normalized255 /foo/osmo-trx/Transceiver52M/proto_trxd.c:65:18
    #1 0x419e5e in trxd_send_burst_ind_v1 /foo/osmo-trx/Transceiver52M/proto_trxd.c:109:3
    #2 0x3b5ba1 in Transceiver::driveReceiveFIFO(unsigned long) /foo/osmo-trx/Transceiver52M/Transceiver.cpp:1103:14
    #3 0x39fc6c in RxUpperLoopAdapter(TrxChanThParams*) /foo/osmo-trx/Transceiver52M/Transceiver.cpp:1196:15
    #4 0x7ffff755a608 in start_thread /build/glibc-aevPTw/glibc-2.31/nptl/pthread_create.c:477:8
    #5 0x7ffff5dbd102 in clone /build/glibc-aevPTw/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior proto_trxd.c:65:18 in 

68p *(bi)
>&"p *(bi)\n" 
>~"$2 = {rx_burst = {0.500000894, 0.505429804, 1, 0.939309061, 0.0587121844, 0, 0.287351072, 1, 0, 0, 1, 0.258407533, 0.118923128, 0.402560264, 0.79532969, 1, 0.431558907,
0.0428471565, 0.716009498, 0.474383503, 0.524464786, 0.245093167, 1, 0, 0, 0, 1, 0.697416306, 0.300498843, 0.35795179, 0, 0.306892782, 0.638772905, 0.899437308, 0.71597147,
0, 0.165143549, 0.648283482, 0.486982644, 0.500317693, 1, 1, 0.452074409, 0.217607439, 0, 0.32554093, 0.712906897, 1, 1, 0.0771650374, 0.518108428, 0.592906952, 0, 0.846877515,
1, 0.883805513, 1, 0.785946965, 1, 0.00107380748, 0, 0.460431963, 1, 0.846261978, 0.0976209641, 0.522589684, 1, 1, 0, 0.753102124, 0.362454116, 0, 0, 0.544846892, 0.355433077,
0.809538662, 0, 0.695603251, 1, 0.748700917, 0, 0.916079402, 1, 0.54381454, 0, 0.31651473, 1, 0.865371287, 0, 0.343352556, 0, 0.396086097, 0.555846512, 0.822093725, 0, 0.187960625,
1, 0.630323052, 0.475280046, 1, 0, 0.763352394, 0, 0.459535837, 0.169783086, 0, 0.938408256, 0, 0.282555103, 0.455388725, 0.395136088, 0, 0.582681239, 0.892369926, 0.0262610316,
0, 0.174116433, 1, 0.0993587673, 0.798333347, 0, 0.332826436, 1, 0.263370007, 0.0413424969, 0, 0, 1, 0, 0, 0, 0.844541073, 0.686996698, 0.0445709229, 0, 0.581650078, 0.79820466,
0, 0.39310655, 1, 0.509156048, 0, 0.737665892, 0.706202269, 1, 0.459202498, 0.218174875, 1, 7.70714155e-44, 0, -9.25901174e+27, 4.59163468e-41, -2.55478138e+27, 4.59163468e-41, 
-9.24919394e+27, 4.59163468e-41, 7.70714155e-44, 0, -7.45234256e+32, 4.59163468e-41, -9.24891532e+27, 4.59163468e-41, -9.24919394e+27, 4.59163468e-41, 7.70714155e-44, 0, -7.45311782e+32,
4.59163468e-41, 0, 0, 2.82289498e+23, -6.10017724e-33, -9.24892476e+27, 2.36017197e-38, 3.47934561e-39, 0, 1.66754517e-43, 4.79310917e-39, -9.24942061e+27, 4.59163468e-41,
3.0608198e-39, 0, -9.24941589e+27, 4.59163468e-41, 4.20389539e-45, 4.59163468e-41, -9.24941353e+27, 4.59163468e-41, 0, 0, -9.24941117e+27, 4.59163468e-41, -9.24941589e+27,
4.59163468e-41, 1.40129846e-45, 0, -9.24941353e+27, 4.59163468e-41, 0, 4.59163468e-41, -9.24941117e+27, 4.59163468e-41, 1.40129846e-45, 6.04204025e-36, 3.5610217e-40,
3.45952565e-41, 1.05097385e-43, 1.06498683e-43, 2.82289498e+23, -6.10017724e-33, 2.38311991e-38, 1.06498683e-43, 2.82289498e+23, -6.10017724e-33, -9.24919394e+27, 
2.36017197e-38, -9.24918921e+27, 4.59163468e-41, 3.14668199e+37, 5.73971851e-42, -9.24880198e+27, 4.59163468e-41, -9.2487642e+27, 4.59163468e-41, -9.24872642e+27, 4.59163468e-41,
-9.24868864e+27, 4.59163468e-41, -9.2486792e+27, 4.59163468e-41, -9.24866031e+27, 4.59163468e-41, -9.24866031e+27, 4.59163468e-41, 0, 0, 0, 0, -9.24918921e+27, 4.59163468e-41,
-9.25026591e+27, 4.59163468e-41, 0, 0, -9.24918921e+27, 4.59163468e-41, -9.24866031e+27, 4.59163468e-41, 3.47934561e-39, 0, -9.24918921e+27, 2.37853907e-38, 1.40129846e-45,
4.59163468e-41, -5.97815099e+37, -1.45333643e-31, -9.24934092e+27, 1.06498683e-43, -9.24918921e+27, 4.59163468e-41, -9.25026591e+27, 4.59163468e-41, -9.24918921e+27, 4.59163468e-41,
-nan(0x7f9fff), 4.59163468e-41, 3.06099637e-40, 3.45952565e-41, -9.2499259e+27, 4.59163468e-41, -nan(0x7f9ffe), 4.59163468e-41, 3.06099637e-40, 3.45952565e-41, -9.25088927e+27,
4.59163468e-41, -9.25023758e+27, 4.59163468e-41, 6.5898989e-39, 0, 7174.75684, 0, 3.07643867e-39, 0, 6.58341229e-39, 0, -4.51603559e+33, 4.59163468e-41, -7.9589641e+32,
4.59163468e-41, -7.96027013e+32, 4.59163468e-41, 6.42691528e-40, 3.49315681e-41, 6.42691528e-40, 3.49315681e-41, 6.42691528e-40, 3.49315681e-41, 6.42669107e-40, 3.49315681e-41,
6.42775606e-40, 3.49315681e-41, 6.43386572e-40, 3.49315681e-41, -7.98241068e+32, 4.59163468e-41, 2.24207754e-44, 4.59163468e-41, 6.42669107e-40, 3.49315681e-41, 2.24207754e-44,
0, 7.17464814e-43, 0, 2.66591171e-09, 4.6108661e-39, -7.94592859e+32, 4.59163468e-41, 8.40779079e-45, 0, 0, 0, 5.74252111e-42, 0, 0, 4.59163468e-41, 0 <repeats 38 times>,
1.12103877e-44, 0, -9.24929311e+27, 4.59163468e-41, -7.98241068e+32, 4.59163468e-41, 0, 0, 2.93913945e-39, 0, -9.24919394e+27, 4.59163468e-41, -7.98124702e+32, 4.59163468e-41,
-7.98116037e+32, 4.59163468e-41, -7.98117274e+32, 4.59163468e-41, 0, 4.20389539e-45, 3.0608198e-39, 0, 1.66754517e-43, 0, 0, 0, -0.211109057, 0, -1.03803104e+34, 4.59163468e-41,
-9.24962839e+27, 4.59163468e-41, 2.95672014e-39, 0, -9.24952922e+27, 4.59163468e-41, -9.24953867e+27, 4.59163468e-41, -1.02910902e+34, 4.59163468e-41, 1.40129846e-45, 0, 0, 0,
7.00649232e-45, 0, 0, 0, 1.40129846e-45, 0, -1.03797707e+34, 4.59163468e-41, 0, 0, 0, 0, -1.03797707e+34, 4.59163468e-41, -1.03803104e+34, 4.59163468e-41, 0, 0, 0, 0, 0, 0,
1.40129846e-45, 0, -nan(0x7fffff), 0, 0, 0, -4.43198875e+33, 4.59163468e-41, -1.02400815e+34, 4.59163468e-41, 0, 0, 0, 0},
nbits = 148, fn = 142164, tn = 4 '\\004',
rssi = 74.438643325578354,
toa = 1.65625, 
noise = 74.978370371352526, 
idle = false,
modulation = MODULATION_GMSK,
tss = 0 '\\000',
tsc = 7 '\\a',
ci = -4.17359495}\n" 
>68^done

History

#1 Updated by fixeria 3 months ago

  • Assignee changed from fixeria to pespin

Assigning to Pau as he was working on osmo-trx side of the implementation.

#2 Updated by pespin 3 months ago

Probable fix:

diff --git a/Transceiver52M/proto_trxd.c b/Transceiver52M/proto_trxd.c
index 5a898b9..fbc0b14 100644
--- a/Transceiver52M/proto_trxd.c
+++ b/Transceiver52M/proto_trxd.c
@@ -62,7 +62,7 @@ static void trxd_fill_burst_normalized255(uint8_t* soft_bits, const struct trx_u
 {
        unsigned i;
        for (i = 0; i < bi->nbits; i++)
-               soft_bits[i] = (char) round(bi->rx_burst[i] * 255.0);
+               soft_bits[i] = (uint8_t) round(bi->rx_burst[i] * 255.0);
 }

#3 Updated by pespin 21 days ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 90

Submitted proposed fix here:
https://gerrit.osmocom.org/c/osmo-trx/+/18920 proto_trxd: Fix UndefinedBehaviorSanitizer from ubsan

#4 Updated by pespin 15 days ago

  • Status changed from Feedback to Resolved
  • % Done changed from 90 to 100

Merged, closing

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)