Bug #4689
Updated by laforge over 3 years ago
<pre>
<0023> mgcp_client.c:701 Failed to read: r=127.0.0.1:2427<->l=127.0.0.1:2727: 111='Connection refused'
<0011> assignment_fsm.c:761 assignment(msc0-conn3_0-0-1-TCH_F-0)[0x612000008f20]{WAIT_MGW_ENDPOINT_TO_MSC}: (bts=0,trx=0,ts=1,ss=0) Assignment failed in state WAIT_MGW_ENDPOINT_TO_MSC, cause EQUIPMENT FAILURE: Timeout
<0011> assignment_fsm.c:132 assignment(msc0-conn3_0-0-1-TCH_F-0)[0x612000008f20]{WAIT_MGW_ENDPOINT_TO_MSC}: (bts=0,trx=0,ts=1,ss=0) Assignment failed
<0003> abis_rsl.c:644 (bts=0,trx=0,ts=1,ss=0) DEACTivate SACCH CMD
=================================================================
==28849==ERROR: AddressSanitizer: heap-use-after-free on address 0x62b000000489 at pc 0x7f6e62ba4550 bp 0x7ffd59da8d90 sp 0x7ffd59da8540
READ of size 1 at 0x62b000000489 thread T0
#0 0x7f6e62ba454f (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xa854f)
#1 0x7f6e62a215e1 in osmo_strlcpy /root/git/libosmocore/src/utils.c:576
#2 0x7f6e627f1f3d in osmo_mgcpc_ep_ci_request /root/git/osmo-mgw/src/libosmo-mgcp-client/mgcp_client_endpoint_fsm.c:621
#3 0x55a819c5a457 in osmo_mgcpc_ep_ci_dlcx /usr/local/include/osmocom/mgcp_client/mgcp_client_endpoint_fsm.h:40
#4 0x55a819c5a457 in assignment_reset /root/git/osmo-bsc/src/osmo-bsc/assignment_fsm.c:111
#5 0x55a819c5a605 in assignment_fsm_cleanup /root/git/osmo-bsc/src/osmo-bsc/assignment_fsm.c:768
#6 0x7f6e62a20518 in _osmo_fsm_inst_term /root/git/libosmocore/src/fsm.c:949
#7 0x55a819c572c1 in assignment_fsm_timer_cb /root/git/osmo-bsc/src/osmo-bsc/assignment_fsm.c:761
#8 0x7f6e62a209c9 in fsm_tmr_cb /root/git/libosmocore/src/fsm.c:325
#9 0x7f6e62a1af93 in osmo_timers_update /root/git/libosmocore/src/timer.c:257
#10 0x7f6e62a1b355 in _osmo_select_main /root/git/libosmocore/src/select.c:260
#11 0x7f6e62a1ba35 in osmo_select_main_ctx /root/git/libosmocore/src/select.c:291
#12 0x55a819b5d7ce in main /root/git/osmo-bsc/src/osmo-bsc/osmo_bsc_main.c:952
#13 0x7f6e61b0509a in __libc_start_main ../csu/libc-start.c:308
#14 0x55a819b5e199 in _start (/root/git/osmo-bsc/src/osmo-bsc/osmo-bsc+0x52c199)
0x62b000000489 is located 649 bytes inside of 25488-byte region [0x62b000000200,0x62b000006590)
freed by thread T0 here:
#0 0x7f6e62be4fb0 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe8fb0)
#1 0x7f6e62aca5d2 (/usr/lib/x86_64-linux-gnu/libtalloc.so.2+0xb5d2)
previously allocated by thread T0 here:
#0 0x7f6e62be5330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
#1 0x7f6e62ac8140 in _talloc_zero (/usr/lib/x86_64-linux-gnu/libtalloc.so.2+0x9140)
SUMMARY: AddressSanitizer: heap-use-after-free (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xa854f)
</pre>
