aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Hans Peter Freyther <holger@moiji-mobile.com>2013-07-31 11:20:37 +0200
committerHolger Hans Peter Freyther <holger@moiji-mobile.com>2013-07-31 16:12:02 +0200
commitaa93bac34b7d99319bd8341bd030ce148c585553 (patch)
tree89cbfbb1d941eeb4664067d7ee7429205c818817
parent7e0fec17ceeccfe2bfb74c13d19eb44558ddb535 (diff)
gprs_gmm: Avoid assertion in the sending code during routing area update
Use old and new tlli as specified by the caller. WIP <000f> sgsn_libgtp.c:321 Received DELETE PDP CTX CONF, cause=128(Request accepted) <0013> gprs_sndcp.c:320 SNSM-DEACTIVATE.ind (lle=0x8095d08, TLLI=e3ddd574, SAPI=11, NSAPI=5) <0011> gprs_bssgp.c:376 BSSGP TLLI=0xe3ddd574 Rx UPLINK-UNITDATA <0012> gprs_llc.c:551 LLC SAPI=1 C FCS=0xb85a96CMD=UI DATA <0011> gprs_bssgp.c:376 BSSGP TLLI=0xe3ddd574 Rx UPLINK-UNITDATA <0012> gprs_llc.c:551 LLC SAPI=1 C FCS=0xbe5a96CMD=UI DATA <0002> gprs_gmm.c:214 Starting MM timer 3350 while old timer 3350 pending <0012> gprs_llc.c:417 LLC TX: unknown TLLI 0xe3ddd574, creating LLME on the fly Assert failed msgb_tlli(msg) == mmctx->llme->tlli || msgb_tlli(msg) == mmctx->llme->old_tlli || tlli_foreign2local(msgb_tlli(msg)) == mmctx->llme->tlli || tlli_foreign2local(msgb_tlli(msg)) == mmctx->llme->old_tlli gprs_llc.c:123 backtrace() returned 18 addresses /home/ich/install/openbsc/lib/libosmocore.so.4(osmo_generate_backtrace+0x16) [0xb7bb6a36] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x805224a] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804a2f6] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804b687] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804bc35] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804bd4e] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804d20c] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x8052be4] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn(bssgp_prim_cb+0x55) [0x804f5a4] /home/ich/install/openbsc/lib/libosmogb.so.2(bssgp_rcvmsg+0x3b8) [0xb7b626b8] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804f4f1] /home/ich/install/openbsc/lib/libosmogb.so.2(gprs_ns_rcvmsg+0x8c7) [0xb7b5ecf7] /home/ich/install/openbsc/lib/libosmogb.so.2(+0x4311) [0xb7b5f311] /home/ich/install/openbsc/lib/libosmocore.so.4(osmo_select_main+0x192) [0xb7bb2ed2] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x804fbcd] /lib/i386-linux-gnu/i686/cmov/libc.so.6(__libc_start_main+0xf5) [0xb796a8f5] /home/ich/source/gsm/openbsc/openbsc/src/gprs/osmo-sgsn() [0x8049db1] Program received signal SIGABRT, Aborted. 0xb7fde424 in __kernel_vsyscall () (gdb) bt #0 0xb7fde424 in __kernel_vsyscall () #1 0xb797f83f in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 #2 0xb7982cf3 in __GI_abort () at abort.c:90 #3 0x0805224f in _bssgp_tx_dl_ud (mmctx=0x80932d0, msg=0x80963a8) at gprs_llc.c:120 #4 gprs_llc_tx_ui (msg=0x80963a8, sapi=1 '\001', command=0, mmctx=0x80932d0) at gprs_llc.c:496 #5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241 #6 0x0804b687 in gsm48_tx_gmm_ra_upd_ack (mm=0x80932d0) at gprs_gmm.c:851 #7 0x0804bc35 in gsm48_rx_gmm_ra_upd_req (mmctx=0x80932d0, msg=0x8091ce8, llme=0x8095630) at gprs_gmm.c:1004 #8 0x0804bd4e in gsm0408_rcv_gmm (mmctx=0x80932d0, msg=0x8091ce8, llme=0x8095630) at gprs_gmm.c:1036 #9 0x0804d20c in gsm0408_gprs_rcvmsg (msg=msg@entry=0x8091ce8, llme=0x8095630) at gprs_gmm.c:1566 #10 0x08052be4 in gprs_llc_rcvmsg (msg=0x8091ce8, tv=0xbfffdcb0) at gprs_llc.c:882 #11 0x0804f5a4 in bssgp_prim_cb (oph=oph@entry=0xbfffdc8c, ctx=ctx@entry=0x0) at sgsn_main.c:114 #12 0xb7b626b8 in bssgp_rx_ul_ud (tp=0xbfffdcb0, msg=0x8091ce8, ctx=<optimized out>) at gprs_bssgp.c:398 #13 bssgp_rx_ptp (bctx=0x8091a08, tp=0xbfffdcb0, msg=0x8091ce8) at gprs_bssgp.c:820 #14 bssgp_rcvmsg (msg=0x8091ce8) at gprs_bssgp.c:1016 #15 0x0804f4f1 in sgsn_ns_cb (event=GPRS_NS_EVT_UNIT_DATA, nsvc=0x8090740, msg=0x8091ce8, bvci=1801) at sgsn_main.c:92 #16 0xb7b5ecf7 in gprs_ns_rx_unitdata (msg=0x8091ce8, nsvc=0x8090740) at gprs_ns.c:616 #17 gprs_ns_rcvmsg (nsi=nsi@entry=0x807fd38, msg=msg@entry=0x8091ce8, saddr=saddr@entry=0xbfffedc0, ll=ll@entry=GPRS_NS_LL_UDP) at gprs_ns.c:841 #18 0xb7b5f311 in handle_nsip_read (bfd=0x807fd58) at gprs_ns.c:991 #19 nsip_fd_cb (bfd=0x807fd58, what=1) at gprs_ns.c:1024 #20 0xb7bb2ed2 in osmo_select_main (polling=0) at select.c:158 #21 0x0804fbcd in main (argc=3, argv=0xbffff234) at sgsn_main.c:369 (gdb) frame 5 #5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241 241 return gprs_llc_tx_ui(msg, GPRS_SAPI_GMM, command, mm); (gdb) p msgb_tlli(msg) $1 = 3822966132 (gdb) frame 4 #4 gprs_llc_tx_ui (msg=0x80963a8, sapi=1 '\001', command=0, mmctx=0x80932d0) at gprs_llc.c:496 496 return _bssgp_tx_dl_ud(msg, mmctx); (gdb) p mmctx $2 = (void *) 0x80932d0 (gdb) frame 3 #3 0x0805224f in _bssgp_tx_dl_ud (mmctx=0x80932d0, msg=0x80963a8) at gprs_llc.c:120 120 OSMO_ASSERT(msgb_tlli(msg) == mmctx->llme->tlli (gdb) p mmctx $3 = (struct sgsn_mm_ctx *) 0x80932d0 (gdb) p *mmctx $4 = {list = {next = 0x8092e28, prev = 0x805c318 <sgsn_mm_ctxts>}, imsi = "901700000003094\000", mm_state = GMM_REGISTERED_NORMAL, p_tmsi = 296043751, p_tmsi_old = 2075232571, p_tmsi_sig = 0, imei = "353943044782210\000", msisdn = '\000' <repeats 14 times>, ra = {mnc = 70, mcc = 901, lac = 1, rac = 0 '\000'}, cell_id = 0, cell_id_age = 0, sac = 0, sac_age = 0, new_sgsn_addr = 0, ciph_algo = GPRS_ALGO_GEA0, ms_radio_access_capa = {len = 11 '\v', buf = "4\307\003*\240B|\255\341\030\v", '\000' <repeats 38 times>}, ms_network_capa = { len = 2 '\002', buf = "\345\200\000\000\000\000\000"}, drx_parms = 3329, mnrg = 0, ngaf = 0, ppf = 0, recovery = 0, radio_prio_sms = 0 '\000', pdp_list = {next = 0x8093390, prev = 0x8093390}, llme = 0x8095630, tlli = 3822966132, tlli_new = 3517269223, nsei = 1801, bvci = 1801, ctrg = 0x8096048, timer = {node = {rb_parent_color = 3082574944, rb_right = 0x0, rb_left = 0x0}, list = {next = 0x80933b8, prev = 0x80933b8}, timeout = { tv_sec = 1375260414, tv_usec = 864196}, active = 1, cb = 0x804bfd0 <mmctx_timer_cb>, data = 0x80932d0}, T = 3350, num_T_exp = 0, t3350_mode = GMM_T3350_MODE_RAU, t3370_id_type = 1 '\001'} (gdb) p msgb_tlli(msg) No symbol "msgb_tlli" in current context. (gdb) frame 5 #5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241 241 return gprs_llc_tx_ui(msg, GPRS_SAPI_GMM, command, mm); (gdb) frame 6 #6 0x0804b687 in gsm48_tx_gmm_ra_upd_ack (mm=0x80932d0) at gprs_gmm.c:851 851 return gsm48_gmm_sendmsg(msg, 0, mm); (gdb) p msgb_tlli(msg) $5 = 3822966132 (gdb) p mmctx->tlli No symbol "mmctx" in current context. (gdb) p mm->tlli $6 = 3822966132 (gdb) p mm->tlli_new $7 = 3517269223 (gdb) p mm->llme->tlli $8 = 3517269223 (gdb) p mm->llme->tlli_old There is no member named tlli_old. (gdb) p mm->llme->old_tlli $9 = 4222716219 (gdb) bt #0 0xb7fde424 in __kernel_vsyscall () #1 0xb797f83f in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 #2 0xb7982cf3 in __GI_abort () at abort.c:90 #3 0x0805224f in _bssgp_tx_dl_ud (mmctx=0x80932d0, msg=0x80963a8) at gprs_llc.c:120 #4 gprs_llc_tx_ui (msg=0x80963a8, sapi=1 '\001', command=0, mmctx=0x80932d0) at gprs_llc.c:496 #5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241 #6 0x0804b687 in gsm48_tx_gmm_ra_upd_ack (mm=0x80932d0) at gprs_gmm.c:851 #7 0x0804bc35 in gsm48_rx_gmm_ra_upd_req (mmctx=0x80932d0, msg=0x8091ce8, llme=0x8095630) at gprs_gmm.c:1004 #8 0x0804bd4e in gsm0408_rcv_gmm (mmctx=0x80932d0, msg=0x8091ce8, llme=0x8095630) at gprs_gmm.c:1036 #9 0x0804d20c in gsm0408_gprs_rcvmsg (msg=msg@entry=0x8091ce8, llme=0x8095630) at gprs_gmm.c:1566 #10 0x08052be4 in gprs_llc_rcvmsg (msg=0x8091ce8, tv=0xbfffdcb0) at gprs_llc.c:882 #11 0x0804f5a4 in bssgp_prim_cb (oph=oph@entry=0xbfffdc8c, ctx=ctx@entry=0x0) at sgsn_main.c:114 #12 0xb7b626b8 in bssgp_rx_ul_ud (tp=0xbfffdcb0, msg=0x8091ce8, ctx=<optimized out>) at gprs_bssgp.c:398 #13 bssgp_rx_ptp (bctx=0x8091a08, tp=0xbfffdcb0, msg=0x8091ce8) at gprs_bssgp.c:820 #14 bssgp_rcvmsg (msg=0x8091ce8) at gprs_bssgp.c:1016 #15 0x0804f4f1 in sgsn_ns_cb (event=GPRS_NS_EVT_UNIT_DATA, nsvc=0x8090740, msg=0x8091ce8, bvci=1801) at sgsn_main.c:92 #16 0xb7b5ecf7 in gprs_ns_rx_unitdata (msg=0x8091ce8, nsvc=0x8090740) at gprs_ns.c:616 #17 gprs_ns_rcvmsg (nsi=nsi@entry=0x807fd38, msg=msg@entry=0x8091ce8, saddr=saddr@entry=0xbfffedc0, ll=ll@entry=GPRS_NS_LL_UDP) at gprs_ns.c:841 #18 0xb7b5f311 in handle_nsip_read (bfd=0x807fd58) at gprs_ns.c:991 #19 nsip_fd_cb (bfd=0x807fd58, what=1) at gprs_ns.c:1024 #20 0xb7bb2ed2 in osmo_select_main (polling=0) at select.c:158 #21 0x0804fbcd in main (argc=3, argv=0xbffff234) at sgsn_main.c:369 (gdb) frame 3 #3 0x0805224f in _bssgp_tx_dl_ud (mmctx=0x80932d0, msg=0x80963a8) at gprs_llc.c:120 120 OSMO_ASSERT(msgb_tlli(msg) == mmctx->llme->tlli (gdb) p msgb_tlli(msg) No symbol "msgb_tlli" in current context. (gdb) frame 4 #4 gprs_llc_tx_ui (msg=0x80963a8, sapi=1 '\001', command=0, mmctx=0x80932d0) at gprs_llc.c:496 496 return _bssgp_tx_dl_ud(msg, mmctx); (gdb) p msgb_tlli(msg) No symbol "msgb_tlli" in current context. (gdb) frame 5 #5 0x0804a2f6 in gsm48_gmm_sendmsg (msg=0x80963a8, command=0, mm=0x80932d0) at gprs_gmm.c:241 241 return gprs_llc_tx_ui(msg, GPRS_SAPI_GMM, command, mm); (gdb) p msgb_tlli(msg) $10 = 3822966132 (gdb) p mm->tlli $11 = 3822966132 (gdb) p mm->tlli_new $12 = 3517269223 (gdb) p mm->tlli_new $13 = 3517269223 (gdb) p mm->llme->tlli $14 = 3517269223 (gdb) p mm->llme->tlli_old There is no member named tlli_old. (gdb) p mm->llme->old_tlli $15 = 4222716219 (gdb) p mm->llme->state $16 = GPRS_LLMS_ASSIGNED (gdb) q
-rw-r--r--openbsc/src/gprs/gprs_llc.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/openbsc/src/gprs/gprs_llc.c b/openbsc/src/gprs/gprs_llc.c
index c4be0869f..e2d3160d0 100644
--- a/openbsc/src/gprs/gprs_llc.c
+++ b/openbsc/src/gprs/gprs_llc.c
@@ -943,7 +943,7 @@ int gprs_llgmm_assign(struct gprs_llc_llme *llme,
/* TLLI Change 8.3.2 */
/* Both TLLI Old and TLLI New are assigned; use New when
* (re)transmitting. Accept both Old and New on Rx */
- llme->old_tlli = llme->tlli;
+ llme->old_tlli = old_tlli;
llme->tlli = new_tlli;
llme->state = GPRS_LLMS_ASSIGNED;
} else if (old_tlli != 0xffffffff && new_tlli == 0xffffffff) {