SEGFAULT in L1_rx_thread
After a long run (50000 sec), gNB L1_rx_thread got SEGFAULT exception. Happens with version 2.1.0 and 2024.w09. The fragment of the log:
[NR_PHY] [o-du 0][rx 19589075260 pps 377856 kbps 3206553][tx 6609615540 pps 127488 kbps 4214777][Total Msgs_Rcvd 19589075260]
[NR_PHY] [o_du0][pusch0 4777816070 prach0 159267840]
[NR_PHY] [o_du0][pusch1 4777817390 prach1 159267840]
[NR_PHY] [o_du0][pusch2 4777817960 prach2 0]
[NR_PHY] [o_du0][pusch3 4777820320 prach3 159267840]
[NR_MAC] Frame.Slot 768.0
UE RNTI e1e2 CU-UE-ID 1 in-sync PH 58 dB PCMAX 24 dBm, average RSRP -53 (32 meas)
UE e1e2: CQI 15, RI 2, PMI (0,1)
UE e1e2: dlsch_rounds 78949757/7104419/1015/24, dlsch_errors 15, pucch0_DTX 5034, BLER 0.00000 MCS (1) 9
UE e1e2: ulsch_rounds 33607569/49699/46366/46236, ulsch_errors 46125, ulsch_DTX 21, BLER 0.00100 MCS (1) 25
UE e1e2: MAC: TX 3618758585282 RX 4290491448 bytes
UE e1e2: LCID 1: TX 165413 RX 1211486 bytes
UE e1e2: LCID 2: TX 0 RX 0 bytes
UE e1e2: LCID 4: TX 3603542637564 RX 29904261 bytes
[NR_PHY] [o-du 0][rx 19589453116 pps 377856 kbps 3206553][tx 6609743028 pps 127488 kbps 4214777][Total Msgs_Rcvd 19589453116]
[NR_PHY] [o_du0][pusch0 4777908230 prach0 159270912]
[NR_PHY] [o_du0][pusch1 4777909550 prach1 159270912]
[NR_PHY] [o_du0][pusch2 4777910120 prach2 0]
[NR_PHY] [o_du0][pusch3 4777912480 prach3 159270912]
[RLC] SRB0 already exists for UE with RNTI 0xe1e2, do nothing
[RLC] /home/adva/gitrepo/openairinterface5g/openair2/LAYER2/nr_rlc/nr_rlc_oai_api.c:760:nr_rlc_add_srb: SRB 1 already exists for UE with RNTI e1e2, do nothing
Segmentation faultStack backtrace:
#0 send_initial_ul_rrc_message (rnti=7394, sdu=0x55555b31323c "5\"2\270\237\377\001<\227\060u^6892\200H\337ꊥ\327q\203\215\002\016\304{ӯp\017\"|\343\234\"Dv!q\025:dTsҊc\337-\224\231\321{\305\006\252\363\363<Y\035 \030N\343|>7\211?\371\361\365\340\213\323%o\321K\205\006\350\273fe\033\204霻\017\266\372\255\366a\032Ƴi\274qa\201,\351\352\325\n\361\226\064\336\263 \r%m\201Kq\211\235¶\f\342\221\312\353\070O\226\024 \333V\202`\234]\254\210\025P\247#\363N#\023\362~#\346\271\326\214\353o\367V\266̼\343\262\024\062F&a\214\064\266\300\352N\317\022\326\n\242\317\343\236\064E\224}Cg\r\211\030"..., sdu_len=6, data=0x7fff78bc9010) at /home/adva/gitrepo/openairinterface5g/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_primitives.c:3014
#1 0x000055555662433b in nr_rlc_entity_tm_recv_pdu (_entity=0x7fffe03d29c0, buffer=<optimized out>, size=6) at /home/adva/gitrepo/openairinterface5g/openair2/LAYER2/nr_rlc/nr_rlc_entity_tm.c:44
#2 0x0000555556616e2e in mac_rlc_data_ind (module_idP=module_idP@entry=0, rntiP=<optimized out>, eNB_index=eNB_index@entry=0 '\000', rameP=rameP@entry=428, enb_flagP=enb_flagP@entry=true, MBMS_flagP=MBMS_flagP@entry=false, channel_idP=0, buffer_pP=0x55555b31323c "5\"2\270\237\377\001<\227\060u^6892\200H\337ꊥ\327q\203\215\002\016\304{ӯp\017\"|\343\234\"Dv!q\025:dTsҊc\337-\224\231\321{\305\006\252\363\363<Y\035 \030N\343|>7\211?\371\361\365\340\213\323%o\321K\205\006\350\273fe\033\204霻\017\266\372\255\366a\032Ƴi\274qa\201,\351\352\325\n\361\226\064\336\263 \r%m\201Kq\211\235¶\f\342\221\312\353\070O\226\024 \333V\202`\234]\254\210\025P\247#\363N#\023\362~#\346\271\326\214\353o\367V\266̼\343\262\024\062F&a\214\064\266\300\352N\317\022\326\n\242\317\343\236\064E\224}Cg\r\211\030"..., tb_sizeP=6, num_tbP=1, crcs_pP=0x0) at /home/adva/gitrepo/openairinterface5g/openair2/LAYER2/nr_rlc/nr_rlc_oai_api.c:152
#3 0x00005555562376d4 in nr_process_mac_pdu (module_idP=0, UE=0x7ffd425c5ea0, CC_id=0 '\000', frameP=428, slot=3, pduP=<optimized out>, pdu_len=250, harq_pid=11 '\v') at /home/adva/gitrepo/openairinterface5g/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_ulsch.c:383
#4 0x000055555623ba9d in _nr_rx_sdu (rssi=1207, ul_cqi=208 '\320', timing_advance=30, sdu_lenP=341, sduP=0x55555b3131e0 "\025Y)\377\066\312pRb\362\256П\246v\205\355\031i\037\336{Z\220E0)\337\376\364\340\003\067\066\027/;\250\061\260a45&=\320\351\060{2\022\340\265\067\027\270\b1 \032\060\200)\004\063\310\071!\251\060\255P1\026\027\070\231\060q\362\063>74\265\264;00R345\"2\270\237\377\001<\227\060u^6892\200H\337ꊥ\327q\203\215\002\016\304{ӯp\017\"|\343\234\"Dv!q\025:dTsҊc\337-\224\231\321{\305\006\252\363\363<Y\035 \030N\343|>7\211?\371\361\365\340\213\323%o\321K\205\006\350\273fe\033\204霻\017\266\372\255\366a\032Ƴi\274qa"..., rntiP=<optimized out>, slotP=3, frameP=428, CC_idP=0, gnb_mod_idP=0) at /home/adva/gitrepo/openairinterface5g/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_ulsch.c:662
#5 nr_rx_sdu (gnb_mod_idP=<optimized out>, CC_idP=0, frameP=428, slotP=3, rntiP=24143, sduP=0x55555b3131e0 "\025Y)\377\066\312pRb\362\256П\246v\205\355\031i\037\336{Z\220E0)\337\376\364\340\003\067\066\027/;\250\061\260a45&=\320\351\060{2\022\340\265\067\027\270\b1 \032\060\200)\004\063\310\071!\251\060\255P1\026\027\070\231\060q\362\063>74\265\264;00R345\"2\270\237\377\001<\227\060u^6892\200H\337ꊥ\327q\203\215\002\016\304{ӯp\017\"|\343\234\"Dv!q\025:dTsҊc\337-\224\231\321{\305\006\252\363\363<Y\035 \030N\343|>7\211?\371\361\365\340\213\323%o\321K\205\006\350\273fe\033\204霻\017\266\372\255\366a\032Ƴi\274qa"..., sdu_lenP=341, timing_advance=30, ul_cqi=208 '\320', rssi=1207) at /home/adva/gitrepo/openairinterface5g/openair2/LAYER2/NR_MAC_gNB/gNB_scheduler_ulsch.c:871
#6 0x000055555621abb7 in handle_nr_ulsch (UL_info=0x7ffff73bb0e0) at /home/adva/gitrepo/openairinterface5g/openair2/NR_PHY_INTERFACE/NR_IF_Module.c:201
#7 0x000055555621b9ca in NR_UL_indication (UL_info=0x7ffff73bb0e0) at /home/adva/gitrepo/openairinterface5g/openair2/NR_PHY_INTERFACE/NR_IF_Module.c:483
#8 0x0000555555f8e540 in rx_func (param=<optimized out>) at /home/adva/gitrepo/openairinterface5g/executables/nr-gnb.c:274
#9 0x0000555555f8eae1 in L1_rx_thread (arg=0x7ffff7269010) at /home/adva/gitrepo/openairinterface5g/executables/nr-gnb.c:190
#10 0x00007ffff7681ac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
#11 0x00007ffff7713850 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81The [RLC] messages do nothing were sent from void prepare_initial_ul_rrc_message function.
It seems that in this case the PDU should be ignored and no need to call mac_rlc_data_ind.
prepare_initial_ul_rrc_message(RC.nrmac[module_idP], UE); // AAA this might return false (do-nothing), ignore this pdu
mac_rlc_data_ind(module_idP,
UE->rnti,
module_idP,
frameP,
ENB_FLAG_YES,
MBMS_FLAG_NO,
0,
(char *) (pduP + mac_subheader_len),
mac_len,
1,
NULL);