Reproducable core dump with qmicli and --nas-get-plmn-name=11111

Daniele Palmas dnlplm at gmail.com
Mon Dec 9 11:06:57 UTC 2024 

Hello Martin,

Il giorno lun 9 dic 2024 alle ore 07:18 Martin Maurer
<martin.maurer at mmeacs.de> ha scritto:
>
> Hello,
>
> I just tried with my Quectel RM520N-GL:
>
> # qmicli -p -d /dev/cdc-wdm0 --nas-get-plmn-name=26201
> malloc(): unaligned tcache chunk detected
> Aborted (core dumped)

This should be fixed by
https://gitlab.freedesktop.org/mobile-broadband/libqmi/-/merge_requests/388

Regards,
Daniele

> # qmicli -p -d /dev/cdc-wdm0 --nas-get-plmn-name=26201
> malloc(): unaligned tcache chunk detected
> Aborted (core dumped)
> # qmicli -p -d /dev/cdc-wdm0 --nas-get-plmn-name=11111
> malloc(): unaligned tcache chunk detected
> Aborted (core dumped)
> #
>
> # qmicli --version
> qmicli 1.34.0
> Copyright (C) 2012-2023 Aleksander Morgado
> License GPLv2+: GNU GPL version 2 or later
> <http://gnu.org/licenses/gpl-2.0.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
>
> # qmicli -p -d /dev/cdc-wdm0 --dms-get-manufacturer
> [/dev/cdc-wdm0] Device manufacturer retrieved:
>          Manufacturer: 'Quectel'
> # qmicli -p -d /dev/cdc-wdm0 --dms-get-model
> [/dev/cdc-wdm0] Device model retrieved:
>          Model: 'RM520N-GL'
> # qmicli -p -d /dev/cdc-wdm0 --dms-get-revision
> [/dev/cdc-wdm0] Device revision retrieved:
>          Revision: 'RM520NGLAAR03A03M4G'
> #
>
> With --verbose-full:
>
> # qmicli --verbose-full -p -d /dev/cdc-wdm0 --nas-get-plmn-name=11111
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] opening device with
> flags 'proxy, auto'...
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] automatically selecting
> QMI mode
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] created endpoint
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] sent message...
> <<<<<< RAW:
> <<<<<<   length = 28
> <<<<<<   data   =
> 01:1B:00:00:00:00:00:01:00:FF:10:00:01:0D:00:2F:64:65:76:2F:63:64:63:2D:77:64:6D:30
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] sent generic request
> (translated)...
> <<<<<< QMUX:
> <<<<<<   length  = 27
> <<<<<<   flags   = 0x00
> <<<<<<   service = "ctl"
> <<<<<<   client  = 0
> <<<<<< QMI:
> <<<<<<   flags       = "none"
> <<<<<<   transaction = 1
> <<<<<<   tlv_length  = 16
> <<<<<<   message     = "Internal Proxy Open" (0xFF00)
> <<<<<< TLV:
> <<<<<<   type       = "Device Path" (0x01)
> <<<<<<   length     = 13
> <<<<<<   value      = 2F:64:65:76:2F:63:64:63:2D:77:64:6D:30
> <<<<<<   translated = /dev/cdc-wdm0
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] received message...
> <<<<<< RAW:
> <<<<<<   length = 19
> <<<<<<   data   = 01:12:00:80:00:00:01:01:00:FF:07:00:02:04:00:00:00:00:00
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] received generic
> response (translated)...
> <<<<<< QMUX:
> <<<<<<   length  = 18
> <<<<<<   flags   = 0x80
> <<<<<<   service = "ctl"
> <<<<<<   client  = 0
> <<<<<< QMI:
> <<<<<<   flags       = "response"
> <<<<<<   transaction = 1
> <<<<<<   tlv_length  = 7
> <<<<<<   message     = "Internal Proxy Open" (0xFF00)
> <<<<<< TLV:
> <<<<<<   type       = "Result" (0x02)
> <<<<<<   length     = 4
> <<<<<<   value      = 00:00:00:00
> <<<<<<   translated = SUCCESS
>
> [09 Dec 2024, 06:09:43] [Debug] QMI Device at '/dev/cdc-wdm0' ready
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] assuming service 'nas'
> is supported...
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] allocating new client ID...
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] sent message...
> <<<<<< RAW:
> <<<<<<   length = 16
> <<<<<<   data   = 01:0F:00:00:00:00:00:02:22:00:04:00:01:01:00:03
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] sent generic request
> (translated)...
> <<<<<< QMUX:
> <<<<<<   length  = 15
> <<<<<<   flags   = 0x00
> <<<<<<   service = "ctl"
> <<<<<<   client  = 0
> <<<<<< QMI:
> <<<<<<   flags       = "none"
> <<<<<<   transaction = 2
> <<<<<<   tlv_length  = 4
> <<<<<<   message     = "Allocate CID" (0x0022)
> <<<<<< TLV:
> <<<<<<   type       = "Service" (0x01)
> <<<<<<   length     = 1
> <<<<<<   value      = 03
> <<<<<<   translated = nas
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] received message...
> <<<<<< RAW:
> <<<<<<   length = 24
> <<<<<<   data   =
> 01:17:00:80:00:00:01:02:22:00:0C:00:02:04:00:00:00:00:00:01:02:00:03:09
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] received generic
> response (translated)...
> <<<<<< QMUX:
> <<<<<<   length  = 23
> <<<<<<   flags   = 0x80
> <<<<<<   service = "ctl"
> <<<<<<   client  = 0
> <<<<<< QMI:
> <<<<<<   flags       = "response"
> <<<<<<   transaction = 2
> <<<<<<   tlv_length  = 12
> <<<<<<   message     = "Allocate CID" (0x0022)
> <<<<<< TLV:
> <<<<<<   type       = "Result" (0x02)
> <<<<<<   length     = 4
> <<<<<<   value      = 00:00:00:00
> <<<<<<   translated = SUCCESS
> <<<<<< TLV:
> <<<<<<   type       = "Allocation Info" (0x01)
> <<<<<<   length     = 2
> <<<<<<   value      = 03:09
> <<<<<<   translated = [ service = 'nas' cid = '9' ]
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] registered 'nas'
> (version unknown) client with ID '9'
> [09 Dec 2024, 06:09:43] [Debug] Asynchronously getting plmn name data...
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] sent message...
> <<<<<< RAW:
> <<<<<<   length = 28
> <<<<<<   data   =
> 01:1B:00:00:03:09:00:01:00:44:00:0F:00:16:01:00:1D:15:01:00:00:01:04:00:6F:00:0B:00
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] sent generic request
> (translated)...
> <<<<<< QMUX:
> <<<<<<   length  = 27
> <<<<<<   flags   = 0x00
> <<<<<<   service = "nas"
> <<<<<<   client  = 9
> <<<<<< QMI:
> <<<<<<   flags       = "none"
> <<<<<<   transaction = 1
> <<<<<<   tlv_length  = 15
> <<<<<<   message     = "Get PLMN Name" (0x0044)
> <<<<<< TLV:
> <<<<<<   type       = "Send All Information" (0x16)
> <<<<<<   length     = 1
> <<<<<<   value      = 1D
> <<<<<<   translated = yes
> <<<<<< TLV:
> <<<<<<   type       = "Radio Access Technology" (0x15)
> <<<<<<   length     = 1
> <<<<<<   value      = 00
> <<<<<<   translated = none
> <<<<<< TLV:
> <<<<<<   type       = "PLMN" (0x01)
> <<<<<<   length     = 4
> <<<<<<   value      = 6F:00:0B:00
> <<<<<<   translated = [ mcc = '111' mnc = '11' ]
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] received message...
> <<<<<< RAW:
> <<<<<<   length = 20
> <<<<<<   data   =
> 01:13:00:80:03:09:02:01:00:44:00:07:00:02:04:00:01:00:30:00
>
> [09 Dec 2024, 06:09:43] [Debug] [/dev/cdc-wdm0] received generic
> response (translated)...
> <<<<<< QMUX:
> <<<<<<   length  = 19
> <<<<<<   flags   = 0x80
> <<<<<<   service = "nas"
> <<<<<<   client  = 9
> <<<<<< QMI:
> <<<<<<   flags       = "response"
> <<<<<<   transaction = 1
> <<<<<<   tlv_length  = 7
> <<<<<<   message     = "Get PLMN Name" (0x0044)
> <<<<<< TLV:
> <<<<<<   type       = "Result" (0x02)
> <<<<<<   length     = 4
> <<<<<<   value      = 01:00:30:00
> <<<<<<   translated = FAILURE: InvalidArgument
>
> malloc(): unaligned tcache chunk detected
> Aborted (core dumped)
> #
>
>
> It seems to be 100% reproducable.
>
> This just for info. I currently have not the need to use this command.
>
> Best regards,
>
> Martin
>

More information about the libqmi-devel mailing list