From 017ba1fa300f24699ccb8a05e7640562e557c903 Mon Sep 17 00:00:00 2001 From: Pau Espin Pedrol Date: Tue, 24 Aug 2021 14:56:03 +0200 Subject: [PATCH] vlr_sgs: Balance use_count incremented in vlr_sgs_loc_update During a recent pcap trace, it was spotted that subscriber coming from SGs had a use count with 16 "SGs" items, and later it incremented to 17. Further investigation shows that the related use_count item was never decreased, meaning every time an SGs-LU was sent by the MME, the item was incremented further and never decremented. Let's rename the item to be referenced while in LU, and then decremented when LU is done. At that time, either the LU was accepted and the subscriber object has a use_count item "attached", or it was rejected and we already sent the reject messages, so we are fine deleting it if needed. Related: SYS#5337 Change-Id: I22c386f02ffa57428f700b003cc2cf23133598d0 --- include/osmocom/msc/vlr_sgs.h | 2 +- src/libvlr/vlr_sgs.c | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/include/osmocom/msc/vlr_sgs.h b/include/osmocom/msc/vlr_sgs.h index 05e062be9..723144932 100644 --- a/include/osmocom/msc/vlr_sgs.h +++ b/include/osmocom/msc/vlr_sgs.h @@ -26,7 +26,7 @@ enum vlr_lu_type; struct vlr_subscr; struct vlr_instance; -#define VSUB_USE_SGS "SGs" +#define VSUB_USE_SGS_LU "SGs-lu" #define VSUB_USE_SGS_PAGING_REQ "SGs-paging-req" /* See also 3GPP TS 29.118, chapter 4.2.2 States at the VLR */ diff --git a/src/libvlr/vlr_sgs.c b/src/libvlr/vlr_sgs.c index 64215816c..61db585b6 100644 --- a/src/libvlr/vlr_sgs.c +++ b/src/libvlr/vlr_sgs.c @@ -83,7 +83,7 @@ int vlr_sgs_loc_update(struct vlr_instance *vlr, struct vlr_sgs_cfg *cfg, OSMO_ASSERT(cfg); OSMO_ASSERT(imsi); - vsub = vlr_subscr_find_or_create_by_imsi(vlr, imsi, VSUB_USE_SGS, NULL); + vsub = vlr_subscr_find_or_create_by_imsi(vlr, imsi, VSUB_USE_SGS_LU, NULL); if (!vsub) { LOGP(DSGS, LOGL_ERROR, "VLR subscriber allocation failed\n"); return -EINVAL; @@ -119,6 +119,9 @@ void vlr_sgs_loc_update_acc_sent(struct vlr_subscr *vsub) { osmo_fsm_inst_dispatch(vsub->sgs_fsm, SGS_UE_E_TX_LU_ACCEPT, NULL); + /* Balance vlr_subscr_find_or_create_by_imsi() in vlr_sgs_loc_update() */ + vlr_subscr_put(vsub, VSUB_USE_SGS_LU); + /* FIXME: At this point we need to check the status of Ts5 and if * it is still running this means the LU has interrupted the paging, * and we need to start paging again. 3GPP TS 29.118, @@ -130,6 +133,8 @@ void vlr_sgs_loc_update_acc_sent(struct vlr_subscr *vsub) void vlr_sgs_loc_update_rej_sent(struct vlr_subscr *vsub) { osmo_fsm_inst_dispatch(vsub->sgs_fsm, SGS_UE_E_TX_LU_REJECT, NULL); + /* Balance vlr_subscr_find_or_create_by_imsi() in vlr_sgs_loc_update() */ + vlr_subscr_put(vsub, VSUB_USE_SGS_LU); } /*! Perform an SGs IMSI detach.