cellular-infrastructure
/
osmo-msc
mirror of https://gerrit.osmocom.org/osmo-msc
9
0
Fork 0
Code Issues Releases Wiki Activity

trans_free: safeguard against a still running CC timer on free 

Make sure to deactivate trans.cc.timer when freeing a CC transaction.
Log an error if should be necessary.

This prevents a segfault when we receive a BSSMAP Clear Request from BSC during
an ongoing CC operation. The BSSMAP Clear Request currently triggers immediate
freeing of the conn, while we should still do a graceful release first. While
this patch does not fix the underlying error, it does prevent the MSC from
crashing due to a stale timer, whatever the cause might be.

Related: OS#3062
Change-Id: I86b666f23402a6d94af2d903e514770d1fd5157f
This commit is contained in:
Neels Hofmeyr 2018-03-13 18:03:15 +01:00 committed by Philipp Maier
parent addf63b523
commit 5c56bc5761
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/libmsc/transaction.c
View File

@ -121,6 +121,15 @@ void trans_free(struct gsm_trans *trans)
switch (trans->protocol) {
case GSM48_PDISC_CC:
_gsm48_cc_trans_free(trans);
if (osmo_timer_pending(&trans->cc.timer)) {
LOGP(DCC, LOGL_ERROR,
"%s Timer 0x%x is still running while discarding transaction"
" -- this is a bug: we were still expecting a response but"
" are freeing the transaction anyway\n",
vlr_subscr_name(trans->conn->vsub), trans->cc.Tcurrent);
osmo_timer_del(&trans->cc.timer);
trans->cc.Tcurrent = 0;
}
conn_usage_token = MSC_CONN_USE_TRANS_CC;
break;
case GSM48_PDISC_SMS: