aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJacob Erlbeck <jerlbeck@sysmocom.de>2015-08-28 12:07:14 +0200
committerJacob Erlbeck <jerlbeck@sysmocom.de>2015-08-28 12:07:14 +0200
commitb6b3c7eb2727da98fbba231d9a1e9fe4a33b2dd0 (patch)
tree8185a122d3012712e44fb4514234d2f414ef2139
parent1c95bd383e07f0c58805084d36a46d774ea91726 (diff)
tbf: Use explicit initialisations in constructor (Coverity)
Currently when allocating tbf_alloc_ul_tbf or tbf_alloc_dl_tbf objects, the allocated memory area is pre-initialised by talloc_zero before the C++ constructors are called. This is not recognised by Coverity, since there is no talloc model file yet. Thus Coverity complains about missing initialisers. On the other hand, it is still planned to convert the TBF classes into real C++ ones. So instead of silencing Coverity directly, this is an opportunity to do it the C++ way. This commit adds initialisers and initialisation code for all members that relied on talloc_zero. The corresponding calls to talloc_zero are replaced by calls to talloc to give ASAN/valgrind a chance to detect future initialisation errors. Some initialisation code is also moved from setup_tbf to the constructors, notably the initialisation of the bts pointer. Fixes: Coverity CID 1320604, 1320605, 1320606 Sponsored-by: On-Waves ehf
-rw-r--r--src/tbf.cpp103
-rw-r--r--src/tbf.h14
-rw-r--r--tests/ms/MsTest.cpp22
3 files changed, 103 insertions, 36 deletions
diff --git a/src/tbf.cpp b/src/tbf.cpp
index 4a59faa..29aed15 100644
--- a/src/tbf.cpp
+++ b/src/tbf.cpp
@@ -41,10 +41,55 @@ extern void *tall_pcu_ctx;
static void tbf_timer_cb(void *_tbf);
-gprs_rlcmac_tbf::gprs_rlcmac_tbf(gprs_rlcmac_tbf_direction dir) :
+gprs_rlcmac_tbf::Meas::Meas() :
+ rssi_sum(0),
+ rssi_num(0)
+{
+ timerclear(&rssi_tv);
+}
+
+gprs_rlcmac_tbf::gprs_rlcmac_tbf(BTS *bts_, gprs_rlcmac_tbf_direction dir) :
+ state_flags(0),
direction(dir),
+ trx(NULL),
+ first_ts(0),
+ first_common_ts(0),
+ control_ts(0xff),
+ dl_ass_state(GPRS_RLCMAC_DL_ASS_NONE),
+ ul_ass_state(GPRS_RLCMAC_UL_ASS_NONE),
+ ul_ack_state(GPRS_RLCMAC_UL_ACK_NONE),
+ poll_state(GPRS_RLCMAC_POLL_NONE),
+ poll_fn(0),
+ n3105(0),
+ T(0),
+ num_T_exp(0),
+ fT(0),
+ num_fT_exp(0),
+ state(GPRS_RLCMAC_NULL),
+ was_releasing(0),
+ upgrade_to_multislot(0),
+ bts(bts_),
+ m_tfi(0),
+ m_created_ts(0),
+ m_ms(NULL),
+ m_ta(0),
+ m_ms_class(0),
m_ms_list(this)
{
+ /* The classes of these members do not have proper constructors yet.
+ * Just set them to 0 like talloc_zero did */
+ memset(&list, 0, sizeof(list));
+ memset(&pdch, 0, sizeof(pdch));
+ memset(&timer, 0, sizeof(timer));
+ memset(&m_rlc, 0, sizeof(m_rlc));
+ memset(&gsm_timer, 0, sizeof(gsm_timer));
+
+ m_llc.init();
+
+ m_name_buf[0] = '\0';
+
+ /* Back pointer for PODS llist compatibility */
+ list.back = this;
}
gprs_rlcmac_bts *gprs_rlcmac_tbf::bts_data() const
@@ -486,20 +531,18 @@ void gprs_rlcmac_tbf::poll_timeout()
LOGP(DRLCMAC, LOGL_ERROR, "- Poll Timeout, but no event!\n");
}
-static int setup_tbf(struct gprs_rlcmac_tbf *tbf, struct gprs_rlcmac_bts *bts,
+static int setup_tbf(struct gprs_rlcmac_tbf *tbf,
GprsMs *ms, int8_t use_trx,
uint8_t ms_class, uint8_t single_slot)
{
int rc;
-
+ struct gprs_rlcmac_bts *bts;
if (!tbf)
return -1;
- /* Back pointer for PODS llist compatibility */
- tbf->list.back = tbf;
+ bts = tbf->bts->bts_data();
tbf->m_created_ts = time(NULL);
- tbf->bts = bts->bts;
tbf->set_ms_class(ms_class);
/* select algorithm */
rc = bts->alloc_algorithm(bts, ms, tbf, bts->alloc_algorithm_curst,
@@ -509,7 +552,6 @@ static int setup_tbf(struct gprs_rlcmac_tbf *tbf, struct gprs_rlcmac_bts *bts,
return -1;
}
/* assign control ts */
- tbf->control_ts = 0xff;
rc = tbf_assign_control_ts(tbf);
/* if no resource */
if (rc < 0) {
@@ -519,7 +561,6 @@ static int setup_tbf(struct gprs_rlcmac_tbf *tbf, struct gprs_rlcmac_bts *bts,
/* set timestamp */
gettimeofday(&tbf->meas.rssi_tv, NULL);
- tbf->m_llc.init();
tbf->set_ms(ms);
LOGP(DRLCMAC, LOGL_INFO,
@@ -529,10 +570,16 @@ static int setup_tbf(struct gprs_rlcmac_tbf *tbf, struct gprs_rlcmac_bts *bts,
return 0;
}
-gprs_rlcmac_ul_tbf::gprs_rlcmac_ul_tbf() :
- gprs_rlcmac_tbf(GPRS_RLCMAC_UL_TBF)
+gprs_rlcmac_ul_tbf::gprs_rlcmac_ul_tbf(BTS *bts_) :
+ gprs_rlcmac_tbf(bts_, GPRS_RLCMAC_UL_TBF),
+ m_rx_counter(0),
+ m_n3103(0),
+ m_contention_resolution_done(0),
+ m_final_ack_sent(0)
{
-};
+ memset(&m_window, 0, sizeof(m_window));
+ memset(&m_usf, 0, sizeof(m_usf));
+}
static int ul_tbf_dtor(struct gprs_rlcmac_ul_tbf *tbf)
{
@@ -552,18 +599,18 @@ struct gprs_rlcmac_ul_tbf *tbf_alloc_ul_tbf(struct gprs_rlcmac_bts *bts,
LOGP(DRLCMAC, LOGL_INFO, "Allocating %s TBF: MS_CLASS=%d\n",
"UL", ms_class);
- tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_ul_tbf);
+ tbf = talloc(tall_pcu_ctx, struct gprs_rlcmac_ul_tbf);
if (!tbf)
return NULL;
talloc_set_destructor(tbf, ul_tbf_dtor);
- new (tbf) gprs_rlcmac_ul_tbf();
+ new (tbf) gprs_rlcmac_ul_tbf(bts->bts);
if (!ms)
ms = bts->bts->ms_alloc(ms_class);
- rc = setup_tbf(tbf, bts, ms, use_trx, ms_class, single_slot);
+ rc = setup_tbf(tbf, ms, use_trx, ms_class, single_slot);
/* if no resource */
if (rc < 0) {
talloc_free(tbf);
@@ -576,10 +623,26 @@ struct gprs_rlcmac_ul_tbf *tbf_alloc_ul_tbf(struct gprs_rlcmac_bts *bts,
return tbf;
}
-gprs_rlcmac_dl_tbf::gprs_rlcmac_dl_tbf() :
- gprs_rlcmac_tbf(GPRS_RLCMAC_DL_TBF)
+gprs_rlcmac_dl_tbf::BandWidth::BandWidth() :
+ dl_bw_octets(0),
+ dl_loss_lost(0),
+ dl_loss_received(0)
{
-};
+ timerclear(&dl_bw_tv);
+ timerclear(&dl_loss_tv);
+}
+
+gprs_rlcmac_dl_tbf::gprs_rlcmac_dl_tbf(BTS *bts_) :
+ gprs_rlcmac_tbf(bts_, GPRS_RLCMAC_DL_TBF),
+ m_tx_counter(0),
+ m_wait_confirm(0),
+ m_dl_ack_requested(false),
+ m_last_dl_poll_fn(0),
+ m_last_dl_drained_fn(0)
+{
+ memset(&m_window, 0, sizeof(m_window));
+ memset(&m_llc_timer, 0, sizeof(m_llc_timer));
+}
static int dl_tbf_dtor(struct gprs_rlcmac_dl_tbf *tbf)
{
@@ -598,18 +661,18 @@ struct gprs_rlcmac_dl_tbf *tbf_alloc_dl_tbf(struct gprs_rlcmac_bts *bts,
LOGP(DRLCMAC, LOGL_INFO, "Allocating %s TBF: MS_CLASS=%d\n",
"DL", ms_class);
- tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_dl_tbf);
+ tbf = talloc(tall_pcu_ctx, struct gprs_rlcmac_dl_tbf);
if (!tbf)
return NULL;
talloc_set_destructor(tbf, dl_tbf_dtor);
- new (tbf) gprs_rlcmac_dl_tbf();
+ new (tbf) gprs_rlcmac_dl_tbf(bts->bts);
if (!ms)
ms = bts->bts->ms_alloc(ms_class);
- rc = setup_tbf(tbf, bts, ms, use_trx, ms_class, single_slot);
+ rc = setup_tbf(tbf, ms, use_trx, ms_class, single_slot);
/* if no resource */
if (rc < 0) {
talloc_free(tbf);
diff --git a/src/tbf.h b/src/tbf.h
index 4a92bbf..b35ea78 100644
--- a/src/tbf.h
+++ b/src/tbf.h
@@ -111,7 +111,7 @@ struct llist_pods {
prefetch(pos->member.list.next))
struct gprs_rlcmac_tbf {
- gprs_rlcmac_tbf(gprs_rlcmac_tbf_direction dir);
+ gprs_rlcmac_tbf(BTS *bts_, gprs_rlcmac_tbf_direction dir);
static void free_all(struct gprs_rlcmac_trx *trx);
static void free_all(struct gprs_rlcmac_pdch *pdch);
@@ -200,10 +200,12 @@ struct gprs_rlcmac_tbf {
unsigned int fT; /* fTxxxx number */
unsigned int num_fT_exp; /* number of consecutive fT expirations */
- struct {
+ struct Meas {
struct timeval rssi_tv; /* timestamp for rssi calculation */
int32_t rssi_sum; /* sum of rssi values */
int rssi_num; /* number of rssi values added since rssi_tv */
+
+ Meas();
} meas;
/* these should become protected but only after gprs_rlcmac_data.c
@@ -313,7 +315,7 @@ inline time_t gprs_rlcmac_tbf::created_ts() const
}
struct gprs_rlcmac_dl_tbf : public gprs_rlcmac_tbf {
- gprs_rlcmac_dl_tbf();
+ gprs_rlcmac_dl_tbf(BTS *bts);
void cleanup();
@@ -355,13 +357,15 @@ struct gprs_rlcmac_dl_tbf : public gprs_rlcmac_tbf {
int32_t m_last_dl_poll_fn;
int32_t m_last_dl_drained_fn;
- struct {
+ struct BandWidth {
struct timeval dl_bw_tv; /* timestamp for dl bw calculation */
uint32_t dl_bw_octets; /* number of octets since bw_tv */
struct timeval dl_loss_tv; /* timestamp for loss calculation */
uint16_t dl_loss_lost; /* sum of lost packets */
uint16_t dl_loss_received; /* sum of received packets */
+
+ BandWidth();
} m_bw;
protected:
@@ -380,7 +384,7 @@ protected:
};
struct gprs_rlcmac_ul_tbf : public gprs_rlcmac_tbf {
- gprs_rlcmac_ul_tbf();
+ gprs_rlcmac_ul_tbf(BTS *bts);
struct msgb *create_ul_ack(uint32_t fn);
diff --git a/tests/ms/MsTest.cpp b/tests/ms/MsTest.cpp
index 4e9c7e2..344b0b4 100644
--- a/tests/ms/MsTest.cpp
+++ b/tests/ms/MsTest.cpp
@@ -55,9 +55,9 @@ static void test_ms_state()
OSMO_ASSERT(ms->is_idle());
dl_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_dl_tbf);
- new (dl_tbf) gprs_rlcmac_dl_tbf();
+ new (dl_tbf) gprs_rlcmac_dl_tbf(NULL);
ul_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_ul_tbf);
- new (ul_tbf) gprs_rlcmac_ul_tbf();
+ new (ul_tbf) gprs_rlcmac_ul_tbf(NULL);
ms->attach_tbf(ul_tbf);
OSMO_ASSERT(!ms->is_idle());
@@ -116,9 +116,9 @@ static void test_ms_callback()
OSMO_ASSERT(ms->is_idle());
dl_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_dl_tbf);
- new (dl_tbf) gprs_rlcmac_dl_tbf();
+ new (dl_tbf) gprs_rlcmac_dl_tbf(NULL);
ul_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_ul_tbf);
- new (ul_tbf) gprs_rlcmac_ul_tbf();
+ new (ul_tbf) gprs_rlcmac_ul_tbf(NULL);
OSMO_ASSERT(last_cb == UNKNOWN);
@@ -186,11 +186,11 @@ static void test_ms_replace_tbf()
was_idle = false;
dl_tbf[0] = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_dl_tbf);
- new (dl_tbf[0]) gprs_rlcmac_dl_tbf();
+ new (dl_tbf[0]) gprs_rlcmac_dl_tbf(NULL);
dl_tbf[1] = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_dl_tbf);
- new (dl_tbf[1]) gprs_rlcmac_dl_tbf();
+ new (dl_tbf[1]) gprs_rlcmac_dl_tbf(NULL);
ul_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_ul_tbf);
- new (ul_tbf) gprs_rlcmac_ul_tbf();
+ new (ul_tbf) gprs_rlcmac_ul_tbf(NULL);
ms->attach_tbf(dl_tbf[0]);
OSMO_ASSERT(!ms->is_idle());
@@ -349,7 +349,7 @@ static void test_ms_storage()
printf("=== start %s ===\n", __func__);
ul_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_ul_tbf);
- new (ul_tbf) gprs_rlcmac_ul_tbf();
+ new (ul_tbf) gprs_rlcmac_ul_tbf(NULL);
ms = store.get_ms(tlli + 0);
OSMO_ASSERT(ms == NULL);
@@ -440,9 +440,9 @@ static void test_ms_timeout()
OSMO_ASSERT(ms->is_idle());
dl_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_dl_tbf);
- new (dl_tbf) gprs_rlcmac_dl_tbf();
+ new (dl_tbf) gprs_rlcmac_dl_tbf(NULL);
ul_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_ul_tbf);
- new (ul_tbf) gprs_rlcmac_ul_tbf();
+ new (ul_tbf) gprs_rlcmac_ul_tbf(NULL);
OSMO_ASSERT(last_cb == UNKNOWN);
@@ -498,7 +498,7 @@ static void test_ms_cs_selection()
OSMO_ASSERT(ms->is_idle());
dl_tbf = talloc_zero(tall_pcu_ctx, struct gprs_rlcmac_dl_tbf);
- new (dl_tbf) gprs_rlcmac_dl_tbf();
+ new (dl_tbf) gprs_rlcmac_dl_tbf(NULL);
dl_tbf->set_ms(ms);
OSMO_ASSERT(!ms->is_idle());