aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPau Espin Pedrol <pespin@sysmocom.de>2019-08-12 18:47:46 +0200
committerPau Espin Pedrol <pespin@sysmocom.de>2019-08-15 13:12:11 +0200
commit1927052de63e10044850b533a62c5018ec19606d (patch)
tree2c66fa80ed4c0fe49860f6c9d6b613e6849d3ef8
parentc488665f925c511b95e280b11bb0cffd262dc0ed (diff)
gprs_gmm: Introduce assert to guard against unexpected condition
This may well be the culprit of OS#3957, were already freed llme is accessed from mmctx context later on, upon some timer is triggered in mmctx. Related: OS#3957 Change-Id: I8e1eaeb9b3ebee8e45704b4fe007190c7db609e4
-rw-r--r--src/gprs/gprs_gmm.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c
index 0fcf1bb6..718fc97f 100644
--- a/src/gprs/gprs_gmm.c
+++ b/src/gprs/gprs_gmm.c
@@ -1741,6 +1741,11 @@ static int gsm48_rx_gmm_ra_upd_req(struct sgsn_mm_ctx *mmctx, struct msgb *msg,
"The MM context cannot be used, RA: %03d-%0*d-%d-%d\n",
mmctx->ra.mcc, mmctx->ra.mnc_3_digits, mmctx->ra.mnc,
mmctx->ra.lac, mmctx->ra.rac);
+ /* mmctx is set to NULL and gprs_llgmm_unassign(llme) will be
+ called below, let's make sure we don't keep dangling llme
+ pointers in mmctx (OS#3957). */
+ if (mmctx->ran_type == MM_CTX_T_GERAN_Gb)
+ OSMO_ASSERT(mmctx->gb.llme == NULL);
mmctx = NULL;
}