diff options
author | Pau Espin Pedrol <pespin@sysmocom.de> | 2019-08-12 18:47:46 +0200 |
---|---|---|
committer | Pau Espin Pedrol <pespin@sysmocom.de> | 2019-08-15 13:12:11 +0200 |
commit | 1927052de63e10044850b533a62c5018ec19606d (patch) | |
tree | 2c66fa80ed4c0fe49860f6c9d6b613e6849d3ef8 /src | |
parent | c488665f925c511b95e280b11bb0cffd262dc0ed (diff) |
gprs_gmm: Introduce assert to guard against unexpected condition
This may well be the culprit of OS#3957, were already freed llme is accessed from
mmctx context later on, upon some timer is triggered in mmctx.
Related: OS#3957
Change-Id: I8e1eaeb9b3ebee8e45704b4fe007190c7db609e4
Diffstat (limited to 'src')
-rw-r--r-- | src/gprs/gprs_gmm.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/gprs/gprs_gmm.c b/src/gprs/gprs_gmm.c index 0fcf1bb66..718fc97f6 100644 --- a/src/gprs/gprs_gmm.c +++ b/src/gprs/gprs_gmm.c @@ -1741,6 +1741,11 @@ static int gsm48_rx_gmm_ra_upd_req(struct sgsn_mm_ctx *mmctx, struct msgb *msg, "The MM context cannot be used, RA: %03d-%0*d-%d-%d\n", mmctx->ra.mcc, mmctx->ra.mnc_3_digits, mmctx->ra.mnc, mmctx->ra.lac, mmctx->ra.rac); + /* mmctx is set to NULL and gprs_llgmm_unassign(llme) will be + called below, let's make sure we don't keep dangling llme + pointers in mmctx (OS#3957). */ + if (mmctx->ran_type == MM_CTX_T_GERAN_Gb) + OSMO_ASSERT(mmctx->gb.llme == NULL); mmctx = NULL; } |