matanp has uploaded this change for review.
vlr: Stop silent call before deduping subscribers
Before this fix, A use count mismatch could be reached by:
* Completing a location updating procedure with TMSI.
* Disconnecting from the BTS.
* Starting a silent call from the MSC.
* Registering again with the same IMSI but a different TMSI.
This would cause the a new subscriber to be created without
the silent call use count, which in turn would cause the
assert in `vlr_subscr_put` in `trans_free` to fail with use count of -1.
Change-Id: If23f8b0e42d4a3a8bf1c8f5ca81b045834b6cccd
---
M src/libvlr/vlr.c
1 file changed, 7 insertions(+), 0 deletions(-)
git pull ssh://gerrit.osmocom.org:29418/osmo-msc refs/changes/31/41131/1
diff --git a/src/libvlr/vlr.c b/src/libvlr/vlr.c
index e90596c..c4941b4 100644
--- a/src/libvlr/vlr.c
+++ b/src/libvlr/vlr.c
@@ -36,6 +36,7 @@
#include <osmocom/vlr/vlr.h>
#include <osmocom/gsupclient/gsup_client_mux.h>
#include <osmocom/msc/paging.h>
+#include <osmocom/msc/silent_call.h>
#include <netinet/in.h>
#include <arpa/inet.h>
@@ -643,6 +644,12 @@
if (!strcmp(vsub->imsi, imsi))
return;
+ /* If the same subscriber has silent call (probably pending) stop the silent call to prevent
+ * use count mismatch when freeing the transaction. */
+ exists = vlr_subscr_find_by_imsi(vsub->vlr, imsi, NULL);
+ if (exists)
+ gsm_silent_call_stop(exists);
+
/* We've just learned about this new IMSI, our primary key in the VLR. make sure to invalidate any prior VLR
* entries for this IMSI. */
exists = vlr_subscr_find_by_imsi(vsub->vlr, imsi, NULL);
To view, visit change 41131. To unsubscribe, or for help writing mail filters, visit settings.