[PATCH] gb: Fix gprs_nsvc_delete() to free ctr group

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.

Jacob Erlbeck jerlbeck at sysmocom.de
Wed Oct 23 08:59:17 UTC 2013 

This fixes a SEGV error that happens the next time the statistics
are updated.

Addresses:
 Program terminated with signal 11, Segmentation fault.
 #0  0xb7711fa5 in rate_ctr_group_intv (grp=<optimized out>) at
 rate_ctr.c:107
 107             for (i = 0; i < grp->desc->num_ctr; i++) {
 #0  0xb7711fa5 in rate_ctr_group_intv (grp=<optimized out>) at
     rate_ctr.c:107
 #1  rate_ctr_timer_cb (data=0x0) at rate_ctr.c:129
 #2  0xb770ec59 in osmo_timers_update () at timer.c:243
 #3  0xb770ef7a in osmo_select_main (polling=0) at select.c:133
 #4  0x08049987 in main (argc=3, argv=0xbfba8084) at
     gb_proxy_main.c:306

Sponsored-by: On-Waves ehf
---
 src/gb/gprs_ns.c         |    1 +
 tests/gb/gprs_ns_test.c  |   43 +++++++++++++++++++++++
 tests/gb/gprs_ns_test.ok |   86 ++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 130 insertions(+)

diff --git a/src/gb/gprs_ns.c b/src/gb/gprs_ns.c
index b50a700..d71707b 100644
--- a/src/gb/gprs_ns.c
+++ b/src/gb/gprs_ns.c
@@ -215,6 +215,7 @@ void gprs_nsvc_delete(struct gprs_nsvc *nsvc)
 	if (osmo_timer_pending(&nsvc->timer))
 		osmo_timer_del(&nsvc->timer);
 	llist_del(&nsvc->list);
+	rate_ctr_group_free(nsvc->ctrg);
 	talloc_free(nsvc);
 }
 
diff --git a/tests/gb/gprs_ns_test.c b/tests/gb/gprs_ns_test.c
index d2d2825..f8a1f27 100644
--- a/tests/gb/gprs_ns_test.c
+++ b/tests/gb/gprs_ns_test.c
@@ -8,6 +8,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <unistd.h>
 #include <stdint.h>
 #include <string.h>
 #include <getopt.h>
@@ -445,6 +446,45 @@ static void gprs_dump_nsi(struct gprs_ns_inst *nsi)
 	printf("\n");
 }
 
+static void test_nsvc()
+{
+	struct gprs_ns_inst *nsi = gprs_ns_instantiate(gprs_ns_callback, NULL);
+	struct sockaddr_in peer[1] = {{0},};
+	struct gprs_nsvc *nsvc;
+	int i;
+
+	peer[0].sin_family = AF_INET;
+	peer[0].sin_port = htons(1111);
+	peer[0].sin_addr.s_addr = htonl(REMOTE_BSS_ADDR);
+
+	for (i=0; i<4; ++i) {
+		printf("--- Create via RESET (round %d) ---\n\n", i);
+
+		send_ns_reset(nsi, &peer[0], NS_CAUSE_OM_INTERVENTION,
+			      0x1001, 0x1000);
+		gprs_dump_nsi(nsi);
+
+		printf("--- Delete nsvc object (round %d)---\n\n", i);
+
+		nsvc = gprs_nsvc_by_nsvci(nsi, 0x1001);
+		OSMO_ASSERT(nsvc != NULL);
+		gprs_nsvc_delete(nsvc);
+
+		gprs_dump_nsi(nsi);
+	}
+
+	gprs_ns_destroy(nsi);
+	nsi = NULL;
+
+	printf("--- Process timers ---\n\n");
+	/* wait for rate_ctr_timer expiry */
+	usleep(1100000);
+	/* ensure termination */
+	alarm(2);
+	osmo_timers_update();
+	alarm(0);
+}
+
 static void test_bss_port_changes()
 {
 	struct gprs_ns_inst *nsi = gprs_ns_instantiate(gprs_ns_callback, NULL);
@@ -726,9 +766,12 @@ int main(int argc, char **argv)
 	log_set_print_filename(osmo_stderr_target, 0);
 	log_set_log_level(osmo_stderr_target, LOGL_INFO);
 
+	rate_ctr_init(NULL);
+
 	setlinebuf(stdout);
 
 	printf("===== NS protocol test START\n");
+	test_nsvc();
 	test_bss_port_changes();
 	test_bss_reset_ack();
 	test_sgsn_reset();
diff --git a/tests/gb/gprs_ns_test.ok b/tests/gb/gprs_ns_test.ok
index b3c3236..1566824 100644
--- a/tests/gb/gprs_ns_test.ok
+++ b/tests/gb/gprs_ns_test.ok
@@ -1,4 +1,90 @@
 ===== NS protocol test START
+--- Create via RESET (round 0) ---
+
+PROCESSING RESET from 0x01020304:1111
+02 00 81 01 01 82 10 01 04 82 10 00 
+
+==> got signal NS_RESET, NS-VC 0x1001/1.2.3.4:1111
+MESSAGE to BSS, msg length 9
+03 01 82 10 01 04 82 10 00 
+
+MESSAGE to BSS, msg length 1
+0a 
+
+result (RESET) = 9
+
+Current NS-VCIs:
+    VCI 0x1001, NSEI 0x1000, peer 0x01020304:1111, blocked
+
+--- Delete nsvc object (round 0)---
+
+Current NS-VCIs:
+
+--- Create via RESET (round 1) ---
+
+PROCESSING RESET from 0x01020304:1111
+02 00 81 01 01 82 10 01 04 82 10 00 
+
+==> got signal NS_RESET, NS-VC 0x1001/1.2.3.4:1111
+MESSAGE to BSS, msg length 9
+03 01 82 10 01 04 82 10 00 
+
+MESSAGE to BSS, msg length 1
+0a 
+
+result (RESET) = 9
+
+Current NS-VCIs:
+    VCI 0x1001, NSEI 0x1000, peer 0x01020304:1111, blocked
+
+--- Delete nsvc object (round 1)---
+
+Current NS-VCIs:
+
+--- Create via RESET (round 2) ---
+
+PROCESSING RESET from 0x01020304:1111
+02 00 81 01 01 82 10 01 04 82 10 00 
+
+==> got signal NS_RESET, NS-VC 0x1001/1.2.3.4:1111
+MESSAGE to BSS, msg length 9
+03 01 82 10 01 04 82 10 00 
+
+MESSAGE to BSS, msg length 1
+0a 
+
+result (RESET) = 9
+
+Current NS-VCIs:
+    VCI 0x1001, NSEI 0x1000, peer 0x01020304:1111, blocked
+
+--- Delete nsvc object (round 2)---
+
+Current NS-VCIs:
+
+--- Create via RESET (round 3) ---
+
+PROCESSING RESET from 0x01020304:1111
+02 00 81 01 01 82 10 01 04 82 10 00 
+
+==> got signal NS_RESET, NS-VC 0x1001/1.2.3.4:1111
+MESSAGE to BSS, msg length 9
+03 01 82 10 01 04 82 10 00 
+
+MESSAGE to BSS, msg length 1
+0a 
+
+result (RESET) = 9
+
+Current NS-VCIs:
+    VCI 0x1001, NSEI 0x1000, peer 0x01020304:1111, blocked
+
+--- Delete nsvc object (round 3)---
+
+Current NS-VCIs:
+
+--- Process timers ---
+
 --- Setup, send BSSGP RESET ---
 
 Setup NS-VC: remote 0x01020304:1111, NSVCI 0x1122(4386), NSEI 0x1122(4386)
-- 
1.7.9.5

More information about the OpenBSC mailing list