pespin has uploaded this change for review. ( https://gerrit.osmocom.org/c/osmo-sgsn/+/16015 )
Change subject: gmm: Fix assertion hit during RA UPD REQ before completting gmm attach ...................................................................... gmm: Fix assertion hit during RA UPD REQ before completting gmm attach Output: 20191107021548500 DMM <0002> gprs_gb.c:40 MM_STATE_Gb(2596296189)[0x6120000084a0]{Idle}: Received Event E_MM_PDU_RECEPTION 20191107021548500 DMM <0002> gprs_gmm.c:1531 MM(/d4b6d7af) -> GMM RA UPDATE REQUEST type="RA updating" 20191107021548501 DMM <0002> gprs_gmm.c:1615 MM(/d4b6d7af) The MM context cannot be used, RA: 901-70-2758-208 Assert failed mmctx->gb.llme == NULL gprs_gmm.c:1620 Scenario reproducing the crash can be triggered with TTCN3 SGSN_Tests.TC_attach_req_id_req_ra_update. Basically, SGSN first receives an ATTACH REQ with a given RA ID, then SGSN switches to state CommonProcedureInitiated and sends GMM ID REQ, and MS/PCU answers immediatelly with a RA Update instead with a new RA ID. Related: OS#3957, OS#4245 Change-Id: I64fa5cf1b427d3abb99e553e584897261a827ce6 --- M src/sgsn/gprs_gmm.c 1 file changed, 2 insertions(+), 2 deletions(-) git pull ssh://gerrit.osmocom.org:29418/osmo-sgsn refs/changes/15/16015/1 diff --git a/src/sgsn/gprs_gmm.c b/src/sgsn/gprs_gmm.c index b6b1685..17daa7d 100644 --- a/src/sgsn/gprs_gmm.c +++ b/src/sgsn/gprs_gmm.c @@ -1615,9 +1615,9 @@ osmo_rai_name(&mmctx->ra)); /* mmctx is set to NULL and gprs_llgmm_unassign(llme) will be called below, let's make sure we don't keep dangling llme - pointers in mmctx (OS#3957). */ + pointers in mmctx (OS#3957, OS#4245). */ if (mmctx->ran_type == MM_CTX_T_GERAN_Gb) - OSMO_ASSERT(mmctx->gb.llme == NULL); + mmctx->gb.llme = NULL; mmctx = NULL; } -- To view, visit https://gerrit.osmocom.org/c/osmo-sgsn/+/16015 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-sgsn Gerrit-Branch: master Gerrit-Change-Id: I64fa5cf1b427d3abb99e553e584897261a827ce6 Gerrit-Change-Number: 16015 Gerrit-PatchSet: 1 Gerrit-Owner: pespin <pes...@sysmocom.de> Gerrit-MessageType: newchange