Commit
204a50108457a54154675279cda2e72c2df5464d
by nhofmeyrprevent use-after-free after FSM instance termination
- Set osmo_fsm_set_dealloc_ctx(OTC_SELECT) in osmo-hnbgw's main().
- Only dispatch RANAP when FSM instances aren't terminated.
This way we possibly pre-empt use-after-free crashes for deallocating
FSM "nests" for obscure corner cases.
Use-after-free is a general problem for FSM design. For this, we created
osmo_fsm_set_dealloc_ctx(): When an FSM is terminated, move it to a
separate talloc context, instead of being deallocated.
An actual use-after-free was observed as described in OS#6484, but that
needs a separate, orthogonal fix:
When the Iuh link is lost while the CN link is waiting for SCCP CC or
CREF -- the better solution is described in OS#6085: don't wait for CC
at all, just dispatch DISCONN to SCCP-SCOC.
So even though the code where a crash was observed will be removed, this
patch is a general safeguard against corner case crashes, improving
general stability.
Related: OS#6484
Change-Id: Ib41e1a996aaa03221e73643636140947ac8f99e2
![[Jenkins]](/jenkins/static/342c126a/images/svgs/logo.svg){kind=logo}
