Commit e10c0c08 authored by David Price's avatar David Price

Crashes due to clearing out the wrong info from subframe buffer

parent 2ac91f05
......@@ -289,7 +289,7 @@ index 74f29a0..7310fc0 100644
}
diff --git a/pnf/src/pnf_p7.c b/pnf/src/pnf_p7.c
index 0fd7828..c980086 100644
index 0fd7828..5a87c6c 100644
--- a/pnf/src/pnf_p7.c
+++ b/pnf/src/pnf_p7.c
@@ -25,12 +25,64 @@
......@@ -374,7 +374,14 @@ index 0fd7828..c980086 100644
if(pnf_p7->_public.codec_config.deallocate)
{
(pnf_p7->_public.codec_config.deallocate)(req->dl_config_request_body.dl_config_pdu_list);
@@ -83,11 +138,14 @@ void deallocate_nfapi_dl_config_request(nfapi_dl_config_request_t* req, pnf_p7_t
@@ -77,17 +132,21 @@ void deallocate_nfapi_dl_config_request(nfapi_dl_config_request_t* req, pnf_p7_t
{
free(req->dl_config_request_body.dl_config_pdu_list);
}
+ req->dl_config_request_body.dl_config_pdu_list=0;
pnf_p7_free(pnf_p7, req);
}
nfapi_ul_config_request_t* allocate_nfapi_ul_config_request(pnf_p7_t* pnf_p7)
{
......@@ -390,7 +397,15 @@ index 0fd7828..c980086 100644
if(pnf_p7->_public.codec_config.deallocate)
{
(pnf_p7->_public.codec_config.deallocate)(req->ul_config_request_body.ul_config_pdu_list);
@@ -107,6 +165,7 @@ nfapi_hi_dci0_request_t* allocate_nfapi_hi_dci0_request(pnf_p7_t* pnf_p7)
@@ -96,6 +155,7 @@ void deallocate_nfapi_ul_config_request(nfapi_ul_config_request_t* req, pnf_p7_t
{
free(req->ul_config_request_body.ul_config_pdu_list);
}
+ req->ul_config_request_body.ul_config_pdu_list=0;
pnf_p7_free(pnf_p7, req);
}
@@ -107,6 +167,7 @@ nfapi_hi_dci0_request_t* allocate_nfapi_hi_dci0_request(pnf_p7_t* pnf_p7)
void deallocate_nfapi_hi_dci0_request(nfapi_hi_dci0_request_t* req, pnf_p7_t* pnf_p7)
{
......@@ -398,7 +413,15 @@ index 0fd7828..c980086 100644
if(pnf_p7->_public.codec_config.deallocate)
{
(pnf_p7->_public.codec_config.deallocate)(req->hi_dci0_request_body.hi_dci0_pdu_list);
@@ -127,6 +186,9 @@ nfapi_tx_request_t* allocate_nfapi_tx_request(pnf_p7_t* pnf_p7)
@@ -115,6 +176,7 @@ void deallocate_nfapi_hi_dci0_request(nfapi_hi_dci0_request_t* req, pnf_p7_t* pn
{
free(req->hi_dci0_request_body.hi_dci0_pdu_list);
}
+ req->hi_dci0_request_body.hi_dci0_pdu_list=0;
pnf_p7_free(pnf_p7, req);
}
@@ -127,6 +189,9 @@ nfapi_tx_request_t* allocate_nfapi_tx_request(pnf_p7_t* pnf_p7)
void deallocate_nfapi_tx_request(nfapi_tx_request_t* req, pnf_p7_t* pnf_p7)
{
int i = 0;
......@@ -408,7 +431,31 @@ index 0fd7828..c980086 100644
for(i = 0; i < req->tx_request_body.number_of_pdus; ++i)
{
void* data = req->tx_request_body.tx_pdu_list[i].segments[0].segment_data;
@@ -307,11 +369,11 @@ void pnf_p7_rx_reassembly_queue_remove_old_msgs(pnf_p7_t* pnf_p7, pnf_p7_rx_reas
@@ -139,6 +204,7 @@ void deallocate_nfapi_tx_request(nfapi_tx_request_t* req, pnf_p7_t* pnf_p7)
{
free(data);
}
+ data=0;
}
@@ -150,6 +216,7 @@ void deallocate_nfapi_tx_request(nfapi_tx_request_t* req, pnf_p7_t* pnf_p7)
{
free(req->tx_request_body.tx_pdu_list);
}
+ req->tx_request_body.tx_pdu_list=0;
pnf_p7_free(pnf_p7, req);
}
@@ -169,6 +236,7 @@ void deallocate_nfapi_lbt_dl_config_request(nfapi_lbt_dl_config_request_t* req,
{
free(req->lbt_dl_config_request_body.lbt_dl_config_req_pdu_list);
}
+ req->lbt_dl_config_request_body.lbt_dl_config_req_pdu_list=0;
pnf_p7_free(pnf_p7, req);
}
@@ -307,11 +375,11 @@ void pnf_p7_rx_reassembly_queue_remove_old_msgs(pnf_p7_t* pnf_p7, pnf_p7_rx_reas
}
......@@ -422,7 +469,7 @@ index 0fd7828..c980086 100644
return 0;
}
else
@@ -482,29 +544,41 @@ void pnf_pack_and_send_timing_info(pnf_p7_t* pnf_p7)
@@ -482,29 +550,41 @@ void pnf_pack_and_send_timing_info(pnf_p7_t* pnf_p7)
void send_dummy_subframe(pnf_p7_t* pnf_p7, uint16_t sfn_sf)
{
......@@ -469,7 +516,7 @@ index 0fd7828..c980086 100644
(pnf_p7->_public.lbt_dl_config_req)(&pnf_p7->_public, pnf_p7->_public.dummy_subframe.lbt_dl_config_req);
}
}
@@ -526,10 +600,14 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
@@ -526,10 +606,14 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
return -1;
}
......@@ -485,7 +532,7 @@ index 0fd7828..c980086 100644
// If the subframe_buffer has been configured
if(pnf_p7->_public.subframe_buffer_size != 0)
{
@@ -550,6 +628,10 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
@@ -550,6 +634,10 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
NFAPI_TRACE(NFAPI_TRACE_INFO, "Applying shift %d to sfn/sf (%d -> %d)\n", pnf_p7->sfn_sf_shift, NFAPI_SFNSF2DEC(sfn_sf), shifted_sfn_sf);
sfn_sf = shifted_sfn_sf;
......@@ -496,7 +543,7 @@ index 0fd7828..c980086 100644
pnf_p7->sfn_sf_shift = 0;
}
@@ -558,77 +640,104 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
@@ -558,77 +646,113 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
nfapi_pnf_p7_subframe_buffer_t* subframe_buffer = &(pnf_p7->subframe_buffer[buffer_index]);
......@@ -595,11 +642,20 @@ index 0fd7828..c980086 100644
- if(subframe_buffer->tx_req != 0)
+ if(tx_subframe_buffer->dl_config_req != 0)
+ {
+ deallocate_nfapi_dl_config_request(tx_subframe_buffer->dl_config_req, pnf_p7);
+ tx_subframe_buffer->dl_config_req = 0;
+ }
+ if(tx_subframe_buffer->tx_req != 0)
+ {
+ deallocate_nfapi_tx_request(tx_subframe_buffer->tx_req, pnf_p7);
+ tx_subframe_buffer->tx_req = 0;
+ }
+ if(tx_subframe_buffer->hi_dci0_req != 0)
+ {
+ deallocate_nfapi_hi_dci0_request(tx_subframe_buffer->hi_dci0_req, pnf_p7);
+ tx_subframe_buffer->hi_dci0_req = 0;
+ }
+ }
+ else if(subframe_buffer->sfn_sf == sfn_sf)
+ {
......@@ -627,7 +683,7 @@ index 0fd7828..c980086 100644
}
}
@@ -637,7 +746,7 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
@@ -637,7 +761,7 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
if(pnf_p7->_public.lbt_dl_config_req)
(pnf_p7->_public.lbt_dl_config_req)(&(pnf_p7->_public), subframe_buffer->lbt_dl_config_req);
......@@ -636,24 +692,31 @@ index 0fd7828..c980086 100644
}
else
{
@@ -650,14 +759,31 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
@@ -650,14 +774,42 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
}
- memset(&(pnf_p7->subframe_buffer[buffer_index]), 0, sizeof(nfapi_pnf_p7_subframe_buffer_t));
- pnf_p7->subframe_buffer[buffer_index].sfn_sf = -1;
- }
+ //if(subframe_buffer->dl_config_req != 0)
+ //deallocate_nfapi_dl_config_request(subframe_buffer->dl_config_req, pnf_p7);
+ //if(subframe_buffer->tx_req != 0)
+ //deallocate_nfapi_tx_request(subframe_buffer->tx_req, pnf_p7);
+ if(subframe_buffer->ul_config_req != 0)
+ {
+ deallocate_nfapi_ul_config_request(subframe_buffer->ul_config_req, pnf_p7);
+ subframe_buffer->ul_config_req = 0;
+
+ }
+ //if(subframe_buffer->hi_dci0_req != 0)
+ //deallocate_nfapi_hi_dci0_request(subframe_buffer->hi_dci0_req, pnf_p7);
+ if(subframe_buffer->lbt_dl_config_req != 0)
+ {
+ deallocate_nfapi_lbt_dl_config_request(subframe_buffer->lbt_dl_config_req, pnf_p7);
+
memset(&(pnf_p7->subframe_buffer[buffer_index]), 0, sizeof(nfapi_pnf_p7_subframe_buffer_t));
pnf_p7->subframe_buffer[buffer_index].sfn_sf = -1;
}
+ subframe_buffer->lbt_dl_config_req = 0;
+ }
+ } // sfn_sf match
else
{
- send_dummy_subframe(pnf_p7, sfn_sf);
......@@ -662,6 +725,13 @@ index 0fd7828..c980086 100644
+ send_dummy_subframe(pnf_p7, sfn_sf_tx);
}
+
+ if (subframe_buffer->dl_config_req == 0 && subframe_buffer->tx_req == 0 && subframe_buffer->ul_config_req == 0 && subframe_buffer->lbt_dl_config_req == 0)
+ {
+ memset(&(pnf_p7->subframe_buffer[buffer_index]), 0, sizeof(nfapi_pnf_p7_subframe_buffer_t));
+ pnf_p7->subframe_buffer[buffer_index].sfn_sf = -1;
+ }
+
+ //printf("pnf_p7->_public.timing_info_mode_periodic:%d pnf_p7->timing_info_period_counter:%d pnf_p7->_public.timing_info_period:%d\n", pnf_p7->_public.timing_info_mode_periodic, pnf_p7->timing_info_period_counter, pnf_p7->_public.timing_info_period);
+ //printf("pnf_p7->_public.timing_info_mode_aperiodic:%d pnf_p7->timing_info_aperiodic_send:%d\n", pnf_p7->_public.timing_info_mode_aperiodic, pnf_p7->timing_info_aperiodic_send);
+ //printf("pnf_p7->timing_info_ms_counter:%d\n", pnf_p7->timing_info_ms_counter);
......@@ -669,7 +739,7 @@ index 0fd7828..c980086 100644
// send the periodic timing info if configured
if(pnf_p7->_public.timing_info_mode_periodic && (pnf_p7->timing_info_period_counter++) == pnf_p7->_public.timing_info_period)
{
@@ -678,14 +804,15 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
@@ -678,14 +830,15 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
}
else
{
......@@ -687,7 +757,7 @@ index 0fd7828..c980086 100644
pnf_p7->stats.dl_conf_ontime, pnf_p7->stats.dl_conf_late,
pnf_p7->stats.ul_conf_ontime, pnf_p7->stats.ul_conf_late,
pnf_p7->stats.hi_dci0_ontime, pnf_p7->stats.hi_dci0_late,
@@ -694,6 +821,7 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
@@ -694,6 +847,7 @@ int pnf_p7_subframe_ind(pnf_p7_t* pnf_p7, uint16_t phy_id, uint16_t sfn_sf)
memset(&pnf_p7->stats, 0, sizeof(pnf_p7->stats));
}
pnf_p7->tick++;
......@@ -695,7 +765,7 @@ index 0fd7828..c980086 100644
if(pthread_mutex_unlock(&(pnf_p7->mutex)) != 0)
{
@@ -724,7 +852,7 @@ uint8_t is_p7_request_in_window(uint16_t sfnsf, const char* name, pnf_p7_t* phy)
@@ -724,7 +878,7 @@ uint8_t is_p7_request_in_window(uint16_t sfnsf, const char* name, pnf_p7_t* phy)
if(recv_sfn_sf_dec > ((current_sfn_sf_dec + timing_window) % NFAPI_MAX_SFNSFDEC))
{
// out of window
......@@ -704,7 +774,7 @@ index 0fd7828..c980086 100644
}
else
{
@@ -736,7 +864,7 @@ uint8_t is_p7_request_in_window(uint16_t sfnsf, const char* name, pnf_p7_t* phy)
@@ -736,7 +890,7 @@ uint8_t is_p7_request_in_window(uint16_t sfnsf, const char* name, pnf_p7_t* phy)
else
{
// too late
......@@ -713,7 +783,7 @@ index 0fd7828..c980086 100644
}
}
@@ -751,8 +879,8 @@ uint8_t is_p7_request_in_window(uint16_t sfnsf, const char* name, pnf_p7_t* phy)
@@ -751,8 +905,8 @@ uint8_t is_p7_request_in_window(uint16_t sfnsf, const char* name, pnf_p7_t* phy)
}
else
{
......@@ -724,7 +794,7 @@ index 0fd7828..c980086 100644
}
}
@@ -785,15 +913,32 @@ void pnf_handle_dl_config_request(void* pRecvMsg, int recvMsgLen, pnf_p7_t* pnf_
@@ -785,15 +939,32 @@ void pnf_handle_dl_config_request(void* pRecvMsg, int recvMsgLen, pnf_p7_t* pnf_
return;
}
......@@ -762,7 +832,7 @@ index 0fd7828..c980086 100644
//NFAPI_TRACE(NFAPI_TRACE_NOTE, "[%d] Freeing dl_config_req at index %d (%d/%d)",
// pMyPhyInfo->sfnSf, bufferIdx,
// SFNSF2SFN(dreq->sfn_sf), SFNSF2SF(dreq->sfn_sf));
@@ -994,6 +1139,16 @@ void pnf_handle_tx_request(void* pRecvMsg, int recvMsgLen, pnf_p7_t* pnf_p7)
@@ -994,6 +1165,16 @@ void pnf_handle_tx_request(void* pRecvMsg, int recvMsgLen, pnf_p7_t* pnf_p7)
uint32_t sfn_sf_dec = NFAPI_SFNSF2DEC(req->sfn_sf);
uint8_t buffer_index = sfn_sf_dec % pnf_p7->_public.subframe_buffer_size;
......@@ -779,7 +849,7 @@ index 0fd7828..c980086 100644
if(pnf_p7->subframe_buffer[buffer_index].tx_req != 0)
{
//NFAPI_TRACE(NFAPI_TRACE_NOTE, "[%d] Freeing tx_req at index %d (%d/%d)",
@@ -1010,6 +1165,8 @@ void pnf_handle_tx_request(void* pRecvMsg, int recvMsgLen, pnf_p7_t* pnf_p7)
@@ -1010,6 +1191,8 @@ void pnf_handle_tx_request(void* pRecvMsg, int recvMsgLen, pnf_p7_t* pnf_p7)
}
else
{
......@@ -788,7 +858,7 @@ index 0fd7828..c980086 100644
deallocate_nfapi_tx_request(req, pnf_p7);
if(pnf_p7->_public.timing_info_mode_aperiodic)
@@ -1126,12 +1283,27 @@ uint32_t calculate_t2(uint32_t now_time_hr, uint16_t sfn_sf, uint32_t sf_start_t
@@ -1126,12 +1309,27 @@ uint32_t calculate_t2(uint32_t now_time_hr, uint16_t sfn_sf, uint32_t sf_start_t
uint32_t sf_time_us = get_sf_time(now_time_hr, sf_start_time_hr);
uint32_t t2 = (NFAPI_SFNSF2DEC(sfn_sf) * 1000) + sf_time_us;
......@@ -817,7 +887,7 @@ index 0fd7828..c980086 100644
uint32_t sf_time_us = get_sf_time(now_time_hr, sf_start_time_hr);
@@ -1391,6 +1563,8 @@ void pnf_nfapi_p7_read_dispatch_message(pnf_p7_t* pnf_p7, uint32_t now_hr_time)
@@ -1391,6 +1589,8 @@ void pnf_nfapi_p7_read_dispatch_message(pnf_p7_t* pnf_p7, uint32_t now_hr_time)
// read the segment
recvfrom_result = recvfrom(pnf_p7->p7_sock, pnf_p7->rx_message_buffer, header.message_length, MSG_DONTWAIT, (struct sockaddr*)&remote_addr, &remote_addr_size);
......@@ -826,7 +896,7 @@ index 0fd7828..c980086 100644
if(recvfrom_result > 0)
{
pnf_handle_p7_message(pnf_p7->rx_message_buffer, recvfrom_result, pnf_p7, now_hr_time);
@@ -1417,7 +1591,10 @@ void pnf_nfapi_p7_read_dispatch_message(pnf_p7_t* pnf_p7, uint32_t now_hr_time)
@@ -1417,7 +1617,10 @@ void pnf_nfapi_p7_read_dispatch_message(pnf_p7_t* pnf_p7, uint32_t now_hr_time)
// need to update the time as we would only use the value from the
// select
......@@ -838,7 +908,7 @@ index 0fd7828..c980086 100644
}
while(recvfrom_result > 0);
}
@@ -1512,7 +1689,7 @@ int pnf_p7_message_pump(pnf_p7_t* pnf_p7)
@@ -1512,7 +1715,7 @@ int pnf_p7_message_pump(pnf_p7_t* pnf_p7)
selectRetval = select(pnf_p7->p7_sock+1, &rfds, NULL, NULL, &timeout);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment