fix gsm0408_test: properly free bts struct after each test
Add missing deletion of osmo_stat_item_group_free(bts->bts_statg).
Add missing bts free after test_si_ba_ind().
Log deallocation, update expected test output.
This fixes some of the errors of gsm0408_test's SI tests, as revealed by a
sanitizer build using gcc (Debian 7.3.0-12) 7.3.0.
Fixes:
=================================================================
==19273==ERROR: AddressSanitizer: heap-use-after-free on address 0x60d0000004b8 at pc 0x7f1561a94621 bp 0x7ffe7a7a64a0 sp 0x7ffe7a7a6498
WRITE of size 8 at 0x60d0000004b8 thread T0
#0 0x7f1561a94620 in __llist_add ../../../src/libosmocore/include/osmocom/core/linuxlist.h:75
#1 0x7f1561a94620 in llist_add ../../../src/libosmocore/include/osmocom/core/linuxlist.h:90
#2 0x7f1561a94620 in osmo_stat_item_group_alloc ../../../src/libosmocore/src/stat_item.c:141
#3 0x5574f6a19935 in gsm_bts_alloc ../../../../src/osmo-bsc/src/libbsc/gsm_data.c:728
#4 0x5574f6a12920 in bts_init ../../../../src/osmo-bsc/tests/gsm0408/gsm0408_test.c:123
#5 0x5574f6a0ddb3 in test_si2q_e ../../../../src/osmo-bsc/tests/gsm0408/gsm0408_test.c:192
#6 0x5574f6a0ddb3 in main ../../../../src/osmo-bsc/tests/gsm0408/gsm0408_test.c:824
#7 0x7f156061aa86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21a86)
#8 0x5574f6a10339 in _start (/n/s/dev/make/osmo-bsc/tests/gsm0408/gsm0408_test+0xfc339)
Change-Id: I1ebbd8cc0622ce1a061e933813829b1f770072dc
diff --git a/tests/gsm0408/gsm0408_test.c b/tests/gsm0408/gsm0408_test.c
index 0a2adcd..9fd4ac7 100644
--- a/tests/gsm0408/gsm0408_test.c
+++ b/tests/gsm0408/gsm0408_test.c
@@ -132,6 +132,16 @@
return bts;
}
+#define bts_del(bts) _bts_del(bts, __func__)
+static inline void _bts_del(struct gsm_bts *bts, const char *msg)
+{
+ osmo_stat_item_group_free(bts->bts_statg);
+ rate_ctr_group_free(bts->bts_ctrs);
+ /* no need to llist_del(&bts->list), we never registered the bts there. */
+ talloc_free(bts);
+ printf("BTS deallocated OK in %s()\n", msg);
+}
+
static inline void test_si2q_segfault(struct gsm_network *net)
{
struct gsm_bts *bts = bts_init(tall_bsc_ctx, net, __func__);
@@ -141,8 +151,7 @@
_bts_uarfcn_add(bts, 10612, 319, 0);
gen(bts, __func__);
- rate_ctr_group_free(bts->bts_ctrs);
- talloc_free(bts);
+ bts_del(bts);
}
static inline void test_si2q_mu(struct gsm_network *net)
@@ -158,8 +167,7 @@
_bts_uarfcn_add(bts, 10613, 164, 0);
_bts_uarfcn_add(bts, 10613, 14, 0);
- rate_ctr_group_free(bts->bts_ctrs);
- talloc_free(bts);
+ bts_del(bts);
}
static inline void test_si2q_u(struct gsm_network *net)
@@ -183,8 +191,7 @@
_bts_uarfcn_add(bts, 1982, 14, 0);
_bts_uarfcn_add(bts, 1982, 88, 0);
- rate_ctr_group_free(bts->bts_ctrs);
- talloc_free(bts);
+ bts_del(bts);
}
static inline void test_si2q_e(struct gsm_network *net)
@@ -213,8 +220,7 @@
add_earfcn_b(bts, 1967, 4);
add_earfcn_b(bts, 1982, 3);
- rate_ctr_group_free(bts->bts_ctrs);
- talloc_free(bts);
+ bts_del(bts);
}
static inline void test_si2q_long(struct gsm_network *net)
@@ -258,8 +264,7 @@
_bts_uarfcn_add(bts, 1976, 225, 1);
_bts_uarfcn_add(bts, 1976, 226, 1);
- rate_ctr_group_free(bts->bts_ctrs);
- talloc_free(bts);
+ bts_del(bts);
}
static void test_mi_functionality(void)
@@ -680,6 +685,8 @@
printf("SI5ter: %s\n", osmo_hexdump((uint8_t *)si5ter, rc));
/* Validate BA-IND == 1 */
OSMO_ASSERT(si5ter->bcch_frequency_list[0] & 0x10);
+
+ bts_del(bts);
}
struct test_gsm48_ra_id_by_bts {