While processing an I-frame we may deliver its payload to L3. After
returning from L3 procesing, we run some additional code, assuming
the LAPD/DL state has not changed meanwhile.
However, if the application destroys the LAPD/DL meanwhile, our state
might be NULL again, and in this state we should not perform any further
action.
This is one of the cases where synchronous in-line dispatch across
various layers is hitting us. L3 should have an input queue, and only
start processing after all L2 work has completed and we're about to go
back to sleep in select().
Change-Id: I026b64503511002c13c0f4117648c366c48ecc62
Related: OS#1761
Closes: OS#4646
At some points, e.g. when allocating message buffers from the Tx
history, we used to allocate them exactly as large as the defined
headroom plus the user data. This means that the underlying PH layer
(E1 mostly) had no tailroom to add anything to the end of the message.
Especially for DAHDI this is a problem, as we need to make space for
two more bytes of frame check sequence (FCS).
So let's simply make sure we always have some extra space at the end
of such buffers.
Change-Id: Id362ce131157c7513d744b0248c7f78fb75c590c
Related: OS#4644
At the moment we print the pointer address to identify the log lines
belonging to a specific connection. Since pointer addresses are
difficult to work with, a human readable ID should be printed instead.
e.g. "This is LAPD instance for SAPI3 on bts0/trx1/ts5/lchan3"
Change-Id: Ie6742843fff809edffcac24c4dce4edf66bc71be
Closes: OS#1938
The timeout is calculated dynamically in t200_by_lchan() based on FN
advance value estimated by bts_get_avg_fn_advance(), so it's informative
to have the final value printed out.
Change-Id: Ib50a9c23de881c66c9218833703cc41101e06bfd
During testing with BTS_Tests_LAPDm.TC_t200_n200() it was discovered
that the existing LAPD[m] implementation always gave up at N200-1
retransmissions, rather than N200 retransmissions.
The first transmission doesn't count, and hence we must have N200
actual re-transmissions. The Error message is then described as
"T200 expired N200+1 times", i.e. we start T200 one more time after
the last re-transmission and only give up if it expires again (i.e.
no ACK received)
Change-Id: Ic33854ee61311f73b7db55eeef10280349151097
Related: OS4037
It's not very useful to get just the raw pointer address in case of
lapd_datalink receive error. Log it's state in addition.
Change-Id: Ie8c5df262312f886f509113f2707e36811df3bd5
Some Abis/RSL messages such as "Release Indication" contained 3 extra
bytes from an L3 Information header which should not be there according
to specs in GSM 08.58 (section 8.3 "Radio link layer management
messages"). Other RSL messages were affected by the same issue, except
for "Establish Indication", which had already a workaround in
send_rslms_dlsap.
This commit fixes the issue in a generic way, removes the "Establish
Indication" and fixes the test accounting for the bug, as it otherwise
fails after applying the changes.
Fixes: OS#1635, OS#2336
Change-Id: Ibb116214e8b1798d65a8b0917150496a3c14f344
Let's fix some erroneous/accidential references to wrong license,
update copyright information where applicable and introduce a
SPDX-License-Identifier to all files.
Change-Id: I39af26c6aaaf5c926966391f6565fc5936be21af
lapd_est_req() function could be called on uninitialized lapd link
(before lapd_dl_init() and after lapd_dl_exit() functions) due to
invalid usage on higher levels.
In order to prevent using uninitialized lapd link, we should set
LAPD_STATE_NULL state for lapd_datalink in lapd_dl_exit() function.
So all messages for lapd_datalink in null state will be unhandled by
lapd_recv_dlsap() function and lapd_est_req() function will not be
called before lapd_dl_init() function where lapd link state is changed
to idle.
#0 0x00007f46ecd99aa5 in lapd_est_req (dp=<optimized out>, lctx=0x7f46ed80b8b8) at
lapd_core.c:1769
#1 0x00007f46ecd9dda8 in rslms_rx_rll_est_req (msg=msg@entry=0x7f46eeab4940,
dl=dl@entry=0x7f46ed80b888) at lapdm.c:845
#2 0x00007f46ecd9fc03 in rslms_rx_rll (lc=0x7f46ed80b398, msg=0x7f46eeab4940) at
lapdm.c:1157
#3 lapdm_rslms_recvmsg (msg=0x7f46eeab4940, lc=0x7f46ed80b398) at lapdm.c:1223
#4 0x00007f46ed63773d in rsl_rx_rll (msg=<optimized out>, trx=<optimized out>) at
rsl.c:2178
#5 down_rsl (trx=<optimized out>, msg=<optimized out>) at rsl.c:2541
#6 0x00007f46ed641529 in sign_link_cb (msg=<optimized out>) at abis.c:169
#7 0x00007f46ec54b111 in ipaccess_bts_read_cb (link=0x7f46eeab4940, msg=0x0) at
input/ipaccess.c:807
#8 0x00007f46ec548a8e in ipa_client_read (link=0x7f46ee26ae30) at input/ipa.c:74
#9 ipa_client_fd_cb (ofd=<optimized out>, what=1) at input/ipa.c:137
#10 0x00007f46ecfc726f in osmo_fd_disp_fds (_eset=0x7ffe7a9fcd20, _wset=0x7ffe7a9fcca0,
_rset=0x7ffe7a9fcc20) at select.c:167
#11 osmo_select_main (polling=polling@entry=0) at select.c:207
#12 0x00007f46ed63fc25 in bts_main (argc=5, argv=<optimized out>) at main.c:359
#13 0x00007f46ebd76f45 in __libc_start_main (main=0x7f46ed61b120 <main>, argc=5,
argv=0x7ffe7a9fcf18, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>,
#14 0x00007f46ed61b14e in _start ()
Related: OS#1982
Change-Id: I306dad9b78e3becaef14c5305ec25c312feefe3c
Considering the various styles and implications found in the sources, edit
scores of files to follow the same API doc guidelines around the doxygen
grouping and the \file tag.
Many files now show a short description in the generated API doc that was so
far only available as C comment.
The guidelines and reasoning behind it is documented at
https://osmocom.org/projects/cellular-infrastructure/wiki/Guidelines_for_API_documentation
In some instances, remove file comments and add to the corresponding group
instead, to be shared among several files (e.g. bitvec).
Change-Id: Ifa70e77e90462b5eb2b0457c70fd25275910c72b
Especially for short descriptions, it is annoying to have to type \brief for
every single API doc.
Drop all \brief and enable the AUTOBRIEF feature of doxygen, which always takes
the first sentence of an API doc as the brief description.
Change-Id: I11a8a821b065a128108641a2a63fb5a2b1916e87
It's a pity that even with this patch we still are fare away from having
the whole API documented. However, at least we have a more solid
foundation. Updates not only extend the documentation, but also make
sure it is rendered properly in the doxygen HTML.
Change-Id: I1344bd1a6869fb00de7c1899a8db93bba9bafce3
Add a new function timer function to set up the timer, similar to what
we have in the Linux kernel. This patch also converts existing opencoded
timer setup in the libosmocore tree as initial client of this new
function.
This patch implicitly removes function callback passed by reference that
defeat compile time type validation.
Compile-tested only, but I ran make check that reports success when
testing timer infrastructure.
Change-Id: I2fa49972ecaab3748b25168b26d92034e9145666
The state check in lapd_dl_reset causes some buffers
never to be released. Using talloc report LAPD UA
message buffers are never released after each call
and cause a memory leak.
Change-Id: I2799b70623f2ec4dbc725eb213e332e98da02a3e
We don't really use state numbers without bounds check into string
tables since March 2010, when value_string became part of libosmocore.
It's time to catch up, 7 years later...
Change-Id: I1dac7b4cb441a1119cc167112521e8b8aae62e63
in lapd_t200_cb() The RELEASE INDICATION is transmitted before
the MDL ERROR INIDCATION, this prevents the MDL ERROR INDICATION
from being sent because the RELASE INDICATION close to connection
eraly. This commit puts the messages into the correct order.
Change-Id: Iae74777138fc27828f511e3aa321d1981861f4a5
when the lapd core is in state LAPD_STATE_SABM_SENT, and the
retransmission counter exceeds (link down) lapd_t200_cb() will
send an RELASE_INDICATION and an MDL_ERROR_INDICATION to L3.
This action is done before the state is processed. This seems
to be no problem with standard retransmission counts (n200),
but may cause timing problems that lead to deadlock states when
custom timer configurations are in use. (Ericsson RBS).
This commit moves the functions calls for sending the indications
mentioned above to the very end of the if branch to relax the
timing again. (See lapd_t200_cb())
Change-Id: I1c1beb3701b19744a3ce9946abca7767d20a0b6a
The debug output of lapd core has no references to the dl objects,
since we have multiple links, seeing which action is for which
object is impossible. This commit adds pointer references (dl=%p)
to each log line.
Change-Id: I3024d1cbd58631e2abac4ce5822528e2e6e15fda
When lapd_dl_flush_hist() was called before we actually had started a
transmit history from lapd_dl_init(), we woul segfault before this
patch.
Change-Id: Ifa677c9b335dd2884b4f3e44699d901957a0500b
If lapd_dl_flush_hist() is called after lapd_dl_exit(), dl->tx_hist has
already been free'd and set to NULL. Check for this before attempting
to de-reference a NULL pointer.
This bug breaks OpenBSC with any E1 based BTSs using DAHDI.
Change-Id: I117ba3445fa5e8097e21c11c5a6337de6ba46c7d
Related: OS#1760
If LAPDm receives an I-Frame while there already is an I-Frame in the
tx_queue the code generates an additional RR (to acknowledge the
received I-Frame). Instead, N(R) of the I-Frame in the tx_queue should
be updated to ACK the data.
When debugging an issue that involves SAPI=0 and SAPI=3 the
log file does not have enough context. Add the SAPI to this
message so we at least understand which SAPI we are talking
about.
if (ptr)
msgb_free(ptr)
extends to:
if (ptr)
talloc_free(ptr)
And according to the talloc documentation a talloc_free(NULL)
will not crash: "... Likewise, if "ptr" is NULL, then the function
will make no modifications and returns -1."
lapdm.c takes the re-establishment message and forwards it to lapd_core.c,
so we can assume that msgb is set at primitive. In case there is data in
the re-establishment msg, it is moved into send_buffer. In case of no
data (0 length), it must be freed.
Fixes an issue spotted by Coverity Scan.
If the datalink fails or if handover or assignment to a new channel fails,
it is re-establised by sending SABM again. The length of establish message
is 0 in this case. The length is used to differentiate between
re-establishment and contention resolution, which has to be handled
differently.
See TS 04.06 Chapter 5.4.2.1
When a SABM(E) frame arrives, we have to trim the L2 padding (0x2b for
gsm) before handing the data off to L3, just like we do with I frames.
Also, we should use mggb_trim() or even msgb_l3trim() instead of
manually fiddling with msgb->length and ->tail pointers.
After reception of SABM, the network responds with UA and enters the
establised multiframe state. If UA is not received by mobile, the SABM
is transmitted again, and the network must respond with UA again, unless
it is from a different mobile.
Add LAPDm collision test (contention resolution on network side).
DATA REQ with a msgb_l3len(msg) == 0 message does not make any
sense, log an error and return immediately before attempting to
send an empty I frame in lapd_send_i.
If a sequence error is received, the N(R) variable must still be used to
acknowledge previously transmitted frames.
If there are two subsequent sequence errors received, ignore it. (Ignore
every second subsequent error.) This happens if our reply with the REJ is
too slow, so the remote gets a T200 timeout and sends another frame with
a sequence error. Test showed that replying with two subsequent REJ
messages could the remote L2 process to abort. Replying too slow shouldn't
happen, but may happen over serial link between BB and LAPD.
Written-by: Andreas.Eversberg <jolly@eversberg.eu>
Signed-off-by: Sylvain Munaut <tnt@246tNt.com>
Instead of mixing together the GSM layer 1 interface and RSL interface
with the implementation of LAPD, the core function of LAPD is now
extracted from LAPDm. The core implementation is now in lapd_core.c
and lapd_core.h respectively.
The lapd_core.c implements exactly one datalink instance for one SAP.
The surrounding implementation "lapdm.c" codes/decodes the layer 2
headers and handles multiplexing and datalink instances, as well as
translates primitives from/to RSL layer.
lapd_core.c can now be used for other LAPD implementations. (ISDN/ABIS)
Pau Espin
Harald Welte
Max
Neels Hofmeyr
Philipp Maier
Daniel Willmann
Sylvain Munaut