Refuse state changes and event dispatch for FSM instances that are already
terminating.
It is assumed that refusing state changes and events after FSM termination is
seen as the sane expected behavior, hence this change in behavior is merged
without being configurable.
There is no fallout in current Osmocom code trees. fsm_dealloc_test needs a
changed expected output, since it is explicitly creating complex FSM structures
that terminate. Currently no other C test in Osmocom code needs adjusting.
Rationale:
Where multiple FSM instances are collaborating (like in osmo-bsc or osmo-msc),
a terminating FSM instance often causes events to be dispatched back to itself,
or causes state changes in FSM instances that are already terminating. That is
hard to avoid, since each FSM instance could be a cause of failure, and wants
to notify all the others of that, which in turn often choose to terminate.
Another use case: any function that dispatches events or state changes to more
than one FSM instance must be sure that after the first event dispatch, the
second FSM instance is in fact still allocated. Furthermore, if the second FSM
instance *has* terminated from the first dispatch, this often means that no
more actions should be taken. That could be done by an explicit check for
fsm->proc.terminating, but a more general solution is to do this check
internally in fsm.c.
In practice, I need this to avoid a crash in libosmo-mgcp-client, when an
on_success() event dispatch causes the MGCP endpoint FSM to deallocate. The
earlier dealloc-in-main-loop patch fixed part of it, but not all.
Change-Id: Ia81a0892f710db86bd977462730b69f0dcc78f8c
This is a simpler and more general solution to the problem so far solved by
osmo_fsm_term_safely(true). This extends use-after-free fixes to arbitrary
functions, not only FSM instances during termination.
The aim is to defer talloc_free() until back in the main loop.
Rationale: I discovered an osmo-msc use-after-free crash from an invalid
message, caused by this pattern:
void event_action()
{
osmo_fsm_inst_dispatch(foo, FOO_EVENT, NULL);
osmo_fsm_inst_dispatch(bar, BAR_EVENT, NULL);
}
Usually, FOO_EVENT takes successful action, and afterwards we also notify bar.
However, in this particular case, FOO_EVENT caused failure, and the immediate
error handling directly terminated and deallocated bar. In such a case,
dispatching BAR_EVENT causes a use-after-free; this constituted a DoS vector
just from sending messages that cause *any* failure during the first event
dispatch.
Instead, when this is enabled, we do not deallocate 'foo' until event_action()
has returned back to the main loop.
Test: duplicate fsm_dealloc_test.c using this, and print the number of items
deallocated in each test loop, to ensure the feature works. We also verify that
the deallocation safety works simply by fsm_dealloc_test.c not crashing.
We should probably follow up by refusing event dispatch and state transitions
for FSM instances that are terminating or already terminated:
see I0adc13a1a998e953b6c850efa2761350dd07e03a.
Change-Id: Ief4dba9ea587c9b4aea69993e965fbb20fb80e78
Do not return a warning and therefore fail parsing the config when the
"encapsulation framerelay-gre local-ip" command is used and FR/GRE is
disabled. Having this in the config does no harm and allows keeping the
same config if it is enabled later.
This fixes the currently failing vty tests for osmo-sgsn.
Fixes: a0c8195ad3 ("vty: Return error if cmd returns CMD_WARNING while reading cfg file")
Change-Id: Ic225232fbfca49ba868427eaf898e1f6e34e1ca8
The calculation of the beginning of a block for TCH/F, TCH/H and FACCH
can be challenging since those channels are affected by the diagonal
interleaving of the TCH channels. However, GSM 05.02 Section 7 Table 1
of 5 specifies how the blocks are distributed over the TDMA frame
interval. Lets add a mapping function that is based on that table
Related: OS#3803
Change-Id: I3d71c66f8c401f5afbad9b1c86c24580dab9e0ce
This way libosmocore build fails during configuring phase if expected
default behavior (building with libsctp support enabled and providing
osmo_sock_init2_multiaddr() API) fails. User is still provided with
--disable-libsctp option in case he doesn't need those features or his
environment doesn't provide required libsctp APIs.
Change-Id: I710c9cb1c6da0e5fc94b792df8bf60194a72208f
Those two functions are only used by osmo_sock_init2_multiaddr(), which
is only built if HAVE_LIBSCTP is defined. Avoid compiler warning about
unusued function helpers if osmo_sock_init2_multiaddr() is not being
built.
Change-Id: I52769d6b8f70af1a8bda23d60b3230a932e71fab
Since we return error at the start of the function if proto !=
IPPROTO_SCTP, it makes no sense to check for proto != IPPROTO_UDP later
on.
Fixes: CID#205088
Change-Id: Ibba7eacaa9debb77d536d47dc85170c5ee79e479
This API will be used by libosmo-netif's osmo_stream for SCTP sockets,
which in turn will be used by libosmo-sccp to support multi-homed
connections.
Related: OS#3608
Change-Id: Ic8681d9e093216c99c6bca4be81c31ef83688ed1
len provides extra information in the case the buffer was too small,
because it tells the caller "the number of characters (excluding the
terminating null byte) which would have been written to the final
string if enough space had been available" (man
snprintf).
Change-Id: Icafe559e19a92e2ae72fdd0dd2d9a394b1eda878
Without this patch, for instance in this cfg file below, go_parent_cb is
not called for nodes such as "listen" and "cs7":
"""
line vty
no login
cs7 instance 0
xua rkm routing-key-allocation dynamic-permitted
listen m3ua 2905
accept-asp-connections dynamic-permitted
local-ip 127.0.0.1
"""
Related: OS#3608
Change-Id: Ia6d88c0e63d94ba99e950da6efbc4c1871070012
log_enable_multithread() enables use of locks inside the
implementation. Lock use is disabled by default, this way only
multi-thread processes need to enable it and suffer related
complexity/performance penalties.
Locks are required around osmo_log_target_list and items inside it,
since targets can be used, modified and deleted by different threads
concurrently (for instance, user writing "logging disable" in VTY while
another thread is willing to write into that target).
Multithread apps and libraries aiming at being used in multithread apps
should update their code to use the locks introduced here when
containing code iterating over osmo_log_target_list explictly or
implicitly by obtaining a log_target (eg. osmo_log_vty2tgt()).
Related: OS#4088
Change-Id: Id7711893b34263baacac6caf4d489467053131bb
This way if the process is started with no file associated (eg. no -c
param and default cfg path doesn't exist), config can be later saved
into a file by passing the parameter. Otherwise, until now this message
was displayed:
Can't save to configuration file, using vtysh.
Related: OS#4024
Change-Id: I38edcf902a08b6bd0ebb9aa6fc1a7041421af525
This is useful for timers expected to have a range of valid or expected
values.
Validation is done at runtime when timer values are set by the app or by
the user through the VTY.
Related: OS#4190
Change-Id: I4661ac41c29a009a1d5fc57d87aaee6041c7d1b2
OSMO_GSUP_SUPPORTED_RAT_TYPES_IE corresponds to the Supported RAT Types
Indicator from 3GPP TS 29.002. See 8.1.2 MAP_UPDATE_LOCATION service,
which indicates the capabilities of the MSC/VLR to the HLR.
So far, have room for eight RAT types in the gsup_msg. That is an arbitrary
random choice without any rationale.
OSMO_GSUP_CURRENT_RAT_TYPE_IE is useful to communicate the currently
used RAN / RAT type of the current subscriber during Location Updating Request.
Change-Id: I93850710ab55a605bf61b95063a69682a2899bb1
We first set the ISTRIP bit only to remove it in the next line.
Let's try to avoid confusing the reader.
Change-Id: Icba43dd4b6dc4f9c7f8fcf91d24b3baac4e0c74a
Since structure 'osmo_gcr_parsed' does contain arrays, GCC is not
happy about the way we initialize it. Let's do it explicitly.
Change-Id: Ia814b4a4ed5bec84ff1f69232f7f7d5ca0d19794
Nothinh really forbids this case, it's totally fine allocating all space
of msgb as headroom. osmo-pcu actually does that in
gprs_rlcmac_ul_tbf::snd_ul_ud().
Related: OS#4029
Change-Id: Ibe05d08e3169a2603e891f76682a3b352a93ec7a
This list is really not needed by applications and currently only used
internally in logging.c and logging_vty.c.
Change-Id: I5dca069512bfcd0826194427c5482fad8bfd0232
Projects not containing libraries may also want to contain a
TODO-RELEASE in order to write down when a new API available only on
libosmoXYZ current master (hence configure.ac and debian cannot be
updated during the patch using the API until the APIs are available in a
new release). This way, during release process of the project, the
maintainer can see that a release of libosmoXYZ is needed beforehand and
then update configure.ac of project accordingly with the new version of
libosmoXYZ.
Furthermore, we want to update the file only if mode DRY_RUN is not
selected.
Change-Id: I409b7eb8c23d21473f25dd2000f5d4447b24adb9
The ECU implementation for FR is currently tested by calling the related
functions directly and by using the generic ECU abstraction layer. However,
the test "test_fr_concealment" only tests directly. Lets add a version
that uses the generic ECU abstraction layer as well.
The generic ECU abstraction layer obsolets the public API functions
osmo_ecu_fr_reset() and osmo_ecu_fr_conceal(), lets tag those functions
as dprecated.
Change-Id: Ib0c8a9b164f14ea4fa00688f760a76cdb4890af4
Global symbol osmo_log_info is declared in logging.c as non-const,
because it is modified. As soon as logging_internal.h is included into
logging.c, the compiler warns about osmo_log_info being declared twice
differently.
Change-Id: Iea961c3caeb12ddf60c99d4dca644bb9ab538767
I missed code review, so here are my comments in form of a follow-up patch
for Id56a1226d724a374f04231df85fe5b49ffd2c43c.
- Fix 'as_unit' arg name to 'val_unit' as in the C file and API doc.
- Explain rounding-up behavior of value conversion in API doc.
- Use osmo_tdef_get_entry() instead of a loop.
Related: OS#4190
Change-Id: Ia91c2f17e40fb9e79ffa5a7f28ce9c3605664402
This API is already useful for users willing to set a given timer to a
given value. It will also contain code later that checks for value being
inside valid range for that timer.
Related: OS#4190
Change-Id: Id56a1226d724a374f04231df85fe5b49ffd2c43c
As 3GPP doesn't specify how the BSC shall communicate ETWS Primary
Notifications over Abis/RSL, we have to use a vendor-specific RSL
message for this. And in order to know if the peer supports this
feature, we introduces BTS_FEAT_ETWS_PN.
Change-Id: I89c24a81ada6627694a9632e87485a61cbd3e680
Related: OS#4046, OS#4047
We don't want to expose the details of a given ECU implementation to
the user (e.g. osmo-bts), but have a generic abstraction layer where
an ECU implementation can simply register a few call-back functions
with the generic core.
As the developer and copyright holder of the related code, I hereby
state that any ECU implementation using 'struct osmo_ecu_ops' and
registering with the 'osmo_ecu_register()' function shall not be
considered as a derivative work under any applicable copyright law;
the copyleft terms of GPLv2 shall hence not apply to any such ECU
implementation.
The intent of the above exception is to allow anyone to combine
third party Error Concealment Unit implementations with libosmocore,
including but not limited to such published by ETSI.
Change-Id: I4d33c9c7c2d4c7462ff38a49c178b65accae1915
The user length is the first IE *in* the fixed-length TV, make sure
cbsp_dec_write_repl() respects that.
Change-Id: I864cafac2466a89a4bd9644bc73363fff2babd03
The CBSP code assumed that gsm0808_decode_cell_id_u() would return
the number of bytes it has consumed/parsed. But it actually always
returns '0', whcih makes us run in an endless loop :(
Change-Id: I5758af4ec11a827d4b888a3a16c4ec22de90a7d6
The pointless '(R)->ip?' condition of the previous commit made me want to
protect against R == NULL instead.
Change-Id: Ie2f47ad8ae585aaf67a6476c67f8e014820a72bc
Since (R)->ip is a char[], it is always non-NULL. The (x ? : "") condition is
completely pointless. Remove it.
Change-Id: I13ed06776a784cfa99bbdfca2bb4dfe12913a1ec
When a VTY closes, dispatch the VTY_CLOSED signal before tearing down the VTY
buffer and fd.
In particular this fixes:
- a crash during telnet_close_client(), invoked by the VTY_CLOSED event, which
logs to DLGLOBAL and uses vty->obuf that, so far, vty_close() had already
unallocated earlier (OS#4164).
- the logging about closing a telnet session so far logged:
DLGLOBAL INFO Closing telnet connection r=NULL<->l=NULL
By dispatching the VTY_CLOSED event while the fd is still valid, we instead
get the actual connection IP address and port being closed:
DLGLOBAL INFO Closing telnet connection r=127.0.0.1:36708<->l=127.0.0.1:4258
Related: OS#4164
Change-Id: I1d235cbfbfb9aaf411316642c7bcfac12106df44
Rather than having applications maintain their own talloc cotexts,
let's offer some root talloc contexts in libosmocore. Let's also
make them per thread right from the beginning. This will help
some multi-threaded applications to use talloc in a thread-safe
way.
Change-Id: Iae39cd57274bf6753ecaf186f229e582b42662e3
This way it's easier by osmo_verify_transcript_vty.py to skip and avoid
breaking existent test in osmo-hlr.
Fixes: d0b3b9edac
Change-Id: Iab9423661e4f4eefca2e3d02b60a43f913ed92a3
The intention of osmo_tdef_get()'s val_if_not_present argument was to return a
default timeout, or to optionally abort the program for missing timer
definitions if the default timeout is < 0. This was the case in the original
implementation of this API in osmo-bsc, but in the migration to libosmocore,
the argument was by accident changed to an unsigned type. In consequence, the
assertion in the implementation that was intended to abort the program seemed
bogus to coverity, and was fixed by removal in
I7a544d2d43b83135def296674f777e48fe5fd80a -- the wrong direction, as is obvious
from the API doc for osmo_tdef_get().
Note that osmo-bsc master passes -1 in various places and expects the
program-abort behavior that was missing from the libosmocore implementation.
Change the val_if_not_present argument to a signed type, and revert removal of
the assertion, so that passing -1 has the effect described in the API doc:
program abort on missing timer definition.
This bug was not detected because it is hard to write tests that expect a
program abort to happen, hence no tests for this API feature exist.
Related: OS#4152
Change-Id: Ie61c3c85069916336e6dbd91a2c16f7634816417
When reading SUT logs resulting from TTCN3 runs, it can be hard to figure out
which log section corresponds to which test code. Add a 'logp' command on VIEW
and ENABLE nodes that simply echos an arbitrary message on log output, useful
to set markers / explanations from the TTCN3 code, which then appear in all log
outputs and can make it trivial to figure out which log section is interesting.
logging_vty_test# logp lglobal notice This is the log message
DLGLOBAL NOTICE This is the log message
From TTCN3, could be used like this, e.g. in BSC_Tests.ttcn:
private function f_logp(charstring log_msg) runs on MSC_ConnHdlr
{
// log on TTCN3 log output
log(log_msg);
// log in stderr log
f_vty_transceive(BSCVTY, "logp lglobal notice " & log_msg);
}
...
f_logp("f_probe_for_handover(" & log_label & "): Ending the test: Handover Failure stops the procedure.");
Change-Id: Ife5dc8999174c74e0d133729284fe526d6eaf8d9
Neels Hofmeyr
Oliver Smith
Philipp Maier
Pau Espin
Harald Welte