| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2014-03-27 | agch/pcu: Fix crash for AGCH commands queued by the PCU | Holger Hans Peter Freyther | 1 | -1/+2 | |
| The dequeue code assumed that msg->l3h is a valid pointer but in the case of the PCU socket it was a null pointer. This lead to memcpy copying a lot more than 23 bytes which ultimately lead to a crash. The issue was introduced in the git commits 37c332e5bfdb9591a1cd3cc6746afffdb1cd13b9 and the commit d290ee029a827c870f97372b98f0dbd7d057402a. use msg->l3h = msgb_put(msg, len) to make sure that there is a valid L3 pointer for the message. (gdb) bt #0 0x419d6384 in memcpy () from /tmp/ow/lib/libc.so.6 #1 0x0001894c in bts_ccch_copy_msg (bts=0x62248, out_buf=0x62248 "p\025\003", gt=0x1, is_ag_res=100684) at bts.c:572 #2 0x0000c958 in handle_ph_readytosend_ind (rts_ind=<optimized out>, fl1=0x62e78) at l1_if.c:515 #3 l1if_handle_ind (fl1=0x62e78, msg=0x8bb08) at l1_if.c:920 #4 0x000147e8 in read_dispatch_one (queue=<optimized out>, msg=0x8bb08, fl1h=<optimized out>) at l1_transp_hw.c:190 #5 l1if_fd_cb (ofd=0x62f04, what=<optimized out>) at l1_transp_hw.c:224 #6 0x41b9d028 in osmo_select_main (polling=<optimized out>) at select.c:158 #7 0x0000b204 in main (argc=<optimized out>, argv=<optimized out>) at main.c:384 (gdb) p *msg $12 = {list = {next = 0x100100, prev = 0x200200}, {dst = 0x0, trx = 0x0}, lchan = 0x0, l1h = 0x0, l2h = 0x0, l3h = 0x0, l4h = 0x0, cb = {0, 0, 0, 0, 0}, data_len = 23, len = 23, head = 0x8572c "-\006?\020\r\340*q\224#", tail = 0x85743 "", data = 0x8572c "-\006?\020\r\340*q\224#", _data = 0x8572c "-\006?\020\r\340*q\224#"} | |||||
| 2014-02-24 | pcu: Avoid crash when closing the PCU socket | Holger Hans Peter Freyther | 1 | -1/+3 | |
| When closing the PCU socket all channels will be closed. In that case the LAPDm structures might not have been allocated. Mark the channel as LCHAN_REL_ACT_PCU to avoid going through the RSL code for sending the message. This avoids a crash when "gprs none" is selected but one still configures a PDCH and then connects/disconnects the pcu. #0 llist_del (entry=0x0) at ../include/osmocom/core/linuxlist.h:119 #1 msgb_dequeue (queue=0x400bbc58) at msgb.c:102 #2 0x40110d28 in lapd_dl_flush_tx (dl=0x400bbba0) at lapd_core.c:173 #3 0x40112cb4 in lapd_dl_reset (dl=0x400bbba0) at lapd_core.c:307 #4 0x40112d00 in lapd_dl_exit (dl=0x400bbba0) at lapd_core.c:321 #5 0x40115d80 in lapdm_entity_exit (le=<optimized out>) at lapdm.c:169 #6 0x40115d9c in lapdm_channel_exit (lc=0x400bbb94) at lapdm.c:180 #7 0x0001a334 in rsl_tx_rf_rel_ack (lchan=0x400bbb00) at rsl.c:505 #8 0x0000e908 in lchan_deactivate_sapis (lchan=0x400bbb00) at oml.c:1427 #9 sapi_queue_exeute (lchan=0x400bbb00) at oml.c:547 #10 0x0000ead0 in sapi_queue_send (lchan=<optimized out>) at oml.c:571 #11 queue_sapi_command (lchan=<optimized out>, cmd=<optimized out>) at oml.c:609 #12 queue_sapi_command (lchan=0x400bbb00, cmd=<optimized out>) at oml.c:601 #13 0x0000faf0 in enqueue_rel_marker (lchan=0x400bbb00) at oml.c:1440 #14 lchan_deactivate (lchan=0x400bbb00) at oml.c:1447 #15 0x0001004c in bts_model_rsl_chan_rel (lchan=<optimized out>) at oml.c:1647 #16 0x0001de30 in pcu_sock_close (state=0x62788) at pcu_sock.c:654 #17 0x0001e150 in pcu_sock_read (bfd=0x627a8) at pcu_sock.c:698 #18 pcu_sock_cb (bfd=0x627a8, flags=1) at pcu_sock.c:755 | |||||
| 2013-10-25 | rsl/pcu: Do not send a CHAN ACT to the BSC on PCU usage | Holger Hans Peter Freyther | 1 | -0/+1 | |
| The PCU is forcing the activation of a PDCH. Currently the BSC will receive a channel act ack for a channel that was not activated at all. Use the "release_reason" flag of the lchan to see if we have requested a normal activation or a silent one. It feels a bit odd to do it in the TX function but it is the most easy solution right now. I have added logging so it will not be totally silent. | |||||
| 2013-03-17 | Get RSSI from received uplink data and send to PCU | Andreas Eversberg | 1 | -1/+3 | |
| This bumps the PCU API version and thus requires a new version of the code on the sysmoBTS side! | |||||
| 2013-01-15 | fix message: the PCU is not a call control application | Harald Welte | 1 | -2/+1 | |
| 2012-12-20 | misc: Include pcu_if.h for pcu_tx_pag_req in rsl.c and make it const | Holger Hans Peter Freyther | 1 | -1/+1 | |
| The rsl.c code was calling the paging request with a const pointer, change the signature to make the code const. | |||||
| 2012-09-29 | PCU: Add PCH confirm, raise PCU interface version to 4 | Andreas Eversberg | 1 | -0/+27 | |
| The confirm is required, so PCU knows when an IMMEDIATE ASSIGN message has has been sent on PCH. The PCU will start packet flow after that confirm. | |||||
| 2012-07-21 | Send RR paging requests to PCU, in order to page on PACCH | Andreas Eversberg | 1 | -0/+33 | |
| 2012-07-21 | Enable direct access to PDTCH queue of DSP by PCU | Andreas Eversberg | 1 | -0/+7 | |
| Use "-P -M" to enable PCU and direct access. | |||||
| 2012-07-20 | misc: Quote the warning to avoid additional warning | Holger Hans Peter Freyther | 1 | -2/+2 | |
| 2012-07-16 | PCU: Add verion number of PCU interface to PCU INFO IND message | Andreas Eversberg | 1 | -0/+1 | |
| The client (PCU) can check if it is compiled with a different version. | |||||
| 2012-07-16 | PCU interface: fix memory leaks in error paths | Andreas Eversberg | 1 | -0/+2 | |
| 2012-07-08 | PCU: remove german warnings from the code | Harald Welte | 1 | -2/+2 | |
| 2012-07-08 | PCU: Add PCU socket interface to BTS. | Andreas Eversberg | 1 | -0/+851 | |
| A special command line option "-P" is used to enable socket interface and signal available GPRS MO object to BSC. | |||||
 |
index : osmo-bts | |
| Osmocom BTS-Side code (Abis, scheduling) | Andreas Eversberg |
| aboutsummaryrefslogtreecommitdiffstats |