view cdg3/msg/ss.mdf @ 516:1ed9de6c90bd

src/g23m-gsm/sms/sms_for.c: bogus malloc removed The new error handling code that was not present in TCS211 blob version contains a malloc call that is bogus for 3 reasons: 1) The memory allocation in question is not needed in the first place; 2) libc malloc is used instead of one of the firmware's proper ways; 3) The memory allocation is made inside a function and then never freed, i.e., a memory leak. This bug was caught in gcc-built FreeCalypso fw projects (Citrine and Selenite) because our gcc environment does not allow any use of libc malloc (any reference to malloc produces a link failure), but this code from TCS3.2 is wrong even for Magnetite: if this code path is executed repeatedly over a long time, the many small allocations made by this malloc call without a subsequent free will eventually exhaust the malloc heap provided by the TMS470 environment, malloc will start returning NULL, and the bogus code will treat it as an error. Because the memory allocation in question is not needed at all, the fix entails simply removing it.
author Mychaela Falconia <falcon@freecalypso.org>
date Sun, 22 Jul 2018 06:04:49 +0000
parents c15047b3d00d
children
line wrap: on
line source

;********************************************************************************
;*** File           : ss.mdf
;*** Creation       : Thu Jun 19 15:32:13 CST 2008
;*** XSLT Processor : Apache Software Foundation / http://xml.apache.org/xalan-j / supports XSLT-Ver: 1
;*** Copyright      : (c) Texas Instruments AG, Berlin Germany 2002
;********************************************************************************
;*** Document Type  : Air Interface Message Specification
;*** Document Name  : ss
;*** Document No.   : 6147.601.97.104
;*** Document Date  : 2003-02-04
;*** Document Status: BEING_PROCESSED
;*** Document Author: LG
;********************************************************************************



PRAGMA 	SRC_FILE_TIME 	"Wed Nov 28 10:21:24 2007"
PRAGMA 	LAST_MODIFIED 	"2003-02-04"
PRAGMA 	ID_AND_VERSION 	"6147.601.97.104"



CONST 	L3MAX 	251 	; maximum size of a L3 buffer
CONST 	MAX_SS_VERSION 	1 	; maximum length in SS version



VALTAB 	VAL_ver
VAL 	0x00 	SS_VERSION_PHASE2 	"phase 2 service and error handling, ellipsis notation"

VALTAB 	VAL_cs
VAL 	1 	CAUSE_UNASSIGN 	"Unassigned (unallocated) Note 9 number"
VAL 	3 	CAUSE_NO_ROUTE 	"No route to destination"
VAL 	6 	CAUSE_CHAN_UNACCEPT 	"Channel unacceptable"
VAL 	8 	CAUSE_BARRED 	"Operator determined barring"
VAL 	16 	CAUSE_CALL_CLEAR 	"Normal call clearing"
VAL 	17 	CAUSE_USER_BUSY 	"User busy"
VAL 	18 	CAUSE_NO_RESPONSE 	"No user responding"
VAL 	19 	CAUSE_ALERT_NO_ANSWER 	"User alerting, no answer"
VAL 	21 	CAUSE_CALL_REJECT 	"Call rejected"
VAL 	22 	CAUSE_NUM_CHANGED 	"Number changed"
VAL 	25 	CAUSE_PREEMPTION 	"Pre-emption"
VAL 	26 	CAUSE_USER_CLEAR 	"Non selected user clearing"
VAL 	27 	CAUSE_DEST_ORDER 	"Destination out of order"
VAL 	28 	CAUSE_NUM_FORMAT 	"Invalid number format (incomplete number)"
VAL 	29 	CAUSE_FACILITY_REJECT 	"Facility rejected"
VAL 	30 	CAUSE_STATUS_ENQUIRY 	"Response to STATUS ENQUIRY"
VAL 	31 	CAUSE_UNSPECIFIED 	"Normal, unspecified"
VAL 	34 	CAUSE_NO_CHAN_AVAIL 	"No circuit/channel available"
VAL 	38 	CAUSE_NETWORK_ORDER 	"Network out of order"
VAL 	41 	CAUSE_TEMP_FAIL 	"Temporary failure"
VAL 	42 	CAUSE_SWITCH_CONGEST 	"Switching equipment congestion"
VAL 	43 	CAUSE_INFO_DISCARD 	"Access information discarded"
VAL 	44 	CAUSE_REQ_CHAN_UNAVAIL 	"requested circuit/channel not available"
VAL 	47 	CAUSE_RESOURCE_UNAVAIL 	"Resources unavailable, unspecified"
VAL 	49 	CAUSE_QOS_UNAVAIL 	"Quality of service unavailable"
VAL 	50 	CAUSE_FACILITY_UNSUBSCRIB 	"Requested facility not subscribed"
VAL 	55 	CAUSE_BARRED_IN_CUG 	"Incoming calls barred within the CUG"
VAL 	57 	CAUSE_BEARER_CAP_AUTHORIZ 	"Bearer capability not authorized"
VAL 	58 	CAUSE_BEARER_CAP_UNAVAIL 	"Bearer capability not presently available"
VAL 	63 	CAUSE_SERVICE_UNAVAIL 	"Service or option not available, unspecified"
VAL 	65 	CAUSE_BEARER_NOT_IMPLEM 	"Bearer service not implemented"
VAL 	68 	CAUSE_ACM_MAX 	"ACM equal to or greater than ACMmax"
VAL 	69 	CAUSE_FACILITY_NOT_IMPLEM 	"Requested facility not implemented"
VAL 	70 	CAUSE_RESTICT_BEARER_CAP 	"Only restricted digital information bearer capability is available"
VAL 	79 	CAUSE_SERVICE_NOT_IMPLEM 	"Service or option not implemented, unspecified"
VAL 	81 	CAUSE_INVALID_TI 	"Invalid transaction identifier value"
VAL 	87 	CAUSE_USER_NOT_IN_CUG 	"User not member of CUG"
VAL 	88 	CAUSE_INCOMPAT_DEST 	"Incompatible destination"
VAL 	91 	CAUSE_INVALID_TRANS_NET 	"Invalid transit network selection"
VAL 	95 	CAUSE_INCORRECT_MESSAGE 	"Semantically incorrect message"
VAL 	96 	CAUSE_INVALID_MAND_INFO 	"Invalid mandatory information"
VAL 	97 	CAUSE_MESSAGE_TYPE_NOT_IMPLEM 	"Message type non-existent or not implemented"
VAL 	98 	CAUSE_MESSAGE_TYPE_INCOMPAT 	"Message type not compatible with protocol state"
VAL 	99 	CAUSE_INFO_ELEM_NOT_IMPLEM 	"Information element non existent or not implemented"
VAL 	100 	CAUSE_COND_INFO_ELEM 	"Conditional IE error"
VAL 	101 	CAUSE_MESSAGE_INCOMPAT 	"Message not compatible with protocol state"
VAL 	102 	CAUSE_TIMER 	"Recovery on timer expiry"
VAL 	111 	CAUSE_PROTOCOL 	"Protocol error, unspecified"
VAL 	127 	CAUSE_INTERWORKING 	"Interworking, unspecified"

VALTAB 	VAL_cs2
VAL 	0 	CS_Q931 	"standardized coding as described in CCITT Rec. Q.931"
VAL 	1 	CS_INTERNATIONAL 	"reserved for other international standards"
VAL 	2 	CS_NATIONAL 	"national standard"
VAL 	3 	CS_GSM_PLMN 	"standard defined for the GSM PLMNS as described in 10.86/GSM 04.08"

VALTAB 	VAL_loc
VAL 	DEF 	 	"reserved"
VAL 	0 	LOC_USER 	"user"
VAL 	1 	LOC_PRIV_NET_LOCAL_USER 	"private network serving the local user"
VAL 	2 	LOC_PUB_NET_LOCAL_USER 	"public network serving the local user"
VAL 	3 	LOC_TRANSIT_NET 	"transit network"
VAL 	4 	LOC_PUB_NET_REMOTE_USER 	"public network serving the remote user"
VAL 	5 	LOC_PRIV_NET_REMOTE_USER 	"private network serving the remote user"
VAL 	7 	LOC_INTERNATIONAL_NET 	"international network"
VAL 	10 	LOC_BEYOND_POINT 	"network beyond interworking point"




VAR 	msg_type 	"Message Type" 	
 	8


VAR 	fac_info 	"Facility Information" 	
 	8


VAR 	ver 	"Version Content" 	
 	8

VAL 	@m_ss - VAL_ver@ 	

VAR 	cs 	"Cause" 	
 	7

VAL 	@m_ss - VAL_cs@ 	

VAR 	cs2 	"Coding standard" 	
 	2

VAL 	@m_ss - VAL_cs2@ 	

VAR 	loc 	"Location" 	
 	4

VAL 	@m_ss - VAL_loc@ 	

VAR 	rec 	"Recommendation" 	
 	7


VAR 	diag 	"Diagnostics" 	
 	8





COMP 	ss_facility 	"SS facility"
{
 	 	fac_info 	[1..L3MAX] 	 ; Facility Information
}



COMP 	ss_version 	"SS version"
{
 	 	ver 	[0.. MAX_SS_VERSION] 	 ; ss version content
}



COMP 	ss_cause 	"Cause"
{
 	+ 	 	cs2 	 ; Coding standard II
 	.0  ; Spare
 	- 	 	loc 	 ; Location
 	* 	 	rec 	 ; Recommendation
 	* 	 	cs 	 ; Cause value
 	 	diag 	[0..27] 	 ; Diagnostics
}






MSG 	d_ss_facility 	downlink 	0b00111010 ; SS Facility
{
 	GSM3_V  	msg_type 	 ; Message Type
 	GSM4_LV  	ss_facility 	 ; SS facility
}



MSG 	u_ss_facility 	uplink 	0b00111010 ; SS Facility
{
 	GSM3_V  	msg_type 	 ; Message Type
 	GSM4_LV  	ss_facility 	 ; SS facility
}



MSG 	d_ss_register 	downlink 	0b00111011 ; SS Register
{
 	GSM3_V  	msg_type 	 ; Message Type
 	GSM4_TLV  	ss_facility 	0x1C 	 ; SS facility
}



MSG 	u_ss_register 	uplink 	0b00111011 ; SS Register
{
 	GSM3_V  	msg_type 	 ; Message Type
 	GSM4_TLV  	ss_facility 	0x1C 	 ; SS facility
 	GSM4_TLV  	ss_version 	0x7F 	 ; SS version
}



MSG 	b_ss_rel_comp 	both 	0b00101010 ; SS Release Complete
{
 	GSM3_V  	msg_type 	 ; Message Type
 	GSM4_TLV  	ss_cause 	0x08 	 ; SS cause
 	GSM4_TLV  	ss_facility 	0x1C 	 ; SS facility
}