B-Mobile Output:

linux-d5zo:/home/basem/osmocom-bb/src/host/osmocon # ./osmocon -p /dev/ttyUSB0 -m c140xor ../../target/firmware/board/compal_e88/layer1.compalram.bin

got 2 bytes from modem, data looks like: 04 81 ..

got 5 bytes from modem, data looks like: 1b f6 02 00 41 ....A

got 1 bytes from modem, data looks like: 01 .

got 1 bytes from modem, data looks like: 40 @

Received PROMPT1 from phone, responding with CMD

The filesize is larger than 15kb, code on the magic address will be overwritten!

Use loader.bin and upload the application with osmoload instead!

read_file(../../target/firmware/board/compal_e88/layer1.compalram.bin): file_size=54104, hdr_len=4, dnload_len=54111

got 1 bytes from modem, data looks like: 1b .

got 1 bytes from modem, data looks like: f6 .

got 1 bytes from modem, data looks like: 02 .

got 1 bytes from modem, data looks like: 00 .

got 1 bytes from modem, data looks like: 41 A

got 1 bytes from modem, data looks like: 02 .

got 1 bytes from modem, data looks like: 43 C

Received PROMPT2 from phone, starting download

handle_write(): 4096 bytes (4096/54111)

handle_write(): 4096 bytes (8192/54111)

handle_write(): 4096 bytes (12288/54111)

handle_write(): 4096 bytes (16384/54111)

handle_write(): 4096 bytes (20480/54111)

handle_write(): 4096 bytes (24576/54111)

handle_write(): 4096 bytes (28672/54111)

handle_write(): 4096 bytes (32768/54111)

handle_write(): 4096 bytes (36864/54111)

handle_write(): 4096 bytes (40960/54111)

handle_write(): 4096 bytes (45056/54111)

handle_write(): 4096 bytes (49152/54111)

handle_write(): 4096 bytes (53248/54111)

handle_write(): 863 bytes (54111/54111)

handle_write(): finished

got 1 bytes from modem, data looks like: 1b .

got 1 bytes from modem, data looks like: f6 .

got 1 bytes from modem, data looks like: 02 .

got 1 bytes from modem, data looks like: 00 .

got 1 bytes from modem, data looks like: 41 A

got 1 bytes from modem, data looks like: 03 .

got 1 bytes from modem, data looks like: 42 B

Received DOWNLOAD ACK from phone, your code is running now!

OSMOCOM Layer 1 (revision osmocon_v0.0.0-906-g5589a6b-modified)

======================================================================

Device ID code: 0xb4fb

Device Version code: 0x0000

ARM ID code: 0xfff3

cDSP ID code: 0x0128

Die ID code: e144263d880014fd

======================================================================

REG_DPLL=0x2413

CNTL_ARM_CLK=0xf0a1

CNTL_CLK=0xff91

CNTL_RST=0xfff3

CNTL_ARM_DIV=0xfff9

======================================================================

Power up simcard:

Assert DSP into Reset

Releasing DSP from Reset

Setting some dsp_api.ndb values

Setting API NDB parameters

DSP Download Status: 0x0001

DSP API Version: 0x0000 0x0000

Finishing download phase

DSP Download Status: 0x0002

DSP API Version: 0x3606 0x0000

LOST 1203!

SIM Request (7): a0 a4 00 00 02 3f 00

Status 2: 9F 23

SIM Request (5): a0 c0 00 00 23

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 2f e2

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 0a

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 7f 20

Status 2: 9F 23

SIM Request (5): a0 c0 00 00 23

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 07

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 09

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 7e

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 0b

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 3f 00

Status 2: 9F 23

SIM Request (5): a0 c0 00 00 23

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 7f 10

Status 2: 9F 23

SIM Request (5): a0 c0 00 00 23

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 40

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 84

Status 1: 94 08

SIM Request (7): a0 a4 00 00 02 3f 00

Status 2: 9F 23

SIM Request (5): a0 c0 00 00 23

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 7f 20

Status 2: 9F 23

SIM Request (5): a0 c0 00 00 23

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 20

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 09

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 30

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 3c

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 31

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 01

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 46

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 11

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 78

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 02

Status 1: 90 00

SIM Request (7): a0 a4 00 00 02 6f 7b

Status 2: 9F 13

SIM Request (5): a0 c0 00 00 13

Status 1: 90 00

SIM Request (5): a0 b0 00 00 0c

Status 1: 90 00

L1CTL_RESET_REQ: FULL!L1CTL_PM_REQ start=100 end=104

PM MEAS: ARFCN=100, 28 dBm at baseband, -109 dBm at RF

PM MEAS: ARFCN=100, 30 dBm at baseband, -107 dBm at RF

PM MEAS: ARFCN=101, 29 dBm at baseband, -108 dBm at RF

PM MEAS: ARFCN=102, 26 dBm at baseband, -112 dBm at RF

PM MEAS: ARFCN=103, 34 dBm at baseband, -104 dBm at RF

PM MEAS: ARFCN=104, 25 dBm at baseband, -112 dBm at RF

L1CTL_PM_REQ start=106 end=106

PM MEAS: ARFCN=106, 26 dBm at baseband, -111 dBm at RF

PM MEAS: ARFCN=106, 25 dBm at baseband, -112 dBm at RF

L1CTL_PM_REQ start=108 end=110

PM MEAS: ARFCN=108, 31 dBm at baseband, -106 dBm at RF

PM MEAS: ARFCN=108, 30 dBm at baseband, -107 dBm at RF

PM MEAS: ARFCN=109, 25 dBm at baseband, -112 dBm at RF

PM MEAS: ARFCN=110, 24 dBm at baseband, -113 dBm at RF

L1CTL_PM_REQ start=112 end=121

PM MEAS: ARFCN=112, 28 dBm at baseband, -109 dBm at RF

PM MEAS: ARFCN=112, 27 dBm at baseband, -110 dBm at RF

PM MEAS: ARFCN=113, 32 dBm at baseband, -105 dBm at RF

PM MEAS: ARFCN=114, 29 dBm at baseband, -108 dBm at RF

PM MEAS: ARFCN=115, 29 dBm at baseband, -108 dBm at RF

PM MEAS: ARFCN=116, 30 dBm at baseband, -107 dBm at RF

PM MEAS: ARFCN=117, 31 dBm at baseband, -106 dBm at RF

PM MEAS: ARFCN=118, 33 dBm at baseband, -104 dBm at RF

PM MEAS: ARFCN=119, 29 dBm at baseband, -108 dBm at RF

PM MEAS: ARFCN=120, 45 dBm at baseband, -92 dBm at RF

PM MEAS: ARFCN=121, 65 dBm at baseband, -72 dBm at RF

L1CTL_PM_REQ start=124 end=124

PM MEAS: ARFCN=124, 29 dBm at baseband, -108 dBm at RF

L1CTL_PM_REQ start=762 end=762

PM MEAS: ARFCN=762, 84 dBm at baseband, -54 dBm at RF

PM MEAS: ARFCN=762, 84 dBm at baseband, -53 dBm at RF

L1CTL_PM_REQ start=765 end=768

PM MEAS: ARFCN=765, 41 dBm at baseband, -96 dBm at RF

PM MEAS: ARFCN=765, 42 dBm at baseband, -95 dBm at RF

PM MEAS: ARFCN=766, 38 dBm at baseband, -99 dBm at RF

PM MEAS: ARFCN=767, 57 dBm at baseband, -80 dBm at RF

PM MEAS: ARFCN=768, 46 dBm at baseband, -91 dBm at RF

L1CTL_PM_REQ start=773 end=773

PM MEAS: ARFCN=773, 33 dBm at baseband, -105 dBm at RF

PM MEAS: ARFCN=773, 32 dBm at baseband, -105 dBm at RF

L1CTL_PM_REQ start=775 end=776

PM MEAS: ARFCN=775, 48 dBm at baseband, -89 dBm at RF

PM MEAS: ARFCN=776, 41 dBm at baseband, -96 dBm at RF

L1CTL_PM_REQ start=779 end=779

PM MEAS: ARFCN=779, 51 dBm at baseband, -86 dBm at RF

PM MEAS: ARFCN=779, 52 dBm at baseband, -85 dBm at RF

L1CTL_PM_REQ start=797 end=797

PM MEAS: ARFCN=797, 29 dBm at baseband, -108 dBm at RF

L1CTL_PM_REQ start=816 end=816

PM MEAS: ARFCN=816, 29 dBm at baseband, -108 dBm at RF

PM MEAS: ARFCN=816, 28 dBm at baseband, -109 dBm at RF

L1CTL_RESET_REQ: FULL!L1CTL_FBSB_REQ (arfcn=762, flags=0x7)

Starting FCCH RecognitionFB0 (1419:2): TOA= 1968, Power= -54dBm, Angle= 6913Hz

FB1 (1429:8): TOA= 9431, Power= -53dBm, Angle= 858Hz

fn_offset=1428 (fn=1429 + attempt=8 + ntdma = 7)m delay=9 (fn_offset=1428 + 11 - fn=1429 - 1

scheduling next FB/SB detection task with delay 9

FB1 (1440:1): TOA= 683, Power= -53dBm, Angle= 165Hz

fn_offset=1439 (fn=1440 + attempt=1 + ntdma = 0)m delay=9 (fn_offset=1439 + 11 - fn=1440 - 1

scheduling next FB/SB detection task with delay 9

=>FB @ FNR 1439 fn_offset=1439 qbits=2548

Synchronize_TDMA

LOST 2859!

SB1 (2891:1): TOA= 23, Power= -53dBm, Angle= 135Hz

=> SB 0x01e4ab7f: BSIC=31 fn=2492177(1879/25/11) qbits=0

Synchronize_TDMA

=>FB @ FNR 2890 fn_offset=2492177 qbits=4908

LOST 1903!

L1CTL_RESET_REQ: FULL!EMPTY

L1CTL_FBSB_REQ (arfcn=762, flags=0x7)

Starting FCCH RecognitionFB0 (2492554:3): TOA= 2544, Power= -54dBm, Angle= 6840Hz

L1CTL_RESET_REQ: FULL!L1CTL_FBSB_REQ (arfcn=762, flags=0x7)

Starting FCCH RecognitionFB0 (2492575:9): TOA= 9312, Power= -54dBm, Angle= 6777Hz

FB1 (2492585:8): TOA= 8755, Power= -53dBm, Angle= 1051Hz

fn_offset=2492583 (fn=2492585 + attempt=8 + ntdma = 6)m delay=8 (fn_offset=2492583 + 11 - fn=2492585 - 1

scheduling next FB/SB detection task with delay 8

FB1 (2492605:11): TOA=12503, Power= -53dBm, Angle= 160Hz

fn_offset=2492603 (fn=2492605 + attempt=11 + ntdma = 9)m delay=8 (fn_offset=2492603 + 11 - fn=2492605 - 1

scheduling next FB/SB detection task with delay 8

=> DSP reports FB in bit that is 1179237253 bits in the future?!?

Synchronize_TDMA

LOST 3714!

SB1 (2269562:1): TOA= 29, Power= -53dBm, Angle= 9Hz

=> SB 0x00d6ab7f: BSIC=31 fn=2492615(1879/21/41)=> DSP reports SB in bit that is 1458016052 bits in the future?!?

Synchronize_TDMA

=> DSP reports FB in bit that is 1458016029 bits in the future?!?

LOST 1912!

Configuration for both :

OsmocomBB# show runn
OsmocomBB# show running-config

Current configuration:
!
!
line vty
no login
!
gps device /dev/ttyACM0
gps baudrate default
no gps enable
!
ms 1
layer2-socket /tmp/osmocom_l2
sap-socket /tmp/osmocom_sap
sim reader
network-selection-mode auto
imei 000000000000000 0
imei-fixed
no emergency-imsi
no call-waiting
no auto-answer
no clip
no clir
tx-power auto
no simulated-delay
no stick
location-updating
codec full-speed prefer
codec half-speed
no abbrev
support
sms
a5/1
a5/2
p-gsm
e-gsm
r-gsm
no gsm-850
dcs
no pcs
class-900 4
class-850 4
class-dcs 1
class-pcs 1
channel-capability sdcch+tchf+tchh
full-speech-v1
full-speech-v2
half-speech-v1
min-rxlev -106
dsc-max 90
exit
test-sim
imsi 001010000000000
ki xor 00 00 00 00 00 00 00 00 00 00 00 00
no barred-access
no rplmn
hplmn-search foreign-country
exit
no shutdown
exit
!
end
OsmocomBB# Connection closed by foreign host.

Dear Andreas ,

Good day Sir , Actually i have two experiments for mobile project using Motorola C139 one with compal_e88 and the other with compal_e86 and here is the out put for both :

First using compal E86:

A- Layer 1 output:

linux-d5zo:/home/basem/osmocom-bb/src/host/osmocon # ./osmocon -p /dev/ttyUSB0 -m c140xor ../../target/firmware/board/compal_e86/layer1.compalram.bin

got 2 bytes from modem, data looks like: 04 81 ..
got 5 bytes from modem, data looks like: 1b f6 02 00 41 ....A
got 1 bytes from modem, data looks like: 01 .
got 1 bytes from modem, data looks like: 40 @
Received PROMPT1 from phone, responding with CMD

The filesize is larger than 15kb, code on the magic address will be overwritten!
Use loader.bin and upload the application with osmoload instead!

read_file(../../target/firmware/board/compal_e86/layer1.compalram.bin): file_size=54736, hdr_len=4, dnload_len=54743
got 1 bytes from modem, data looks like: 1b .
got 1 bytes from modem, data looks like: f6 .
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 43 C
Received PROMPT2 from phone, starting download
handle_write(): 4096 bytes (4096/54743)
handle_write(): 4096 bytes (8192/54743)
handle_write(): 4096 bytes (12288/54743)
handle_write(): 4096 bytes (16384/54743)
handle_write(): 4096 bytes (20480/54743)
handle_write(): 4096 bytes (24576/54743)
handle_write(): 4096 bytes (28672/54743)
handle_write(): 4096 bytes (32768/54743)
handle_write(): 4096 bytes (36864/54743)
handle_write(): 4096 bytes (40960/54743)
handle_write(): 4096 bytes (45056/54743)
handle_write(): 4096 bytes (49152/54743)
handle_write(): 4096 bytes (53248/54743)
handle_write(): 1495 bytes (54743/54743)
handle_write(): finished
got 1 bytes from modem, data looks like: 1b .
got 1 bytes from modem, data looks like: f6 .
got 1 bytes from modem, data looks like: 02 .
got 1 bytes from modem, data looks like: 00 .
got 1 bytes from modem, data looks like: 41 A
got 1 bytes from modem, data looks like: 03 .
got 1 bytes from modem, data looks like: 42 B
Received DOWNLOAD ACK from phone, your code is running now!

OSMOCOM Layer 1 (revision osmocon_v0.0.0-906-g5589a6b-modified)
======================================================================
Device ID code: 0xb4fb
Device Version code: 0x0000
ARM ID code: 0xfff3
cDSP ID code: 0x0128
Die ID code: e144263d880014fd
======================================================================
REG_DPLL=0x2413
CNTL_ARM_CLK=0xf0a1
CNTL_CLK=0xff91
CNTL_RST=0xfff3
CNTL_ARM_DIV=0xfff9
======================================================================
Power up simcard:
Assert DSP into Reset
Releasing DSP from Reset
Setting some dsp_api.ndb values
Setting API NDB parameters
DSP Download Status: 0x0001
DSP API Version: 0x0000 0x0000
Finishing download phase
DSP Download Status: 0x0002
DSP API Version: 0x3606 0x0000
LOST 346!
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 2f e2
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0a
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 20
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 07
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 09
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 7e
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 0b
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 10
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 40
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 1c
Status 1: 94 08
SIM Request (7): a0 a4 00 00 02 3f 00
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 7f 20
Status 2: 9F 22
SIM Request (5): a0 c0 00 00 22
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 20
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 09
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 30
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 2c
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 31
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 01
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 46
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 11
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 78
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 02
Status 1: 90 00
SIM Request (7): a0 a4 00 00 02 6f 7b
Status 2: 9F 0F
SIM Request (5): a0 c0 00 00 0f
Status 1: 90 00
SIM Request (5): a0 b0 00 00 1e
Status 1: 90 00

B-Mobile Output:

linux-d5zo:/home/basem/osmocom-bb/src/host/layer23/src/mobile # ./mobile -i 127.0.0.1
Copyright (C) 2008-2010 ...
Contributions by ...

License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

<000e> sim.c:1206 init SIM client
<0005> gsm48_cc.c:61 init Call Control
<0001> gsm48_rr.c:5052 init Radio Ressource process
<0004> gsm48_mm.c:1239 init Mobility Management process
<0004> gsm48_mm.c:990 Selecting PLMN SEARCH state, because no SIM.
<0002> gsm322.c:3556 init PLMN process
<0003> gsm322.c:3557 init Cell Selection process
<0003> gsm322.c:3614 Read stored BA list (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
Mobile '1' initialized, please start phone now!
VTY available on port 4247.
<0004> subscriber.c:556 Requesting SIM file 0x2fe2
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:697 go MF
<000e> sim.c:241 SELECT (file=0x3f00)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=34)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:241 SELECT (file=0x2fe2)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=10)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=10 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:229 received ICCID 89966321051209484485 from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f07
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:706 requested path is longer, go child DFgsm
<000e> sim.c:241 SELECT (file=0x7f20)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=34)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:241 SELECT (file=0x6f07)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=9)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=9 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:259 received IMSI 420032210948448 from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f7e
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f7e)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=11)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=11 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:295 received LOCI from SIM (mcc=420 mnc=03 lac=0x0529 U1)
<0004> subscriber.c:556 Requesting SIM file 0x6f40
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:697 go MF
<000e> sim.c:241 SELECT (file=0x3f00)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=34)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:706 requested path is longer, go child DFtelecom
<000e> sim.c:241 SELECT (file=0x7f10)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=34)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:241 SELECT (file=0x6f40)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=28)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=28 sw1=0x94 sw2=0x08)
<000e> sim.c:952 command failed
<000e> sim.c:151 sending result to callback function (type=1)
<0004> subscriber.c:608 SIM reading failed, ignoring!
<0004> subscriber.c:556 Requesting SIM file 0x6f20
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:697 go MF
<000e> sim.c:241 SELECT (file=0x3f00)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=34)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:706 requested path is longer, go child DFgsm
<000e> sim.c:241 SELECT (file=0x7f20)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x22)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=34)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=34 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:241 SELECT (file=0x6f20)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=9)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=9 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:342 received KEY from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f30
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f30)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=44)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=44 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:380 received PLMN selector (mcc=420 mnc=03) from SIM
<0004> subscriber.c:380 received PLMN selector (mcc=424 mnc=01) from SIM
<0004> subscriber.c:380 received PLMN selector (mcc=424 mnc=02) from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f31
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f31)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=1)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=1 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:401 received HPPLMN 5 (30 mins) from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f46
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f46)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=17)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=17 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:424 received SPN mobily from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f78
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f78)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=2)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=2 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:442 received ACC 0100 from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f7b
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f7b)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x0f)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=15)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=15 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=30)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=30 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:518 (ms 1) Done reading SIM card (IMSI=420032210948448 Saudi Arabia, Mobily)
<0004> subscriber.c:530 -> SIM card registered to 420 03 (Saudi Arabia, Mobily)
<0004> gsm48_mm.c:4160 (ms 1) Received 'MMR_REG_REQ' event
<0002> gsm322.c:3176 (ms 1) Event 'EVENT_SIM_INSERT' for automatic PLMN selection in state 'A0 null'
<000d> gsm322.c:1090 Start search of last registered PLMN (mcc=420 mnc=03 Saudi Arabia, Mobily)
<0002> gsm322.c:1094 Use RPLMN (mcc=420 mnc=03 Saudi Arabia, Mobily)
<0002> gsm322.c:530 new state 'A0 null' -> 'A1 trying RPLMN'
<0003> gsm322.c:3396 (ms 1) Event 'EVENT_NEW_PLMN' for Cell selection in state 'C0 null'
<000d> gsm322.c:3007 Selecting network (mcc=420 mnc=03 Saudi Arabia, Mobily)
<0003> gsm322.c:3016 Start normal cell selection.
<0003> gsm322.c:559 new state 'C0 null' -> 'C1 normal cell selection'

Second using compal E88:

linux-d5zo:/home/basem/osmocom-bb/src/host/layer23/src/mobile # ./mobile -i 127.0.0.1
Copyright (C) 2008-2010 ...
Contributions by ...

License GPLv2+: GNU GPL version 2 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

<000e> sim.c:1206 init SIM client
<0005> gsm48_cc.c:61 init Call Control
<0001> gsm48_rr.c:5052 init Radio Ressource process
<0004> gsm48_mm.c:1239 init Mobility Management process
<0004> gsm48_mm.c:990 Selecting PLMN SEARCH state, because no SIM.
<0002> gsm322.c:3556 init PLMN process
<0003> gsm322.c:3557 init Cell Selection process
<0003> gsm322.c:3614 Read stored BA list (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
Mobile '1' initialized, please start phone now!
VTY available on port 4247.
<0004> subscriber.c:556 Requesting SIM file 0x2fe2
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:697 go MF
<000e> sim.c:241 SELECT (file=0x3f00)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x23)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=35)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=35 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:241 SELECT (file=0x2fe2)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=10)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=10 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:229 received ICCID 8996601230003583462 from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f07
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:706 requested path is longer, go child DFgsm
<000e> sim.c:241 SELECT (file=0x7f20)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x23)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=35)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=35 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:241 SELECT (file=0x6f07)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=9)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=9 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:259 received IMSI 420012300358346 from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f7e
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f7e)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=11)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=11 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:295 received LOCI from SIM (mcc=420 mnc=01 lac=0x012f U1)
<0004> subscriber.c:556 Requesting SIM file 0x6f40
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:697 go MF
<000e> sim.c:241 SELECT (file=0x3f00)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x23)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=35)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=35 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:706 requested path is longer, go child DFtelecom
<000e> sim.c:241 SELECT (file=0x7f10)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x23)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=35)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=35 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:241 SELECT (file=0x6f40)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=132)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=132 sw1=0x94 sw2=0x08)
<000e> sim.c:952 command failed
<000e> sim.c:151 sending result to callback function (type=1)
<0004> subscriber.c:608 SIM reading failed, ignoring!
<0004> subscriber.c:556 Requesting SIM file 0x6f20
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:697 go MF
<000e> sim.c:241 SELECT (file=0x3f00)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x23)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=35)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=35 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:706 requested path is longer, go child DFgsm
<000e> sim.c:241 SELECT (file=0x7f20)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x23)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=35)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=35 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:241 SELECT (file=0x6f20)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=9)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=9 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:342 received KEY from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f30
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f30)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=60)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=60 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:556 Requesting SIM file 0x6f31
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f31)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=1)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=1 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:401 received HPPLMN 5 (30 mins) from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f46
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f46)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=17)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=17 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:635 SIM reading failed, file invalid
<0004> subscriber.c:556 Requesting SIM file 0x6f78
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f78)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=2)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=2 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:442 received ACC 0040 from SIM
<0004> subscriber.c:556 Requesting SIM file 0x6f7b
<000e> sim.c:209 got new job: SIM_JOB_READ_BINARY (handle=00000004)
<000e> sim.c:241 SELECT (file=0x6f7b)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xa4)
<000e> sim.c:876 received APDU (len=0 sw1=0x9f sw2=0x13)
<000e> sim.c:949 command successfull
<000e> sim.c:571 GET RESPONSE (len=19)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xc0)
<000e> sim.c:876 received APDU (len=19 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:277 READ BINARY (offset=0 len=12)
<000e> sim.c:187 sending APDU (class 0xa0, ins 0xb0)
<000e> sim.c:876 received APDU (len=12 sw1=0x90 sw2=0x00)
<000e> sim.c:949 command successfull
<000e> sim.c:151 sending result to callback function (type=0)
<0004> subscriber.c:518 (ms 1) Done reading SIM card (IMSI=420012300358346 Saudi Arabia, Al Jawal)
<0004> subscriber.c:530 -> SIM card registered to 420 01 (Saudi Arabia, Al Jawal)
<0004> gsm48_mm.c:4160 (ms 1) Received 'MMR_REG_REQ' event
<0002> gsm322.c:3176 (ms 1) Event 'EVENT_SIM_INSERT' for automatic PLMN selection in state 'A0 null'
<000d> gsm322.c:1090 Start search of last registered PLMN (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0002> gsm322.c:1094 Use RPLMN (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0002> gsm322.c:530 new state 'A0 null' -> 'A1 trying RPLMN'
<0003> gsm322.c:3396 (ms 1) Event 'EVENT_NEW_PLMN' for Cell selection in state 'C0 null'
<000d> gsm322.c:3007 Selecting network (mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0003> gsm322.c:3013 Start stored cell selection.
<0003> gsm322.c:559 new state 'C0 null' -> 'C2 stored cell selection'
<0003> gsm322.c:2456 Getting PM for ARFCN 100 twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 103 rxlev -104 (6))
<0003> gsm322.c:2456 Getting PM for ARFCN 106 twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 108 rxlev -106 (4))
<0003> gsm322.c:2456 Getting PM for ARFCN 108 twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2456 Getting PM for ARFCN 112 twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 113 rxlev -105 (5))
<0003> gsm322.c:2468 Found signal (ARFCN 117 rxlev -106 (4))
<0003> gsm322.c:2468 Found signal (ARFCN 118 rxlev -104 (6))
<0003> gsm322.c:2468 Found signal (ARFCN 120 rxlev -92 (18))
<0003> gsm322.c:2468 Found signal (ARFCN 121 rxlev -72 (38))
<0003> gsm322.c:2456 Getting PM for ARFCN 124 twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 762(DCS) rxlev -54 (56))
<0003> gsm322.c:2456 Getting PM for ARFCN 762(DCS) twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 762(DCS) rxlev -53 (57))
<0003> gsm322.c:2468 Found signal (ARFCN 765(DCS) rxlev -96 (14))
<0003> gsm322.c:2456 Getting PM for ARFCN 765(DCS) twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 765(DCS) rxlev -95 (15))
<0003> gsm322.c:2468 Found signal (ARFCN 766(DCS) rxlev -99 (11))
<0003> gsm322.c:2468 Found signal (ARFCN 767(DCS) rxlev -80 (30))
<0003> gsm322.c:2468 Found signal (ARFCN 768(DCS) rxlev -91 (19))
<0003> gsm322.c:2468 Found signal (ARFCN 773(DCS) rxlev -105 (5))
<0003> gsm322.c:2456 Getting PM for ARFCN 773(DCS) twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 773(DCS) rxlev -105 (5))
<0003> gsm322.c:2468 Found signal (ARFCN 775(DCS) rxlev -89 (21))
<0003> gsm322.c:2456 Getting PM for ARFCN 775(DCS) twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 775(DCS) rxlev -89 (21))
<0003> gsm322.c:2468 Found signal (ARFCN 776(DCS) rxlev -96 (14))
<0003> gsm322.c:2468 Found signal (ARFCN 779(DCS) rxlev -86 (24))
<0003> gsm322.c:2456 Getting PM for ARFCN 779(DCS) twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2468 Found signal (ARFCN 779(DCS) rxlev -85 (25))
<0003> gsm322.c:2456 Getting PM for ARFCN 797(DCS) twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2456 Getting PM for ARFCN 816(DCS) twice. Overwriting the first! Please fix prim_pm.c
<0003> gsm322.c:2396 Found 15 frequencies.
<0003> gsm322.c:276 Sync to ARFCN=762(DCS) rxlev=-53 (No sysinfo yet, ccch mode NONE)
<0003> gsm322.c:2486 Channel synched. (ARFCN=762(DCS), snr=9, BSIC=31)
<0001> gsm322.c:2513 using DSC of 90
<0003> gsm48_rr.c:4656 Channel provides data.
<0001> sysinfo.c:711 Ignoring SYSTEM INFORMATION 4 until SI 1 is received.
<0001> gsm48_rr.c:1869 New SYSTEM INFORMATION 4 (mcc 000 mnc 000 lac 0x0000)
<0001> sysinfo.c:692 New SYSTEM INFORMATION 3 (mcc 420 mnc 01 lac 0x012f)
<0001> gsm48_rr.c:1835 Changing CCCH_MODE to 1
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:1801 New SYSTEM INFORMATION 2ter
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2129 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> sysinfo.c:599 Now decoding previously received SYSTEM INFORMATION 4
<0001> sysinfo.c:432 Serving cell ARFCN #0: 797
<0001> sysinfo.c:432 Serving cell ARFCN #1: 816
<0001> sysinfo.c:446 Hopping ARFCN: 0 (bit 797)
<0001> sysinfo.c:446 Hopping ARFCN: 1 (bit 816)
<0001> gsm48_rr.c:1714 New SYSTEM INFORMATION 1
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2338 IMMEDIATE ASSIGNMENT:
<0001> gsm48_rr.c:2350 (ta 0/0m ra 0x00 chan_nr 0x0e MAIO 0 HSN 43 TS 6 SS 0 TSC 6)
<0001> gsm48_rr.c:2366 Not for us, no request.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:1743 New SYSTEM INFORMATION 2
<0003> gsm322.c:1624 Cell ARFCN 762(DCS): Cell found, (rxlev=-53 mcc=420 mnc=01 lac=012f Saudi Arabia, Al Jawal)
<0003> gsm322.c:1635 Cell ARFCN 762(DCS) selected.
<0003> gsm322.c:1955 Tune to frequency 762.
<0003> gsm322.c:270 Sync to ARFCN=762(DCS) rxlev=-53 (Sysinfo, ccch mode NON-COMB)
<0003> gsm322.c:1997 Cell available.
<0003> gsm322.c:3396 (ms 1) Event 'EVENT_CELL_FOUND' for Cell selection in state 'C2 stored cell selection'
<000d> gsm322.c:2798 Camping normally on cell (ARFCN=762(DCS) mcc=420 mnc=01 Saudi Arabia, Al Jawal)
<0003> gsm322.c:559 new state 'C2 stored cell selection' -> 'C3 camped normally'
<0004> gsm48_mm.c:4092 (ms 1) Received 'MM_EVENT_CELL_SELECTED' event in state MM IDLE, PLMN search
<0004> gsm48_mm.c:901 new MM IDLE state PLMN search -> location updating needed
<0004> gsm48_mm.c:901 new MM IDLE state location updating needed -> attempting to update
<0004> gsm48_mm.c:2150 Do Loc. upd. for IMSI attach.
<000d> gsm48_mm.c:2083 Perform location update (MCC 420, MNC 01 LAC 0x012f)
<0004> gsm48_mm.c:2205 LOCATION UPDATING REQUEST
<0004> gsm48_mm.c:2227 using LAI (mcc 420 mnc 01 lac 0x012f)
<0004> gsm48_mm.c:2235 using TMSI 0x2804a1b5
<0004> gsm48_mm.c:906 new state MM IDLE, attempting to update -> wait for RR connection (location updating)
<0001> gsm48_rr.c:5019 (ms 1) Message 'RR_EST_REQ' received in state idle
<000d> gsm48_rr.c:1245 Establish radio link due to mobility management request
<0003> gsm322.c:3396 (ms 1) Event 'EVENT_LEAVE_IDLE' for Cell selection in state 'C3 camped normally'
<0003> gsm322.c:3034 Going to camping (normal) ARFCN 762(DCS).
<0003> gsm322.c:270 Sync to ARFCN=762(DCS) rxlev=-53 (Sysinfo, ccch mode NON-COMB)
<0001> gsm48_rr.c:363 new state idle -> connection pending
<0001> gsm48_rr.c:1384 CHANNEL REQUEST: 00 (Location Update with NECI)
<0003> gsm322.c:2486 Channel synched. (ARFCN=762(DCS), snr=11, BSIC=31)
<0001> gsm322.c:2513 using DSC of 90
<0003> gsm48_rr.c:4656 Channel provides data.
<0001> gsm48_rr.c:1516 RANDOM ACCESS (requests left 5)
<0001> gsm48_rr.c:1573 RANDOM ACCESS (Tx-integer 50 combined no S(lots) 0 ra 0x0a)
<0001> gsm48_rr.c:1612 Use MS-TXPWR-MAX-CCH power value 0 (30 dBm)
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:2077 PAGING ignored, we are not camping.
<0001> gsm48_rr.c:609 MON: f=762 lev=-51 snr= 0 ber= 32 LAI=420 01 012f ID=2dcf
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
<0001> gsm48_rr.c:609 MON: no cell info
^CSignal 2 received.
<0004> gsm48_mm.c:4096 (ms 1) Received 'MM_EVENT_IMSI_DETACH' event in state wait for RR connection (location updating)
<0004> gsm48_mm.c:1862 IMSI detach delayed.
<0001> gsm48_rr.c:609 MON: no cell info

OsmocomBB# show ms 1
MS '1' is up, MM connection active
  IMEI: 000000000000000
     IMEISV: 0000000000000000
     IMEI generation: fixed
  automatic network selection state: A1 trying RPLMN
  cell selection state: C3 camped normally
  radio ressource layer state: connection pending
  mobility management layer state: wait for RR connection (location updating)

I am hoping to read soon from you people.

Regards,

Basem

--- On Tue, 6/14/11, Andreas.Eversberg <Andreas.Eversberg@versatel.de> wrote:

From: Andreas.Eversberg <Andreas.Eversberg@versatel.de>
Subject: Re: Facing issues in using OSMOCOM
To: "Basem Ahmed" <eng_basemm@yahoo.com>
Cc: baseband-devel@lists.osmocom.org
Date: Tuesday, June 14, 2011, 2:07 PM

can you send the full mobile output? (from start of application until it
halts)

>    <0002> gsm322.c:3176 (ms 1) Event 'EVENT_SIM_INSERT' for
automatic PLMN selection in state 'A0 null'
>    <000d> gsm322.c:1090 Start search of last registered PLMN
(mcc=420 mnc=01 Saudi Arabia, Al Jawal)
>    <0002> gsm322.c:1094 Use RPLMN (mcc=420 mnc=01 Saudi Arabia, Al
Jawal)
>    <0002> gsm322.c:530 new state 'A0 null' -> 'A1 trying RPLMN'
>    <0003> gsm322.c:3396 (ms 1) Event 'EVENT_NEW_PLMN' for Cell
selection in state 'C0 null'
>    <000d> gsm322.c:3007 Selecting network (mcc=420 mnc=01 Saudi
Arabia, Al Jawal)
>    <0003> gsm322.c:3013 Start stored cell selection.
>    <0003> gsm322.c:559 new state 'C0 null' -> 'C2 stored cell
selection'

can you send me the your ~/.osmocom/bb/1.ba file? don't worry, it will
only contain band allocations you have received so far. (rename it an
see, if the problem still exists.)