10 Nov
2014
10 Nov
'14
9:10 p.m.
On 11/10/2014 01:44 PM, Holger Hans Peter Freyther wrote:
On Mon, Nov 10, 2014 at 12:16:47PM -0600, Ciaby
wrote:
Here comes the "bt full" output:
#0 subscr_name (subscr=0x0) at gsm_subscriber_base.c:47
No locals.
#1 0x00000000004079e3 in ho_gsm48_ho_compl (new_lchan=0x7fb1a80dd0b0)
at handover_logic.c:259
net = 0x894690
ho = 0xe1ccb0
#2 ho_logic_sig_cb (signal_data=<optimized out>, signal=<optimized
out>, subsys=<optimized out>, handler_data=<optimized out>) at
handover_logic.c:353
lchan = 0x7fb1a80dd0b0
#3 ho_logic_sig_cb (subsys=<optimized out>, signal=<optimized out>,
handler_data=<optimized out>, signal_data=<optimized out>) at
handover_logic.c:335
lchan_data = <optimized out>
#4 0x00007fb1a76dccec in osmo_signal_dispatch (subsys=4, signal=3,
signal_data=0x7ffffe668090) at signal.c:105
handler = 0x7af060
#5 0x0000000000408d25 in handle_rr_ho_compl (msg=<optimized out>) at
bsc_api.c:524
sig = {lchan = 0x7fb1a80dd0b0, mr = 0x0}
gh = <optimized out>
#6 dispatch_dtap (msg=0x2436980, link_id=<optimized out>,
conn=0xc8e070) at bsc_api.c:583
api = 0x6757c0
gh = <optimized out>
pdisc = <optimized out>
rc = <optimized out>
#7 gsm0408_rcvmsg (msg=0x2436980, link_id=<optimized out>) at bsc_api.c:657
rc = <optimized out>
api = 0x6757c0
lchan = 0x7fb1a80dd0b0
#8 0x000000000041fde1 in abis_rsl_rx_rll (msg=0x2436980) at abis_rsl.c:1682
rllh = 0x2436a0e
ts_name = <optimized out>
sign_link = <optimized out>
rc = 0
sapi = <optimized out>
#9 abis_rsl_rcvmsg (msg=0x2436980) at abis_rsl.c:2093
rslh = 0x2436a0e
rc = 0
#10 0x00007fb1a74cce5a in handle_ts1_read (bfd=0x90d6b8) at
input/ipaccess.c:469
line = 0x90cb00
link = <optimized out>
hh = 0x2436a0b
msg = 0x2436980
ret = <optimized out>
ts_nr = 2
e1i_ts = 0x90d118
#11 ipaccess_fd_cb (bfd=0x90d6b8, what=1) at input/ipaccess.c:603
rc = 0
#12 0x00007fb1a76dca11 in osmo_select_main (polling=0) at select.c:158
flags = 1
ufd = 0x90d6b8
tmp = 0x8aa118
readset = {__fds_bits = {0 <repeats 16 times>}}
writeset = {__fds_bits = {0 <repeats 16 times>}}
exceptset = {__fds_bits = {0 <repeats 16 times>}}
work = 1
rc = <optimized out>
no_time = {tv_sec = 0, tv_usec = 0}
#13 0x0000000000406e34 in main (argc=<optimized out>,
argv=0x7ffffe6684f8) at bsc_hack.c:354
rc = <optimized out>
Cheers
Ciaby
Sometimes osmo-nitb crashes, and our users have
reported the fact that sometimes they end up listening to someone's else conversation.
ouch!
This started to happen since we enabled
handover.
This is the backtrace i got from a core dump of osmo-nitb:
(gdb) bt
Can you please make a "bt full" so we see the values of
structures
Any clue about why this is happening?
Yes. "abnormal" condition. So somehow conn->subscr = NULL. This
means the subscriber was never loaded from the database or what
is more likely is that subscr_con_free has been called for the
old channel.
subscr_name(ho->old_lchan->conn->subscr)
is crashing because subscr is 0x0. I wonder about the state of
conn and the old_lchan in general. My guess would be that the
old_lchan has already failed.