This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Holger Hans Peter Freyther holger at freyther.dehi,
this is a note. We had a crash with handover. So ho->new_lchan points
to a "valid" lchan but ho->new_lchan->conn is NULL. Which means the new
lchan failed/was freed/re-used.. but the "ho" entry wasn't killed. I
thought I fixed such a bug recently but obviously no.
Program terminated with signal 11, Segmentation fault.
#0 0x00000000004078a7 in ho_T3103_cb (_ho=<optimized out>) at handover_logic.c:192
192 ho->new_lchan->conn->ho_lchan = NULL;
(gdb) p *ho->new_lchan
$1 = {ts = 0x7f9c1439d028, nr = 0 '\000', type = GSM_LCHAN_NONE,
rsl_cmode = RSL_CMOD_SPD_SPEECH, tch_mode = GSM48_CMODE_SPEECH_V1,
csd_mode = LCHAN_CSD_M_NT, state = LCHAN_S_NONE, broken_reason = 0x44c5e3 "",
bs_power = 0 '\000', ms_power = 0 '\000', encr = {alg_id = 2 '\002', key_len = 8 '\b',
key = "\314]\204\276J6\204\000\000\000\000\000\000\000\000"}, mr_conf = {smod = 0 '\000',
spare = 0 '\000', icmi = 0 '\000', nscb = 0 '\000', ver = 0 '\000', m4_75 = 0 '\000',
m5_15 = 0 '\000', m5_90 = 0 '\000', m6_70 = 0 '\000', m7_40 = 0 '\000', m7_95 = 0 '\000',
m10_2 = 0 '\000', m12_2 = 0 '\000'}, sapis = "\000\000\000\000\000\000\000",
sacch_deact = 0, abis_ip = {bound_ip = 3232247317, connect_ip = 3232247297,
bound_port = 44336, connect_port = 5011, conn_id = 0, rtp_payload = 3 '\003',
rtp_payload2 = 0 '\000', speech_mode = 0 '\000', rtp_socket = 0x0}, rqd_ta = 0 '\000',
T3101 = {node = {rb_parent_color = 30560649, rb_right = 0x1e46618, rb_left = 0x1bcaf30},
list = {next = 0x7f9c1439e1c0, prev = 0x7f9c1439e1c0}, timeout = {tv_sec = 1419790405,
tv_usec = 573730}, active = 0, cb = 0x41fd10 <t3101_expired>, data = 0x7f9c1439e130},
T3109 = {node = {rb_parent_color = 31559320, rb_right = 0x0, rb_left = 0x0}, list = {
next = 0x7f9c1439e210, prev = 0x7f9c1439e210}, timeout = {tv_sec = 1419790684,
tv_usec = 182786}, active = 0, cb = 0x41fa20 <t3109_expired>, data = 0x7f9c1439e130},
T3111 = {node = {rb_parent_color = 29138256, rb_right = 0x0, rb_left = 0x0}, list = {
next = 0x7f9c1439e260, prev = 0x7f9c1439e260}, timeout = {tv_sec = 1419791140,
tv_usec = 812411}, active = 0, cb = 0x41fa70 <t3111_expired>, data = 0x7f9c1439e130},
error_timer = {node = {rb_parent_color = 30539945, rb_right = 0x1bc9470,
rb_left = 0x1c75728}, list = {next = 0x7f9c1439e2b0, prev = 0x7f9c1439e2b0}, timeout = {
tv_sec = 1419790405, tv_usec = 637282}, active = 0, cb = 0x41d0f0 <error_timeout_cb>,
data = 0x7f9c1439e130}, act_timer = {node = {rb_parent_color = 29769248, rb_right = 0x0,
rb_left = 0x0}, list = {next = 0x7f9c1439e300, prev = 0x7f9c1439e300}, timeout = {
tv_sec = 1419791144, tv_usec = 812427}, active = 0, cb = 0x41bff0 <lchan_deact_tmr_cb>,
data = 0x7f9c1439e130}, rel_work = {node = {rb_parent_color = 0, rb_right = 0x0,
rb_left = 0x0}, list = {next = 0x0, prev = 0x0}, timeout = {tv_sec = 0, tv_usec = 0},
active = 0, cb = 0, data = 0x0}, error_cause = 0 '\000', neigh_meas = {{arfcn = 0,
bsic = 63 '?', rxlev = ",,'&\032\016-.+)", rxlev_cnt = 4376, last_seen_nr = 0 '\000'}, {
arfcn = 0, bsic = 63 '?', rxlev = "\031\004$(' \037%*&", rxlev_cnt = 4372,
last_seen_nr = 0 '\000'}, {arfcn = 0, bsic = 63 '?', rxlev = "%\017\004''&&&&%",
rxlev_cnt = 4313, last_seen_nr = 0 '\000'}, {arfcn = 0, bsic = 63 '?',
rxlev = "\027\026\024\031\030\031\033\003\027\025", rxlev_cnt = 3328,
last_seen_nr = 0 '\000'}, {arfcn = 0, bsic = 63 '?',
rxlev = "\000\002\001\001\001\003\002\000\000", rxlev_cnt = 1177,
last_seen_nr = 48 '0'}, {arfcn = 0, bsic = 63 '?',
rxlev = "\002\004\002\003\002\005\000\002\005\004", rxlev_cnt = 224,
last_seen_nr = 18 '\022'}, {arfcn = 0, bsic = 0 '\000',
rxlev = "\000\000\000\000\000\000\000\000\000", rxlev_cnt = 0,
last_seen_nr = 0 '\000'}, {arfcn = 0, bsic = 0 '\000',
rxlev = "\000\000\000\000\000\000\000\000\000", rxlev_cnt = 0,
last_seen_nr = 0 '\000'}, {arfcn = 0, bsic = 0 '\000',
rxlev = "\000\000\000\000\000\000\000\000\000", rxlev_cnt = 0,
last_seen_nr = 0 '\000'}, {arfcn = 0, bsic = 0 '\000',
rxlev = "\000\000\000\000\000\000\000\000\000", rxlev_cnt = 0,
---Type <return> to continue, or q <return> to quit---
last_seen_nr = 0 '\000'}}, meas_rep = {{lchan = 0x7f9c1439e130, nr = 0 '\000',
flags = 0, ul = {full = {rx_lev = 3 '\003', rx_qual = 0 '\000'}, sub = {
rx_lev = 63 '?', rx_qual = 0 '\000'}}, dl = {full = {rx_lev = 3 '\003',
rx_qual = 7 '\a'}, sub = {rx_lev = 7 '\a', rx_qual = 7 '\a'}}, bs_power = 0 '\000',
ms_timing_offset = 0 '\000', ms_l1 = {pwr = 30 '\036', ta = 0 '\000'}, num_cell = 3,
cell = {{rxlev = 14 '\016', bsic = 63 '?', neigh_idx = 0 '\000', arfcn = 866,
flags = 1}, {rxlev = 4 '\004', bsic = 63 '?', neigh_idx = 4 '\004', arfcn = 877,
flags = 1}, {rxlev = 4 '\004', bsic = 63 '?', neigh_idx = 1 '\001', arfcn = 868,
flags = 1}, {rxlev = 0 '\000', bsic = 0 '\000', neigh_idx = 0 '\000', arfcn = 0,
flags = 0}, {rxlev = 0 '\000', bsic = 0 '\000', neigh_idx = 0 '\000', arfcn = 0,
flags = 0}, {rxlev = 0 '\000', bsic = 0 '\000', neigh_idx = 0 '\000', arfcn = 0,
flags = 0}}}, {lchan = 0x7f9c1439e130, nr = 0 '\000', flags = 0, ul = {full = {
rx_lev = 35 '#', rx_qual = 0 '\000'}, sub = {rx_lev = 63 '?', rx_qual = 0 '\000'}},
dl = {full = {rx_lev = 44 ',', rx_qual = 0 '\000'}, sub = {rx_lev = 41 ')',
rx_qual = 0 '\000'}}, bs_power = 0 '\000', ms_timing_offset = 0 '\000', ms_l1 = {
pwr = 22 '\026', ta = 0 '\000'}, num_cell = 5, cell = {{rxlev = 43 '+',
bsic = 63 '?', neigh_idx = 1 '\001', arfcn = 868, flags = 1}, {rxlev = 39 '\'',
bsic = 63 '?', neigh_idx = 0 '\000', arfcn = 866, flags = 1}, {rxlev = 38 '&',
bsic = 63 '?', neigh_idx = 3 '\003', arfcn = 873, flags = 1}, {rxlev = 22 '\026',
bsic = 63 '?', neigh_idx = 5 '\005', arfcn = 881, flags = 1}, {rxlev = 2 '\002',
bsic = 63 '?', neigh_idx = 2 '\002', arfcn = 871, flags = 1}, {rxlev = 0 '\000',
bsic = 0 '\000', neigh_idx = 0 '\000', arfcn = 0, flags = 0}}}, {
lchan = 0x7f9c1439e130, nr = 0 '\000', flags = 0, ul = {full = {rx_lev = 45 '-',
rx_qual = 0 '\000'}, sub = {rx_lev = 63 '?', rx_qual = 0 '\000'}}, dl = {full = {
rx_lev = 42 '*', rx_qual = 0 '\000'}, sub = {rx_lev = 41 ')', rx_qual = 0 '\000'}},
bs_power = 0 '\000', ms_timing_offset = 0 '\000', ms_l1 = {pwr = 30 '\036',
ta = 0 '\000'}, num_cell = 5, cell = {{rxlev = 41 ')', bsic = 63 '?',
neigh_idx = 1 '\001', arfcn = 868, flags = 1}, {rxlev = 38 '&', bsic = 63 '?',
neigh_idx = 3 '\003', arfcn = 873, flags = 1}, {rxlev = 32 ' ', bsic = 63 '?',
neigh_idx = 0 '\000', arfcn = 866, flags = 1}, {rxlev = 20 '\024', bsic = 63 '?',
neigh_idx = 5 '\005', arfcn = 881, flags = 1}, {rxlev = 1 '\001', bsic = 63 '?',
neigh_idx = 2 '\002', arfcn = 871, flags = 1}, {rxlev = 0 '\000', bsic = 0 '\000',
neigh_idx = 0 '\000', arfcn = 0, flags = 0}}}, {lchan = 0x7f9c1439e130,
nr = 0 '\000', flags = 0, ul = {full = {rx_lev = 37 '%', rx_qual = 0 '\000'}, sub = {
rx_lev = 63 '?', rx_qual = 0 '\000'}}, dl = {full = {rx_lev = 44 ',',
rx_qual = 0 '\000'}, sub = {rx_lev = 44 ',', rx_qual = 0 '\000'}},
bs_power = 0 '\000', ms_timing_offset = 0 '\000', ms_l1 = {pwr = 14 '\016',
ta = 0 '\000'}, num_cell = 5, cell = {{rxlev = 44 ',', bsic = 63 '?',
neigh_idx = 1 '\001', arfcn = 868, flags = 1}, {rxlev = 38 '&', bsic = 63 '?',
neigh_idx = 3 '\003', arfcn = 873, flags = 1}, {rxlev = 31 '\037', bsic = 63 '?',
neigh_idx = 0 '\000', arfcn = 866, flags = 1}, {rxlev = 25 '\031', bsic = 63 '?',
neigh_idx = 5 '\005', arfcn = 881, flags = 1}, {rxlev = 1 '\001', bsic = 63 '?',
neigh_idx = 2 '\002', arfcn = 871, flags = 1}, {rxlev = 0 '\000', bsic = 0 '\000',
neigh_idx = 0 '\000', arfcn = 0, flags = 0}}}, {lchan = 0x7f9c1439e130,
nr = 0 '\000', flags = 0, ul = {full = {rx_lev = 23 '\027', rx_qual = 0 '\000'}, sub = {
rx_lev = 63 '?', rx_qual = 0 '\000'}}, dl = {full = {rx_lev = 44 ',',
---Type <return> to continue, or q <return> to quit---
rx_qual = 4 '\004'}, sub = {rx_lev = 43 '+', rx_qual = 0 '\000'}},
bs_power = 0 '\000', ms_timing_offset = 0 '\000', ms_l1 = {pwr = 10 '\n',
ta = 0 '\000'}, num_cell = 5, cell = {{rxlev = 44 ',', bsic = 63 '?',
neigh_idx = 1 '\001', arfcn = 868, flags = 1}, {rxlev = 38 '&', bsic = 63 '?',
neigh_idx = 3 '\003', arfcn = 873, flags = 1}, {rxlev = 37 '%', bsic = 63 '?',
neigh_idx = 0 '\000', arfcn = 866, flags = 1}, {rxlev = 24 '\030', bsic = 63 '?',
neigh_idx = 5 '\005', arfcn = 881, flags = 1}, {rxlev = 1 '\001', bsic = 63 '?',
neigh_idx = 2 '\002', arfcn = 871, flags = 1}, {rxlev = 0 '\000', bsic = 0 '\000',
neigh_idx = 0 '\000', arfcn = 0, flags = 0}}}, {lchan = 0x7f9c1439e130,
nr = 0 '\000', flags = 0, ul = {full = {rx_lev = 30 '\036', rx_qual = 0 '\000'}, sub = {
rx_lev = 63 '?', rx_qual = 0 '\000'}}, dl = {full = {rx_lev = 39 '\'',
rx_qual = 2 '\002'}, sub = {rx_lev = 38 '&', rx_qual = 0 '\000'}},
bs_power = 0 '\000', ms_timing_offset = 0 '\000', ms_l1 = {pwr = 26 '\032',
ta = 0 '\000'}, num_cell = 5, cell = {{rxlev = 42 '*', bsic = 63 '?',
neigh_idx = 0 '\000', arfcn = 866, flags = 1}, {rxlev = 39 '\'', bsic = 63 '?',
neigh_idx = 1 '\001', arfcn = 868, flags = 1}, {rxlev = 37 '%', bsic = 63 '?',
neigh_idx = 3 '\003', arfcn = 873, flags = 1}, {rxlev = 25 '\031', bsic = 63 '?',
neigh_idx = 5 '\005', arfcn = 881, flags = 1}, {rxlev = 3 '\003', bsic = 63 '?',
neigh_idx = 2 '\002', arfcn = 871, flags = 1}, {rxlev = 0 '\000', bsic = 0 '\000',
neigh_idx = 0 '\000', arfcn = 0, flags = 0}}}}, meas_rep_idx = 0, rqd_ref = 0x0,
conn = 0x0}