On Tue, Nov 13, 2012 at 10:47:40PM +0100, Holger Hans Peter Freyther wrote: Hi Andreas,
> zecke/smc-issues contains a testcase (that is crashing). Ideas how to resolve > the issue and checking where similar issues exist and resolve them too (e.g. > leading to a double free in the smr code). and the same issue exists with the SMR rp_timer_expired and the OpenBSC code calling trans_free from within the error indication and then another message is received (and the msg is empty but the client code still casts it to a msg). there is another part I don't fully understand: * gsm411_rx_rp_ack will start a new transaction but not trans_free the old one. * gsm0411_rcv_sms will search for a 'pending' transaction and then free it. are these two supposed to work together? When was this tested the last time? holger > >
