aboutsummaryrefslogtreecommitdiffstats
path: root/tests/emu/openbsc_clone.c
AgeCommit message (Collapse)AuthorFilesLines
2013-09-04emu: Add a crash re-producer for the SGSN (and the concept of tests)Holger Hans Peter Freyther1-0/+18
Introduce the concept of tests that will be ran one after the other. This new test will send static message that will lead to the opening of a PDP context. At this point one should use ping with a large packet size and suspend/stop the emulator. Once the NS connection is considered dead the SGSN will crash with a double free. Reproduce: 0.) Add IMSI 901700000003094 to the ACL 1.) Stop/Suspend the emulation process so the NS Alive times out 2.) Use ping IP -s 2048 This will create a double free... #4 0xb7bb2646 in talloc_abort_double_free () at talloc.c:175 #5 0xb7bbd41a in talloc_chunk_from_ptr (ptr=0x8091208) at talloc.c:190 #6 _talloc_free (ptr=0x8091208) at talloc.c:517 #7 talloc_free (ptr=ptr@entry=0x8091208) at talloc.c:990 #8 0xb7bb319b in msgb_free (m=m@entry=0x8091208) at msgb.c:72 #9 0x0804db54 in sndcp_send_ud_frag (fs=0xbfffcc6c) at gprs_sndcp.c:423 #10 sndcp_unitdata_req (msg=msg@entry=0x808eed8, lle=0x808fbc8, nsapi=5 '\005', mmcontext=mmcontext@entry=0x80903e8) at gprs_sndcp.c:471
2013-09-04emu: Use OpenBSC code to decode the LLC and add assertionsHolger Hans Peter Freyther1-0/+216
Use the OpenBSC SGSN code to parse the LLC data and look into the data we receive. Add assertions to verify the the sequence number is increasing.