Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NULL pointer read in udp, tcp, context net tests #2200

Closed
nashif opened this issue Jul 7, 2017 · 1 comment
Closed

NULL pointer read in udp, tcp, context net tests #2200

nashif opened this issue Jul 7, 2017 · 1 comment
Labels
area: Networking bug priority: high
Milestone
v1.9.0

Comments

@nashif
Copy link

nashif commented Jul 7, 2017
edited
Loading

Reported by Andrew Boie:

qemu_x86                  tests/net/tcp/test                                 FAILED: timeout
--------------------------sanity-out/qemu_x86/tests/net/tcp/test/qemu.log---------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul  7 2017 17:38:39 *****
tc_start() - test TCP init
passed
tc_start() - test TCP register/unregister port cb
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x00405a20
Faulting segment:address = 0x0008:0x00003427
eax: 0x0040836a, ebx: 0x00000004, ecx: 0x00408302, edx: 0x00000000
esi: 0x00000000, edi: 0x0040836a, ebp: 0x0040a814, esp: 0x0040a808
eflags: 0x202
Fatal fault in essential thread! Spinning...
--------------------------sanity-out/qemu_x86/tests/net/tcp/test/qemu.log---------------------------

total complete:   96/ 200  48%  failed:    2

qemu_x86                  tests/net/udp/test                                 FAILED: timeout
--------------------------sanity-out/qemu_x86/tests/net/udp/test/qemu.log---------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul  7 2017 17:38:58 *****
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x00405560
Faulting segment:address = 0x0008:0x00002abb
eax: 0x00406cca, ebx: 0x00000004, ecx: 0x00406c02, edx: 0x00000000
esi: 0x00000000, edi: 0x00406cca, ebp: 0x00407e14, esp: 0x00407e08
eflags: 0x202
Fatal fault in essential thread! Spinning...
--------------------------sanity-out/qemu_x86/tests/net/udp/test/qemu.log---------------------------

total complete:  125/ 200  62%  failed:    3

qemu_x86                  tests/net/context/test                             FAILED: timeout
------------------------sanity-out/qemu_x86/tests/net/context/test/qemu.log-------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul  7 2017 17:39:30 *****
tc_start() - test init
passed
tc_start() - net_context_get failures
passed
tc_start() - net_context_get all
passed
tc_start() - net_context_get
passed
tc_start() - net_context_get create
passed
tc_start() - net_context_bind fail
passed
tc_start() - net_context_bind IPv6
passed
tc_start() - net_context_bind IPv4
passed
tc_start() - net_context_bind mcast
passed
tc_start() - net_context_listen IPv6
passed
tc_start() - net_context_listen IPv4
passed
tc_start() - net_context_connect IPv6
passed
tc_start() - net_context_connect IPv4
passed
tc_start() - net_context_accept IPv6
passed
tc_start() - net_context_accept IPv4
passed
tc_start() - net_context_send IPv6
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x004053e0
Faulting segment:address = 0x0008:0x00002c5d
eax: 0x00405c9a, ebx: 0x00000004, ecx: 0x00405c02, edx: 0x00000000
esi: 0x00000000, edi: 0x00405c9a, ebp: 0x004073bc, esp: 0x004073b0
eflags: 0x202
Fatal fault in essential thread! Spinning...
------------------------sanity-out/qemu_x86/tests/net/context/test/qemu.log-------------------------

I am grouping these together as they all have the same backtrace, I suspect the same root cause.

<span>#</span>0  k_cpu_idle () at /home/apboie/projects/zephyr/arch/x86/core/cpuhalt.c:56
<span>#</span>1  0x00007583 in _SysFatalErrorHandler (reason=6, pEsf=0x407380 <rx_stack+1056>)
    at /home/apboie/projects/zephyr/arch/x86/core/sys_fatal_error_handler.c:69
<span>#</span>2  0x000077df in _NanoFatalErrorHandler (reason=6, pEsf=0x407380 <rx_stack+1056>) at /home/apboie/projects/zephyr/arch/x86/core/fatal.c:112
<span>#</span>3  0x0000795e in page_fault_handler (pEsf=0x407380 <rx_stack+1056>) at /home/apboie/projects/zephyr/arch/x86/core/fatal.c:228
<span>#</span>4  0x000075c7 in allDone () at /home/apboie/projects/zephyr/arch/x86/core/excstub.S:171
<span>#</span>5  0x004073b0 in rx_stack ()
<span>#</span>6  0x004073bc in rx_stack ()
<span>#</span>7  0x00000004 in ?? ()
<span>#</span>8  0x00005453 in net_pkt_write (pkt=0x4069a0 <_k_mem_slab_buf_tx_pkts+512>, frag=0x405c9a <_net_buf_tx_bufs+58>, offset=4, 
    pos=0x407464 <rx_stack+1284>, len=4, data=0x0, timeout=1000) at /home/apboie/projects/zephyr/subsys/net/ip/net_pkt.c:1423
<span>#</span>9  0x00005d0f in setup_ipv6_header (icmp_code=4 '\004', icmp_type=1 '\001', hop_limit=64 '@', extra_len=<optimized out>, 
    pkt=0x4069a0 <_k_mem_slab_buf_tx_pkts+512>) at /home/apboie/projects/zephyr/subsys/net/ip/icmpv6.c:104
<span>#</span>10 net_icmpv6_send_error (orig=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>, type=1 '\001', code=4 '\004', param=0)
    at /home/apboie/projects/zephyr/subsys/net/ip/icmpv6.c:566
<span>#</span>11 0x000074f6 in send_icmp_error (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/connection.c:764
<span>#</span>12 net_conn_input (proto=IPPROTO_UDP, pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/connection.c:948
<span>#</span>13 0x00006390 in net_ipv6_process_pkt (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/ipv6.c:3886
<span>#</span>14 0x00003894 in process_data (is_loopback=is_loopback@entry=false, pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>)
    at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:109
<span>#</span>15 processing_data (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>, is_loopback=is_loopback@entry=false)
    at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:129
<span>#</span>16 0x0000396c in net_rx_thread () at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:178
<span>#</span>17 0x00008a98 in _thread_entry (entry=0x3932 <net_rx_thread>, p1=0x0, p2=0x0, p3=0x0) at /home/apboie/projects/zephyr/kernel/thread.c:186
<span>#</span>18 0x00000206 in ?? ()

(Imported from Jira ZEP-2367)
@nashif
Copy link
Author

nashif commented Jul 10, 2017

by Jukka Rissanen:

zephyrproject-rtos/zephyr#738

@nashif nashif closed this as completed Jul 11, 2017
@nashif nashif added this to the v1.9.0 milestone Sep 18, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: Networking bug priority: high
Projects
None yet
Milestone
v1.9.0
Development

No branches or pull requests
1 participant
@nashif