Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NULL pointer read in udp, tcp, context net tests #3800

Closed
zephyrbot opened this issue Jul 7, 2017 · 1 comment
Closed

NULL pointer read in udp, tcp, context net tests #3800

zephyrbot opened this issue Jul 7, 2017 · 1 comment
Assignees
@jukkar
Labels
area: Networking bug The issue is a bug, or the PR is fixing a bug priority: high High impact/importance bug
Milestone
v1.9.0

Comments

@zephyrbot
Copy link
Collaborator

zephyrbot commented Jul 7, 2017
edited
Loading

Reported by Andrew Boie:

qemu_x86                  tests/net/tcp/test                                 FAILED: timeout
--------------------------sanity-out/qemu_x86/tests/net/tcp/test/qemu.log---------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul  7 2017 17:38:39 *****
tc_start() - test TCP init
passed
tc_start() - test TCP register/unregister port cb
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x00405a20
Faulting segment:address = 0x0008:0x00003427
eax: 0x0040836a, ebx: 0x00000004, ecx: 0x00408302, edx: 0x00000000
esi: 0x00000000, edi: 0x0040836a, ebp: 0x0040a814, esp: 0x0040a808
eflags: 0x202
Fatal fault in essential thread! Spinning...
--------------------------sanity-out/qemu_x86/tests/net/tcp/test/qemu.log---------------------------

total complete:   96/ 200  48%  failed:    2

qemu_x86                  tests/net/udp/test                                 FAILED: timeout
--------------------------sanity-out/qemu_x86/tests/net/udp/test/qemu.log---------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul  7 2017 17:38:58 *****
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x00405560
Faulting segment:address = 0x0008:0x00002abb
eax: 0x00406cca, ebx: 0x00000004, ecx: 0x00406c02, edx: 0x00000000
esi: 0x00000000, edi: 0x00406cca, ebp: 0x00407e14, esp: 0x00407e08
eflags: 0x202
Fatal fault in essential thread! Spinning...
--------------------------sanity-out/qemu_x86/tests/net/udp/test/qemu.log---------------------------

total complete:  125/ 200  62%  failed:    3

qemu_x86                  tests/net/context/test                             FAILED: timeout
------------------------sanity-out/qemu_x86/tests/net/context/test/qemu.log-------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul  7 2017 17:39:30 *****
tc_start() - test init
passed
tc_start() - net_context_get failures
passed
tc_start() - net_context_get all
passed
tc_start() - net_context_get
passed
tc_start() - net_context_get create
passed
tc_start() - net_context_bind fail
passed
tc_start() - net_context_bind IPv6
passed
tc_start() - net_context_bind IPv4
passed
tc_start() - net_context_bind mcast
passed
tc_start() - net_context_listen IPv6
passed
tc_start() - net_context_listen IPv4
passed
tc_start() - net_context_connect IPv6
passed
tc_start() - net_context_connect IPv4
passed
tc_start() - net_context_accept IPv6
passed
tc_start() - net_context_accept IPv4
passed
tc_start() - net_context_send IPv6
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x004053e0
Faulting segment:address = 0x0008:0x00002c5d
eax: 0x00405c9a, ebx: 0x00000004, ecx: 0x00405c02, edx: 0x00000000
esi: 0x00000000, edi: 0x00405c9a, ebp: 0x004073bc, esp: 0x004073b0
eflags: 0x202
Fatal fault in essential thread! Spinning...
------------------------sanity-out/qemu_x86/tests/net/context/test/qemu.log-------------------------

I am grouping these together as they all have the same backtrace, I suspect the same root cause.

<span>#</span>0  k_cpu_idle () at /home/apboie/projects/zephyr/arch/x86/core/cpuhalt.c:56
<span>#</span>1  0x00007583 in _SysFatalErrorHandler (reason=6, pEsf=0x407380 <rx_stack+1056>)
    at /home/apboie/projects/zephyr/arch/x86/core/sys_fatal_error_handler.c:69
<span>#</span>2  0x000077df in _NanoFatalErrorHandler (reason=6, pEsf=0x407380 <rx_stack+1056>) at /home/apboie/projects/zephyr/arch/x86/core/fatal.c:112
<span>#</span>3  0x0000795e in page_fault_handler (pEsf=0x407380 <rx_stack+1056>) at /home/apboie/projects/zephyr/arch/x86/core/fatal.c:228
<span>#</span>4  0x000075c7 in allDone () at /home/apboie/projects/zephyr/arch/x86/core/excstub.S:171
<span>#</span>5  0x004073b0 in rx_stack ()
<span>#</span>6  0x004073bc in rx_stack ()
<span>#</span>7  0x00000004 in ?? ()
<span>#</span>8  0x00005453 in net_pkt_write (pkt=0x4069a0 <_k_mem_slab_buf_tx_pkts+512>, frag=0x405c9a <_net_buf_tx_bufs+58>, offset=4, 
    pos=0x407464 <rx_stack+1284>, len=4, data=0x0, timeout=1000) at /home/apboie/projects/zephyr/subsys/net/ip/net_pkt.c:1423
<span>#</span>9  0x00005d0f in setup_ipv6_header (icmp_code=4 '\004', icmp_type=1 '\001', hop_limit=64 '@', extra_len=<optimized out>, 
    pkt=0x4069a0 <_k_mem_slab_buf_tx_pkts+512>) at /home/apboie/projects/zephyr/subsys/net/ip/icmpv6.c:104
<span>#</span>10 net_icmpv6_send_error (orig=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>, type=1 '\001', code=4 '\004', param=0)
    at /home/apboie/projects/zephyr/subsys/net/ip/icmpv6.c:566
<span>#</span>11 0x000074f6 in send_icmp_error (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/connection.c:764
<span>#</span>12 net_conn_input (proto=IPPROTO_UDP, pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/connection.c:948
<span>#</span>13 0x00006390 in net_ipv6_process_pkt (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/ipv6.c:3886
<span>#</span>14 0x00003894 in process_data (is_loopback=is_loopback@entry=false, pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>)
    at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:109
<span>#</span>15 processing_data (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>, is_loopback=is_loopback@entry=false)
    at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:129
<span>#</span>16 0x0000396c in net_rx_thread () at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:178
<span>#</span>17 0x00008a98 in _thread_entry (entry=0x3932 <net_rx_thread>, p1=0x0, p2=0x0, p3=0x0) at /home/apboie/projects/zephyr/kernel/thread.c:186
<span>#</span>18 0x00000206 in ?? ()

(Imported from Jira ZEP-2367)
@zephyrbot
Copy link
Collaborator Author

by Jukka Rissanen:

#738

@zephyrbot zephyrbot added priority: high High impact/importance bug area: Networking bug The issue is a bug, or the PR is fixing a bug labels Sep 23, 2017
@zephyrbot zephyrbot added this to the v1.9.0 milestone Sep 23, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jukkar jukkar

Labels
area: Networking bug The issue is a bug, or the PR is fixing a bug priority: high High impact/importance bug
Projects
None yet
Milestone
v1.9.0
Development

No branches or pull requests
2 participants
@jukkar @zephyrbot