NULL pointer read in udp, tcp, context net tests #3800
Description
Reported by Andrew Boie:
qemu_x86 tests/net/tcp/test FAILED: timeout
--------------------------sanity-out/qemu_x86/tests/net/tcp/test/qemu.log---------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul 7 2017 17:38:39 *****
tc_start() - test TCP init
passed
tc_start() - test TCP register/unregister port cb
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x00405a20
Faulting segment:address = 0x0008:0x00003427
eax: 0x0040836a, ebx: 0x00000004, ecx: 0x00408302, edx: 0x00000000
esi: 0x00000000, edi: 0x0040836a, ebp: 0x0040a814, esp: 0x0040a808
eflags: 0x202
Fatal fault in essential thread! Spinning...
--------------------------sanity-out/qemu_x86/tests/net/tcp/test/qemu.log---------------------------
total complete: 96/ 200 48% failed: 2
qemu_x86 tests/net/udp/test FAILED: timeout
--------------------------sanity-out/qemu_x86/tests/net/udp/test/qemu.log---------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul 7 2017 17:38:58 *****
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x00405560
Faulting segment:address = 0x0008:0x00002abb
eax: 0x00406cca, ebx: 0x00000004, ecx: 0x00406c02, edx: 0x00000000
esi: 0x00000000, edi: 0x00406cca, ebp: 0x00407e14, esp: 0x00407e08
eflags: 0x202
Fatal fault in essential thread! Spinning...
--------------------------sanity-out/qemu_x86/tests/net/udp/test/qemu.log---------------------------
total complete: 125/ 200 62% failed: 3
qemu_x86 tests/net/context/test FAILED: timeout
------------------------sanity-out/qemu_x86/tests/net/context/test/qemu.log-------------------------
***** BOOTING ZEPHYR OS v1.8.99 - BUILD: Jul 7 2017 17:39:30 *****
tc_start() - test init
passed
tc_start() - net_context_get failures
passed
tc_start() - net_context_get all
passed
tc_start() - net_context_get
passed
tc_start() - net_context_get create
passed
tc_start() - net_context_bind fail
passed
tc_start() - net_context_bind IPv6
passed
tc_start() - net_context_bind IPv4
passed
tc_start() - net_context_bind mcast
passed
tc_start() - net_context_listen IPv6
passed
tc_start() - net_context_listen IPv4
passed
tc_start() - net_context_connect IPv6
passed
tc_start() - net_context_connect IPv4
passed
tc_start() - net_context_accept IPv6
passed
tc_start() - net_context_accept IPv4
passed
tc_start() - net_context_send IPv6
***** CPU Page Fault (error code 0x00000000)
Supervisor thread read address 0x00000000
Current thread ID = 0x004053e0
Faulting segment:address = 0x0008:0x00002c5d
eax: 0x00405c9a, ebx: 0x00000004, ecx: 0x00405c02, edx: 0x00000000
esi: 0x00000000, edi: 0x00405c9a, ebp: 0x004073bc, esp: 0x004073b0
eflags: 0x202
Fatal fault in essential thread! Spinning...
------------------------sanity-out/qemu_x86/tests/net/context/test/qemu.log-------------------------
I am grouping these together as they all have the same backtrace, I suspect the same root cause.
<span>#</span>0 k_cpu_idle () at /home/apboie/projects/zephyr/arch/x86/core/cpuhalt.c:56
<span>#</span>1 0x00007583 in _SysFatalErrorHandler (reason=6, pEsf=0x407380 <rx_stack+1056>)
at /home/apboie/projects/zephyr/arch/x86/core/sys_fatal_error_handler.c:69
<span>#</span>2 0x000077df in _NanoFatalErrorHandler (reason=6, pEsf=0x407380 <rx_stack+1056>) at /home/apboie/projects/zephyr/arch/x86/core/fatal.c:112
<span>#</span>3 0x0000795e in page_fault_handler (pEsf=0x407380 <rx_stack+1056>) at /home/apboie/projects/zephyr/arch/x86/core/fatal.c:228
<span>#</span>4 0x000075c7 in allDone () at /home/apboie/projects/zephyr/arch/x86/core/excstub.S:171
<span>#</span>5 0x004073b0 in rx_stack ()
<span>#</span>6 0x004073bc in rx_stack ()
<span>#</span>7 0x00000004 in ?? ()
<span>#</span>8 0x00005453 in net_pkt_write (pkt=0x4069a0 <_k_mem_slab_buf_tx_pkts+512>, frag=0x405c9a <_net_buf_tx_bufs+58>, offset=4,
pos=0x407464 <rx_stack+1284>, len=4, data=0x0, timeout=1000) at /home/apboie/projects/zephyr/subsys/net/ip/net_pkt.c:1423
<span>#</span>9 0x00005d0f in setup_ipv6_header (icmp_code=4 '\004', icmp_type=1 '\001', hop_limit=64 '@', extra_len=<optimized out>,
pkt=0x4069a0 <_k_mem_slab_buf_tx_pkts+512>) at /home/apboie/projects/zephyr/subsys/net/ip/icmpv6.c:104
<span>#</span>10 net_icmpv6_send_error (orig=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>, type=1 '\001', code=4 '\004', param=0)
at /home/apboie/projects/zephyr/subsys/net/ip/icmpv6.c:566
<span>#</span>11 0x000074f6 in send_icmp_error (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/connection.c:764
<span>#</span>12 net_conn_input (proto=IPPROTO_UDP, pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/connection.c:948
<span>#</span>13 0x00006390 in net_ipv6_process_pkt (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>) at /home/apboie/projects/zephyr/subsys/net/ip/ipv6.c:3886
<span>#</span>14 0x00003894 in process_data (is_loopback=is_loopback@entry=false, pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>)
at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:109
<span>#</span>15 processing_data (pkt=0x4069e0 <_k_mem_slab_buf_tx_pkts+576>, is_loopback=is_loopback@entry=false)
at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:129
<span>#</span>16 0x0000396c in net_rx_thread () at /home/apboie/projects/zephyr/subsys/net/ip/net_core.c:178
<span>#</span>17 0x00008a98 in _thread_entry (entry=0x3932 <net_rx_thread>, p1=0x0, p2=0x0, p3=0x0) at /home/apboie/projects/zephyr/kernel/thread.c:186
<span>#</span>18 0x00000206 in ?? ()
(Imported from Jira ZEP-2367)