search

openthread / ot-br-posix

OpenThread Border Router, a Thread border router for POSIX-based platforms.
https://openthread.io/
BSD 3-Clause "New" or "Revised" License
419 stars 232 forks source link

otbr-agent received signal SIGSEGV, Segmentation fault. (ProcessFrameQueue) #2476

Closed jinpeng1989 closed 1 week ago

jinpeng1989 commented 1 month ago

Describe the bug: The otbr-agent process crashed, and GDB debugging found that the error was near the ProcessFrameQueue function. The ot-br-posix code used is: https://github.com/SiliconLabs/simplicity_sdk/tree/sisdk-2024.6/util/third_party/ot-br-posix 1244e6f84f76f120bddd1793bbe42e7

jinpeng1989 commented 1 month ago

Crash here, please see log. SyslogCatchAll-2024-08-28-1-and-2.zip image

abtink commented 1 month ago

@Irving-cl can you help take a look and provide your toughts on this?

It seems to be this assert in void SpinelDriver::ProcessFrameQueue(void).

    assert(mSavedFrameHandler != nullptr && mFrameHandlerContext != nullptr);

I see we have SetFrameHandler() to set the handlers and it should be set from RadioSpinel::Init()? Not sure how it may be unset while Process() is called?

We can consider relaxing this to checking it with OT_EXPECT() instead of assert? What do you think?

(a related topic is if we should allow mFrameHandlerContext to be possibly nullptr, since a callback with null context is technically valid).