null function pointer called when using shell logger backend under heavy load #45463
Labels
area: Logging
bug
The issue is a bug, or the PR is fixing a bug
priority: medium
Medium impact/importance bug
Describe the bug
Using the shell logger back end and under certain heavly load situations can result in calling a null function pointer call in
mpsc_pbuf
. The shell logger back end sets thenotify_drop
callback to null when configuring it's mpsc buffer, but the mpsc code doesn't do a null check.This was exposed in my application when I turned on mcumgr shell interface. This enables the dummy shell backend which seems to expose the problem. I'm not 100% sure why, but I my guess is it has to do with timing of the dummy backend being different (faster) than a real backend and causes the mpsc to overflow and drop.
To Reproduce
This doesn't reproduce in all situations and seems to depend on timing and task scheduling to hit the mpsc overflow. I was unable to reproduce it on the
native_posix
target, but did get it to happen with a minimal example on a nRF52840 DK.example prj.conf:
example main,c
Expected behavior
Not to crash.
Impact
This seems to only show up under specific circumstances, but when it does the impact is high as it will crash the system.
Logs and console output
The PC is at zero as expected when calling a null function pointer, and the LR is in the mpsc code where it is making the call to the
notify_drop
function pointer.Environment (please complete the following information):
main
(253cec5c95
), but appears to be an issue since the shell log backend was introduced.Additional context
N/A
The text was updated successfully, but these errors were encountered: