Fix SX126x daemon abort when Tx power exceeds chip limit#10711
Fix SX126x daemon abort when Tx power exceeds chip limit#10711lizthegrey wants to merge 3 commits into
Conversation
reconfigure() asserted on setOutputPower() failure. `power` is derived from operator-settable config (tx_power, SX126X_MAX_POWER); a value above the SX126x RadioLib limit (+22 dBm) returns RADIOLIB_ERR_INVALID_OUTPUT_POWER. The assert aborts meshtasticd mid-reconfigure -- before reloadConfig() persists the change -- so the offending config silently reverts and the daemon crash-loops. Record a critical error and continue instead, matching the adjacent setFrequency() handling. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
|
|
|
@lizthegrey, Welcome to Meshtastic!Thanks for opening your first pull request. We really appreciate it. We discuss work as a team in discord, please join us in the #firmware channel. Welcome to the team 😄 |
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Prevents meshtasticd from aborting when radio reconfiguration attempts to set an invalid SX126x TX power, instead surfacing a critical error and continuing to apply the rest of the config.
Changes:
- Replace
assert(err == RADIOLIB_ERR_NONE)aftersetOutputPower()with error logging +RECORD_CRITICALERROR(...). - Add explanatory comment describing why aborting here is harmful during
reloadConfig().
| if (err != RADIOLIB_ERR_NONE) { | ||
| // Do not abort here: `power` is derived from operator-settable config (tx_power and | ||
| // SX126X_MAX_POWER). A value above the chip's RadioLib limit (+22 dBm for SX126x) returns | ||
| // RADIOLIB_ERR_INVALID_OUTPUT_POWER. asserting would abort the daemon mid-reconfigure, before | ||
| // reloadConfig() persists the new config, so the offending setting silently reverts and the | ||
| // daemon crash-loops. Record the error and continue, matching the setFrequency() handling above. | ||
| LOG_ERROR("SX126X setOutputPower %s%d", radioLibErr, err); | ||
| assert(err == RADIOLIB_ERR_NONE); | ||
| RECORD_CRITICALERROR(meshtastic_CriticalErrorCode_INVALID_RADIO_SETTING); | ||
| } |
There was a problem hiding this comment.
Right — continuing leaves the radio at its previously applied power while config records the new value. I took the explicit-logging option ("keeping previous Tx power") rather than a clamp-to-max fallback here, because a correct clamp needs the per-chip maximum (the same SX1261-vs-SX1262 distinction noted above) and RadioLib does not expose it cleanly at this call site. I think the cleaner root-cause fix is to validate/clamp SX126X_MAX_POWER (and tx_power) against the chip limit at config-load time so an out-of-range value never reaches reconfigure() — happy to do that as a follow-up, or to add the clamp here if maintainers prefer. (6987025)
- Comment no longer states a universal "+22 dBm for SX126x"; notes the limit is the driver's max (e.g. +22 on SX1262/SX1268, lower on SX1261). - Log the rejected `power` value and that the previous Tx power is retained, so the invalid setting and the resulting config/radio drift are visible. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
What
SX126xInterface::reconfigure()aborted viaassert(err == RADIOLIB_ERR_NONE)whensetOutputPower()failed.powerhere is derived from operator-settable config (tx_power,SX126X_MAX_POWER); a value above the SX126x RadioLib limit (+22 dBm) returnsRADIOLIB_ERR_INVALID_OUTPUT_POWERand aborts the daemon.Because
MeshService::reloadConfig()reconfigures the radio beforesaveToDisk(), the abort happens before the new config is persisted: the offending setting silently reverts andmeshtasticdcrash-loops with no surfaced error.This replaces the
assertwithRECORD_CRITICALERROR(meshtastic_CriticalErrorCode_INVALID_RADIO_SETTING)+ continue — matching thesetFrequency()handling 8 lines above in the same function. A bad/typo'd power value now surfaces a critical error instead of taking down the node.fixes #10710
Testing
meshtasticd2.7.24 on aarch64 Linux. WithSX126X_MAX_POWER: 24, any runtime config change reproduced thesetOutputPower err=-13→ assert abort and silent config revert; setting Tx power ≤ 22 avoided it.develop(HEADbbcc35e): a fullpio run -e native(portduino) build succeeds and produces a workingmeshtasticdaarch64 ELF.setFrequency()handling; community verification on the attestation devices is welcome.Notes
Only
reconfigure()is affected;init()already tolerates abegin()power failure without asserting. OptionallySX126X_MAX_POWERcould additionally be clamped to the chip's RadioLib maximum so the radio keeps transmitting at the legal max after a too-high setting — happy to add if preferred.🤝 Attestations
meshtasticd2.7.24); fix compiles and links clean againstdevelopvia the native/portduino build. Runtime verification of the fixed path on-device not performed (to avoid disrupting the live node); fix mirrors the adjacentsetFrequency()graceful path. Community verification welcome.