Analysis of the Causes of Program Failure-EEWORLD

Collect

Usually the reasons why our program runs out of control are as follows:
1. memset/ memcpy usage error
error code
aucCpyLength=NAME_DATA_LENGTH- ((wucCdTextCmdBufferPara.stTagCmdPara.ucPageNo+1)*TAG_PAGE_LENGTH);
memset(pucCpyDestAdress + TAG_PAGE_LENGTH,0x00,aucCpyLength)
where: NAME_DATA_LENGTH is 64
TAG_PAGE_LENGTH is 10

wrong reason

Since the variable wucCdTextCmdBufferPara.stTagCmdPara.ucPageNo is 6, aucCpyLength=64-70=0xFA. Since the memset function is called later, the contents of the 0xFA addresses starting from the pucCpyDestAdress address are all rewritten to 0, resulting in pointer variable calculation errors during engine control and pointing to illegal areas, eventually causing the program to run away.

Solution

1 Before calling the memset function, perform error tolerance on the maximum range of length to avoid other variables being modified due to length exceeding
the range .
2 Review the variables involved in length calculation to avoid assigning out-of-range values in the program.
Method example
if(NAME_DATA_LENGTH>= ((wucCdTextCmdBufferPara.stTagCmdPara.ucPageNo+1)* TAG_PAGE_LENGTH ))

{
aucCpyLength=NAME_DATA_LENGTH- ((wucCdTextCmdBufferPara.stTagCmdPara.ucPageNo+1)*TAG_PAGE_LENGTH);
memset(pucCpyDestAdress+ TAG_PAGE_LENGTH,0x00,aucCpyLength);
}

2 Pointer usage error
Error code
INT8U* pucCDMode;
CDDRV_L1_wvdGetCDMP3Mode(pucCDMode);
Function prototype void CDDRV_L1_wvdGetCDMP3Mode(INT8U* pucCDMode)
Error reason Pointer pucCDMode is used without being initialized.
Solution

1 Initialize the pointer pucCDMode

2 Use automatic variables and perform operations through the addresses of automatic variables.
Method example
INT8U pucCDMode;
CDDRV_L1_wvdGetCDMP3Mode(&pucCDMode);

3 Array control error
error code
for(nuiBTDrvUartRcvSvCnt=REC_DATA_CMDID_ADDR1; nuiBTDrvUartRcvSvCnt

{
nucBTDrvReceiveSaveBuffer[nuiBTDrvUartRcvSvCnt] =nucBTUartReceiveBuffer[nuiBTDrvUartRcvRp];
nuiBTDrvUartRcvRp++;
if(nuiBTDrvUartRcvRp >= RECEIVE_DATA_LENGTH_MAX){
nuiBTDrvUartRcvRp = BT_DRV_NULL;
}
}
The nucBTDrvReceiveSaveBuffer size is defined as 200

wrong reason

When nuiBTDrvOnePacketDataSize is larger than the size of the nucBTDrvReceiveSaveBuffer array, that is, nuiBTDrvOnePacketDataSize>200, the content after the address of nucBTDrvReceiveSaveBuffer+200 will be overwritten, eventually causing the program to run away.
This situation will only occur when there is an interference signal in BT communication.
Solution

When the size of the acquired data exceeds the size range specified by the communication array, the erroneous data is discarded or other corresponding processing is performed. In other words, when assigning values to the array, it is necessary to determine whether it exceeds the range, and if it exceeds the range, corresponding processing is performed.
Method Example

Add fault tolerance before the wrong code.
if(nuiBTDrvOnePacketDataSize >= RECEIVE_DATA_PROC_LENGTH)
{
nuiBTDrvOnePacketDataSize = RECEIVE_DATA_PROC_LENGTH;
}

Reference address：Analysis of the Causes of Program Failure

Previous article：The reason why the microcontroller program runs away
Next article：Research on Debugging Programs in RAM of MSP430

Popular Resources
Popular amplifiers