- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- General Purpose Microcontrollers
- :
- LPC Microcontrollers
- :
- Facing stack corruption in LPC55S28
Facing stack corruption in LPC55S28
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Facing stack corruption in LPC55S28
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi NXP,
We are using hashscrypt driver from SDK-2.10.1. In that in function hashcrypt_get_data we are seeing first 8 bytes of digest variable are corrupted. Below is the code snippet.
/*!
* @brief Read OUTDATA registers.
*
* This function copies OUTDATA to output buffer.
*
* @Param base Hachcrypt peripheral base address.
* @Param[out] output Output buffer.
* @Param Number of bytes to copy.
*/
static void hashcrypt_get_data(HASHCRYPT_Type *base, uint32_t *output, size_t outputSize)
{
uint32_t digest[8];
while (0U == (base->STATUS & HASHCRYPT_STATUS_DIGEST_MASK))
{
}
for (int i = 0; i < 8; i++)
{
digest[i] = swap_bytes(base->DIGEST0[i]);
}
if (outputSize > sizeof(digest))
{
outputSize = sizeof(digest);
}
(void)hashcrypt_memcpy(output, digest, outputSize);
}
Digest have proper value in DIGEST0 HW register, but after swapping somehow digest have not proper value.
If we Disable global interrupt before copying to digest variable digest[i] = swap_bytes(base->DIGEST0[i]);, then issue is not happen and if i initialize local digest variable to 0 uint32_t digest[8] = {0}; then also issue not happens. It indicates somehow stack is corrupted.
Is there any way to observe Stack corruption in LPC55S28. Also MTB & ETM is not supported in LPC55S28 ,so i cannot enable trace debugging to identify who is modifying digest variable.
Please suggest good way to debug this issue.
Regards,
Rahul Shah
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
No still issue is not resolved. Also as you mentioned about breakpoint where there is read /write. That is called Watchpoint, But that is only applicable for Global variables. In my case digest[] is local variable which is corrupted.
Still no clue how to debug.
Regards,
Rahul Shah
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
> But that is only applicable for Global variables. In my case digest[] is local variable which is corrupted.
In my experience this depends on the toolchain (and the debugger). Usually, data watchpoints are basically related to addresses.
Perhaps your issues are triggered by an interrupt handler, or another communication-based handler.
I had debugged such a problem last year, and it turned out the main (RT-OS) thread had passed a buffer on the stack to communication handler. This buffer address was (re-)used much later in the next OS cycle when the response from the remote device was processed, corrupting the stack.
Perhaps the values on the stack itself can give you a clue. They are either addresses or data values, which might help you identify the offender.
When you disable interrupts for the runtime of the routine, does the stack corruption still happen ?
As mentioned, I have no experience with LPC55S devices. And I'm no NXP employee, for all intents and purposes.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, if i disable interrupts then everything works ok and not seen any corruption. But may be issue happens at other places later on . So i am searching exact root cause like who is corrupting the stack.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unless you have an immediate idea what causes it, I would disable individual interrupts one by one now and try again. Thus single out the handler that triggers the stack corruption.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So after all exercise if i disable SPI & UART interrupt then issue not happen. But if i keep them enabled then interrupt routine for SPI & UART not called at all during and around this issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
> But if i keep them enabled then interrupt routine for SPI & UART not called at all during and around this issue.
Not sure what you mean by that.
But interrupts are not called, they are asynchronous events caused by external sources, especially in the case of UART. A character reception or a "FIFO full" event usually trigger an interrupt.
In case of SPI (and if your MCU is the master), this happens more or less synchronously to a transmission.
Check how you deal with received character(s), and closely guard buffer indices used inside this handlers. By the way, this includes ALL callback functions called from within interrupt context.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have no experience with the LPC55xx as such, only other LPC MCUs, and those of other vendors.
First, many toolchains support a watermarking, and many RTOSs support a runtime stack check. Watermarking is pre-filling the stack with specific values to detect it's usage (watermark) afterwards. Famous watermarking values are 0xDDDDDDDD, or 0xDEADBEEF.
Both methods seem not very promising in your case, though.
The second option are data breakpoints. All proper toolchains (debugger) support such data breakpoints, which do not stop execution based on PC value, but on a reference (read) or change (write) to a certain data location.
