<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><br></div>If you go to project settings, C18 / MPLINK, you can set a map file for the linker. Looking at what has been generated for a V2 experimental build, I get:<div><br></div><div><blockquote style="margin: 0 0 0 40px; border: none; padding: 0px;"><div><font face="Andale Mono" size="2">...</font></div><div><font face="Andale Mono" size="2"> __AARGB4 0x000025 data extern C:\MCC18\v3_39\src\traditional\math\aarg.asm<br> __AARGB3 0x000026 data extern C:\MCC18\v3_39\src\traditional\math\aarg.asm<br> __AARGB2 0x000027 data extern C:\MCC18\v3_39\src\traditional\math\aarg.asm<br> __AARGB1 0x000028 data extern C:\MCC18\v3_39\src\traditional\math\aarg.asm<br> __AARGB0 0x000029 data extern C:\MCC18\v3_39\src\traditional\math\aarg.asm<br> __AEXP 0x00002a data extern C:\MCC18\v3_39\src\traditional\math\aarg.asm<br> __BARGB3 0x00002b data extern C:\MCC18\v3_39\src\traditional\math\barg.asm<br> __BARGB2 0x00002c data extern C:\MCC18\v3_39\src\traditional\math\barg.asm<br> __BARGB1 0x00002d data extern C:\MCC18\v3_39\src\traditional\math\barg.asm<br> __BARGB0 0x00002e data extern C:\MCC18\v3_39\src\traditional\math\barg.asm<br> __BEXP 0x00002f data extern C:\MCC18\v3_39\src\traditional\math\barg.asm<br> __TEMPB3 0x000030 data extern C:\MCC18\v3_39\src\traditional\math\temparg.asm<br> __TEMPB2 0x000031 data extern C:\MCC18\v3_39\src\traditional\math\temparg.asm<br> __TEMPB1 0x000032 data extern C:\MCC18\v3_39\src\traditional\math\temparg.asm<br> __TEMPB0 0x000033 data extern C:\MCC18\v3_39\src\traditional\math\temparg.asm<br> __TEMP 0x000033 data extern C:\MCC18\v3_39\src\traditional\math\temparg.asm<br> DelayCounter1 0x000034 data extern C:\MCC18\v3_39\src\traditional\delays\delayd1.asm</font></div><div><div><font face="Andale Mono" size="2"> ovms_firmware 0x000060 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_linevoltage 0x000063 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_chargecurrent 0x000065 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_chargelimit 0x000066 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_chargeduration 0x000067 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_chargestate 0x000069 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_chargesubstate 0x00006a data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_chargemode 0x00006b data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_charge_b4 0x00006c data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_chargekwh 0x00006d data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_doors1 0x00006e data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_doors2 0x00006f data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_doors3 0x000070 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div><div><font face="Andale Mono" size="2"> car_doors4 0x000071 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font></div></div><font face="Andale Mono" size="2"> car_lockstate 0x000072 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_speed 0x000073 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_SOC 0x000074 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_idealrange 0x000075 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_estrange 0x000077 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_time 0x000079 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_parktime 0x00007d data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_ambient_temp 0x000081 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_vin 0x000082 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_tpem 0x000094 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_tmotor 0x000095 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_tbattery 0x000096 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_tpms_t 0x000097 data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_tpms_p 0x00009b data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c<br> car_trip 0x00009f data extern /Users/mark/Documents/vm shared/ovms/Open-Vehicle-Monitoring-System/vehicle/OVMS.X/ovms.c</font><div><span style="font-family: 'Andale Mono'; font-size: small; ">...</span></div></blockquote></div><div><br></div><div>The firmware version number is right at the start, so that would explain why I'm seeing it overwritten. It is the most vulnerable.</div><div><br></div><div>As you can see, tpms is a little further down.</div><div><br></div><div>The net buffers are much later.</div><div><br></div><div>Data usage summary is:</div><div><br></div><div><blockquote style="margin: 0 0 0 40px; border: none; padding: 0px;"><div><div><font face="Andale Mono" size="2"> Section Info</font></div><div><font face="Andale Mono" size="2"> Section Type Address Location Size(Bytes)</font></div><div><font face="Andale Mono" size="2"> --------- --------- --------- --------- ---------</font></div></div><div><div><font face="Andale Mono" size="2"> .idata_ovms.o idata 0x000060 data 0x000069</font></div><div><font face="Andale Mono" size="2"> .idata_vehicle.o idata 0x0004d8 data 0x000028</font></div><div><font face="Andale Mono" size="2"> .idata_net.o idata 0x0005c8 data 0x00002c</font></div><div><font face="Andale Mono" size="2"> .idata_vehicle_twizy.o idata 0x0007e8 data 0x000014</font></div><div><font face="Andale Mono" size="2"> SEED_DATA idata 0x0007fc data 0x000002</font></div><div><font face="Andale Mono" size="2"> .idata_led.o idata 0x0008c7 data 0x000005</font></div><div><font face="Andale Mono" size="2"> .idata_stokpr.o idata 0x0008cc data 0x000002</font></div><div><font face="Andale Mono" size="2"> .idata_diag.o idata 0x000900 data 0x0000b9</font></div><div><font face="Andale Mono" size="2"> .idata_net_sms.o idata 0x000a5e data 0x00005d</font></div><div><font face="Andale Mono" size="2"> .idata_net_msg.o idata 0x000abb data 0x000045</font></div><div><font face="Andale Mono" size="2"> .idata_crypt_md5.o idata 0x000b00 data 0x000040</font></div></div><div><div><font face="Andale Mono" size="2"> MATH_DATA udata 0x000020 data 0x000014</font></div><div><font face="Andale Mono" size="2"> DELAYDAT1 udata 0x000034 data 0x000001</font></div><div><font face="Andale Mono" size="2"> .udata_ovms.o udata 0x0000c9 data 0x00002d</font></div><div><font face="Andale Mono" size="2"> .udata_c018i.o udata 0x0000f6 data 0x00000a</font></div><div><font face="Andale Mono" size="2"> TX_CRYPTO udata 0x000100 data 0x000100</font></div><div><font face="Andale Mono" size="2"> RX_CRYPTO udata 0x000200 data 0x000100</font></div><div><font face="Andale Mono" size="2"> PM_CRYPTO udata 0x000300 data 0x000100</font></div><div><font face="Andale Mono" size="2"> .udata_crypt_hmac.o udata 0x000400 data 0x0000d8</font></div><div><font face="Andale Mono" size="2"> NETMSG_SP udata 0x000500 data 0x0000c8</font></div><div><font face="Andale Mono" size="2"> .udata_crypt_base64.o udata 0x0005f4 data 0x000008</font></div><div><font face="Andale Mono" size="2"> .udata_net.o udata 0x0005fc data 0x000003</font></div><div><font face="Andale Mono" size="2"> .udata_led.o udata 0x0005ff data 0x000001</font></div><div><font face="Andale Mono" size="2"> NETBUF_SP udata 0x000600 data 0x0000c8</font></div><div><font face="Andale Mono" size="2"> .udata_net_msg.o udata 0x0006c8 data 0x000026</font></div><div><font face="Andale Mono" size="2"> .udata_vehicle.o udata 0x0006ee data 0x000012</font></div><div><font face="Andale Mono" size="2"> NETBUF udata 0x000700 data 0x0000c8</font></div><div><font face="Andale Mono" size="2"> .udata_params.o udata 0x0007c8 data 0x000020</font></div><div><font face="Andale Mono" size="2"> .udata_vehicle_twizy.o udata 0x0007fe data 0x000002</font></div><div><font face="Andale Mono" size="2"> .udata_UARTIntC.o udata 0x000800 data 0x0000c7</font></div><div><font face="Andale Mono" size="2"> .udata_crypt_md5.o udata 0x0009b9 data 0x000040</font></div><div><font face="Andale Mono" size="2"> .udata_net_sms.o udata 0x0009f9 data 0x000007</font></div><div><font face="Andale Mono" size="2"> vehicle_overlay_data udata 0x000a00 data 0x00005e</font></div><div><font face="Andale Mono" size="2"> .stack udata 0x000c00 data 0x000100</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED0 udata 0x000d60 data 0x00000c</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED1 udata 0x000d70 data 0x00000c</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED2 udata 0x000d80 data 0x00000c</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED3 udata 0x000d90 data 0x000004</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED4 udata 0x000dd4 data 0x000002</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED5 udata 0x000dd8 data 0x000001</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED6 udata 0x000de0 data 0x000008</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED7 udata 0x000df0 data 0x000004</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED8 udata 0x000df8 data 0x000001</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED9 udata 0x000dfa data 0x000001</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED10 udata 0x000dfc data 0x000001</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED11 udata 0x000e20 data 0x000060</font></div><div><font face="Andale Mono" size="2"> SFR_BANKED12 udata 0x000f00 data 0x000060</font></div><div><font face="Andale Mono" size="2"> SFR_UNBANKED0 udata 0x000f60 data 0x000018</font></div><div><font face="Andale Mono" size="2"> SFR_UNBANKED1 udata 0x000f80 data 0x000080</font></div></div></blockquote></div><div><br></div><div>Interestingly, you can see you 0x100 byte stack.</div><div><br></div><div>Still looking, but I reckon the problem is more likely to be sprintf() or library based than our net / net_msg / sms handlers.</div><div><br></div><div>Regards, Mark.</div><div><br><div><div>On 20 Dec, 2012, at 9:42 AM, Mark Webb-Johnson <<a href="mailto:mark@webb-johnson.net">mark@webb-johnson.net</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><br></div>Micheal,<div><br></div><div>My 49,51,51 is 0x31, 0x33, 0x33 - or "1", "3", "3" - similar to your 0x30 "0".</div><div><br></div><div>The base64 stuff in net_msg and net comms is mostly lower and uppercase letters. We see ascii encoded numbers in VINs and GPS mostly (but I am using the car's GPS and you are using the ovms module's GPS). Anywhere else we'd expect to see long strings of ascii encoded numbers?</div><div><br></div><div>Or, perhaps, sprintf() somewhere is going crazy and printing numbers?</div><div><br></div><div>Regards, Mark.</div><div><br><div><div>On 20 Dec, 2012, at 9:29 AM, Mark Webb-Johnson wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><meta http-equiv="Content-Type" content="text/html charset=utf-8"><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Michael,<div><br></div><div>I think our revisions overlapped. I'd just merged in all your previous changes, plus documentation and server code updates.</div><div><br></div><div>I did make some minor layout fixes (where the indentation was wrong - I think you are using 4 spaces, or perhaps tabs, where the rest of the project uses 2). I also added your pseudo-command #6 to the protocol document.</div><div><br></div><div>Can you merge in my changes, then re-push yours? I'd like to get this v2 branch complete today and merge back into master tonight (my time).</div><div><br></div><div>Going forward, do you still want to maintain and work off your clone, or would it be easier if I just gave you write access to the main project? Your contributions are so helpful and good, that there is little I am having to do other than just accept them :-)</div><div><br></div><div>For the watchdog reboot and occasional ram trashing, I too suspect the NET, NET_MSG or SMS code. It is the only place where things are externally controlled to result in variable length strings. I did review it a while ago, but didn't see anything obvious. The other possibility is sprintf() elsewhere in the code (such as STAT).</div><div><br></div><div>Running v2.1.1 in my car, I have seen the firmware version go bizarre about a month ago:</div><div><br></div><div><blockquote style="margin: 0 0 0 40px; border: none; padding: 0px;">2012-11-21 07:32:06.388834 -0500 info main: #74 C EV915 rx msg F 2.1.1/V2,SFZRE8B15B3000569,1,1,TR2N,3(2G)<br>2012-11-21 07:34:58.845568 -0500 info main: #61 C EV915 rx msg F 49.51.51/V2,SFZRE8B15B3000569,1,1,TR2N,3(2G)</blockquote></div><div><br></div><div>That is a sprintf().</div><div><br></div><div>Regards, Mark.</div><div><br><div><div>On 20 Dec, 2012, at 9:13 AM, Michael Balzer <<a href="mailto:dexter@expeedo.de">dexter@expeedo.de</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type">
<div bgcolor="#FFFFFF" text="#000000">
Mark,<br>
<br>
I've rewritten all my sprintf() calls now. I introduced a new
general string utils family to ease avoiding sprintf(), see my utils
module addition.<br>
<br>
I've had no garbled strings since and can now fetch all my history
rows from the server, so it had some positive effect.<br>
<br>
But the watchdog timeout reboots still occur, they still
occasionally trash variables and I once still got the STKUNF flag
from the reboot. That feels like some uninitialised pointer or
writing beyond array / string bounds. I'm about to review the basic
net code, if you've got an idea where to look first, tell me.<br>
<br>
An example of the RAM trashing can still be seen on the server: MP-0
W17.4,8,17.4,8,17.4,8,17.4,8,-1<br>
When that occured, a lot of other data was displayed wrong as well.<br>
The TPMS vars never get written to by the twizy module. The values
17.4 & 8 mean both car_tpms arrays had been filled completely
with 0x30 or '8'. Does that ring a bell?<br>
<br>
Regards,<br>
Michael<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">Am 18.12.2012 02:39, schrieb Mark
Webb-Johnson:<br>
</div>
<blockquote cite="mid:86ED4BD2-42C3-4F65-8279-40A4B22E2199@webb-johnson.net" type="cite">
<div><br>
</div>
In general, I try to minimise stack and ram usage on the small
PICs.
<div><br>
</div>
<div>Early on in OVMS, we had a bunch of local variables, and some
were quite large. We were getting all sorts of random weird
behavior (reboots, corrupt messages, etc). Since we changed to
global variables, and very limited use of stacked function calls
and local variables, things have been much better.</div>
<div><br>
</div>
<div>I agree that a large sprintf may be the cause of your
problems. Can you try to change to itoa() and strcat(), to see
if it makes an impact?</div>
<div><br>
</div>
<div>Regards, Mark.</div>
<div><br>
<div>
<div>On 18 Dec, 2012, at 8:05 AM, Michael Balzer wrote:</div>
<br class="Apple-interchange-newline">
<blockquote type="cite">
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type">
<div bgcolor="#FFFFFF" text="#000000"> Mark,<br>
<br>
the client_app.pl hint was good, I had not recognized that
as a server query utility yet.<br>
<br>
I removed the comma (misread the draft) and can now see my
H entries. However, that lead me back to my assumed
connectivity issue:<br>
<br>
MP-0 c31,0,2,6,RT�PWR-BattCell,1,1,76,2012-12-17
23:18:43,2012-12-17 23:18:43<br>
MP-0 c31,0,3,6,RT-PWR-BattCell,14,16,1215,2012-12-17
23:13:11,2012-12-17 23:18:43<br>
MP-0 c31,0,4,6,RT-PWR-BattC�ll,1,1,65,2012-12-17
23:18:43,2012-12-17 23:18:43<br>
MP-0 c31,0,5,6,RT-PWR-BattPack,1,2,202,2012-12-17
23:13:11,2012-12-17 23:18:43<br>
MP-0 c31,0,6,6,RT-PWR-Usag,1,1,45,2012-12-17
23:13:11,2012-12-17 23:13:11<br>
<br>
This C31 result shows all kinds of garbled chars in my
module's messages, and even a truncation on
"RT-PWR-UsageStats" (also missing parts on the data blob
on that one).<br>
<br>
Now that's a bit odd and most probably cannot be connected
to a GPRS link failure -- as that would not garble single
bytes in a TCP connection.<br>
<br>
I could fix some similar output problems in DIAG mode more
than once by reducing complex sprintf() calls, so I
searched for C18 sprintf() stack usage and found nothing
concrete, but many warnings about very high stack usage of
the whole printf family, plus advice not to use them at
all on small embedded systems. One source mentioned
sprintf() will need 70+ bytes stack for a simple integer
template.<br>
<br>
I also have read a bit into the C18 software stack
management and found my previous assumption to be correct:
it's currently fixed to bank 12 (0xC00), so provides 256
bytes for any kind of parameter + local vars combination.
I think sprintf() on a 256 byte stack could well be a
source of problems... and stack overruns can produce weird
effects, as those above. I think about rewriting all my
sprintf calls to itoa/ltoa/ultoa, but find it strange they
did no harm up to now, even with complex templates as in
net_msgp_environment(). Or maybe they did, unrecognized?<br>
<br>
Do you have some other info on C18 sprintf()? I'd rather
avoid recoding every output without sprintf(), but that's
my best bet currently...<br>
<br>
Regards,<br>
Michael<br>
<br>
</div>
</blockquote>
</div>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Michael Balzer * Paradestr. 8 * D-42107 Wuppertal
Fon 0202 / 272 2201 * Handy 0176 / 206 989 26
</pre>
</div>
<span><dexter.vcf></span>_______________________________________________<br>OvmsDev mailing list<br><a href="mailto:OvmsDev@lists.teslaclub.hk">OvmsDev@lists.teslaclub.hk</a><br><a href="http://lists.teslaclub.hk/mailman/listinfo/ovmsdev">http://lists.teslaclub.hk/mailman/listinfo/ovmsdev</a><br></blockquote></div><br></div></div></blockquote></div><br></div></div>_______________________________________________<br>OvmsDev mailing list<br><a href="mailto:OvmsDev@lists.teslaclub.hk">OvmsDev@lists.teslaclub.hk</a><br>http://lists.teslaclub.hk/mailman/listinfo/ovmsdev<br></blockquote></div><br></div></body></html>