Comments (11)
int tos_mqtt_receive(char *topic, int topic_len, unsigned char *payload, int payload_len)
{
unsigned char buffer[BUFFER_LEN];
这里在函数栈上定义了一个256个字节的buffer,可能会导致栈溢出,建议在此buffer前加上static修饰一下,然后观察现象是否依旧存在,有问题继续交流。
from tobudos.
将buffer前加上static之后,还是会硬复位,只是长度变成了256数组被溢出,BUFFER_LEN的长度就是被定为了256,我的payload_len也是256(这个大小应该足够了)
#define BUFFER_LEN 256
`int tos_mqtt_receive(char *topic, int topic_len, unsigned char *payload, int payload_len)
{
int topic_copy_len, qos;
unsigned char dup, retained;
unsigned short packet_id;
unsigned char *incoming_data;
int incoming_data_len, payload_copy_len;
MQTTString incoming_topic;
static unsigned char buffer[BUFFER_LEN];
if (MQTTPacket_read(buffer, sizeof(buffer), transport_getdata) != PUBLISH) {
return -1;
}
if (MQTTDeserialize_publish(&dup, &qos, &retained, &packet_id,
&incoming_topic, &incoming_data, &incoming_data_len,
buffer, sizeof(buffer)) != 1) {
return -1;
}
if (payload) {
payload_copy_len = incoming_data_len < payload_len ? incoming_data_len : payload_len;
printf("copy_len:%d\n",payload_copy_len);
memcpy(payload, incoming_data, payload_copy_len);
}
if (topic) {
topic_copy_len = incoming_topic.lenstring.len < topic_len ? incoming_topic.lenstring.len : topic_len;
strncpy(topic, incoming_topic.lenstring.data, topic_copy_len);
if (topic_copy_len <= topic_len - 1) {
topic[topic_copy_len] = '\0';
}
}
return incoming_data_len;
}
`
出错LOG:
[10:52:43.387]收←◆V:len_1:27
[10:52:43.430]收←◆V:len_1:11
V:copy_len:256
E:System HardFault!
I:Reset!
I:==============================
I: HELLO WORLD
I:==============================
I:--------SYSTEM RESET STATE CHECK--------
E:System Software reset
from tobudos.
你log里len_1是什么含义
from tobudos.
顺便在copy_len那里把incoming_data_len也打印出来
from tobudos.
len_1是消息的模块接收从服务器过来的数据长度,从LOG看数据已经接收到,总共是38个字节,我copy_len打印的就是incoming_data_len,payload_len是传入的固定参数256,incoming_data_len正确应该是3,但解析出来的长度对不上
from tobudos.
你copy_len打印的是运算后的长度,我是想让你把没运算前mqtt的协议栈deserialize出来的长度打印出来。
from tobudos.
修改代码:
`int tos_mqtt_receive(char *topic, int topic_len, unsigned char *payload, int payload_len)
{
int topic_copy_len, qos;
unsigned char dup, retained;
unsigned short packet_id;
unsigned char *incoming_data;
int incoming_data_len, payload_copy_len;
MQTTString incoming_topic;
static unsigned char buffer[BUFFER_LEN];
if (MQTTPacket_read(buffer, sizeof(buffer), transport_getdata) != PUBLISH) {
return -1;
}
printf("in_len_1:%d\n",incoming_data_len);//运算前
if (MQTTDeserialize_publish(&dup, &qos, &retained, &packet_id,
&incoming_topic, &incoming_data, &incoming_data_len,
buffer, sizeof(buffer)) != 1) {
return -1;
}
if (payload) {
payload_copy_len = incoming_data_len < payload_len ? incoming_data_len : payload_len;
printf("in_len_2:%d\n",incoming_data_len);//运算后
memcpy(payload, incoming_data, payload_copy_len);
}
if (topic) {
topic_copy_len = incoming_topic.lenstring.len < topic_len ? incoming_topic.lenstring.len : topic_len;
strncpy(topic, incoming_topic.lenstring.data, topic_copy_len);
if (topic_copy_len <= topic_len - 1) {
topic[topic_copy_len] = '\0';
}
}
return incoming_data_len;
}`
正常LOG:
V:data_len:38
V:in_len_1:-1410436952
V:mqtt publish ok:len 3
V:AppLin: Clear...
V:in_len_2:3
I:mqtt publish:ext
V:---------->topic: vehicle/541235795641023/control, payload: 020301, payload_len: 3
复位前LOG:
V:data_len:38
[14:53:44.737]收←◆V:data_len:38
[14:53:44.780]收←◆V:mqtt publish ok:len 3
I:mqtt publish:ext
V:AT CMD:
AT+CIPSEND=0,40
V:Got host: 0x90
V:AppLin: Clear...
V:in_len_1:-1410436952
V:AppLin: Clear...
V:in_len_2:3
V:---------->topic: vehicle/541235795641023/control, payload: 020302, payload_len: 3
V:in_len_1:-1410436952
V:in_len_2:-1410436952
I:==============================
I: HELLO WORLD
I:==============================
I:--------SYSTEM RESET STATE CHECK--------
E:System Software reset
from tobudos.
你在这个地方打印in_len_1只可能是随机值吧,你应该是MQTTDeserialize_publish之后打印
from tobudos.
V:in_len_1:-1410436952//运算前
V:in_len_2:-1410436952//运算后
看代码,两个都已经打印出来了。
1.现在测试只是把服务器的发送速率加快,而且报错的时候,payload_copy_len的值为负数或者256,出现的时候消息肯定是无法成功解析的;
2.从模块的发送串口数据的时间间隔来看,出现这种问题的时候大多是模块的串口数据无间隔的发送过来(内存是足够的,数据格式是正确的);
3.复现的方法就是加快服务器数据的发送(时间间隔100-200ms),本地接收到一帧后响应发送一帧消息,执行一段时间很容易复现。
4.现在我在长度解析不正确的时候返回,可以规避硬复位,但是我想知道长度解析失败的原因。
from tobudos.
我是说,你打印的“运算前 in_len_1”的解析长度根本没有意义,是个随机值。in_len_2是经过运算后的,我想知道的是MQTTDeserialize_publish这个接口调用后,incoming_data_len的值是多少。
from tobudos.
你这里应该是用的at框架操作的4G模组?如果是AT框架,得确定一下AT框架中的buffer缓冲是否太短,如果服务器很高频率的发送数据,或者数据一次回的比较大,可能会导致AT框架里的buffer不够放服务器回的数据。
from tobudos.
Related Issues (20)
- TentcentOS是否支持15.4或ble通信
- 在nrf52840上开发TencentOS HOT 1
- 请问OTA是否只能差分升级,可以全量包升级吗 HOT 1
- 建议内核类型中新增布尔类型定义k_bool_t HOT 1
- explorer sdk中单个事件的json不对 HOT 1
- 在使用tickless时,发生了其他中断如何做时间补偿
- tos_vfs_readdir代码有错误
- KV组件在设备上跑了半个月,偶现bug需check HOT 1
- tos_fault.c 编译出错 HOT 2
- 关于TencentOS-tiny ota_diff ring =1 时的patch_test 错误 HOT 1
- TencentOS Tiny 捐赠开放原子开源基金会后第一次导师会议纪要
- cortex-m0+ 是arm-v6m架构但被分在了arm-v7m里
- 接收的消息同时含有期望的字符串和“OK”时,at_echo->__expect_notify还没来得及获取,at_echo->status = AT_ECHO_STATUS_EXPECT;就立马有被任务“at_parser”更新成at_echo->status = AT_ECHO_STATUS_OK; HOT 3
- NUCLEO-H723ZG调用osDelay()会进入HardFault_Handler() HOT 3
- SAL层的AT架构好像不是线程安全的 HOT 2
- 是否有关于TencentOS-tiny较为完善的Log系统设计需求 HOT 1
- Driver_USBH.c文件中有大量函数为空,疑似缺失漏写,是否需要完善? HOT 1
- Tencentos-tiny是否支持C++ HOT 1
- How can I build a system with GUI and other kinds of senor, please tell me.
- 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tobudos.