How it Works
ST
Loading...
AN421
Application note
11 pgs89.42 Kb0
Table of contents
Loading...

ST AN421 Application note

Stack overflow detection using the ST9 timer/watchdog

1 Introduction

In real time applications, implementation of software protection is not always easy, but it is needed to reach a high level of security against software malfunction. This is particularly true for on-board applications in noisy environments, such as automotive, power meter or industrial applications.
To help avoid un-controlled operations and damage to real time systems due to any possible disturbance of the ST9 microcontroller core and I/O ports, a special peripheral acting as a watchdog is available on all ST9 family members: the Timer/Watchdog.
The periodic restarting of the Timer/Watchdog by the application software, associated with the automatic detection of any stack overflow, provide enhanced protection to real time application software.
This application note shows how to detect stack overflow by using the Timer/Watchdog in watchdog mode.
AN421
Application note
November 2011 Doc ID 2476 Rev 2 1/11
www.st.com
Contents AN421
Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
2 Stack overflow detection principle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1 Summary of timer/watchdog features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.2 Stack overflow detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3 Software description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.1 Stack initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.2 Timer/watchdog programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.3 Timer/Watchdog restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
5 Revision history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
2/11 Doc ID 2476 Rev 2
AN421 List of figures
List of figures
Figure 1. Example of stack overflow detection in register file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Figure 2. System stack initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Figure 3. Timer/watchdog initialization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Figure 4. Restarting the timer/watchdog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Doc ID 2476 Rev 2 3/11
Stack overflow detection principle AN421

2 Stack overflow detection principle

2.1 Summary of timer/watchdog features

The ST9 core includes a 16-bit down counter with an 8-bit prescaler capable of operating in watchdog mode. This timer, driven by a clock at a frequency of INTCLK divided by 4, is able to provide time periods within the range of 333 ns to 5.59 s (using a 12 MHz internal clock).
In watchdog mode, the Timer/Watchdog generates a fixed time base depending on the Timer/Watchdog registers and prescaler, and to INTCLK. This time base can be modified on the fly by changing the prescaler value. The new value will be taken into account only after an End Of Count event. In watchdog mode, the End Of Count occurrence generates a system reset.
In order to prevent the reset, the byte sequence AAh, 55h should be written into the Timer Watchdog register Low. Once the write of 55h has been performed, the timer reloads the prescaler register and the counting restarts from this value (the prescaler register value may be modified between two End Of Count events).
Note: 1 For a better understanding of this application note; please refer to the ST9 Technical Manual
chapter on the 16-bit programmable Timer/Watchdog.
2 INTCLK: Internal Clock. This clock issued from the oscillator circuitry, divided or not by 2, is
the ST9 Internal Clock driving the peripherals. The maximum frequency allowed for INTCLK is 12MHz.

2.2 Stack overflow detection

In many software applications, for example when running on ST9 ROMLESS versions or without external memory space, the size of the stack is limited.
On ST9 devices, the system stack may be located in the Register File or in data memory space. The ST9 stack pointer moves from the top to the bottom of the stack area.
A solution to detect stack overflow is to reserve the first two bytes after the bottom of the stack and to store in these locations the Timer Watchdog restart value, AAh, 55h.
In the case of stack overflow, the data will be overwritten and thus destroyed and a system reset will be generated on the next Timer Watchdog End Of Count.
4/11 Doc ID 2476 Rev 2
Loading...
+ 7 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use