Skip to content

fix(0x11): send ECUReset positive response before performing the reset#82

Merged
w1ne merged 2 commits into
developfrom
fix/issue76-reset-response-ordering
Jun 22, 2026
Merged

fix(0x11): send ECUReset positive response before performing the reset#82
w1ne merged 2 commits into
developfrom
fix/issue76-reset-response-ordering

Conversation

@w1ne

@w1ne w1ne commented Jun 22, 2026

Copy link
Copy Markdown
Owner

Closes #76.

Bug

ISO 14229-1 (ECUReset) requires:

The ECUReset positive response message (if required) shall be sent before the reset is executed in the server(s).

The handler did the reverse — it called fn_reset() first, then built and sent the 0x51 response:

/* Process Reset */
if (ctx->config->fn_reset) {
    ctx->config->fn_reset(ctx, sub);   /* reboots the MCU here, never returns */
}
...
return uds_send_response(ctx, 2u);     /* unreachable on real hardware */

On a real ECU, fn_reset performs the actual reset (e.g. NVIC_SystemReset()) and never returns, so the positive response was never put on the wire and the tester saw no answer.

Fix

Reorder: emit the positive response (or honour suppressPosRsp), then call fn_reset(). The 0x51 reply is 2 bytes (single ISO-TP frame) so it is fully handed to transport synchronously before the reset is performed.

Test

Added test_ecu_reset_response_sent_before_reset: local transport and reset callbacks stamp a shared monotonic counter; the test asserts send_order < reset_order (and the 0x51 01 payload). Fails before the fix, passes after.

Verification

  • New regression test: red before, green after
  • Full suite: 100% tests passed, 0 tests failed out of 59
  • clang-format 18 --dry-run --Werror (CI Docker image) clean across src include examples and the test file

Note

This is the response-ordering defect. The related stuck-suppressPosRsp leak (next service after a 0x11 0x81 getting silently suppressed) is fixed separately in #81 — it lives in uds_core.c dispatch, so the two changes touch different files and don't conflict.

w1ne added 2 commits June 22, 2026 14:10
@w1ne
fix(0x11): send ECUReset positive response before performing the reset
5c34cd6 
ISO 14229-1 (ECUReset): "The ECUReset positive response message (if required)
shall be sent before the reset is executed in the server(s)." The handler did
the opposite — it called fn_reset() first and only then built and sent the
0x51 response. On real hardware fn_reset reboots the MCU and never returns, so
the response was never transmitted and the tester saw no answer.

Reorder so the positive response (or suppressPosRsp handling) is emitted first,
then fn_reset() is invoked. Add a regression test that stamps a monotonic
counter from the transport and reset callbacks and asserts the response is sent
strictly before the reset.

Closes #76
@w1ne
Merge remote-tracking branch 'origin/develop' into fix/issue76-reset-…
3292746 
…response-ordering

# Conflicts:
#	tests/unit/test_service_11.c
@w1ne w1ne merged commit 1d5ef73 into develop Jun 22, 2026
6 checks passed
This was referenced Jun 22, 2026
Merged
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0x11 ecu_reset function still have error bug, please fix it

1 participant

@w1ne