"how to hunt UB" -> I'd start with auditing your unsafe code within the project, then auditing the unsafe code of any of your deps.

It might be valuable to:

* load the firmware
* take a dump of the entire flash (A)
* start the command, let it hang when it should have erased but not written
* take a dump of the entire flash (B)
* reload the firmware, don't start the erase+write
* take a dump of the entire flash (C)

Then take a binary diff of A->B and B->C. Ensure what is happening is expected. This might be worth repeating for the "working" and "not working" builds. Particularly note if you cross important flash addresses like sectors in the flash.