• State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 9 replies
  • Subscribers 63 subscribers
  • Views 198 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 325436
Options

nrf5340 ble secure fault

adunk

My setup is a custom board with a nrf5340 which acts as the BLE Central and SDK 2.6.99. When I use a 52833 DK as the peripheral which has the BAS service I can connect and pair using OOB pairing and receive the BAS notifications. But when I use the 5340 DK, right when the BLE connects I get a:

[00:00:05.810,882] <err> os: ***** SECURE FAULT *****
[00:00:05.810,913] <err> os: Address: 0x0
[00:00:05.810,913] <err> os: Attribution unit violation
[00:00:05.810,913] <err> os: r0/a1: 0x00000000 r1/a2: 0x00000001 r2/a3: 0x0 0000020
[00:00:05.810,943] <err> os: r3/a4: 0x20009d50 r12/ip: 0x20009880 r14/lr: 0x0 0008edb
[00:00:05.810,943] <err> os: xpsr: 0x21000000
[00:00:05.810,943] <err> os: Faulting instruction address (r15/pc): 0x0001b8a2
[00:00:05.810,974] <err> os: >>> ZEPHYR FATAL ERROR 41: Unknown error on CPU 0
[00:00:05.811,004] <err> os: Current thread: 0x20009638 (unknown)

I can't find any documentation on a SECURE FAULT. 

My settings:

CONFIG_LOG=y
CONFIG_GPIO=y
CONFIG_SERIAL=y
CONFIG_UART_INTERRUPT_DRIVEN=y
CONFIG_UART_LINE_CTRL=n

CONFIG_MODBUS=y
CONFIG_MODBUS_ROLE_SERVER=y

# Enable the BLE stack with GATT Client configuration
CONFIG_BT=y

# Enable the BLE stack with GATT Client configuration
CONFIG_BT_PRIVACY=n
CONFIG_BT_PERIPHERAL=y
CONFIG_BT_SMP=y
CONFIG_BT_SMP_APP_PAIRING_ACCEPT=y
#add support for BAS
CONFIG_BT_DIS=y
CONFIG_BT_BAS=y
CONFIG_HEAP_MEM_POOL_SIZE=2048
CONFIG_MAIN_STACK_SIZE=3072
# This example requires more workqueue stack
CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=2048

CONFIG_POLL=y

# Enable bonding
CONFIG_BT_SETTINGS=y
CONFIG_FLASH=y
CONFIG_FLASH_PAGE_LAYOUT=y
CONFIG_FLASH_MAP=y
CONFIG_NVS=y
CONFIG_SETTINGS=y

#enable comm between cores
CONFIG_BT_HCI_IPC=y
CONFIG_MBOX_NRFX_IPC=y
Parents
  • 0

    I have changed the dts from _ns to nrf5340dk_nrf5340_cpuapp.dts and am no longer seeing the SECURE FAULT to try to isolate it to whether it is a TFM issue.  Here's the new fault which occurs at exactly the same location when the BLE pairs:

    [00:00:06.844,848] <inf> ble_supv: Pairing completed: D1:3A:F6:65:C0:9C (random), bonded: 1

    [00:00:06.844,879] <err> os: ***** BUS FAULT *****
    [00:00:06.844,879] <err> os: Precise data bus error
    [00:00:06.844,909] <err> os: BFAR Address: 0x4559
    [00:00:06.844,909] <err> os: r0/a1: 0x00000000 r1/a2: 0x00000001 r2/a3: 0x00004559
    [00:00:06.844,909] <err> os: r3/a4: 0x20005988 r12/ip: 0x20001808 r14/lr: 0x00000edb
    [00:00:06.844,940] <err> os: xpsr: 0x21000000
    [00:00:06.844,940] <err> os: Faulting instruction address (r15/pc): 0x000138c6
    [00:00:06.844,970] <err> os: >>> ZEPHYR FATAL ERROR 25: Unknown error on CPU 0
    [00:00:06.845,001] <err> os: Current thread: 0x200015c8 (unknown)

Reply
  • 0

    I have changed the dts from _ns to nrf5340dk_nrf5340_cpuapp.dts and am no longer seeing the SECURE FAULT to try to isolate it to whether it is a TFM issue.  Here's the new fault which occurs at exactly the same location when the BLE pairs:

    [00:00:06.844,848] <inf> ble_supv: Pairing completed: D1:3A:F6:65:C0:9C (random), bonded: 1

    [00:00:06.844,879] <err> os: ***** BUS FAULT *****
    [00:00:06.844,879] <err> os: Precise data bus error
    [00:00:06.844,909] <err> os: BFAR Address: 0x4559
    [00:00:06.844,909] <err> os: r0/a1: 0x00000000 r1/a2: 0x00000001 r2/a3: 0x00004559
    [00:00:06.844,909] <err> os: r3/a4: 0x20005988 r12/ip: 0x20001808 r14/lr: 0x00000edb
    [00:00:06.844,940] <err> os: xpsr: 0x21000000
    [00:00:06.844,940] <err> os: Faulting instruction address (r15/pc): 0x000138c6
    [00:00:06.844,970] <err> os: >>> ZEPHYR FATAL ERROR 25: Unknown error on CPU 0
    [00:00:06.845,001] <err> os: Current thread: 0x200015c8 (unknown)

Children
  • 0 in reply to adunk

    Here's the updated fault that occurs after I'm told the pairing is complete.:

    [00:00:06.681,945] <inf> ble_supv: Regular advertising started

    [00:00:06.789,520] <inf> ble_supv: Connected
    [00:00:07.242,218] <inf> ble_supv: LESC OOB data requested

    [00:00:07.843,933] <inf> ble_supv: Pairing completed: D1:3A:F6:65:C0:9C (random) , bonded: 1

    [00:00:07.843,963] <err> os: ***** BUS FAULT *****
    [00:00:07.843,963] <err> os: Precise data bus error
    [00:00:07.843,963] <err> os: BFAR Address: 0x4559
    [00:00:07.843,994] <err> os: r0/a1: 0x00000000 r1/a2: 0x00000001 r2/a3: 0x0 0004559
    [00:00:07.843,994] <err> os: r3/a4: 0x20005988 r12/ip: 0x00000000 r14/lr: 0x0 0000edb
    [00:00:07.843,994] <err> os: xpsr: 0x21000000
    [00:00:07.843,994] <err> os: Faulting instruction address (r15/pc): 0x000138c6
    [00:00:07.844,024] <err> os: >>> ZEPHYR FATAL ERROR 25: Unknown error on CPU 0
    [00:00:07.844,085] <err> os: Current thread: 0x200015c8 (unknown)

    The pairing complete callback where the log statement occurs and the bus fault seems to occur:

    static void pairing_complete(struct bt_conn *conn, bool bonded)
    {
        char addr[BT_ADDR_LE_STR_LEN];

        bt_addr_le_to_str(bt_conn_get_dst(conn), addr, sizeof(addr));

        LOG_INF("Pairing completed: %s, bonded: %d\n", addr, bonded);

        k_poll_signal_raise(&pair_signal, 0);
        bt_le_oob_set_sc_flag(false);
        bt_le_oob_set_legacy_flag(false);
    }
Related