• State Not Answered
  • Replies 11 replies
  • Subscribers 73 subscribers
  • Views 3274 views
  • Users 0 members are here
Attachments (4) Download All
Nordic Case Info
  • Case ID: 248887
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Max number of Report ID for HID over GATT (Custom Generic HID over GATT)

Jose Pablo Castro Valverde

Hi everybody,

I been experimenting with the HID over GATT example (mouse), and I am trying to use more than 3 report IDs.
When I used only 3 there's no problem.

But when I tried 4, the project compiled and run, but the descriptor is not properly passed to the host (I am using wireshark to validate the packets transactions).

There is any limit of the numbers of reports id it's possible to use in the current implementation? (I am using SDK 16.0)

It's that the case then, it is possible to have more than one BLE_HIDS_DEF instance running concurrently?

I really need more than 3 report ids.

P.S: I already tried to change this:
...
err_code = sd_ble_gap_appearance_set(BLE_APPEARANCE_GENERIC_HID);
...

but the problem persist.

Thanks and Best Regards,

Parents
  • 0

    Hi Jose

    There shouldn't be a limit on the number of different reports, but when doing HID over GATT the size of the report descriptor is limited by the maximum size of a BLE attribute, which is 512 bytes. 

    Can you confirm whether or not your descriptor is larger or smaller than this?

    Best regards
    Torbjørn

  • 0 in reply to ovrebekk

    Hi,
    I resolved that problem. I just need more memory.
    I change the NRF_SDH_BLE_GATTS_ATTR_TAB_SIZE on the sdk_config.h and update the Segger Embedded Studio project file so the memory map now is this:
    linker_section_placement_macros="FLASH_PH_START=0x0;FLASH_PH_SIZE=0x100000;RAM_PH_START=0x20000000;RAM_PH_SIZE=0x40000;FLASH_START=0x27000;FLASH_SIZE=0xd9000;RAM_START=0x200032e0;RAM_SIZE=0x3cd20"

    Now it allow more than 3 report id. But, I found a couple of more problem.
    The first was the inp_rep_array[],m for some reason reset part of its value. Don't knwo why.

    I solved it declaring inp_rep_array[] as a global static variable and initialized in a header file like this:
    static ble_hids_inp_rep_init_t inp_rep_array[] =
    {
    {//Index 0
    .max_len = INPUT_REP_MOUSE_LEN
    , .rep_ref.report_id = HID_REP_MOUSE_ID
    , .rep_ref.report_type= BLE_HIDS_REP_TYPE_INPUT
    , .sec.cccd_wr = SEC_JUST_WORKS
    , .sec.wr = SEC_JUST_WORKS
    , .sec.rd = SEC_JUST_WORKS
    }
    ,{//Index 1
    .max_len = INPUT_REP_JOYSTICK_LEN
    , .rep_ref.report_id = HID_REP_JOYSTICK_ID
    , .rep_ref.report_type= BLE_HIDS_REP_TYPE_INPUT
    , .sec.cccd_wr = SEC_JUST_WORKS
    , .sec.wr = SEC_JUST_WORKS
    , .sec.rd = SEC_JUST_WORKS
    }
    ,{//Index 2
    .max_len = INPUT_REP_MULTI_AXIS_LEN
    , .rep_ref.report_id = HID_REP_MULTI_AXIS_ID
    , .rep_ref.report_type= BLE_HIDS_REP_TYPE_INPUT
    , .sec.cccd_wr = SEC_JUST_WORKS
    , .sec.wr = SEC_JUST_WORKS
    , .sec.rd = SEC_JUST_WORKS
    }
    ,{//Index 3
    .max_len = INPUT_REP_3D_DIGITIZER_LEN
    , .rep_ref.report_id = HID_REP_3D_DIGITIZER_ID
    , .rep_ref.report_type= BLE_HIDS_REP_TYPE_INPUT
    , .sec.cccd_wr = SEC_JUST_WORKS
    , .sec.wr = SEC_JUST_WORKS
    , .sec.rd = SEC_JUST_WORKS
    }
    #ifdef USE_OUTPUT_REPORT
    ,{//Index 4
    .max_len = INPUT_REP_CONTROL_LEN
    , .rep_ref.report_id = HID_REP_CONTROL_ID
    , .rep_ref.report_type= BLE_HIDS_REP_TYPE_INPUT
    , .sec.cccd_wr = SEC_JUST_WORKS
    , .sec.wr = SEC_JUST_WORKS
    , .sec.rd = SEC_JUST_WORKS
    }
    #endif
    };

    Now I am trying to use the output report so I can send packets to the nRF52840 using the report id 5.

    I am debugging with wireshark and the segger studio.

    I found this. The m_hids.rep_map_handles.value is set as 0x002d but the wireshark indicates that the host (GNU/Linus Ubuntu 18.04) is asking for the report map on the handle 0x0026 and its getting zeros:


    I kept looking with the segger debugger but I hit a wall in this function called :


    SVCALL(SD_BLE_GATTS_CHARACTERISTIC_ADD, uint32_t, sd_ble_gatts_characteristic_add(uint16_t service_handle, ble_gatts_char_md_t const *p_char_md, ble_gatts_attr_t const *p_attr_char_value, ble_gatts_char_handles_t *p_handles));

    I am assuming that call for the SoftDevice S140 v7.0.1, and that is a black box, so I can't continue debugging.

    I also tried the ble_his_keyboard example using the hex file that comes with the SDK 16.0.0 without changing anything and the wireshark indicates exactly the same behavior. 

    My conclusion: The O.S (bluez driver probably), it's asking for the report map using the handle 0x0026 but the nRF52840 have that information on the handle 0x002d and for that reason the OS is getting zeros instead of the report map descriptor.

    I recommend experiment with the ble_hids_keyboard example on GNU/Linux Ubuntu 18.04 with wireshark to reproduce the error and try to find the bug. 

    I have worked as Verification and Validation engineer for pre-silicon (Verilog, System Verilog, E), so, debugging and find bugs is like my second nature.

    Let me know if there's anything I can change on the source code, even the SDK, so I can continue developing. 

    Have fun tracing that bug. (It also could be a bug on the OS/diver instead of the SoftDevice)

    Thanks and Best Regards,

    Jose Pablo,

    P.S: I attached the wireshark packets captured and the kernel logging messages related to the Nordir Keyboard Example that failed to pass the report map.
    I used the hex file that come with the SDK 16.0.0 ble_app_hids_keyboard_pca10056_s140.hex

    Fullscreen Nordic_Keyboard_Example_Kernel_log.txt Download 
    May  5 15:54:22 El-Shaddai kernel: [ 2613.935503] hid-generic 0005:1915:EEEE.0004: item fetching failed at offset -118354475
May  5 15:54:22 El-Shaddai kernel: [ 2613.935515] hid-generic: probe of 0005:1915:EEEE.0004 failed with error -22
May  5 15:54:27 El-Shaddai kernel: [ 2618.053971] Bluetooth: hci0: last event is not cmd complete (0x0f)
May  5 15:54:43 El-Shaddai kernel: [ 2634.056991] Bluetooth: hci0: last event is not cmd complete (0x0f)
May  5 15:54:59 El-Shaddai kernel: [ 2650.058013] Bluetooth: hci0: last event is not cmd complete (0x0f)
May  5 15:55:15 El-Shaddai kernel: [ 2666.069050] Bluetooth: hci0: last event is not cmd complete (0x0f)
May  5 15:55:31 El-Shaddai kernel: [ 2682.061058] Bluetooth: hci0: last event is not cmd complete (0x0f)
    Nordic_Keyboard_Example.pcapng

  • 0 in reply to Jose Pablo Castro Valverde

    Hi Jose

    Thanks for sharing your results. 

    I will ask one of my more Linux proficient colleagues if this is a known issue. 

    Do you know which version of bluez you are running in Ubuntu 18.04?

    Best regards
    Torbjørn

  • 0 in reply to ovrebekk

    Hi Ovrebekk.
    This is what it says synaptic

    I hope it will be useful.

    Keep me posted if this is a know issue.

    Meanwhile I keep debugging on the VM. I already make it works with an open source driver. My Open 3D Mouse make Blender and FreeCAD rotate when I push a buttons. It still needs more debugging, but I am moving forward.

    Thanks and Best Regards,

    Jose

  • 0 in reply to ovrebekk

    Hi Ovrebekk.

    I got another question.

    I am trying to send a sequence of packets but I failed when I send more than 5 packets.

    There is any event or flag I should wait until send the next packets? 

    Thanks and Best Regards,

    Jose Pablo

  • 0 in reply to Jose Pablo Castro Valverde

    Hi Jose

    Did you check the return value of the send function?

    If the buffers in the stack fill up you will get a specific error code (NRF_ERROR_RESOURCES), and you need to wait for a TX complete event to occur before you can send more data. 

    Best regards
    Torbjørn

  • 0 in reply to ovrebekk

    I checked but it does not indicate any error.
    I am studying the keyboard example that used a buffer to avoid the stack to fill up.

    Any suggestion of how to do it?

    Thanks and best regards,

    Jose Pablo

Reply Children
Related
Terms of service