Code crash when changing BLE advertise data

Question

Hello,
we are developing a project solution where we want to pass data between multiple sensor devices using BLE advertising data.
For now, we have a test setup with two nrf52832dk boards and are using Zephyr with NCS 1.3.0.
Struct for advertising data looks like this:

static u8_t ble_adv_data[] = {0xff, 0xff, STATUS}; // BLE data state buffer
static const struct bt_data ad[] = {
	BT_DATA(BT_DATA_MANUFACTURER_DATA, ble_adv_data, 3),
	BT_DATA(BT_DATA_NAME_COMPLETE, DEVICE_NAME, DEVICE_NAME_LEN),
};

Code works as follows:
We have two threads, one for BLE and the second for logic processing.

Logic processing thread has different states (one byte) which we want to advertise through BLE.
BLE thread is switching between advertising and scanning:
Scanning triggers callback where we process any advertise data found, if proper data was received, we update the state through a function call (done with k_work to keep callback as light as possible)
When a device wants to advertise, it first gets the current state through a function call and updates the STATUS in the ble_adv_data struct above.

Scanning parameters:

const struct bt_le_scan_param scan_param = {
	.type = BT_HCI_LE_SCAN_PASSIVE,
	.options = BT_LE_SCAN_OPT_FILTER_DUPLICATE
	.interval = 10,								//(N * 0.625 = 60ms)
	.window = 10,
};

Advertising parameters:

const struct bt_le_adv_param adv_param = {
	.options = BT_LE_ADV_OPT_USE_IDENTITY,
	.interval_min = 800, //(800 * 0.625 = 500ms)
	.interval_max = 832, //(832 * 0.625 = 520ms)
	.peer = NULL,
};

The problem is that the code crashes with the following error:

[00:00:02.176,025] <err> os: ***** MPU FAULT *****
[00:00:02.176,025] <err> os:   Data Access Violation
[00:00:02.176,055] <err> os:   MMFAR Address: 0x0
[00:00:02.176,055] <err> os: r0/a1:  0x20001810  r1/a2:  0x00000000  r2/a3:  0x00000000
[00:00:02.176,055] <err> os: r3/a4:  0x00000000 r12/ip:  0x00000000 r14/lr:  0x0000c1f9
[00:00:02.176,055] <err> os:  xpsr:  0x21000021
[00:00:02.176,055] <err> os: Faulting instruction address (r15/pc): 0x0000c03c
[00:00:02.176,055] <err> os: >>> ZEPHYR FATAL ERROR 0: CPU exception on CPU 0
[00:00:02.176,086] <err> os: Fault during interrupt handling
[00:00:02.176,086] <err> os: Current thread: 0x200016bc (unknown)
[00:00:02.358,123] <err> fatal_error: Resetting system

This error happens frequently and on different locations in the code. Things we have tried:

all callbacks have as little code as possible and call work functions for processing
moved all operations to threads
increase thread stack size and priority
increase CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE
decrease and increase BLE advertise and scan frequency
the state variable is accessed through get and set functions and never directly
state variable has a semaphore
disabled logs and used printk directly

all with no results. How can we fix this crash?
Any general tips for debugging these kinds of errors are also appreciated.

Best regards,
Vojislav

Sigurd · Accepted Answer

Hi,

It could be that the main stack size is not big enough.

Try CONFIG_MAIN_STACK_SIZE=4096 or 8192

# Heap and stacks
CONFIG_HEAP_MEM_POOL_SIZE=16384
CONFIG_MAIN_STACK_SIZE=8192
CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=2048
CONFIG_HW_STACK_PROTECTION=y

Also, if you are writing to flash, try to set CONFIG_MPU_ALLOW_FLASH_WRITE=y

This error happens frequently and on different locations in the code.

Are any of these values the same for all crashes?

Current thread: 0x200016bc (unknown)

Faulting instruction address (r15/pc): 0x0000c03c

[00:00:02.176,055] <err> os: r0/a1:  0x20001810  r1/a2:  0x00000000  r2/a3:  0x00000000
[00:00:02.176,055] <err> os: r3/a4:  0x00000000 r12/ip:  0x00000000 r14/lr:  0x0000c1f9
[00:00:02.176,055] <err> os:  xpsr:  0x21000021

Code crash when changing BLE advertise data

Top Replies