Sudden hardfault when scanning (S140 SoftDevice)

Hello,

We're using a nRF52840 with S140 SoftDevice (v7.3.0) for a Central device but we're having a disturbing issue when scanning: a hardfault occurs less than 2 seconds after having started scanning.

The scan configuration we are using is:

ble_gap_scan_params_t sScanParams;

sScanParams.extended = 0;
sScanParams.active = 0;
memset(sScanParams.channel_mask, 0x00u, 5u);
sScanParams.filter_policy = 0x00; //BLE_GAP_SCAN_FP_ACCEPT_ALL
sScanParams.interval = 181;
sScanParams.window = 181;
sScanParams.scan_phys = 0x01; //BLE_GAP_PHY_1MBPS
sScanParams.timeout = 0x0000; //BLE_GAP_SCAN_TIMEOUT_UNLIMITED
sScanParams.report_incomplete_evts = 0;

ble_data_t sAdvReportBuffer;

uint8_t GAP_au8AdvReportData[31]; //BLE_GAP_SCAN_BUFFER_MAX
sAdvReportBuffer.len = sizeof(GAP_au8AdvReportData);
sAdvReportBuffer.p_data = GAP_au8AdvReportData;

ret_code_t eNrfErrorCode = sd_ble_gap_scan_start(&sScanParams, &sAdvReportBuffer);

May it be caused by a specific advertising packet which is somehow corrupt or has a strange format and makes the softdevice crash?

Or it may be crashing due to the high Bluetooth advertising traffic we have here in our office?

In fact, we have tried moving the central device to a RF shielded test enclosure and it works properly. Any idea what may be going on? Is there any known issue/bug related to this behavior?

Thanks in advance,

Mario

  • Hi Mario, 

    Could you try to find more information about the hardfault ? There are some guide on how to debug it here.

    We would need to look into how you process the advertising data. I suspect that it could be the reason for a hardfault. 


    We do have a very busy BLE environment here in our office and we haven't seen any issue on our scanner. 

    Do you have the same problem when you test with one of our central examples in the SDK ? 

  • Hi Hung,

    Thanks for your quick response.

    Indeed, the root cause was the processing of the advertising data in our application.

    Apparently it is possible to receive an advertising report whose advertising data length is 0 (and we have found that there is a device which advertises no data in our office). The issue was that we had not implemented that case so as soon as this device's advertising packet was received, a hardfault was triggered.

    The bug is fixed and the central device is working properly now.

    Regards,

    Mario

Related