• State Verified Answer
  • Replies 8 replies
  • Subscribers 74 subscribers
  • Views 2909 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 297721
Options

Failure in mgmt while trying to upgrade the app using external flash as secondary slot

Ibrahim_Augury

Hi 
I am using the nrf52832 with zephyr os , NCS 1.9.1, also using the external flash as a secondary slot, using a nor flash 
I tried to upgrade my app but i an error occurred in img_mgmt.c  --function img_mgmt_read_info  in the NCS while checking the magic number 

else if (hdr.ih_magic == erased_val_32) {
printf("MGMT_ERR_ENOENT 5 \n"); // print for debug only
return MGMT_ERR_ENOENT;

Is there any modification i have to do to make this work also I checked and the failure is in slot 1 which is the secondary slot and slot 0 erased without problem 

int
img_mgmt_read_info(int image_slot, struct image_version *ver, uint8_t *hash,
				   uint32_t *flags)
{
	printf("img_mgmt_read_info \n");
#if IMG_MGMT_DUMMY_HDR
	uint8_t dummy_hash[] = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x00, 0x11, 0x22,
				0x33, 0x44, 0x55, 0x66, 0x77};

	if (!hash && !ver && !flags) {
		return 0;
	}

	if (hash) {
		memcpy(hash, dummy_hash, IMG_MGMT_HASH_LEN);
	}

	if (ver) {
		memset(ver, 0xff, sizeof(*ver));
	}

	if (flags) {
		*flags = 0;
	}

	return 0;
#endif

	struct image_header hdr;
	struct image_tlv tlv;
	size_t data_off;
	size_t data_end;
	bool hash_found;
	uint8_t erased_val;
	uint32_t erased_val_32;
	int rc;

	rc = img_mgmt_impl_erased_val(image_slot, &erased_val);
	if (rc != 0) {
		return MGMT_ERR_EUNKNOWN;
	}
	printf("img_mgmt_impl_erased_val image_slot = %d \n", image_slot);
	rc = img_mgmt_impl_read(image_slot, 0, &hdr, sizeof(hdr));
	if (rc != 0) {
		return MGMT_ERR_EUNKNOWN;
	}
	printf("img_mgmt_impl_read \n");
	
	if (ver != NULL) {
		printf("ver null\n");
		memset(ver, erased_val, sizeof(*ver));
	}
	erased_val_32 = ERASED_VAL_32(erased_val);
	if (hdr.ih_magic == IMAGE_MAGIC) {
		if (ver != NULL) {
			memcpy(ver, &hdr.ih_ver, sizeof(*ver));
		}
	} else if (hdr.ih_magic == erased_val_32) {
		printf("MGMT_ERR_ENOENT 5 \n");
		return MGMT_ERR_ENOENT;
	} else {
		printf("MGMT_ERR_EUNKNOWN 6 \n");
		return MGMT_ERR_EUNKNOWN;
	}

	if (flags != NULL) {
		*flags = hdr.ih_flags;
	}
	printf("img_mgmt_find_tlvs before 1\n");
	/* Read the image's TLVs. We first try to find the protected TLVs, if the protected
	 * TLV does not exist, we try to find non-protected TLV which also contains the hash
	 * TLV. All images are required to have a hash TLV.  If the hash is missing, the image
	 * is considered invalid.
	 */
	data_off = hdr.ih_hdr_size + hdr.ih_img_size;

	rc = img_mgmt_find_tlvs(image_slot, &data_off, &data_end, IMAGE_TLV_PROT_INFO_MAGIC);
	if (!rc) {
		/* The data offset should start after the header bytes after the end of
		 * the protected TLV, if one exists.
		 */
		data_off = data_end - sizeof(struct image_tlv_info);
	}
	
	rc = img_mgmt_find_tlvs(image_slot, &data_off, &data_end, IMAGE_TLV_INFO_MAGIC);
	if (rc != 0) {
		return MGMT_ERR_EUNKNOWN;
	}
	printf("img_mgmt_find_tlvs 2 \n");
	hash_found = false;
	while (data_off + sizeof(tlv) <= data_end) {
		rc = img_mgmt_impl_read(image_slot, data_off, &tlv, sizeof(tlv));
		if (rc != 0) {
			return MGMT_ERR_EUNKNOWN;
		}
		printf("img_mgmt_impl_read  1\n");
		if (tlv.it_type == 0xff && tlv.it_len == 0xffff) {
			return MGMT_ERR_EUNKNOWN;
		}
		if (tlv.it_type != IMAGE_TLV_SHA256 || tlv.it_len != IMAGE_HASH_LEN) {
			/* Non-hash TLV.  Skip it. */
			data_off += sizeof(tlv) + tlv.it_len;
			continue;
		}

		if (hash_found) {
			/* More than one hash. */
			return MGMT_ERR_EUNKNOWN;
		}
		hash_found = true;

		data_off += sizeof(tlv);
		if (hash != NULL) {
			if (data_off + IMAGE_HASH_LEN > data_end) {
				printf("MGMT_ERR_EUNKNOWN 1 \n");
				return MGMT_ERR_EUNKNOWN;
			}
			rc = img_mgmt_impl_read(image_slot, data_off, hash,
									IMAGE_HASH_LEN);
			printf("img_mgmt_impl_read 2\n");
			if (rc != 0) {
				printf("MGMT_ERR_EUNKNOWN 2 \n");
				return MGMT_ERR_EUNKNOWN;
			}
		}
	}

	if (!hash_found) {
		printf("MGMT_ERR_EUNKNOWN \n");
		return MGMT_ERR_EUNKNOWN;
	}

	return 0;
}

In the end i am getting an mpu fail 
Any suggestion ? 
Thanks a lot 
Ibrahim

Parents
  • 0

    Hi,

    I see you've added a partial error code (the image added crops of in the middle of the fault message). Could you supply the entire fault message?

    Also, you're mentioning an external flash. Which chip are you using? 

    Kind regards,
    Andreas

  • 0 in reply to AHaug

    I am using the 

    is25lp128

    Error Message :
    I: le_data_len_updated: MTU 252 tx_max_len 27 tx_max_time 328 rx_max_len 251 rx_max_time 2120
    I: halo_char_ccc_cfg_changed: value=1
    I: ****************** TRAP:events_ready = 1
    I: augu_send_trap: trap was sent, payload_size = 24
    I: got trap repress
    I: le_param_updated: LE conn param updated: interval 0x0006 latency 0 timeout 400
    handler_fn = handler->mh_read 24
    img_mgmt_read_info
    img_mgmt_impl_erased_val image_slot = 0
    img_mgmt_impl_read
    ver null
    hdr.ih_magic - ***-1762412483***erased_val_32 - ***-1***img_mgmt_find_tlvs before 1
    img_mgmt_find_tlvs 2
    img_mgmt_impl_read 1
    img_mgmt_impl_read 2
    img_mgmt_impl_read 1
    I: Swap type: none
    boot_swap_type
    return img_mgmt_impl_swap_type
    flags
    img_mgmt_state_read 08
    cbor_encoder_create_map 09
    slot 10
    version 11
    hash 12
    bootable 13
    pending 14
    confirmed 15
    active 16
    permanent 17
    img_mgmt_read_info
    img_mgmt_impl_erased_val image_slot = 1
    img_mgmt_impl_read
    ver null
    hdr.ih_magic - ***-1***erased_val_32 - ***-1***MGMT_ERR_ENOENT 5
    splitStatus 18
    E: ***** USAGE FAULT *****
    E: Illegal load of EXC_RETURN into PC
    E: r0/a1: 0x20000400 r1/a2: 0x000008e5 r2/a3: 0x00000579
    E: r3/a4: 0x000008c5 r12/ip: 0x00000583 r14/lr: 0x0000058d
    E: xpsr: 0x00000000
    E: s[ 0]: 0x00000000 s[ 1]: 0x00000000 s[ 2]: 0x00000000 s[ 3]: 0x00000000
    E: s[ 4]: 0x00000000 s[ 5]: 0x00000000 s[ 6]: 0x00000000 s[ 7]: 0x00000000
    E: s[ 8]: 0x00000000 s[ 9]: 0x00000000 s[10]: 0x00000000 s[11]: 0x00000000
    E: s[12]: 0x00000000 s[13]: 0x00000000 s[14]: 0x00000000 s[15]: 0x00000000
    E: fpscr: 0x0000060f
    E: Faulting instruction address (r15/pc): 0x00000597
    E: >>> ZEPHYR FATAL ERROR 0: CPU exception on CPU 0
    E: Current thread: 0x20004688 (unknown)
    E: Resetting system

    Thanks a lot 

Reply
  • 0 in reply to AHaug

    I am using the 

    is25lp128

    Error Message :
    I: le_data_len_updated: MTU 252 tx_max_len 27 tx_max_time 328 rx_max_len 251 rx_max_time 2120
    I: halo_char_ccc_cfg_changed: value=1
    I: ****************** TRAP:events_ready = 1
    I: augu_send_trap: trap was sent, payload_size = 24
    I: got trap repress
    I: le_param_updated: LE conn param updated: interval 0x0006 latency 0 timeout 400
    handler_fn = handler->mh_read 24
    img_mgmt_read_info
    img_mgmt_impl_erased_val image_slot = 0
    img_mgmt_impl_read
    ver null
    hdr.ih_magic - ***-1762412483***erased_val_32 - ***-1***img_mgmt_find_tlvs before 1
    img_mgmt_find_tlvs 2
    img_mgmt_impl_read 1
    img_mgmt_impl_read 2
    img_mgmt_impl_read 1
    I: Swap type: none
    boot_swap_type
    return img_mgmt_impl_swap_type
    flags
    img_mgmt_state_read 08
    cbor_encoder_create_map 09
    slot 10
    version 11
    hash 12
    bootable 13
    pending 14
    confirmed 15
    active 16
    permanent 17
    img_mgmt_read_info
    img_mgmt_impl_erased_val image_slot = 1
    img_mgmt_impl_read
    ver null
    hdr.ih_magic - ***-1***erased_val_32 - ***-1***MGMT_ERR_ENOENT 5
    splitStatus 18
    E: ***** USAGE FAULT *****
    E: Illegal load of EXC_RETURN into PC
    E: r0/a1: 0x20000400 r1/a2: 0x000008e5 r2/a3: 0x00000579
    E: r3/a4: 0x000008c5 r12/ip: 0x00000583 r14/lr: 0x0000058d
    E: xpsr: 0x00000000
    E: s[ 0]: 0x00000000 s[ 1]: 0x00000000 s[ 2]: 0x00000000 s[ 3]: 0x00000000
    E: s[ 4]: 0x00000000 s[ 5]: 0x00000000 s[ 6]: 0x00000000 s[ 7]: 0x00000000
    E: s[ 8]: 0x00000000 s[ 9]: 0x00000000 s[10]: 0x00000000 s[11]: 0x00000000
    E: s[12]: 0x00000000 s[13]: 0x00000000 s[14]: 0x00000000 s[15]: 0x00000000
    E: fpscr: 0x0000060f
    E: Faulting instruction address (r15/pc): 0x00000597
    E: >>> ZEPHYR FATAL ERROR 0: CPU exception on CPU 0
    E: Current thread: 0x20004688 (unknown)
    E: Resetting system

    Thanks a lot 

Children
  • 0 in reply to Ibrahim_Augury

    Great, thank you for supplying this.

    I will have to look closer into this, but in the meanwhile I have some initial suggestions that I would like you to attempt:

    1.  nRF Connect SDK 2.0 crashes (1.9.x did not) : If your application also is running BLE, this might be a related ticket (same error: Illegal load on EXC_RETURN into PC). Are you also running BLE/can you verify if this ticket is relevant or not?
    2. Similar as descirbed in https://devzone.nordicsemi.com/f/nordic-q-a/64349/sending-large-data-in-ble?pifragment-684=3: Can you try to run arm-none-eabi-addr2line -e build/zephyr.elf 0xFAILINGADDR to get an indication on where the fault has occurred? 

    3. Also as described in item 2) It seems that you are first receiving a usage-fault, then on the next reboot; a hard fault. Is the fault and address where it faults changing between each reboot?

      If yes; Can you try to adjust your stack/heap size, by doubling them? via. configs CONFIG_MAIN_STACK_SIZE and CONFIG_HEAP_MEM_POOL_SIZE.

    Kind regards,
    Andreas

  • 0 in reply to AHaug

    1. didnt help 
    2. i will try it 
    3. two kinds of fault 
    first one :
    handler_fn = handler->mh_read 24
    img_mgmt_read_info
    img_mgmt_impl_erased_val image_slot = 0
    img_mgmt_impl_read
    ver null
    hdr.ih_magic - ***-1762412483***erased_val_32 - ***-1***img_mgmt_find_tlvs before 1
    img_mgmt_find_tlvs 2
    img_mgmt_impl_read 1
    img_mgmt_impl_read 2
    img_mgmt_impl_read 1
    I: Swap type: none
    boot_swap_type
    return img_mgmt_impl_swap_type
    flags
    img_mgmt_state_read 08
    cbor_encoder_create_map 09
    slot 10
    version 11
    hash 12
    bootable 13
    pending 14
    confirmed 15
    active 16
    permanent 17
    img_mgmt_read_info
    img_mgmt_impl_erased_val image_slot = 1
    img_mgmt_impl_read
    ver null
    hdr.ih_magic - ***-1***erased_val_32 - ***-1***MGMT_ERR_ENOENT 5
    splitStatus 18
    E: ***** USAGE FAULT *****
    E: Illegal load of EXC_RETURN into PC
    E: r0/a1: 0x20000400 r1/a2: 0x000008e5 r2/a3: 0x00000579
    E: r3/a4: 0x000008c5 r12/ip: 0x00000583 r14/lr: 0x0000058d
    E: xpsr: 0x00000000
    E: s[ 0]: 0x00000000 s[ 1]: 0x00000000 s[ 2]: 0x00000000 s[ 3]: 0x00000000
    E: s[ 4]: 0x00000000 s[ 5]: 0x00000000 s[ 6]: 0x00000000 s[ 7]: 0x00000000
    E: s[ 8]: 0x00000000 s[ 9]: 0x00000000 s[10]: 0x00000000 s[11]: 0x00000000
    E: s[12]: 0x00000000 s[13]: 0x00000000 s[14]: 0x00000000 s[15]: 0x00000000
    E: fpscr: 0x0000060f
    E: Faulting instruction address (r15/pc): 0x00000597
    E: >>> ZEPHYR FATAL ERROR 0: CPU exception on CPU 0
    E: Current thread: 0x20004688 (unknown)
    E: Resetting system
    *** Booting Zephyr OS build v2.7.99-ncs1-1 ***


    Second one: 
    handler_fn = handler->mh_read 24
    img_mgmt_read_info
    img_mgmt_impl_erased_val image_slot = 0
    img_mgmt_impl_read
    ver null
    hdr.ih_magic - ***-1762412483***erased_val_32 - ***-1***img_mgmt_find_tlvs before 1
    img_mgmt_find_tlvs 2
    img_mgmt_impl_read 1
    img_mgmt_impl_read 2
    img_mgmt_impl_read 1
    I: Swap type: none
    boot_swap_type
    return img_mgmt_impl_swap_type
    flags
    img_mgmt_state_read 08
    cbor_encoder_create_map 09
    slot 10
    version 11
    hash 12
    bootable 13
    pending 14
    confirmed 15
    active 16
    permanent 17
    img_mgmt_read_info
    img_mgmt_impl_erased_val image_slot = 1
    img_mgmt_impl_read
    ver null
    hdr.ih_magic - ***-1***erased_val_32 - ***-1***MGMT_ERR_ENOENT 5
    splitStatus 18
    E: ***** MPU FAULT *****
    E: Data Access Violation
    E: MMFAR Address: 0x2000b300
    E: r0/a1: 0x00048bce r1/a2: 0x00000000 r2/a3: 0x2000b300
    E: r3/a4: 0x00000000 r12/ip: 0x78020080 r14/lr: 0x00000000
    E: xpsr: 0x00000000
    E: s[ 0]: 0x00000000 s[ 1]: 0x00000000 s[ 2]: 0x00000000 s[ 3]: 0x00000000
    E: s[ 4]: 0x00000000 s[ 5]: 0x00000000 s[ 6]: 0x00000000 s[ 7]: 0x00000000
    E: s[ 8]: 0x00000000 s[ 9]: 0x00000000 s[10]: 0x00000000 s[11]: 0x00000000
    E: s[12]: 0x00000000 s[13]: 0x00000000 s[14]: 0x00000000 s[15]: 0x00000000
    E: fpscr: 0x00000000
    E: Faulting instruction address (r15/pc): 0x00000000
    E: >>> ZEPHYR FATAL ERROR 2: Stack overflow on CPU 0
    E: Current thread: 0x20004688 (unknown)
    E: Resetting system
    *** Booting Zephyr OS build v2.7.99-ncs1-1 ***

  • 0 in reply to Ibrahim_Augury

    Also tried 2) and i got  
    ??:0
    ??:0
    What may i do ?
    Thanks a lot

  • 0 in reply to Ibrahim_Augury

    Hi,

    Can you provide me with the exact command you wrote in the terminal that produced that result?

    It should not look like that

    Kind regards,
    Andreas

  • 0 in reply to Ibrahim_Augury

    I found out what causes the problem 
    the sys_work_q_stack queue was too small 

    after changing the CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE to 4096 (was 1024) it works fine
    Thanks a lot  
Related
Terms of service