- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi all,
We added scan response to our project (BCM20736S and SDK 2.2.2) and are having problems. It have a memory leak issue that eventually leads to a code freeze and our Watchdog resets us. If I remove the scan response code then the problem goes away:
#define DATA_LENGTH_NVRAM 4
#define APP_VERSION_MAJOR 1 // Maximum is 99
#define APP_VERSION_MINOR 7 // Maximum is 255
// Scan response field
BLE_ADV_FIELD scr[3];
UINT8 data_info = 100;
void update_scanrspdata(void)
{
UINT8 id_array[6*DATA_LENGTH_NVRAM]; // 24 bytes
UINT8 data_count;
scr[0].len = 1 + 1;
scr[0].val = ADV_FLAGS;
scr[0].data[0] = LE_GENERAL_DISCOVERABLE | BR_EDR_NOT_SUPPORTED;
scr[1].len = 2 + 1;
scr[1].val = ADV_MANUFACTURER_DATA;
scr[1].data[0] = APP_VERSION_MAJOR;
scr[1].data[1] = APP_VERSION_MINOR;
bleprofile_ReadNVRAM(NVRAM_DATA_COUNT, 1, &data_count);
bleprofile_ReadNVRAM(NVRAM_DATA, (6*DATA_LENGTH_NVRAM), id_array);
// Byte count: 1 data info + 1 data count + 24 (6 Numbers)
scr[2].len = 2 + 6*DATA_LENGTH_NVRAM + 1;
scr[2].val = ADV_SERVICE_DATA;
scr[2].data[0] = data_info;
scr[2].data[1] = data_count;
BT_MEMCPY(&scr[2].data[2], id_array, (6*DATA_LENGTH_NVRAM));
// Update scan response
blecm_setScanRspData((UINT8*)scr, (scr[0].len + scr[1].len + scr[2].len + 1));
}
We think the problem could be with the second parameter of "blecm_setScanRspData(x, y)" function. What is the count that we have to pass there?
Or maybe the stack can't handle the 24 bytes of the id_array?
Any ideas?
Thanks!
Cheers,
Gil
Solved! Go to Solution.
- Labels:
-
Scanning-Advertising
-
SDK 2.X
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I just realized what the problem is:
1. The size of each scr[] item is 1 byte for "len", 1 byte for "val" and N bytes for "data" (where N is the size of "data".
2. scr[0] is 1 + 1 + 1 = 3, scr[1] is 1 + 1 + 2 = 4, and scr[2] is 1 + 1 + 2 + 24 = 28. This totals up to 3 + 4 + 28 = 35 bytes.
3. The maximum must be 31. (Our advertisement packet also is 31, totaling 62, which is BLE's maximum).
I need to decrease scr
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi gdepaula
After digging through the source, this length parameter wants the number of bytes of your src array so that it can perform a memcpy on it.
It looks like 3 src elements will take up exactly 93 bytes regardless of what you put in there.
Let me know if hard coding this value makes your bug go away. Otherwise I'll continue looking into this.
Lastly, from what I'm seeing, the 24 byte id_array is within the allowable bounds.
Jacob
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I will try that, but the 3 elements really only take (1 + 1 + 2 + 1 + 2 + 6*4 + 1 +1) = 33 bytes
93 bytes is 31 + 31 + 31 which is 2 full scan response packets, but that's not what we are doing.
Please look further into it. Thanks.
Try using what I'm doing and checking if that causes a memory leak, as the system may be writing outside its allocated memory.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I just realized what the problem is:
1. The size of each scr[] item is 1 byte for "len", 1 byte for "val" and N bytes for "data" (where N is the size of "data".
2. scr[0] is 1 + 1 + 1 = 3, scr[1] is 1 + 1 + 2 = 4, and scr[2] is 1 + 1 + 2 + 24 = 28. This totals up to 3 + 4 + 28 = 35 bytes.
3. The maximum must be 31. (Our advertisement packet also is 31, totaling 62, which is BLE's maximum).
I need to decrease scr