ESP32-S3 Flash encryption + Update.SetupCrypt issue: Guru Meditation Error: Core 0 panic'ed (Cache disabled but cached memory region accessed). #10194
Description
Board
ESP32-S3 N8R2
Device Description
Custom board.
Hardware Configuration
Multiple sensors wired to various GPIOs
Version
v3.0.2
IDE Name
PlatformIO with pioarduino
Operating System
Windows 11
Flash frequency
80Mhz
PSRAM enabled
yes
Upload speed
115200
Description
I decided to implement encrypted OTA mechanism by using Update.SetupCrypt(); function to my application. It works great and tested multiple times to ensure it does not cause any issues.
I am using a third party library to initiate OTA updates. The library works great with Update.SetupCrypt option is enabled.
I then enabled flash encryption and secure boot v2 on ESP32-S3 to confirm if it works properly with Update.SetupCrypt();. However as soon as firmware download begins the esp32 reboots.
I had to throw 2 esp32 chips until I figured what might be the issue.
Apparently, when flash encryption is enabled Update.SetupCrypt(); not working properly and throws the following error on serial monitor.
13:45:31:889 -> [514425][V][esp32fota.cpp:1086] getHTTPStream(): This server supports resume!
13:45:31:895 -> [514432][D][esp32fota.cpp:1151] getHTTPStream(): updateSize : 2155312, contentType: application/octet-stream
13:45:31:911 -> [514445][D][esp32fota.cpp:576] execOTA(): compression: disabled
13:45:31:918 -> [514452][D][Updater.cpp:140] begin(): OTA Partition: app1
13:45:31:918 -> [514458][I][esp32fota.cpp:625] execOTA(): Begin Firmware OTA. This may take 2 - 5 mins to complete. Things might be quiet for a while.. Patience!
13:45:32:117 -> Guru Meditation Error: Core 0 panic'ed (Cache disabled but cached memory region accessed).
13:45:32:123 ->
13:45:32:123 ->
13:45:32:123 -> Core 0 register dump:
13:45:32:123 -> PC : 0x420846be PS : 0x00060b34 A0 : 0x8037994c A1 : 0x3fcd79b0
13:45:32:134 -> A2 : 0x00000000 A3 : 0x00000010 A4 : 0x3fcd79f0 A5 : 0x00000010
13:45:32:139 -> A6 : 0x00000001 A7 : 0x00340020 A8 : 0x80379904 A9 : 0x00800000
13:45:32:150 -> A10 : 0x00000020 A11 : 0x00000020 A12 : 0x00000000 A13 : 0x3fcd79b4
13:45:32:156 -> A14 : 0x3fcd79b0 A15 : 0x00000002 SAR : 0x0000001d EXCCAUSE: 0x00000007
13:45:32:161 -> EXCVADDR: 0x00000000 LBEG : 0x40056f5c LEND : 0x40056f72 LCOUNT : 0xffffffff
13:45:32:173 ->
13:45:32:173 ->
13:45:32:173 -> Backtrace: 0x420846bb:0x3fcd79b0 0x40379949:0x3fcd79f0 0x40379c3c:0x3fcd7a50 0x4206837e:0x3fcd7ac0 0x42055102:0x3fcd7ae0 0x4201a54d:0x3fcd7b00 0x4201a736:0x3fcd7b20 0x420474bd:0x3fcd7b40 0x42047b3e:0x3fcd7bb0 0x42004162:0x3fcd7bf0 0x4200416b:0x3fcd7c10
13:45:32:195 ->
13:45:32:195 ->
13:45:32:195 ->
13:45:32:195 ->
13:45:32:195 -> ELF file SHA256: 5c34f7e67530d2c4
13:45:32:198 ->
13:45:32:198 -> Rebooting...
Not sure if this is related with the DIS_DOWNLOAD_ICACHE and DIS_DOWNLOAD_DCACHE efuses are set to (b = True R/- (0b1)
Sketch
#include "FS.h"
#include <LittleFS.h>
#include <esp32fota.h>
#include "root_ca_cert.h"
const bool check_signature = false;
const bool disable_security = false;
esp32FOTA FOTA;
CryptoMemAsset *MyRootCA = new CryptoMemAsset("Root CA", root_ca_cert, strlen(root_ca_cert) + 1);
int firmwareUpdateProgress = 0; // Global variable to store update progress
const uint8_t OTA_KEY[32] = { XXX };
void my_progress_callback(size_t progress, size_t size)
{
// Calculate the progress as a percentage
firmwareUpdateProgress = static_cast<int>((static_cast<float>(progress) / size) * 100);
if (progress == size || progress == 0)
{
// Firmware update is complete or hasn't started yet
}
}
void fotaSetup()
{
// Set up the progress callback
FOTA.setProgressCb(my_progress_callback);
FOTA.setExtraHTTPHeader("XXX", "XXX");
Update.setupCrypt(OTA_KEY, 0x10000, 0xf, U_AES_DECRYPT_AUTO);
{
auto cfg = FOTA.getConfig();
cfg.name = (char *)FW_NAME;
cfg.manifest_url = (char *)FW_ADDR;
cfg.sem = SemverClass(firmware_version_major, firmware_version_minor, firmware_version_patch);
cfg.check_sig = check_signature;
cfg.unsafe = disable_security;
cfg.root_ca = MyRootCA;
FOTA.setConfig(cfg);
}
// FOTA.printConfig();
}
void fwUpdateCheck()
{
if (wifiConnected)
{
fwUpdatedNeeded = FOTA.execHTTPcheck(true);
log_e("HTTP code returned: (httpCode=%i)", fwUpdatedNeeded);
fwUpdateChecked = true;
fwUpdateChecking = false;
}
}
void fwUpdateAutoCheckInit()
{
if (wifiConnected)
{
if (fwUpdateAutoCheck)
{
if (fwUpdateCheckBootTicker.active())
{
fwUpdateCheckBootTicker.detach();
}
fwUpdateChecking = true;
fwUpdateChecked = false;
fwUpdateStartCheckTicker.once(3, fwUpdateCheck);
}
}
}
void fwUpdateExecute()
{
if (fwUpdatedNeeded == 200 || fwUpdatedNeeded == 301)
{
FOTA.execOTA();
}
}
void OTAUpdateTask(void *pvParameters)
{
// Perform the firmware update
fwUpdateExecute();
// Introduce a delay to yield the task
vTaskDelay(pdMS_TO_TICKS(100)); // Adjust the delay duration as needed
// The task can be deleted once the update is complete
vTaskDelete(NULL);
}
void startOTAUpdateTask()
{
// Create the OTA update task and start it
xTaskCreate(OTAUpdateTask, "OTAUpdateTask", 8192, NULL, 0, NULL);
}Debug Message
N/A
Other Steps to Reproduce
No response
I have checked existing issues, online documentation and the Troubleshooting Guide
- I confirm I have checked existing issues, online documentation and Troubleshooting guide.