CCS C Software and Maintenance Offers
FAQFAQ   FAQForum Help   FAQOfficial CCS Support   SearchSearch  RegisterRegister 

ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

CCS does not monitor this forum on a regular basis.

Please do not post bug reports on this forum. Send them to CCS Technical Support

PIC24F bootload strangeness

 
Post new topic   Reply to topic    CCS Forum Index -> General CCS C Discussion
View previous topic :: View next topic  
Author Message
m4rcdbk



Joined: 29 Aug 2016
Posts: 10
Location: Michigan, USA

View user's profile Send private message Send e-mail

PIC24F bootload strangeness
PostPosted: Mon Aug 29, 2016 3:34 pm     Reply with quote

Hi Group,
I've been following around [lurking more or less] trying to figure out a bootload method for my PIC24FJ128GA010. Most of what I have found, combined with the microchip design documents is very straightforward -- thank you to all who have put forth great suggestions and great workarounds.

So, the situation is this:
I have a PCB that has said PIC on board, this PIC has external EEPROM addressed over SPI. While this isn't an issue, I'm only pointing it out as it may be a viable option (Can something bootload from external EEPROM?).

The datasheet says that this PIC can only be programmed on a power-on reset, among a few other things that I haven't run across as issues.

The firmware we have today doesn't allow bootloading, so I am attempting to incorporate a bootloader into the current PIC. The idea I have is I will take the current PIC firmware, go down 1 erase Page, write the configuration bits that indicate we have additional boot firmware, and if detected will jump to that code and begin it's execution. Otherwise, if one is not detected it has the base load integrated into it already and can operate as "current". Our product doesn't have a way to plug into it remotely hence this desire. That, and it's simply too time consuming to execute a firmware update over 100+ modules in the wild.

The issue I have is that running the code, I erase 1 page after the end of our current code, and then place a config magic number start. The execution does not stop for some reason, and runs right into the ROM that has the magic number. I've checked via the ROM in the debugger as well as address space provided by the lst file that we're not putting the magic number into the actual command space; which we're not. Has any one heard of this, or know of any potential issues where this would occur? Is there something I need to set the ROM to that way it knows it's the "end of execution" zone?

Let me know if you have questions, thoughts or if you need any code provided.
temtronic



Joined: 01 Jul 2010
Posts: 9260
Location: Greensville,Ontario

View user's profile Send private message

PostPosted: Mon Aug 29, 2016 4:46 pm     Reply with quote

I don't use that PIC or bootloaders now but I suspect you haven't 'write protected' the pages of 'good/original' code so the 'erase' function is wiping out the entire memory ?

Jay
m4rcdbk



Joined: 29 Aug 2016
Posts: 10
Location: Michigan, USA

View user's profile Send private message Send e-mail

PostPosted: Mon Aug 29, 2016 5:13 pm     Reply with quote

The inspection of the original ROM shows that my last "used" page ends on 0x63FE. I also have the no code protect and what not fuses in place.

I only erase the zone from 6400 to 0x157FC. The area from 603D to 0x63FE are all 0xFF's.

I'm thinking it has something to do with the debugging parameters; since if I disable the device ICD=2, DEBUG and JTAG directives it boots properly -- I just have no way of seeing the in's and outs.
PCM programmer



Joined: 06 Sep 2003
Posts: 21708

View user's profile Send private message

PostPosted: Mon Aug 29, 2016 10:42 pm     Reply with quote

Quote:
write the configuration bits that indicate we have additional boot firmware,

"Configuration Bits" has a very specific meaning in the PIC world.
What you really mean is "write a marker byte in Flash memory..."

Quote:

The execution does not stop for some reason, and runs right into the ROM
that has the magic number

This is hard to understand. Code execution is very deterministic. It
executes instructions sequentially unless it hits a jump, branch, etc.
It doesn't leave an existing code block in Flash and randomly jump
into another code block that is not part of the program.
Ttelmah



Joined: 11 Mar 2010
Posts: 19580

View user's profile Send private message

PostPosted: Tue Aug 30, 2016 12:53 am     Reply with quote

You can't actually 'do' what you are describing:

"I only erase the zone from 6400 to 0x157FC".

Erases take place in pages of 512 instructions at a time. So an erase can't 'end' at 0x157FC.

However even if it did, it'd be erasing part of the configuration data:

Code:

TABLE 4-1: FLASH CONFIGURATION
WORDS FOR
PIC24FJ128GA310 FAMILY
DEVICES

PIC24FJ128GA3XX 44,032 0157F8h:0157FEh


Why are you erasing memory?. You do understand that every erase cycle, costs a 'life' of the flash memory. Also that the chip _is_ erased when you start. Unless you have written something into an address, it is already erased. The erased state, is 0xFF.
If you must erase, then stop at the page boundary below the configuration data.
However if you are going to do this, ensure you tell the compiler that you want this area reserved. Otherwise it will put things like text data tables at the top of memory. You may well be erasing these.....
m4rcdbk



Joined: 29 Aug 2016
Posts: 10
Location: Michigan, USA

View user's profile Send private message Send e-mail

PostPosted: Tue Aug 30, 2016 10:08 am     Reply with quote

Group,
I apologize; my mind's been a bit of a hamster on a wheel lately and in my haste to get my issue out here I didn't thoroughly explain how and why I'm doing things. Let me address the concerns to hopefully clear some things up.

PCM programmer wrote:
"Configuration Bits" has a very specific meaning in the PIC world.
What you really mean is "write a marker byte in Flash memory..."

Correct; What I should have (and meant to convey) was write my own user maker-byte(s) to flash memory. These markers keeping track of how many writes/erases have occurred, various re-flash status, the erase page the new firmware belong to and what-not.

PCM programmer wrote:
This is hard to understand. Code execution is very deterministic. It
executes instructions sequentially unless it hits a jump, branch, etc.
It doesn't leave an existing code block in Flash and randomly jump
into another code block that is not part of the program.


Indeed -- It's well beyond the end of the program (approximately 1024 words) and shouldn't have any sort of bearing on the execution of the code. Especially since (in my mind) the code is self manged. By that I mean that it knows all of it's addresses for functions and should have 0 reason to jump to an address below the code ROM. Or if it did, for a debugging function, shouldn't have any reason to jump that far. But something is fishy with that I feel.

Ttelmah wrote:
You can't actually 'do' what you are describing:

"I only erase the zone from 6400 to 0x157FC".

Erases take place in pages of 512 instructions at a time. So an erase can't 'end' at 0x157FC.

However even if it did, it'd be erasing part of the configuration data:

Code:
Code

TABLE 4-1: FLASH CONFIGURATION
WORDS FOR
PIC24FJ128GA310 FAMILY
DEVICES

PIC24FJ128GA3XX 44,032 0157F8h:0157FEh




You are correct; however according to the spec sheet the PIC24FJ127GA010's configuration words are at 0x157FE - 0x15800; unless I'm misreading this table. (Figure 4-1 http://ww1.microchip.com/downloads/en/DeviceDoc/39747F.pdf.

However, I also apologize: I misrepresented how I was erasing it.
I should have said:
Quote:
I am erasing 1 page after the current code page, determined by 8+ concurrent 0xFFFFFF's in ROM. I am erasing the Page after the former, up to but not including the page including the page containing the configuration words


Ttelmah wrote:
Why are you erasing memory?. You do understand that every erase cycle, costs a 'life' of the flash memory. Also that the chip _is_ erased when you start. Unless you have written something into an address, it is already erased. The erased state, is 0xFF.

Also correct, 1000 write/erase cycles according to the spec sheet. In production it won't be erased since I also understand that a write that takes place on a new page (or boundary of?) also initiates an erase as well -- this is implemented just for testing and what not. Mostly since I anticipate some sort of late night shenanigans where I write to locations I don't need to and so that I can be sure that when I read the fimware back from the PIC to compare the new loaded zone, that I don't get data that I don't exactly need/want.



Hopefully this clears up a few things I may not have represented as intended/unclearly.
Ttelmah



Joined: 11 Mar 2010
Posts: 19580

View user's profile Send private message

PostPosted: Wed Aug 31, 2016 1:13 am     Reply with quote

Quote:

You are correct; however according to the spec sheet the PIC24FJ127GA010's configuration words are at 0x157FE - 0x15800; unless I'm misreading this table. (Figure 4-1 http://ww1.microchip.com/downloads/en/DeviceDoc/39747F.pdf.


This is one of those 'slightly more complex' bits.
The 'configuration area', comprises the chip ID, and the configuration words. The ID starts at 0x15F7C.
However ignore this (doesn't matter), what matters is that you should not be erasing the last page of memory.

In the data sheet:
Quote:

Note: Performing a page erase operation on the
last page of program memory clears the
Flash Configuration Words, enabling code
protection as a result. Therefore, users
should avoid performing page erase
operations on the last page of program
memory.


Section 29.1.1

Basically don't erase the last page of program memory. Doing so will cause problems.....
m4rcdbk



Joined: 29 Aug 2016
Posts: 10
Location: Michigan, USA

View user's profile Send private message Send e-mail

PostPosted: Wed Aug 31, 2016 1:32 am     Reply with quote

Definitely understand that one. The sheet says there are 86 erase pages on the chip, I'm sure to erase only up to page 84 leaving the last 2 untouched. Not that I touch the top of the ROM either; so far I'm just going from page 31 to page 84.

As for my original issue, seems like if I read the page prior to writing to it, all goes according to plan. Doesn't directly explain why being in debug mode makes a difference; but that could just be a padding thing from the directive I suppose.
Display posts from previous:   
Post new topic   Reply to topic    CCS Forum Index -> General CCS C Discussion All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group