ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

mc9s12 damaged ?

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

mc9s12 damaged ?

‎09-12-2016 01:51 PM
1,719件の閲覧回数
angelo_d
Senior Contributor I

Dear all,

 

working with mc9s12XEG128 (cpu id 0x2dd) doing some gcc tests with this mcu, looks like, from some wrong objcopy flag generating s19, i have programmed wrongly the mcu from Codewarrior "hiwave". Programming succeded but just after i cant re-program the flash anymore, getting several <timeout>. Background debugger can still connect but nothing more, any erase / program attempt fails in timeouts.

What do you suggest ?

I have also created a brand new CW project from wizard, for this part, nothing changes.

I can in case replace the IC but i hope i can recover someway.

 

thanks and regards,

angelo

ラベル(1)
ラベル
返信
5 返答(返信)

‎09-22-2016 02:08 AM
1,425件の閲覧回数
angelo_d
Senior Contributor I

Hi Radek,

yes all solved, after mainly unsecure, rewriting that flash_array[] @0xFF00 i could recover the device successfully.

Many thanksm

angelo

0 件の賞賛
返信

‎09-13-2016 09:11 AM
1,425件の閲覧回数
angelo_d
Senior Contributor I

Dear Radek,

thanks for the kind reply.

Well, device looks already unsecured.

I tried both Code Warrior debugger menu ->HC12MultilinkCyclonePro->Unsecure and also P&E unsecure tool, both says device

is unsecured.

flash_01.png

Also, i suspect i erased the device ID .... or that the debugger can't read correct device ID, debugger menu "HC12MultilinkCyclonePro->Flash"  shows a strange 0x02dd value (and strange memory map), while i was expecting a 0xc082

flash_02.png

thanks

angelo

0 件の賞賛
返信

‎09-14-2016 07:45 AM
1,425件の閲覧回数
angelo_d
Senior Contributor I

Hi Radek and all,

i thought was s easy to brick this mcu. No, luckily, it is not. I followed this procedure:

* used cw 5.1

* created new project from template mc9s12xeg128

* unsecured mcu from menu

* added to main.c

const unsigned char flash_array[] @0xFF00 = {0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xAA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xBD};

* build and programmed. But had still some error after programming, so tried from debugger "Flash" menu, selecting all needed popup sections. So i succeeded.

Still many thanks.

angelo

0 件の賞賛
返信

‎09-16-2016 03:44 AM
1,425件の閲覧回数
RadekS
NXP Employee
NXP Employee

Hi Angelo,

I am not aware of any way how to erase device ID from the customer side.

 

I see some Timeout on the picture with the debugging map and empty windows. It rather looks like some issue with connection to MCU (The BDM communication may be interrupted by reset or MCU may be secured).

When you modify any value in range 0xFF08~0xFF0F (as in your case), please enter FLASH NOUNSECURE command into preload file (your_project_dir\cmd\).

 

You are right, in debugger Flash menu you may erase the default flash security byte at address 0xFF0F and reprogram it by your s19 file. This is a second possible way how to avoid potential ECC error at 0xFF08~0xFF0F flash phrase.

I hope it helps you.

Have a great day,
Radek

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

返信

‎09-13-2016 12:53 AM
1,425件の閲覧回数
RadekS
NXP Employee
NXP Employee

Hi Angelo,

According to your description, it rather looks like secured MCU.

Please try using the unsecure feature in CW In Code Warrior debugger menu ->MultilinkCyclonePro->Unsecure…

It should completely erase the whole MCU…

 

The reason for secured MCU may be probably ECC.

Datasheet says:

"If a double bit fault is detected while reading the P-Flash phrase containing the P-Flash protection byte during the reset sequence, the FPOPEN bit will be cleared and remaining bits in the FPROT register will be set to leave the P-Flash memory fully protected."

The security byte at 0xFF0F address is programmed to 0xFE by default. If we load any data into phrase 0xFF08~0xFF0F, we have to erase security byte first.

This may be solved by “FLASH NOUNSECURE” command in preload command file (P&E_Multilink_USB_Preload.cmd if you use PE Multilink).

 

See short description about S12(X) security for more details:

https://community.nxp.com/docs/DOC-93803

I hope it helps you.

Have a great day,
Radek

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

返信