in-circuit flash reprogramming, executing from ram

MPC8313ERDB_h · ‎10-10-2019

Is there a code example of S32K1xx in-circuit flash reprogramming. What I mean is a code embedded in an application. When it is called externally (interrupt) it copied itself (and all associated sub functions) into RAM and run from there to accept (serially, via uart), a new version and program it into the flash.

I have done almost everything:

copied the code to the RAM
verified all called functions are within the copied code
disabled all interrupts
jump to the right location in the ram

However, I'm experiencing exception once it starts running from ram.
I would expect it if the M0+ core would have an MMU, but it doesn't. Should I define ram as an executable space somewhere?

jorge_a_vazquez · ‎10-18-2019

Hi David Gabbay

So you are creating the jump function in assambly code? did you consider the thumb bit when you jump? Please remember that when a jump is perform in ARM, you need to add the bit to the address:

Thumbs up with Assembly on ARM Cortex | MCU on Eclipse

Adding a Delay to the ARM DAPLink Bootloader | MCU on Eclipse

Hope this helps

Have a great day,
TIC

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
-------------------------------------------------------------------------------

元の投稿で解決策を見る

jorge_a_vazquez · ‎10-14-2019

Hi

There isn't any special setting to run code from the RAM, the exception that you are facing could be happening due to overlapping your data memory and the code that you run, please verify the address that you have set for your loader.

I would highly recommend you using the bootloader that we already provided:

S32K144 Boot Mode

Hope this helps
Have a great day,
TIC

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

-------------------------------------------------------------------------------

MPC8313ERDB_h · ‎10-18-2019

Thank you, Jorge Antonio Alcala Vazquez, for your answer,
I have double-checked the copied code. It had NOT overwritten any data area or stack area.
Here is the flash level code:

DG_memcpy((u32*)W32, (u32*)RAM_COPY_TO_ADDR, (u32)CPY_CODE_SIZE /* copy code */
asm(" isb"); /* sync */
asm(" dmb");
asm(" dsb");

DG_jump(RAM_COPY_TO_ADDR); /* jump run from RAM */

Here is the first part of the copied code as captured by the FX debuger:

20002400: push {r7, lr}
20002402: sub sp, #24
20002404: add r7, sp, #0
20002406: str r0, [r7, #4]
20002408: cpsid i
2000240a: movs r0, #82 ; 0x52
2000240c: bl 0x20002928
20002410: bl 0x200024f0
20002414: movs r3, r0
20002416: str r3, [r7, #20]
20002418: ldr r3, [r7, #20]
2000241a: cmp r3, #0
2000241c: bne.n 0x200024ca
2000241e: movs r3, #0
20002420: str r3, [r7, #16]
20002422: b.n 0x200024ba
20002424: bl 0x20002660
20002428: movs r3, r0
......... ...

I have two (assembler) versions of the jump code (DG_jump):
First:
bx r0

Second:

push {r7, lr}
add r7, sp, #0
str r0,[r7, #4] /* take target address */

isb
dmb
dsb

pop {r7, pc}

The processor status reg prior to calling DG_jump was:
xpsr=0x61000000 (T bit is set)

When I stepped in I have experienced an exception.
xpsr=0x21000000
When I had a look at the stack(shown below) I realized that the T bit was cleared (00000020 little endian format):
200037C0: 00240020 30160000 00020000 00240020
200037D0: 00000000 8F0A0000 00240020 00000020

I have no idea what cause T bit to turned off. In fact this is the bottom line where I need help.

Additional information: all interrupts are disabled including WDOG.

Thank you in advance
David

jorge_a_vazquez · ‎10-18-2019