Email: Password: Remember Me | Create Account (Free)

Back to Subject List

Old thread has been locked -- no new posts accepted in this thread
???
03/05/09 14:26
Read: times


 
Msg Score: +1
 +1 Informative		 #163094 - Requirements of "set ISP entry mode" IAP function
Hi everyone,

I'd like to share what I found out about the IAP function "set ISP entry mode" of bootloader v7. When called from within the application, several RAM locations are mangled by this function. This is because it needs to change three bytes in the FLASH bank #1 and the task can be accomplished only by executing some code from FLASH bank #0. Hence, the function juggles with some portions of FLASH and RAM memories in order to copy data and code from/to bank #0 and bank #1, destroying the content of the RAM.

More specifically, the involved memory ranges are (I analyzed the "always go to ISP" and "go to ISP when pin is low" modes only):

  • function @ 0x051E:

    • BIT:0x21.1



  • function @ 0x0307:

    • IDATA: 0x31, 0x33, 0x80-0xAF



  • function @ 0x0365:

    • XDATA: 0x0000-0x007F

    • FLASH0: 0x3F80-0x3FFF

    • FLASH1: 0x1F00-0x1F7F




FLASH0 segment is restored, whereas data in BIT, IDATA, and XDATA memories are compromised.

In my opinion, this side effect can be avoid in either of the following ways:

  1. the memory ranges above are reserved and not used by the appliaction;

  2. the chip is reseted by software immediately after a call to the IAP function;

  3. the same goal can be achieved more easly by working directly from FLASH bank #0.



The latter can be achieved by following these steps:

  1. back up the content of block #1 from 0x1F00 to 0x1F30 somewhere (see more below)

  2. erase block #1 at address 0x1F00 (segment 0x1F00-0x1F7F)

  3. restore range 0x1F00-0x1F27 with the backup data

  4. program the three bytes 0x1F28-0x1F2A with the magic sequence (see below)

  5. restore range 0x1F2B-0x1F30 with the backup data


The magic sequence is:

  • alwyas run ISP code: 0x02 0x1F 0xEA (see function @ 0x0349)

  • run ISP when pin is low: 0x20 [pin] 0x03, where [pin] is the pin address, e.g., 0x90 for pin #0 of port P1 (see function @ 0x032D)



A backup can be avoided if you don't protect your code with a device signature:

  • range 0x1F00-0x1F27 contains all zeros

  • range 0x1F2B-0x1F30 contains the sequence 0x02 0x1F 0xEA 0x02 0x1F 0xED.



No replies in thread

Back to Subject List