Hello everyone.
I work with nrf52840 chip and previously I had an app with softdevice (s140) and use BLE bootloader. Everything works as expected. Next I want to use another bootloader, serial. I took an example from SDK17.1.0, setup for my purposes, and finally be able to flash an app to the chip. But this app does not starts. It works without bootloader, but from bootloader it does not boot. Steps I've made:
1. Prepare image using command:
./nrfutil-mac pkg generate --hw-version 52 --application-version 1 --application tag_uwb_nrf52840.hex --sd-req 0x100 --key-file anchor.key anchor_v1.0.zip
2. Erase flash
3. Download S140 file to chip
4. Start serial bootloader
5. Download app using bootloader. Last logs of this process:
<debug> nrf_dfu_flash: Flash write success: addr=0x0004D700, pending 0 <debug> nrf_dfu_req_handler: Request handling complete. Result: 0x1 <info> nrf_dfu_serial_uart: Allocated buffer 200037B4 <debug> nrf_dfu_req_handler: Handle NRF_DFU_OP_CRC_GET (data) <debug> nrf_dfu_req_handler: Offset:157480, CRC:0x49BFF4AC <debug> nrf_dfu_req_handler: Request handling complete. Result: 0x1 <debug> nrf_dfu_serial: Sending Response: [0x3, 0x1] <info> nrf_dfu_serial_uart: Allocated buffer 200037B4 <debug> nrf_dfu_req_handler: Handle NRF_DFU_OP_OBJECT_EXECUTE (data) <debug> nrf_dfu_req_handler: Whole firmware image received. Postvalidating. <debug> nrf_dfu_validation: Hash verification. start address: 0x27000, size: 0x26728 <debug> nrf_dfu_validation: Invalidating old application in bank 0. <debug> nrf_dfu_serial: Sending Response: [0x4, 0x1] <debug> nrf_dfu_settings: Writing settings... <debug> nrf_dfu_settings: Erasing old settings at: 0x000FF000 <debug> nrf_dfu_flash: nrf_fstorage_erase(addr=0x0x000FF000, len=1 pages), queue usage: 1 <debug> nrf<info> app: Inside main <debug> app: In nrf_bootloader_init <debug> nrf_dfu_settings: Calling nrf_dfu_settings_init()... <debug> nrf_dfu_flash: Initializing nrf_fstorage_nvmc backend. <debug> nrf_dfu_settings: Using settings page. <debug> nrf_dfu_settings: Copying forbidden parts from backup page. <debug> nrf_dfu_settings: Destination settings are identical to source, write not needed. Skipping. <info> nrf_dfu_settings: Backing up settings page to address 0xFE000. <debug> nrf_dfu_settings: Destination settings are identical to source, write not needed. Skipping. <debug> app: Enter nrf_bootloader_fw_activate <debug> app: Valid App <debug> app: Enter nrf_dfu_app_continue <debug> app: No copy needed <debug> app: Setting app as valid <debug> nrf_dfu_settings<info> app: Inside main <debug> app: In nrf_bootloader_init <debug> nrf_dfu_settings: Calling nrf_dfu_settings_init()... <debug> nrf_dfu_flash: Initializing nrf_fstorage_nvmc backend. <debug> nrf_dfu_settings: Using settings page. <debug> nrf_dfu_settings: Copying forbidden parts from backup page. <debug> nrf_dfu_settings: Destination settings are identical to source, write not needed. Skipping. <info> nrf_dfu_settings: Backing up settings page to address 0xFE000. <debug> nrf_dfu_settings: Destination settings are identical to source, write not needed. Skipping. <debug> app: Enter nrf_bootloader_fw_activate <info> app: No firmware to activate. <debug> app: App is valid <warning> nrf_dfu_settings: No additional data erased <info> nrf_dfu_settings: Backing up settings page to address 0xFE000. <debug> nrf_dfu_settings: Destination settings are identical to source, write not needed. Skipping. <debug> app: Running nrf_bootloader_app_start with address: 0x00001000 <debug> app: Disabling interrupts. NVIC->ICER[0]: 0x0
As you can see, process success. But then everything freezes. Stack:
Next, my bootloader flash placements and some other things:
c_preprocessor_definitions="BOARD_PCA10056;CONFIG_GPIO_AS_PINRESET;DEBUG_NRF;FLOAT_ABI_HARD;INITIALIZE_USER_SECTIONS;MBR_PRESENT;NO_VTOR_CONFIG;NRF52840_XXAA;NRF_DFU_DEBUG_VERSION;NRF_DFU_SETTINGS_VERSION=2;SVC_INTERFACE_CALL_AS_NORMAL_FUNCTION;" linker_section_placement_macros="FLASH_PH_START=0x0;FLASH_PH_SIZE=0x100000;RAM_PH_START=0x20000000;RAM_PH_SIZE=0x40000;FLASH_START=0xe4000;FLASH_SIZE=0x1a000;RAM_START=0x20000008;RAM_SIZE=0x3fff8"
And the same for my app:
c_preprocessor_definitions="DEBUG;DEBUG_NRF;APP_TIMER_V2;APP_TIMER_V2_RTC1_ENABLED;BOARD_PCA10056;CONFIG_GPIO_AS_PINRESET;FLOAT_ABI_HARD;INITIALIZE_USER_SECTIONS;NO_VTOR_CONFIG;NRF52840_XXAA;NRF_SD_BLE_API_VERSION=7;S140;SOFTDEVICE_PRESENT;" linker_section_placement_macros="FLASH_PH_START=0x0;FLASH_PH_SIZE=0x100000;RAM_PH_START=0x20000000;RAM_PH_SIZE=0x40000;FLASH_START=0x27000;FLASH_SIZE=0xbd000;RAM_START=0x20004000;RAM_SIZE=0x3C000"
Also, I tried to run app directly from segger after upload app using bootloader (for ble bootloader this works) and I does not enter main at all.
As I understand, the problem is wtih flashplacement or with vector table, and in some reason bootloader try to start app from wrong address, but I can't find the reason and how to fix this
Also, after upload an app, I compare both bootloaders, BLE and serial, how they start an app. Above attached screenshots with breakpoints at the final point of bootloaders.
BLE:
Serial:
