Beware that this post is related to an SDK in maintenance mode
More Info: Consider nRF Connect SDK for new designs

How to change the mbr jump address location

Hi,

I am using nrf5280 development kit and 17.1.0 sdk.

i am working on  ble_app_uart example code.

Its working fine no issue. Since the start address of the application is 0x27000 and i want to change it on to some other location as per my requirement which id 0xE8000.

But when i changed the starting address then its not working. Looks like control not reaches to that location.

or 

mbr not able to jump that location which i changed. 

can someone help me here. what exactly i am missing here.?

Regards

R_S

Parents
  • Hi Einar,

    "nrf_dfu_mbr_irq_forward_address_set()" i already used in my bootloader code example to jump on application having different address. But in this case i am not using any bootloader and i want directly jump to the application code (0xE8000 location) after softdevice. So for that whrere i need to use this function ("nrf_dfu_mbr_irq_forward_address_set()"). 

    because i have only hex file of softdevice code so, that part anyway i cannot edit.  

    2nd case:

    I am using bootloader code where i from softdevice code jump to the bootloader code and then in bootloader i am using nrf_dfu_mbr_irq_forward_address_set() and nrf_bootloader_app_start_final() function to jump on the application code. control goes to the 0xE8000 address but it got stuck inside "ble_stack_init()" function and it through an exception error.

    Regards

    R_S

  • R_S said:

    "nrf_dfu_mbr_irq_forward_address_set()" i already used in my bootloader code example to jump on application having different address. But in this case i am not using any bootloader and i want directly jump to the application code (0xE8000 location) after softdevice. So for that whrere i need to use this function ("nrf_dfu_mbr_irq_forward_address_set()"). 

    because i have only hex file of softdevice code so, that part anyway i cannot edit.  

    The boot sequence when using MBR and SoftDevice is in essense like this:

    • MBR runs first (this is located at page 0, and is part of the SoftDevice hex).
      • MBR checks if a (bootloader) address is present in either a specific register in UICR (0x10001014) or in the end of the MBR params page (0x00000FF8). 
      • If either of of these registers has a valid address (are not 0xFFFFFFFF), the MBR will jump there. If not, it will just jump to the bootloader at 0x1000.
    • SoftDevice runs and passes execution the the application, which follows immediately after the SoftDevice.

    So the only way you can boot another location than what is immediately after the SoftDevice is to use the bootloader support in the MBR. However, that does not need to actually be a bootloader. It could also be your application. This would prevent you from using a bootloader though, as the MBR features needed for some types of updates (like bootloader or SoftDevice updates) would not work in this scenario. So If you ever want to add DFU/bootloader support, then you need to do as I described in my initial post.

    R_S said:
    I am using bootloader code where i from softdevice code jump to the bootloader code and then in bootloader i am using nrf_dfu_mbr_irq_forward_address_set() and nrf_bootloader_app_start_final() function to jump on the application code. control goes to the 0xE8000 address but it got stuck inside "ble_stack_init()" function and it through an exception error.

    Yes, that is expected. That is because you are using an approach that does not work. You need to use the approach demonstrated by the bootloader in SDK 14.2, as explained in more detail in my previous reply.

  • Hi 

    I did the same way what you mentioned in your initial comment.

    nrf_dfu_mbr_init_sd(); and nrf_dfu_mbr_irq_forward_address_set();

    and after that jump to the address where my application is there but still same issue i am facing

    again it get stuck in that ble_stack_init() function,

    Regards

    R_S

  • Hi,

    Looking at the screenshot I see you get a hard fault, and not the error I expected form sd_softdevice_enable(), I did not pay attention to that initially. This shows that t PC is 0x0 and LR is 0xffffffe9, where the LR indicates return to thread mode using main stack (and FPU has been used for some reason). But why is PC 0? That should not be the case and indicates that a NULL pointer has been executed. Could it be that you have a bug in ble_stack_init() where that could happen? I suggest you debug there to pinpoint exactly where the issue is. Which function call do you do when you get the hardfault etc? Also, a look at the other CPU registers could be useful (get those for instance with "nrfjprog --readregs"). 

    So there may be another issue here. Please keep this change, though, as running nrf_dfu_mbr_init_sd() () is required in this case, as it runs the SoftDevice reset function that clears a magic word indicating that the SoftDevice has been initialized. Without it, you will see NRF_ERROR_INVALID_STATE returned from sd_softdevice_enable(). That said, you should use nrf_dfu_mbr_vector_table_set() and not nrf_dfu_mbr_irq_forward_address_set(), so please adjust this and let me know what you see then.

    Do you still get this with the above suggested change? Is the only change in your application that it is located at a different address, and does the exact same application built to start immediately after the SoftDevice work as expected?

  • Hi,

    I trace it and found the point where i am getting hard fault.

    ret_code = sd_softdevice_enable(&clock_lf_cfg, app_error_fault_handler);

    The result is same even after using nrf_dfu_mbr_vector_table_set() and not nrf_dfu_mbr_irq_forward_address_set() in the bootloader code.

    And the value of registers are mentioned below:

    And yes the only chage in my application is in .icf file that is flash start address change.

    Previously it was 

    And Currently i changed it to this 

    in previous case the application address was 27000 so in that case i directly flashed it without bootloader code.

    And in the current scenario as address is 0xED000, so i flashed it with Bootloader code. But not sure what goes wrong in this case? Because i had used open bootloader and secure bootloader together where code control first goes to open bootloader and then from there it jump to the secure bootloader and then it was no issue. But dont know what wrong with this ble_app_uart code.

     

    Regards

    R_S

  • I see... Can you share your bootloader code, where you branch to the application, including configuring the MBR etc? Please include enough context, so include values of constants that may be set elsewhere etc.

  • HI,

    pca10056_usb.zip

    I have attached the bootloader code here.

    In main.c line no 218. i am calling "nrf_bootloader_app_start();" API to jump to the application part.

    And inside nrf_bootloader_app_start() function i am given the start address as the application start address(0xED000).

    And also calling the function nrf_dfu_mbr_init_sd() & nrf_dfu_mbr_vector_table_set() as you mentioned.

    /**
     * Copyright (c) 2016 - 2019, Nordic Semiconductor ASA
     *
     * All rights reserved.
     *
     * Redistribution and use in source and binary forms, with or without modification,
     * are permitted provided that the following conditions are met:
     *
     * 1. Redistributions of source code must retain the above copyright notice, this
     *    list of conditions and the following disclaimer.
     *
     * 2. Redistributions in binary form, except as embedded into a Nordic
     *    Semiconductor ASA integrated circuit in a product or a software update for
     *    such product, must reproduce the above copyright notice, this list of
     *    conditions and the following disclaimer in the documentation and/or other
     *    materials provided with the distribution.
     *
     * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
     *    contributors may be used to endorse or promote products derived from this
     *    software without specific prior written permission.
     *
     * 4. This software, with or without modification, must only be used with a
     *    Nordic Semiconductor ASA integrated circuit.
     *
     * 5. Any software provided in binary form under this license must not be reverse
     *    engineered, decompiled, modified and/or disassembled.
     *
     * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
     * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
     * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
     * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
     * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
     * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
     * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
     * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     *
     */
    #include <stdint.h>
    #include "nrf.h"
    #include "nrf_bootloader_app_start.h"
    #include "nrf_bootloader_info.h"
    #include "nrf_log.h"
    #include "nrf_dfu_mbr.h"
    #include "nrf_log_ctrl.h"
    #include "nrf_bootloader_info.h"
    
    // Do the final stages of app_start. Protect flash and run app. See nrf_bootloader_app_start_final.c
    void nrf_bootloader_app_start_final(uint32_t start_addr);
    
    uint32_t nrf_dfu_mbr_vector_table_set(uint32_t address)
    {
        uint32_t ret_val;
    
        NRF_LOG_DEBUG("running vector table set");
        sd_mbr_command_t command =
        {
            .command = SD_MBR_COMMAND_VECTOR_TABLE_BASE_SET,
            .params.base_set.address = address,
        };
    
        ret_val = sd_mbr_command(&command);
        NRF_LOG_DEBUG("After running vector table set");
    
        return ret_val;
    }
    
    void nrf_bootloader_app_start(void)
    {
        uint32_t start_addr = 0xED000; // Always boot from end of MBR. If a SoftDevice is present, it will boot the app.
        NRF_LOG_DEBUG("Running nrf_bootloader_app_start with address: 0x%08x", start_addr);
        uint32_t err_code;
    
        err_code = nrf_dfu_mbr_init_sd();
        if (err_code != NRF_SUCCESS)
        {
            NRF_LOG_ERROR("Failed running nrf_dfu_mbr_init_sd");
            return;
        }
        // Disable and clear interrupts
        // Notice that this disables only 'external' interrupts (positive IRQn).
        NRF_LOG_DEBUG("Disabling interrupts. NVIC->ICER[0]: 0x%x", NVIC->ICER[0]);
    
        NVIC->ICER[0]=0xFFFFFFFF;
        NVIC->ICPR[0]=0xFFFFFFFF;
    #if defined(__NRF_NVIC_ISER_COUNT) && __NRF_NVIC_ISER_COUNT == 2
        NVIC->ICER[1]=0xFFFFFFFF;
        NVIC->ICPR[1]=0xFFFFFFFF;
    #endif
    
      err_code = nrf_dfu_mbr_vector_table_set( start_addr );
      if ( err_code != NRF_SUCCESS )
      {
        NRF_LOG_ERROR( "Failed running nrf_dfu_mbr_irq_forward_address_set()" );
      }
        err_code = nrf_dfu_mbr_irq_forward_address_set( start_addr );
        if (err_code != NRF_SUCCESS)
        {
            NRF_LOG_ERROR("Failed running nrf_dfu_mbr_irq_forward_address_set()");
        }
    
        NRF_LOG_FLUSH();
        nrf_bootloader_app_start_final(start_addr);
    }
    

    i also attached nrf_bootloader_app_start.c file in which i have added these chnages.

    apart from that i dont have any change in the bootloader code. An the code i am using is open bootloader code.

    Regards

    R_S

Reply
  • HI,

    pca10056_usb.zip

    I have attached the bootloader code here.

    In main.c line no 218. i am calling "nrf_bootloader_app_start();" API to jump to the application part.

    And inside nrf_bootloader_app_start() function i am given the start address as the application start address(0xED000).

    And also calling the function nrf_dfu_mbr_init_sd() & nrf_dfu_mbr_vector_table_set() as you mentioned.

    /**
     * Copyright (c) 2016 - 2019, Nordic Semiconductor ASA
     *
     * All rights reserved.
     *
     * Redistribution and use in source and binary forms, with or without modification,
     * are permitted provided that the following conditions are met:
     *
     * 1. Redistributions of source code must retain the above copyright notice, this
     *    list of conditions and the following disclaimer.
     *
     * 2. Redistributions in binary form, except as embedded into a Nordic
     *    Semiconductor ASA integrated circuit in a product or a software update for
     *    such product, must reproduce the above copyright notice, this list of
     *    conditions and the following disclaimer in the documentation and/or other
     *    materials provided with the distribution.
     *
     * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
     *    contributors may be used to endorse or promote products derived from this
     *    software without specific prior written permission.
     *
     * 4. This software, with or without modification, must only be used with a
     *    Nordic Semiconductor ASA integrated circuit.
     *
     * 5. Any software provided in binary form under this license must not be reverse
     *    engineered, decompiled, modified and/or disassembled.
     *
     * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
     * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
     * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
     * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
     * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
     * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
     * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
     * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     *
     */
    #include <stdint.h>
    #include "nrf.h"
    #include "nrf_bootloader_app_start.h"
    #include "nrf_bootloader_info.h"
    #include "nrf_log.h"
    #include "nrf_dfu_mbr.h"
    #include "nrf_log_ctrl.h"
    #include "nrf_bootloader_info.h"
    
    // Do the final stages of app_start. Protect flash and run app. See nrf_bootloader_app_start_final.c
    void nrf_bootloader_app_start_final(uint32_t start_addr);
    
    uint32_t nrf_dfu_mbr_vector_table_set(uint32_t address)
    {
        uint32_t ret_val;
    
        NRF_LOG_DEBUG("running vector table set");
        sd_mbr_command_t command =
        {
            .command = SD_MBR_COMMAND_VECTOR_TABLE_BASE_SET,
            .params.base_set.address = address,
        };
    
        ret_val = sd_mbr_command(&command);
        NRF_LOG_DEBUG("After running vector table set");
    
        return ret_val;
    }
    
    void nrf_bootloader_app_start(void)
    {
        uint32_t start_addr = 0xED000; // Always boot from end of MBR. If a SoftDevice is present, it will boot the app.
        NRF_LOG_DEBUG("Running nrf_bootloader_app_start with address: 0x%08x", start_addr);
        uint32_t err_code;
    
        err_code = nrf_dfu_mbr_init_sd();
        if (err_code != NRF_SUCCESS)
        {
            NRF_LOG_ERROR("Failed running nrf_dfu_mbr_init_sd");
            return;
        }
        // Disable and clear interrupts
        // Notice that this disables only 'external' interrupts (positive IRQn).
        NRF_LOG_DEBUG("Disabling interrupts. NVIC->ICER[0]: 0x%x", NVIC->ICER[0]);
    
        NVIC->ICER[0]=0xFFFFFFFF;
        NVIC->ICPR[0]=0xFFFFFFFF;
    #if defined(__NRF_NVIC_ISER_COUNT) && __NRF_NVIC_ISER_COUNT == 2
        NVIC->ICER[1]=0xFFFFFFFF;
        NVIC->ICPR[1]=0xFFFFFFFF;
    #endif
    
      err_code = nrf_dfu_mbr_vector_table_set( start_addr );
      if ( err_code != NRF_SUCCESS )
      {
        NRF_LOG_ERROR( "Failed running nrf_dfu_mbr_irq_forward_address_set()" );
      }
        err_code = nrf_dfu_mbr_irq_forward_address_set( start_addr );
        if (err_code != NRF_SUCCESS)
        {
            NRF_LOG_ERROR("Failed running nrf_dfu_mbr_irq_forward_address_set()");
        }
    
        NRF_LOG_FLUSH();
        nrf_bootloader_app_start_final(start_addr);
    }
    

    i also attached nrf_bootloader_app_start.c file in which i have added these chnages.

    apart from that i dont have any change in the bootloader code. An the code i am using is open bootloader code.

    Regards

    R_S

Children
Related