Skip to main content
Z
ZTale.1
Visitor II
February 25, 2023
Solved

custom bootloader problem on STM32F405

  • February 25, 2023
  • 8 replies
  • 3527 views

hello

i am working on a custom bootloader or STM32F405.

the Flash process is done correctly by the Bootloader, i checked the content of the flash.

the problem happens when the bootloader jumps to the application firmware which is located at adress 0x0800C000, the program goes to the Hard_fault handler function:

0693W00000aHet4QAC.jpg 

this is what i am using to jump from the bootloader :

0693W00000aHetPQAS.jpg 

thanks.

    This topic has been closed for replies.
    Best answer by ZTale.1

    hi

    Finally i found the problem , the last byte of the BIN file was not programmed as shown in picture :

    0693W00000aHf6VQAS.jpg 

    it is a stupid error, as i checked the content of the flash.

    thanks a lot for the help Tesla and Gbm

    8 replies

    T
    Tesla DeLorean
    Graduate II
    February 25, 2023

    Step the transition

    Know what numbers it is loading

    Make sure the SP / PC aren't something unworkable like 0xFFFFFFFF

    Z
    ZTale.1Author
    Visitor II
    February 25, 2023

    hi thanks Tesla,

    this is the last instruction before doing the jump to main :

    0693W00000aHeyJQAS.jpg 

    this is also the flas memory part so you can see the R0 adress content :

    0693W00000aHeyOQAS.jpg

    G
    gbm
    Graduate
    February 25, 2023
    1. Check the content of two words at 0x0800c000.
    2. Make sure that VTOR is loaded with the app base address 0x0800c000 by the bootloader or your app.
    3. The cast in line 224 is suspicious. It's safer to skip it - it's not really needed.
    T
    Tesla DeLorean
    Graduate II
    February 25, 2023

    This isn't the main() routine, if you follow this it will go to the scatter loader to initialize the BSS (copying/clearing RAM), and finally enter main().

    You should be able to breakpoint in main()

    The HardFault Handler should be able to unpack the processor state and instruction that faults.

    See previous examples.

    If it is calling the HardFault Handler on the loader side, it suggests SCB->VTOR is not set properly in SystemInit(), SCB->VTOR should be set to 0x0800C000 now.

    Z
    ZTale.1Author
    Visitor II
    February 25, 2023

    the hardfault handler is called on the application side.

    Z
    ZTale.1Author
    Visitor II
    February 25, 2023

    hi GBM, thanks or the answer

    i checkd VTOR and it is loaded with 0x0800c000.

    this is the content of 0x0800c000 in flash memory :

    0693W00000aHezvQAC.jpg

    G
    gbm
    Graduate
    February 25, 2023

    Try to replace lines 224..226 with:

          ( (void (*)(void)) *(uint32_t *)(APP_BASE + 4) )();

    T
    Tesla DeLorean
    Graduate II
    February 25, 2023

    The control transfer seems to be occurring, Hard faulting deeper into the execution of the app, supposedly before main()

    The the clocks are already up, I'd probably not repeat that in the app.

    Watch for other interrupting sources the boot loader has running, ie SysTick, TIM, USART as these will now point to uninitialized structures on the app side, and the scatter load will wipe out whatever the loader had set up in RAM.

    https://github.com/cturvey/RandomNinjaChef/blob/main/KeilHardFault.c

    Z
    ZTale.1Author
    Visitor II
    February 25, 2023

    i replaced the lines 224..226  and same problem.

    Z
    ZTale.1AuthorAnswer
    Visitor II
    February 25, 2023

    hi

    Finally i found the problem , the last byte of the BIN file was not programmed as shown in picture :

    0693W00000aHf6VQAS.jpg 

    it is a stupid error, as i checked the content of the flash.

    thanks a lot for the help Tesla and Gbm

    Terms & ConditionsAccessibility statement