Updating firmware over RS232

[EdWaugh]

Hi all,

I'm trying to sort out a kind of a bootloader based on the CCS supplied loader.c but I'm having a problem. What I want to do is not have a bootloader as such but allow the user to select an option through the menu system of the main application where they can choose to update firmware.

I am using loader.c much as it is supplied and call load_program() and reset_cpu after the write has been done.

This works fine when I program the application with itself or with just a minor change like a value in a string. However, if I do a big change like add or remove some large library function it gets stuck in write_program_memory() after a short while. The point it gets stuck is fixed the same on repeated attempts and I am able to write past that point normally. I don't think it is a comms problem, I have no buffer overflows or anything.

I suspect I may be having some kind of writing over executing code problem but I don't think that should be the case as loader.c will not attempt to write over the load_program() functions. I have included my modified version below which basically just has changes to make it easier for me to read/understand and debug.

any thoughts would be most welcome.

cheers

ed

[PCM programmer]

1. Verify that your loader program is receiving and interpreting the
incoming data correctly.
Add printf statements to display the address and the bytes that come into
the loader routine. Comment out the code that erases and writes to
program memory. This will capture the entire incoming stream of
addresses and data. Copy and paste this information from the terminal
window, into MS Word and save it and print it. Now compare the
addresses and data that were received, to the original HEX file that
you sent to the PIC.

2. Determine the address at which it locks up.
Re-enable the erase and write program memory routines. Run the
above test again. You said it locks up at one point. Note the address.
Look at the .LST file for your original program (that's in the PIC). Look
at the code at the address where the problem occurs. This may
give you a clue.

You may be over-writing CCS library routines that are called by the
loader routine. The library code (putc, getc, delays, etc.) is not
guaranteed to be placed at the same ROM address by the compiler every
time you compile your program. So the loader may be calling library
routines that no longer exist at the addresses that its calling. One solution
is to make versions of the library code that are only for the loader
routine, so they can't be over-written.

[EdWaugh]

thanks for the great answer, I hadn't considered the routines I am linking in. I will give that all a try.

cheers

ed

[EdWaugh]

I had more of a think about it and your suggestion about library functions sounds like the problem to me. It's not clear to me how to do as you suggest however, is there a trick to it?

I have a memory of an old post I think by Ttelmah where the math routines for use in an interrupt are duplicated by putting a #org statement around that interrupt, my memory is tho that the math routine copies are not then stored inside the #org just two copies are created (otherwise wouldn't what I have already work as I am calling the functions inside a #org).

I could also use multiple #use functions for fputc (I will eliminate fprintf as two copies would be silly). I guess if I just create a new stream this shouldn't affect my other code.

I feel like I should be able to figure out the solution but it is eluding me, sorry if I've missed something obvious!

cheers

ed

[PCM programmer]

I created my own versions of the CCS library routines. Here is my
version of putc(). This code will reside in the "bootloader" area along
with the rest of the bootloader code. It can't be overwritten by new
firmware.

[EdWaugh]

After making that last post i had a go with just creating a new RS232 stream inside the #org directive and once I remembered to disable interrupts in the second application I was testing it all started to work very nicely. Tiny app loads giant app and then giant app loads tiny app.

I guess the CCS compiler must already be making second copies of those functions and placing them in the #org region for me.

I will tidy up the code tomorrow and post it here and in the completed code forum in case anyone finds it useful.

thanks

ed

[EdWaugh]

Hi all,

I have tidyed up and made a few modifications and posted my final code here:

http://www.ccsinfo.com/forum/viewtopic.php?p=116730#116730

It seems to work fine, I hand checked the .lst file and have confirmed there are no CALL, RCALL or GOTO statements that point outside of the #org defined area. Hopefully this means it is all self contained.

I have left it very big and very verbose as I think it makes it a nice demo for people trying to figure this out. The CCS built in functions all seem to get inlined, like:

make8()
make16()
make32()
reset_cpu()
write_program_memory()
read_program_memory()

C library functions like strncmp however had to be copied into the code. Putting the #use RS232 statement inside the #org seems to mean all serial port statements are also included in this code.

I am a bit concerned that a change in optimisation level might break this, so I may have a play with that now. Thanks to PCM Programmer for the suggestions.

Cheers

ed

[EdWaugh]

Hi again,

I just tried opt 0 and opt 10 and apart from getting a bit fatter the loader worked fine and when I checked the lst there were no references outside the #org.

I suspect this is because the built in functions aren't real C functions but just bits of asm that are pasted in at compile time. As long as this doesn't change there should be no problem.

ed

[jesconsa]

Try to put WRT on the FUSES!!!!!!!!!!!.........It works for me!!!!!!!!!! Ciao. Jesus