FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

With BFB2 set on an STM32F429 (i.e. the ROM bootloader runs before the application code) it is not possible to start an application that runs from the flash alias at address 0. That works fine with BFB2=0.

Wocket
Associate

‎2022-05-09 06:34 AM

STM32F429.

The problem appears after the bootloader has run and jumped to application code, which it does when BFB2=1. When my application reads data from addresses around 0, it gets data from the ROM bootloader instead of from flash. I.e. it behaves like if SYSCFG_MEMRMP.MEM_MODE=1 (system flash mapped at 0), although it should be, and is, set to 0 (flash mapped at 0) at this time. Reading the same addresses from the debugger returns data from flash.

Executing code from the mapping at 0 doesn't work: it is not possible to run a program that has specified its entry point as for example 0x00003089 in the vector table. I can set a break point at 0x3088, but the wrong instructions get executed from there.

Here is a simple reproducer program (I assemble it with GNU AS, no linker involved, so it gets located at address 0). It works for me with BFB2=0 in the option bits, but with BFB2=1 it does not.

.syntax unified
  .cpu cortex-m4
  .thumb
 
vector_table:
.word 0x20000100
.word 0x1001
 
.org 0x1000
reset:
    // Turn on a LED on PC3
    ldr r1,=0x40023800  // RCC base address
    ldr r0,=0x00000004  // GPIOCRST in RCC_AHB1ENR
    str r0,[r1,#0x30]   // Set GPIOCRST in RCC_AHB1ENR
 
    ldr r1,=0x40020800  // GPIOC base address
    ldr r0,=0x00000040  // MODER3 = 1 (GPIO out)
    str r0,[r1,#0x00]   // Set GPIOC_MODER
    ldr r0,=0x00000008  // ODR3 = 1
    str r0,[r1,#0x14]   // Set GPIOC_ODR
 
loop:
    bl loop

Labels:
2 REPLIES 2
Brian H
Senior

‎2022-11-14 06:48 AM

I am also having trouble getting code to work with BFB2 set. In my case, application code runs for a short time, then the chip resets, in an endless loop. This begins immediately after the option bit takes effect. See this thread. I am also without an answer so far. Hopefully this comment will help raise exposure for both of us.

0 Kudos
Brian H
Senior

‎2022-11-14 07:05 AM

Oh, I think I might know the answer to your problem, from the docs. See AN4767 section 3.2, Automatic Bank Selection:

"Beware of using the address 0x0000 0000 with dual bank automatic selection. This address range remains aliased to the system memory, despite the fact that the BOOT0 value points to main Flash memory selection."

So your application needs to be based at 0x0800 0000, not 0x0000 0000, for BFB2 to work properly. You say your application is based at 0x0000 0000, which the docs say won't work (as that address points into system memory when BFB2 is set).

0 Kudos
Top