I am currently trying to develop a custom BSL application for the msp430f5328 processor and have blown 3 security fuses trying to get it to load onto the chip.
I currently am just trying to get stubs in place for the BSL so that it is never entered (always goes to main code). However, when I go to set the signatures (area 0x17F0 - 0x17FF) at load time, i get an error in code composer studio that says write verification failed at address 0x17F2. From that point, I can't do anything with the board because the security fuse has blown.
Here is the basic code:
#include "bsl_install.h" /* * In the BSL_SIG section, set the appropriate values. An explanation on this * can be found in the Custom BSL users guide. */ //#pragma SET_DATA_SECTION(".VERSION_SECTION") #pragma SET_DATA_SECTION(".BSL_SIG") // BSL_SIG : origin = 0x17F0, length = 0x0010 from linker file /* * Use the retain pragma so the compilers optimization won't * compile these out. Note, these variables aren't used, they are * just place holders for the BSL */ #pragma RETAIN(reserved0) #pragma RETAIN(protect_fcn) #pragma RETAIN(unlock_sign2) #pragma RETAIN(unlock_sign1) #pragma RETAIN(reserved1) #pragma RETAIN(start_fcn) #pragma RETAIN(jtag_security_fuse) /* * Suppress diagnositc message 70 ("integer conversion resulted in truncation"). * The compiler is forcing an error because we are casting a 32-bit pointer * to a 16-bit integer. However, we know that the 32-bit pointer is referencing * a location that is contained in 16 bits, so the truncation is ok. * Note: they will show up as a warning rather than an error */ #pragma diag_warning 70 /* * Set the variables (the first should start at the starting location * of the section */ const int reserved0 = 0xFFFF; const int protect_fcn = (int) ( ((unsigned long int) &bsl_protect)); const int unlock_sign2 = 0x3CA5; const int unlock_sign1 = 0xC35A; const int reserved1 = 0xFFFF; const int start_fcn = (int) ( ((unsigned long int) &bsl_entry)); const long int jtag_security_fuse = 0xFFFFFFFF; /* * Change the diagnostic action for 70 to the default. */ #pragma diag_default 70 #pragma SET_DATA_SECTION()First, I had the section that these get written into a safe area (main flash area I have reserved for version numbering), and debugged to ensure that the proper values were getting set in the memory locations I expected. After than, i set the data section to be the BSL_SIG section (defined as 0x17F0-0x17FF in the linker file), and immediately got the issue up program load. I also verified that no other location in the code is using the BSL_SIG section. What I find interesting is it seems to fail at 0x17F2, however 0x17FC-0x17FF are the JTAG locks. If this data got erased and the debugger never got the chance to write those values, I would think that the JTAG fuse would still be valid.
Also, I generate a .hex file, and the first line of the contents is:
:1017F000FFFF74E5A53C5AC3FFFF6ED1FFFFFFFF5B
Which if you follow that, it checks out as a valid setting into this memory.
Obviously I can't keep trying this because we have a very limited number of boards and we can't afford to burn one everytime a check doesn't work.
This has all been tested on CCS version 5.4.0.00091. I have the allow BSL read/write/erase access check-box checked. Any help would be greatly appreciated!