#318 fram applications overwrite bsl/jtag passwords

mcu (21)

All FR5xx devices specify that the interrupt vector starts at 0xFF80, causing the toolchain to fill unused entries with a pointer to the default interrupt handler. This is consistent with the data sheets, but in fact the FR5xx user's guide tells us that there are BSL and JTAG passwords stored in the 0xFF8x area. It seems likely that storing the default interrupt handler address in this area is the cause of the FRAM "fuse blown" issue with mspdebug. There is also some evidence that suggests that if the default interrupt handler has an address where the low byte matches the BSL configuration TLV tag, BSL can be locked out.

Need to figure out a way to prevent the values in the lower part of the interrupt vector table from being overwritten.


  • Peter A. Bigot

    Peter A. Bigot - 2012-07-16

    Below is proposed fix, available in development release. LTS release will follow after confirmation.

    commit 0594213396817815f584efe3257987e704b4f187
    Author: Peter A. Bigot <pabigot@users.sourceforge.net>
    Date: Thu Jul 12 14:32:16 2012 -0500

    SF 3540953 fram applications overwrite bsl/jtag passwords

    No MSP430 chip has more than 25 valid interrupts, and they are assigned from
    the top down. The FRAM chips use lower words in the interrupt vector to
    hold BSL and JTAG passwords, and having real addresses in those locations
    has been shown to result in problems accessing BSL and JTAG. Leave the low
    32 words erased; this matches as-delivered MSP430FR5739 content for those

  • Peter A. Bigot

    Peter A. Bigot - 2012-09-11
    • status: open --> closed-fixed

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks