Thanks. I wish I had known that a few weeks ago - it would have saved me days of debugging.
"By posting the new addresses that you have, are you in fact confirming that your observation of this address changing was erroneous:"
Code form 0x0000 to 0x001F
As for addresses 0x000E, 0x000F, 0x0012, and 0x0013 in Code Bank 0, I still see them being modified by a call to HalFlashWrite sometime after OSAL is initiated. I agree that this makes no sense and will clearly mess up part of the interrupt vector table, but in my case it's not a problem (since I'm not using the ADC end of conversion interrupt). I probably won't take the time to investigate the problem further - it's easier to simply skip over addresses 0x0000 to 0x0020 in the code verification algorithm. What's a few bytes out of 128K? The comment is more to raise awareness to your team and others who want to verify code space.