now, this will be a funny story. i'll give some tips based on my experiences and maybe it helps someone once in the future.
i've recently been offered a simpad sl4 that had only one fault, it wasn't able to resume after you suspended it by pressing the power on button. you could turn it on only by soft resetting it. the strange thing was that it *could* power on with the power on button directly after hard reset. but only once after every hard reset.
that sure sounded like it was a corrupted resume routine code in the bootloader. when it sees the simpad has been hard reset it will go a different routine and so it is able to power the screen on and boot the system.
(same for soft reset, again different, not corrupted code
).
so naturally we
(owner and i
) tried to reflash it. the commonly available bootloader images that are flashable via the normal method, using serload, are the 2.5.3 ones. these are not "full" images, will only update part
(most part
) of the original v2.4 bootloader. sure enough, the resume code isn't in the updated part...
so the reflash with these didn't help.
one strange thing here, owner managed to flash loader_bl in twice, in the place of alternative bootloader too.
(never flashed loader_bl.alt apparently
) can someone tell me how that is possible
(i of course flashed in the correct loader_bl.alt in there later
)
so i went to try and hunt down the original 2.4 bootloader image. yeah you can get it from the simpad linux pages but it is useless, it is not the flashable format that serload understands. it will not tell serload where to start flashing it in. it is the plain dumped image of the bootloader. so if you can't / don't want to jtag
(i certainly cannot solder... can't disassemble-reassemble simpad... can't build a jtag cable... can't use cygwin to compile the jtag software...
). there is of course another way, flash linux bootloader
(and whole linux?
) in, and use that to tell the start address where to flash the thing in, etc.
(also it doesn't need the special image format serload requires
)
well, i still didn't feel like flashing linux just because i wanted to fix one single corrupt byte.
then i stumbled upon the original full 2.4 bootloader
(not the crippled one
) in flashable format
(telling start address and everything
)
the problem now was that serload still wasn't willing to flash that in
(well, actually not flashing.. copying it into ram... from where the bootloader actually flashes it in rom
). apparently the bootloader that serload talks to won't allow access to the "secret" parts that aren't updated by the normal serload method.
what you need to do is force the alternative bootloader into a special mode, from where it will allow full access to flash full v2.4 bootloader image in, still via serload.
remove the little round plate off the back of the simpad
(the one under which you can press a switch to hard reset, where it looks like a backup battery could fit - but it isn't there
). there you'll find some pins at the bottom. short the first two pins
(starting from the top left corner, goign in the direction of the top right corner, first and two pins
), keep them shorted, while pressing reset button with the stylus. simpad should be hooked up to hyperterminal all the time. now you can see it switches to alternative bootloader and enters a special mode
(* terminal output as quoted the end of this post
). as soon as the bootloader is loaded in, close hyperterminal session, start serload and type serload imagename
(which should be the original *full* v2.4 image in "flashable serload format"
. it will now flash it in. will take a little longer than usual... because it is a tricky bootloader and will flash itself
(minus the start of it
) into the alternative bootloader space too so now that alternative bootloader will be 2.4 too.
if you want, hard reset, i did not hard reset yet. cenet 4.1 english image loads fine with original 2.4 bootloaders. why do all the flashing instructions available on the web start like "upgrade to 2.5.3 first and then do the OS upgrade"??? i once had a cl4 clone and flashed it to cenet without upgrading the very old 1.4 bootloader on it.
btw, i made a second soft reset after the alternative bootloader loaded in the special mode, dunno why
(i guess i got scared because special mode kept saying "firmware update successfully finished, press button to reset" even though i had not flash anything yet
), but i just started serload only after resetting
(and closing hyperterminal session of course
). worked OK.
one last method that may work
(didn't try it
) but sounds a little scary is erasing the thing called bootstrap from the monitor menu using a hidden extended command.
(i'll look it up, i forgot it but it is documented at oesf.org forums.
)
bootstrap is basically most of the the first bootloader
(not alternative bootloader
) space
(*not* all of it, i think it leaves the start of it intact - it has to
), and erasing that will force the simpad to switch to the alternative bootloader in the special mode that will allow flashing a full image in.
very useful if you need to reflash the part that cannot be reflashed in normal mode.
wwell, so, i never read about this stuff in the readily available faq's. hope this helps someone. btw, i dunno where to download this 2.4 image, size 143,552 bytes
(all i can find now with google is the crippled or the plain jtag/linux 2.4 images
). but if anyone needs it i'll host it.
another important thing, i was thinking why so many simpads get bricked over time??? i have an idea and a partial solution
(without having to resort to jtagging
)... i'll write about that later especially if anyone is interested.
(hint: the whole above pin shorting trick is useful originally because you might revive a dead simpad this way, without jtagging the hell out of it
)
*:
start of terminal output of special mode:
PBL V2.4 20.07.2001
bootpin short to gnd booting internal image
================================================
Siemens Switzerland Bootloader V2.4 20.07.2001
Running @206Mhz Processor ID 0x6901b118
Press ESC for
Occupied Memory: [0x00004000-0x00008000],[0x01f00014-0x01f74b9c]
Flash Id 0x00000018 at virt adr 0x05000000 Size 0x01000000
No 32Bit Flash detected 0x00000000
FlashImage Checksum 0x05040014-0x05061ab0=0x72d30677 Image Update, Old Image unchecked
Fabdata Flash @0x05059f18 Ram @0x01f21ab4 Copy Fabdata to Ram... Done
[***************************************\]
Firmware Update Successfully Finished
Press Button to restart
Firmware Update Successfully Finished
Press Button to restart
(and so on...
)
Edited by cmonex 2006-10-09 2:27 AM
