techtechnique
Inactive User
- Joined
- Nov 25, 2012
- Messages
- 84
- Reaction score
- 8
The full flash size is 268,435,456 bytes.
Solo2 Jtag
- Thread starter dirkjan73
- Start date
The full flash size is 268,435,456 bytes.
Then you can simply forget about spare and ecc via jatag.You can check if cpu doing automatically or not only if you remove and read the spare with external programmer.Now you have only one chance , search inside saved dump for "UBI#" without "" but from end of dump (because the beginning was altered) If you find several time then the byte order it's OK, if you find "#IBU" then you have to swap bytes inside bootloader and probably will work.I don't have other idea with jtag.
techtechnique
Inactive User
- Joined
- Nov 25, 2012
- Messages
- 84
- Reaction score
- 8
I found several #ibu entries. (Lower case, if that makes any difference?)
Could you please explain what I need to do to swap the bytes in the bootloader?
Last edited:
techtechnique
Inactive User
- Joined
- Nov 25, 2012
- Messages
- 84
- Reaction score
- 8
Nope. Nothing. I will change the chip and hope this resolves the problem.
I've read your solution several times, am not new in this field, but I'm with some missing information.
So sorry to bother you with it, but what I wonder,
1 which, fault symptom you had.
2 programmer with pic18f, which plan did you use.
3 After read out the flash ... how, via SDA / SCL pins, other pins, straight from the nand chip or external.
4 extra part removed from 0x400000, programmed the flash ... how uploaded via the SDA / SCL pins, or externally with a reader / writer.
Ah, okay so you have the nand chip removed and in fact fixed with a nand chip reader/writer.
Yes it is familiar to me, I have the TNM 2000+ Universal Programmer with which I do this.
Thanks for the clarification, it is for me now understandable.
Thanks also for the explanation of the copy of the chip, very instructive.
It gave me clarity why a copy was not working on a new nand chip.
Yes it is familiar to me, I have the TNM 2000+ Universal Programmer with which I do this.
Thanks for the clarification, it is for me now understandable.
Thanks also for the explanation of the copy of the chip, very instructive.
It gave me clarity why a copy was not working on a new nand chip.
Last edited:
techtechnique
Inactive User
- Joined
- Nov 25, 2012
- Messages
- 84
- Reaction score
- 8
I have another Solo2 box to try and fix in addition to my own and I'm hoping someone can help me out a bit.
This has already had the flash chip changed, a Toshiba TC58NVG3S3ETA00, which differs slightly from the TC58NVG1S3ETA00 that the Chinese seem to be sending out as a replacement. This chip was bought from Aliexpress as a Solo2 flash replacement, but I cannot find the correct xml file relevant to this chip for the BBS software.
Needless to say, this box will not boot and at the moment BBS returns an error message: Maker ID returned from flash: FF does not match. I've tried creating an xml file using the NVG1S3 file as a template, changing the ID name, but it's not worked.
Can anyone assist please?
Edit - scratch that. On closer inspection of the chip it is actually a TC58NVG0S3ETA00. (The markings on the chip are very hard to read!)
I believe that this chip is not suitable as it is only a 1Gbit, whereas the original Samsung is 2Gbit.
Can anyone confirm this please?
This has already had the flash chip changed, a Toshiba TC58NVG3S3ETA00, which differs slightly from the TC58NVG1S3ETA00 that the Chinese seem to be sending out as a replacement. This chip was bought from Aliexpress as a Solo2 flash replacement, but I cannot find the correct xml file relevant to this chip for the BBS software.
Needless to say, this box will not boot and at the moment BBS returns an error message: Maker ID returned from flash: FF does not match. I've tried creating an xml file using the NVG1S3 file as a template, changing the ID name, but it's not worked.
Can anyone assist please?
Edit - scratch that. On closer inspection of the chip it is actually a TC58NVG0S3ETA00. (The markings on the chip are very hard to read!)
I believe that this chip is not suitable as it is only a 1Gbit, whereas the original Samsung is 2Gbit.
Can anyone confirm this please?
Last edited:
Yes,it's seems to be only 1G(128M) flash.The addressing it's a litte different: the 2G needs 5 commands(column,column,row,row,row) and the 1G and lower size flash needs 4 commands (column,column,row,row).
The chip ident command it's same for both type,and the answer for toshiba 1G: marker=98h device=D1h,the answer for K9F2G08U0C: marker=ECh device=DAh.In your case if returning FFh probably not soldered well or defective flash or unknown problem
I have a question too, maybe someone know the answer, how can detect the nand addressing length by the cpu at boot time (automatically with probes or jumper settings)????
Somebody have the documentation for BCM7356??
The chip ident command it's same for both type,and the answer for toshiba 1G: marker=98h device=D1h,the answer for K9F2G08U0C: marker=ECh device=DAh.In your case if returning FFh probably not soldered well or defective flash or unknown problem
I have a question too, maybe someone know the answer, how can detect the nand addressing length by the cpu at boot time (automatically with probes or jumper settings)????
Somebody have the documentation for BCM7356??
techtechnique
Inactive User
- Joined
- Nov 25, 2012
- Messages
- 84
- Reaction score
- 8
BCM7356? I thought the Solo2 had BCM7346???
If the Solo2 has BCM7356 and not BCM7346, could this be why the BBS is not recovering the NAND flash?
My BBS software only has BCM97346.msi, and I would assume I would need BCM97356.msi.
Is this correct?
If the Solo2 has BCM7356 and not BCM7346, could this be why the BBS is not recovering the NAND flash?
My BBS software only has BCM97346.msi, and I would assume I would need BCM97356.msi.
Is this correct?
Last edited:
Is not correct! BCM97346.msi - for Solo2 processor.
BCM97346.msi and programs and reads the flash.
After comparing the files are identical.
The problem is not in the ECC. The problem is that we need another boot loader.
The Chinese need to ask. Or maybe someone from the users will read your flash.
Last edited:
devilxtasy
Inactive User
- Joined
- Oct 14, 2014
- Messages
- 13
- Reaction score
- 5
I have sunray vu + solo 2 killed with bomb attack, it is possible to recover it without welding?
frank087234
DW Member +
- Joined
- Jun 1, 2012
- Messages
- 100
- Reaction score
- 26
it is possibe if you know how to use service port.
how did you manage to brick it???
- Joined
- Sep 16, 2014
- Messages
- 2,601
- Reaction score
- 1,674
I asked him that in the thread he started here. He did whilst manually inputting IP, dns, etc on Helios 16.
I've used this image on my sunray solo2 (v2) clone without a problem so for v2 clones I know it's not the Helios 16 that caused it on it's own.
techtechnique
Inactive User
- Joined
- Nov 25, 2012
- Messages
- 84
- Reaction score
- 8
What images had been installed before Helios? If Helios was 100% safe, the timebomb may have been applied by a previous image. That's what happened to my box.
Sent from my Z30 using Tapatalk
Sent from my Z30 using Tapatalk
techtechnique
Inactive User
- Joined
- Nov 25, 2012
- Messages
- 84
- Reaction score
- 8
I can confirm that the Jtag method worked on my dragonworth solo2 that got bricked with the time-bomb. I ran into two problems on the way, firstly Broadband studio wouldn't detect that is was connected using Windows 8 64bit, so I got my old Windows XP 32bit to run the program and it connected immediately. Secondly the program complained about bad starting sector when I tried to flash it. I chose the flash K9F1G08U0A like the PDF help file said, that might have been the problem, I dont know. I changed it to K9F1G08U0C because that is the number on my flash chip, made a full erase and tried again, and it worked like a charm.
I used soleros files from here: https://www.digitalworldz.co.uk/download-vu-clone-images-653/402721-download-jtag-vu-solo2.html -
and the Cypress CY7C68013A board, with the "jumper" removed.
I will be trying all images now to see which will work and which dont, and even hoping for it to brick so I can try flashing again. But I would like advice on one thing if anyone knows: Will the new images make any changes to other parts of my receiver, like the front panel processor or FPGA, or any changes that are not possible to revert from? Will I always be able to Jtag and go back to my safe images even if I try the brand new ones and get it bricked?
I used soleros files from here: https://www.digitalworldz.co.uk/download-vu-clone-images-653/402721-download-jtag-vu-solo2.html -
and the Cypress CY7C68013A board, with the "jumper" removed.
I will be trying all images now to see which will work and which dont, and even hoping for it to brick so I can try flashing again. But I would like advice on one thing if anyone knows: Will the new images make any changes to other parts of my receiver, like the front panel processor or FPGA, or any changes that are not possible to revert from? Will I always be able to Jtag and go back to my safe images even if I try the brand new ones and get it bricked?
techtechnique
Inactive User
- Joined
- Nov 25, 2012
- Messages
- 84
- Reaction score
- 8
I had the same issue as you, and while BBS successfully erased and reflashed the NAND chip, my box would not boot until I replaced the chip.
Naturally I am not keen to repeat the process so I have not loaded another image, sticking to the Blackhole 2.0.9 that came preprogrammed on the replacement chip. Interestingly, the Chinese supplier advised me to obtain images only from www.vuplus-downloads.org rather than VU+ and X Website --- Home as originally stated. Unfortunately on www.vuplus-downloads.org there are only 3 images available, and they're all crap! It seems that VU+ and X Website --- Home is only for Lonrinsun boxes.
Sent from my Z30 using Tapatalk
Naturally I am not keen to repeat the process so I have not loaded another image, sticking to the Blackhole 2.0.9 that came preprogrammed on the replacement chip. Interestingly, the Chinese supplier advised me to obtain images only from www.vuplus-downloads.org rather than VU+ and X Website --- Home as originally stated. Unfortunately on www.vuplus-downloads.org there are only 3 images available, and they're all crap! It seems that VU+ and X Website --- Home is only for Lonrinsun boxes.
Sent from my Z30 using Tapatalk
