| Manufacture Code=EC Device Code=75 SAMSUNG K9F5608U0A 32M NAND flash Memory found dwROMTotalSize = 2000000 wTotalChip = 1 HTC Integrated Re-Flash Utility for bootloader Version:1.18d GreatWall PVT version:1.08 MainBoardID = 4 Built at: Mar 16 2003 11:05:12 Copyright (c) 1998-2002 High Tech Computer Corporation Turbo Mode Frequency = 398 MHz Run Mode Frequency = 398 MHz Memory Frequency = 100 MHz SDRAM Frequency = 100 MHz Main=0x90036118 awID[0]= 5050 (can differ from one device to the other, doesn't look like a unique identifier though) awID[1]= 5050 (can differ from one device to the other, doesn't look like a unique identifier though) SAMSUNG CF/ATA S1.18.4 (the following depends on your Flash device) Model number : SAMSUNG CF/ATA Firware revision : S1.18.4 Max Cylinder : 496, Max Head : 16, Max Sector : 32, Total space : 126976 KB Skip address transfer error: g_dwSkipLen=0 SER> h full Available monitor commands are: password [string] ? [command] [full] h [command] [full] r [[register] [[=] [hex_value]]] mb [StartAddr [Count [Filler]]] mh [StartAddr [Count [Filler]]] mw [StartAddr [Count [Filler]]] eb Addr eh Addr ew Addr l [path_name [startAddr offset ["cp"]]] lnb nb-file [StartAddr [Length [SkipOffset ["cp"]]]] map cp reg# OPC_2 CRm [value] d2s [StartAddr [Len [Type [Append[SkipStartAddr SkipLen]]]]] s2d shmsg [Row [Col ["String"]]] set [Type [Value]] task [Type [Value]] rbmc [FileName [StartAddr [Len]]] erase [StartAddr [Len]] wdata [StartAddr [Len]] checksum [StartAddr [Len]] passwordUsage:passwordpassword [string] Enter the password string to enable full help and command functions. Default string is "0000". Note: it seems that the default password is the same for all devices. On mine, it was "CPQHAMMER". To find your device password type "mb 7500 11". hUsage:hh [command] [full] Helps on command. When no command is given, output a list of normal commands. If "full" option used, display all commands(need password enable). But if one command is given, It will show the command usage method. rUsage:rr [[register] [[=] [hex_value]]] Display(r0-r15)/Set registers(r9-r11 only) value(s). When no register is given, all the registers' content are displayed. When only a register name is given, the content of that register is displayed. If the optional value is also given, the register's content is set to the new value. '=' sign is always ignored. mbUsage:mbmb [StartAddr [Count [Filler]]] Display/Set memory content. StartAddr can be either a hex_address or a register name When StartAddr is not given, memory display continues from the previous address. When Count is not given, previous Count is used for memory display Count is initially set to 20 (hex). If Filler is specified, the memory area is filled with Filler. Memory will be displayed/counted as bytes StartAddr must be in valid unmapped space. It is not validated. mhUsage:mhmh [StartAddr [Count [Filler]]] Display/Set memory content. StartAddr can be either a hex_address or a register name When StartAddr is not given, memory display continues from the previous address. When Count is not given, previous Count is used for memory display Count is initially set to 20 (hex). If Filler is specified, the memory area is filled with Filler. Memory will be displayed/counted as half-words StartAddr must be in valid unmapped space. It is not validated. mwUsage:mwmw [StartAddr [Count [Filler]]] Display/Set memory content. StartAddr can be either a hex_address or a register name When StartAddr is not given, memory display continues from the previous address. When Count is not given, previous Count is used for memory display Count is initially set to 20 (hex). If Filler is specified, the memory area is filled with Filler. Memory will be displayed/counted as words StartAddr must be in valid unmapped space. It is not validated. ebUsage:ebeb Addr Addr:hex memory address ehUsage:eheh Addr Addr:hex memory address ewUsage:ewew Addr Addr:hex memory address lUsage:ll [path_name [startAddr offset ["cp"]]] Download BIN file across from serial/USB port. Startaddr offset(MSB bit is a sign bit): Start address offset of every packet . When 'cp' is given, it will just compare data of file with ROM image. When path_name is not given, the file to be downloaded is determined by ppfs on the host. Otherwise, path_name on the host is downloaded regardless the ppfs setting. The file must be in the format of BIN (preprocessed SRE). The code is auto-launched once downloaded. lbUsage:lnblnb nb-file [StartAddr [Length [SkipOffset ["cp"]]]] Download nb file to ROM. StartAddr : Start address for downloading(default=80000000). Length : Length for downloading(default=FFFFFFFF). SkipOffset : SkipOffset for downloading(default=00028000). cp : Compare image with file data only. mapUsage:mapmap Display virtual address mapping table Example:
cpUsage:cpcp reg# OPC_2 CRm [value] Access coprocessor(cp15 only) registers d2sUsage:d2sd2s [StartAddr [Len [Type [Append[SkipStartAddr SkipLen]]]]] Backup memory to storage. StartAddr : Start address for backup(0xA0040000). Len : Length of memory will be backup. And if not given value, it will be Total ROM size on board - ((StartAddress & 0x0FFFFFFF) - (ROM base address(0) & 0x0FFFFFFF)). Type : Which storage(cf/sd) type will be selected(cf). Append : Backup methods(a/). SkipStartAddr : Start address of skip area(0x0). SkipLen : Skip length(0x0). Skip area must be less than or equal to one block size of flash. Skip area must not over two blocks, must inside one block. Nand flash: Skip area size need be page boundary. Nor flash: Skip area size need be DWORD boundary. Notes:
s2dUsage:s2ds2d Restore memory from storage. shmsgUsage:shmsgshmsg [Row [Col ["String"]]] Show texts on display. Row(hex) : 0 - 17(11). Col(hex) : 0 - 12(C). Text String : The string which will be show on display. setUsage:setset [Type [Value]] Set control flags. Type(hex) : Control function types. Value(hex) : Setting values for types. If value is not given, default is 0. Type 0(Echo on/off): 1(on) and 0(off). Type 1(Operation mode): 1(auto) and 0(user). Type 2(Back color on/off): 1(on) and 0(off). Type 3(Inverse on/off): 1(on) and 0(off). Type 4(Front color value): 16 bits data Type 5(Background color value): 16 bits data Type 6(Set color of screen): Fill color to whole screen one time. Type 8(COMM queue flag): 0(TX_RX disable),1(RX enable),2(TX enable) and 3(TX_RX enable). Current flag settings: Type 0(Echo flag): cEchoFlag=(0x1). Type 1(Operation mode flag): cOpModeFlag=(0x0). Type 2(Back color flag): cBackColorShowFlag=(0x1). Type 3(Inverse flag): cShowInverseFlag=(0x0). Type 4(Front color): g_wFColor=(0x0). Type 5(Background color): g_wBColor=(0xFFFF). Type 6(Set color of screen): None. Type 8(COMM queue flag): g_cCommQueueFlag=(0x0). tasktask [Type [Value]]Type(hex) 0: Do hardware clear boot and [value](hex) is ignore. Type(hex) 1: Get NAND flash ID and [value](hex) is ignore. Type(hex) 2: Dump the data form NAND page and [value](hex) is page number. Type(hex) 3: Get NAND flash UID(16bytes) and [value](hex) is ignore. Type(hex) 4: Set Low Level Erase flag and [value](hex): 1(enable) and 0(disable. Type(hex) 5: Make Nandflash MBR partition and [value](hex) is ignore. Type(hex) 7: Do flash ROM lock/unlock and [value](hex): 1(lock) and 0(unlock). rbmcUsage:rbmcrbmc [FileName [StartAddr [Len]]] Read back the memory content from the specified address to the host and save the data to specified file name. FileName : Full file path for save data of memory(default=c:\temp\Mem.nb). StartAddr : Start address of memory(default(hex)=A0000000). Len : How many bytes will be read. And if not given value, it will be Total ROM size on board - ((StartAddress & 0x0FFFFFFF) - (ROM base address(0) & 0x0FFFFFFF)). eraseUsage:eraseerase [StartAddr [Len]] Erase the contain of flash ROM. StartAddr : Start address of ROM(default(hex)=A0040000). Len : How many bytes will be erased(default(hex)=40000). wdataUsage:wdatawdata [StartAddr [Len]] Write data to memory(if write to ROM, need erase first). StartAddr : Start address of memory(default(hex)=B00B0000). Len : How many bytes will be written(default(hex)=40). Length must not more than 0x20000 bytes(buffer limitation). Write to RAM: 4 bytes(CRC checksum limitation). 1 byte(in user mode). Write to ROM: 4 bytes(CRC checksum limitation). 2(16-bit)/4(32-bit) bytes(in user mode). Write to ROM(16-bit data bus): 32 bytes(writebuffer mode). Write to ROM(32-bit data bus): 64 bytes(writebuffer mode). Length must be 4 bytes boundary(CRC checksum) if not in user mode. After command execute, then send out the data to terminal. Data format: HTCS(4 bytes)+DATA+checksum(4 bytes, if not in user mode)+HTCE(4 bytes). checksumUsage:checksumchecksum [StartAddr [Len]] Return CRC checksum of memory. StartAddr : Start address of ROM(default(hex)=A0000000). Len : How many bytes will be calculated. default(hex) = ROM total size - ((dwStartAddress & 0x0FFFFFFF) - (ROM_BASE & 0x) In user mode: Show 4 bytes of CRC checksum value on display of terminal. In auto mode: Send 4 bytes of CRC checksum value to terminal with data format. |