Database Info

The Infuse 4G Development Platform AKA UnBrickable Mod

Introduction
This is the 10th device to receive UnBrickable Mod! Lets go back to where it all started. It was proposed by XDA Member js22 that a device could be recovered without JTAG, using only it's native hardware. After months upon months of research, reading debug logs, reverse engineering of hardware and software, we came up with a solution.. Since I was the first to do it, I called it UnBrickable Mod. XDA Member Rebellos then reverse engineered a portion of the IBL into what is known as the HIBL(Hummingbird Interceptor BootLoader). We decided to call it this because the process goes like this: With UBM applied, the processor requests a code download from USB. We feed it the HIBL which reuses IBL code to authenticate with the Hummingbird's secure booting chain, then the Interceptor bootloader calls back and reuses the same IROM Download code used to download it, but we bypass security checks. This "Interception" of the boot sequence is why UnBrickable Mod works. The HIBL has proven to be so powerful and multipurpose that we've been able to package it into a one-click which works with ALL S5PC110 based devices with USB download capabilities.
I'd like to thank pdx 528e for donating the Infuse4G for this modification. This modification would not have been possible on this particular device without total removal of the processor.
After we verify this modification works This will be a replacement for JTAG. How could it possibly be better then JTAG? Let's count the ways....
1. The only part required is a wire.
2. No shipping time.
3. No cost for a box to interface the computer.
4. Permanent.
5. Can be done as a preventive measure.
6. Gives the ability to test new Bootloaders temporarily.
7. Allows development of the entire system.
8. Removes worry about flashing and acts as a backup.
After performing this mod:
Remove the battery, replace the battery, your phone will connect to the computer via USB and await commands. Otherwise it will pretty much act like an Infuse 4G. See the Special Instructions section.
Modification
You will need:
1. Get someone who knows what they're doing with a soldering iron. If they don't know what flux is, then they don't know what they're doing. You can send me a PM(my username @gmail.com) or Connexion2005(aka MobileTechVideos.com).
2. soldering iron - make sure it's sharp, if it's not sharp, then sharpen it, flux it and retin it.
3. flux
4. solder
5. tweezers
6. A relay (for the wire contained within)
getting started:
You will need a very small peice of wire. Tear apart the relay unravel the coil within and grab about 12cm~ of wire. The fact that it comes from a relay is important because relays generally have very small wire which are individually treated with a non-conductive coating.
Take the 12cm~ wire from the relay and tin the very edge of it. No more then 1/32". If you tin more then 1mm, cut off the excess. It is desirable to have a slight bit of excess solder on the tip of this wire.
performing the modification:
1. tear apart your phone... remove six(6) #1 phillips screws from the back. Then you can separate the back from the front. Make sure to take out your SIM and external SDCard before you do this.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
2. Remove the two(2) screws and four(4) electric connections securing the mainboard into the unit and remove the board.
3. remove the EM shield from the processor side.
4. remove xOM5 resistor.
5. Bridge the active side of xOM5 to the active side of xOM3. Most of the resistors in the top row will also work.
6. *OPTIONAL* for Bootloader development you will want UART output. You can use these points to a connection outside the device for UART. These points are exposed when the mainboard is secured to the unit. They are located on the JTAG port.
7. Reassemble the device.
Special Instructions
This replaces the battery charging sequence. The normal battery charging sequence can be activated by holding power for 4 seconds.
To turn on the device, and operate in normal mode, you must hold the power button for 5 seconds.
3 button Download mode works as usual, however you must not have the S5PC110 drivers installed on the computer. You can use your custom rom menu option, adb reboot download, or use a terminal to "reboot download". 301Kohm Factory Mode JIGs work as well, but you must press power to bypass the S5PC110 mode.
Conclusion
Congratulations. You now have a device which works like a KIT-S5PC110 with an OM Value of 29. Now get to developing some serious custom software.
reading material
Creating your own Samsung Bootloaders: http://forum.xda-developers.com/showthread.php?t=1233273
KIT-S5PC110 manual: http://www.mediafire.com/?94krzvvxksvmuxh
how to use DNW: http://tinyurl.com/dnw-how-to
Flash using openOCD and DNW: http://www.arm9board.net/wiki/index.php?title=Flash_using_OpenOCD_and_DNW
another DNW example: http://www.boardset.com/products/mv6410.php
ODroid dev center: http://dev.odroid.com/projects/uboot/wiki/#s-7.2
drivers and utilities
This will be an ever expanding list
Windows Drivers http://forum.xda-developers.com/attachment.php?attachmentid=678937&d=1312590673
Windows Download Tool DNW: http://forum.xda-developers.com/attachment.php?attachmentid=678938&d=1312590673
Windows Command Line tool: http://forum.xda-developers.com/showpost.php?p=17202523&postcount=27
Linux DNW Utility: http://dev.odroid.com/projects/uboot/wiki/#s-7.2
Linux ModeDetect tool: http://code.google.com/p/hummingbird-hibl/downloads/list
Linux Automated UnBricker:http://code.google.com/p/hummingbird-hibl/downloads/list
firmware
Bootloader Hello World by Rebellos http://forum.xda-developers.com/attachment.php?attachmentid=698077&d=1314105521
UnBrick tool http://forum.xda-developers.com/showthread.php?t=1242466

At this time I have not performed this modification. If you are in a pinch, please use this method. I will be performing this mod on my own device shortly.

We confirmed this device has got another iROM build, this means different HW revision of CPU.
HIBL for that will be released soon.

U are a genius Adam
Sent from my SAMSUNG-SGH-I997 using xda premium

JordanElliott said:
U are a genius Adam
Sent from my SAMSUNG-SGH-I997 using xda premium
Click to expand...
Click to collapse
I second that. I'm ready to send my phone in.
I'm not a developer but I try to play one on XDA. Seriously I'm not a developer. DlevROM Yo!

Thanks. But my wife wont let me touch hers...
Edit. Her phone...LOL..
Sent from my SAMSUNG-SGH-I897 using XDA App

To much trouble .....but thanks anyway
Sent from my SAMSUNG-SGH-I997 using xda premium

To bad i'm a perfectionist that doesn't know how to solder; my baby is to new to put her through this lol.
Sent from my SGH-I997 using xda premium

oh man glad to see this here thanks

It would be good to mention a recommendation on soldering iron power. I mean I have 75 watt irons, and 150/400 watt guns, I like to use a bigger than needed iron because it reduces the heat up time and if you get it the first time reduces damage but only if you get it exactly at the right time.
But I wouldn't put any of those big tools near a computer or phone. I'd say 15 Watts is plenty, 25 is manageable if you are good and the to is sharp and clean, these small electronics are soldered with infrared and aren't even designed to have an iron used on them. Keep that in mind if you consider this mod! This can be tricky stuff that can damage your hardware.
Adam, has any progress been made on the galaxy s to boot Meego or Linux? I know you can install Linux to the sd card and run it along side Android using terminal emulator to access it like you posted in the captivate section a while back but I never saw it running with a GUI on the phone, if you Jeanne a way to accesses fluxbox with the phones touch screen, that would be cool even if I can't boot stair into Linux yet.

This is really great thx so does it mean the infuse can be like the hd2 run almost all the popular Smartphone operating systems ?

leeroy1034 said:
This is really great thx so does it mean the infuse can be like the hd2 run almost all the popular Smartphone operating systems ?
Click to expand...
Click to collapse
What it means is that if you are a developer that wants to develop a way to do those things you can do it without fear or bricking. I doubt it will lead to the infuse being the next hd2 but its a step in the direction.

I'm just hoping it means more roms to get my flashing addiction fix
Sent from my SAMSUNG-SGH-I997 using XDA App

The_Zodiac said:
I'm just hoping it means more roms to get my flashing addiction fix
Sent from my SAMSUNG-SGH-I997 using XDA App
Click to expand...
Click to collapse
I hope it leads to Meego for the infuse, I kinda dislike Android, its too slow, too fractured, we shouldn't need all this super fast hardware to get a smooth experience. but I have never used Meego. Even with a lack of a huge app market it has to be better than lame ios or win phone7.

Wow, reading these threads and the custom bootloaders threads makes me realize how much smarter some of you are than me. I can only thank you for your work done and time given to the community. Great work to everyone involved!

AJerman said:
Wow, reading these threads and the custom bootloaders threads makes me realize how much smarter some of you are than me.
Click to expand...
Click to collapse
Personally...
Naah, I've just got loads of time to waste for pretty useless things (mainly, once per few months something useful like HIBL comes out) :d

https://m.google.com/app/plus/mp/217/#~loop:aid=z12pxpqbdlikhv0rj04cd5gbiz3wg5eqqjg&view=activity

Ok. I'm having a problem. We have USB debug mode..
Code:
Bus 001 Device 035: ID 04e8:1234 Samsung Electronics Co., Ltd
It is enumerating properly in Linux.
It is uploading the HIBL properly as well.
Code:
[email protected]:~/Desktop$ sudo smdk-usbdl -a d0020000 -f ./HIBL.bin
SMDK42XX,S3C64XX USB Download Tool
Version 0.20 (c) 2004,2005,2006 Ben Dooks <[email protected]>
S3C64XX Detected!
=> found device: bus 001, dev 034
=> loaded 24576 bytes from ./HIBL.bin
=> Downloading 24586 bytes to 0xd0020000
=> Data checksum 5d9c
=> usb_bulk_write() returned 24586
[email protected]:~/Desktop$
However, the device does not un-enumerate and re-enumerate as it usually does after receiving and executing the HIBL.
Here is the UART output from uploading HIBL.
Code:
Insert an OTG cable into the connector!
����
Uart negotiation Error
����
Here is a typical boot.
Code:
Uart negotiation Error
Insert an OTG cable into the connector!
Enumeration TimeOut Error
1
-----------------------------------------------------------
Samsung Primitive Bootloader (PBL) v3.0
Copyright (C) Samsung Electronics Co., Ltd. 2006-2010
-----------------------------------------------------------
+n1stVPN 2688
+nPgsPerBlk 64
PBL found bootable SBL: Partition(3).
MAX8893_REG_ONOFF return val 1
MAX8893_REG_DISCHARGE return val ff
MAX8893_REG_LSTIME return val 8
MAX8893_REG_DVSRAMP return val 9
MAX8893_REG_BUCK return val 2
MAX8893_REG_LDO1 return val 2
MAX8893_REG_LDO1 new val e
MAX8893_REG_LDO2 return val e
MAX8893_REG_LDO2 new val 10
MAX8893_REG_ONOFF return val 1
MAX8893_REG_ONOFF new val 21
MAX8893_REG_ONOFF return val 21
MAX8893_REG_ONOFF new val 31
Set cpu clk. from 400MHz to 800MHz.
OM=0x29, device=OnenandMux(Audi)
IROM e-fused - Non Secure Boot Version.
-----------------------------------------------------------
Samsung Secondary Bootloader (SBL) v3.0
Copyright (C) Samsung Electronics Co., Ltd. 2006-2010
Board Name: ARIES REV 03
Build On: May 19 2011 22:17:14
-----------------------------------------------------------
Re_partition: magic code(0x80040)
[PAM: ] ++FSR_PAM_Init
[PAM: ] OneNAND physical base address : 0xb0000000
[PAM: ] OneNAND virtual base address : 0xb0000000
[PAM: ] OneNAND nMID=0xec : nDID=0x50
[PAM: ] --FSR_PAM_Init
fsr_bml_load_partition: pi->nNumOfPartEntry = 12
partitions loading success
board partition information update.. source: 0x0
Now Read Images - ID : 1
.Done.
read 1 units.
==== PARTITION INFORMATION ====
ID : IBL+PBL (0x0)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 0
NO_UNITS : 1
===============================
ID : PIT (0x1)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 1
NO_UNITS : 1
===============================
ID : EFS (0x14)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 2
NO_UNITS : 40
===============================
ID : SBL (0x3)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 42
NO_UNITS : 5
===============================
ID : SBL2 (0x4)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 47
NO_UNITS : 5
===============================
ID : PARAM (0x15)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 52
NO_UNITS : 20
===============================
ID : KERNEL (0x6)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 72
NO_UNITS : 30
===============================
ID : RECOVERY (0x7)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 102
NO_UNITS : 30
===============================
ID : FACTORYFS (0x16)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 132
NO_UNITS : 1146
===============================
ID : DBDATAFS (0x17)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 1278
NO_UNITS : 536
===============================
ID : CACHE (0x18)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 1814
NO_UNITS : 130
===============================
ID : MODEM (0xb)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 1944
NO_UNITS : 60
===============================
loke_init: j4fs_open success..
load_lfs_parameters valid magic code and version.
reading nps status file is successfully!.
nps status=0x504d4f43
load_debug_level reading debug level from file successfully(0x574f4c44).
init_fuel_gauge: vcell = 3660mV, soc = 13
check_quick_start_condition- Voltage: 3660.0, Linearized[0/15/30], Capacity: 12
init_fuel_gauge: vcell = 3660mV, soc = 13, rcomp = d01f
reading nps status file is successfully!.
nps status=0x504d4f43
PMIC_IRQ1 = 0xc0
PMIC_IRQ2 = 0x0
PMIC_IRQ3 = 0x1
PMIC_IRQ4 = 0x0
PMIC_STATUS1 = 0x0
PMIC_STATUS2 = 0x0
get_debug_level current debug level is 0x574f4c44.
aries_process_platform: Debug Level Low
keypad_scan: key value ----------------->= 0x0
CONFIG_ARIES_REV:48 , CONFIG_ARIES_REV03:48
check_download: micorusb_status1 = 0, key_value = 0
aries_process_platform: final s1 booting mode = 0
DISPLAY_PATH_SEL[MDNIE 0x1]is on
MDNIE setting Init start!!
vsync interrupt is off
video interrupt is off
[fb0] turn on
MDNIE setting Init end!!
lcd_power_on_ld9040
s6e63m0_c110_spi_read_byte-------------------------: 86
DA lcd ID1 = 86
s6e63m0_c110_spi_read_byte-------------------------: 48
DB lcd ID2 = 48
s6e63m0_c110_spi_read_byte-------------------------: 44
DC lcd ID3 = 44
LCD_ID == 3
Autoboot (0 seconds) in progress, press any key to stop
get_debug_level current debug level is 0x574f4c44.
get_debug_level current debug level is 0x574f4c44.
boot_kernel: Debug Level Low
FOTA Check Bit
Read BML page=, NumPgs=
FOTA Check Bit (0x871f8801)
Load Partion idx = (6)
..............................done
Kernel read success from kernel partition no.6, idx.6.
setting param.serialnr=0x31352402 0x61dc00ec
setting param.board_rev=0x30
setting param.cmdline=console=ttySAC2,115200 loglevel=4
Starting kernel at 0x32000000...
Uncompressing Linux.............................................................
[ 0.000000] copy: bad source 0
[ 0.000000] mout_audss: bad source 0
[ 0.090119] KERNEL:kernel_sec_get_debug_level_from_boot=0x574f4c44
[ 0.094853] KERNEL:magic_number=0x0 DEBUG LEVEL low!!
[ 0.099864] (kernel_sec_set_upload_cause) : upload_cause set 0
[ 0.804603] irq requested hpd irq
[ 0.850107] --------A1026 i2c driver A1026_probe called
[ 0.853875] --------A1026_probe: device not supported
[ 0.859131] --------A1026_driver_init successful
[ 0.863514] --------A1026_dev_powerup called
[ 3.007976] Failed to request gpio touchkey_init:738
[ 3.011482] Failed to request gpio touchkey_init:740
[ 12.856445] init: [disk_config] initialize_mbr_flash for S1_EUR
[ 12.860891] init: [disk_config] [Disk Size (16005464064), (15630336k), secto]
[ 12.870565] init: [disk_config] calc_pte_of_disk -> start 64 num lba 2732844
[ 12.879153] init: [disk_config] calc_pte_of_disk -> start 27328512 num lba 3
[ 12.888197] init: [disk_config] compare_partition -> num_part 0 , offset (44)
[ 12.896007] init: [disk_config] [ target -> Disk0 : 13992165376 (13664224k) ]
[ 12.905162] init: [disk_config] Match partition table entry ... skip(0)
[ 12.911775] init: [disk_config] compare_partition -> num_part 1 , offset (46)
[ 12.919575] init: [disk_config] [ target -> Disk1 : 2013265920 (1966080k) 00]
[ 12.928584] init: [disk_config] Match partition table entry ... skip(1)
[ 12.935185] init: [disk_config] compare_partition -> num_part 2 , offset (47)
[ 12.942987] init: [disk_config] [ target -> Disk2 : 0 (0k) 00:00:00000000:00]
[ 12.950698] init: [disk_config] Match partition table entry ... skip(2)
[ 12.957303] init: [disk_config] compare_partition -> num_part 3 , offset (49)
[ 12.965104] init: [disk_config] [ target -> Disk3 : 0 (0k) 00:00:00000000:00]
[ 12.972811] init: [disk_config] Match partition table entry ... skip(3)
[ 12.979399] init: [disk_config] bNeedRoot : 0x00
[ 12.990828] init: cannot open '/initlogo.rle'
[ 13.075055] Failed to request FM_RESET!
[ 13.172981] init: [disk_config] :::: /dev/block/mmcblk0p1 :::::
[ 13.180732] init: [disk_config] vfat_identify -> ok
[ 13.184160] init: [disk_config] :::: /dev/block/mmcblk0p2 :::::
[ 13.190129] init: [disk_config] Error ::rfs_identify -> oem_name ()
[ 13.196466] init: [disk_config] rfs_identify -> failed
[ 13.202486] init: [disk_config] Error ::rfs_identify -> oem_name ()
[ 13.207833] init: [disk_config] rfs_identify -> failed
[ 13.213839] init: [disk_config] Error ::rfs_identify -> oem_name ()
[ 13.219189] init: [disk_config] rfs_identify -> failed
[ 13.225210] init: [disk_config] rfs_format -> /system/bin/fat.format -F 32 -
[ 13.252568] init: [disk_config] rfs_format -> ok[BIF: ] FSR VERSION: FSRM
[ 13.552104] init: cannot find '/system/bin/false', disabling 'noplaylogos'
[ 13.586570] init: cannot find '/system/etc/install-recovery.sh', disabling ''
sh: can't access tty; job control turned off
$ [ 19.506760] init: no such service 'bootanim'
[ 43.514858] init: no such service 'bootanim'
[ 61.035132] init: sys_prop: permission denied uid:1000 name:dpm.allowcamera
[ 71.204861] init: untracked pid 3290 exited
����
Uart negotiation Error
Rebellos, any ideas?

Updated 3rd post in this thread. We found out another S5PC110 iROM revision for the first time.

It's working. Excellent work Rebellos!
This log shows HIBL, then SBL going into download mode. Then a heimdall print-pit was excuted and the device rebooted.
Code:
����
Uart negotiation Error
-------------------------------------------------------------
Hummingbird Interceptor Boot Loader (HIBL) v1.0
Copyright (C) Rebellos 2011
-------------------------------------------------------------
Calling IBL Stage2 ...OK
Testing DRAM1 ...OK
iRAM reinit ...OK
cleaning OTG context ...OK
Chain of Trust has been successfully compromised.
Begin unsecure download now...
0x00000000BL3 EP: 0x40244000
Download complete, hold download mode key combination.
Starting BL3 in...
Set cpu clk. from 400MHz to 800MHz.
OM=0x29, device=OnenandMux(Audi)
IROM e-fused - Non Secure Boot Version.
-----------------------------------------------------------
Samsung Secondary Bootloader (SBL) v3.0
Copyright (C) Samsung Electronics Co., Modified by Rebell
Build On: Jun 8 2011 21:44:47
-----------------------------------------------------------
Re_partition: magic code(0x0)
[PAM: ] ++FSR_PAM_Init
[PAM: ] OneNAND physical base address : 0xb0000000
[PAM: ] OneNAND virtual base address : 0xb0000000
[PAM: ] OneNAND nMID=0xec : nDID=0x50
[PAM: ] --FSR_PAM_Init
fsr_bml_load_partition: pi->nNumOfPartEntry = 12
partitions loading success
board partition information update.. source: 0x0
.Done.
read 1 units.
==== PARTITION INFORMATION ====
ID : IBL+PBL (0x0)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 0
NO_UNITS : 1
===============================
ID : PIT (0x1)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 1
NO_UNITS : 1
===============================
ID : EFS (0x14)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 2
NO_UNITS : 40
===============================
ID : SBL (0x3)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 42
NO_UNITS : 5
===============================
ID : SBL2 (0x4)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 47
NO_UNITS : 5
===============================
ID : PARAM (0x15)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 52
NO_UNITS : 20
===============================
ID : KERNEL (0x6)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 72
NO_UNITS : 30
===============================
ID : RECOVERY (0x7)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 102
NO_UNITS : 30
===============================
ID : FACTORYFS (0x16)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 132
NO_UNITS : 1146
===============================
ID : DBDATAFS (0x17)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 1278
NO_UNITS : 536
===============================
ID : CACHE (0x18)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 1814
NO_UNITS : 130
===============================
ID : MODEM (0xb)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 1944
NO_UNITS : 60
===============================
loke_init: j4fs_open success..
load_lfs_parameters valid magic code and version.
reading nps status file is successfully!.
nps status=0x504d4f43
load_debug_level reading debug level from file successfully(0x574f4c44).
init_fuel_gauge: vcell = 4102mV, soc = 80
check_quick_start_condition_with_charger- Voltage: 4102.50000, Linearized[64/79/94], Capacity: 83
init_fuel_gauge: vcell = 4102mV, soc = 80, rcomp = d01f
reading nps status file is successfully!.
nps status=0x504d4f43
PMIC_IRQ1 = 0x28
PMIC_IRQ2 = 0x0
PMIC_IRQ3 = 0x0
PMIC_IRQ4 = 0x0
PMIC_STATUS1 = 0x40
PMIC_STATUS2 = 0x2c
get_debug_level current debug level is 0x574f4c44.
aries_process_platform: Debug Level Low
keypad_scan: key value ----------------->= 0x20
CONFIG_ARIES_REV:48 , CONFIG_ARIES_REV03:48
reading nps status file is successfully!.
nps status=0x504d4f43
==> Welcome to ARIES!
==> Entering usb download mode..
DISPLAY_PATH_SEL[MDNIE 0x1]is on
MDNIE setting Init start!!
vsync interrupt is off
video interrupt is off
[fb0] turn on
MDNIE setting Init end!!
Error : Current Mode is Host
EP2: 0, 2, 0; len=7
EP2: 0, 2, 0; len=7
sug: IN EP asserted
Error:Invalid connection string!
Error:Invalid connection string!
- Odin is connected!
set_nps_update_start: set nps start flag successfully.
process_packet: request id(100), data id(0)
process_rqt_init: platform number(0x0), revision(0x0)
process_packet: request id(100), data id(1)
process_packet: request id(101), data id(1)
.Done.
read 1 units.
check_pit_integrity: valid pit magic code.
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(2)
process_packet: request id(101), data id(3)
process_packet: request id(103), data id(0)
process_rqt_close: xmit completed!
set_nps_update_completed: set nps completed flag successfully.
process_packet: request id(103), data id(1)
process_rqt_close: target reset!
ARIES MAGIC_ADDR=0x0 / INFORM5=0x12345678
1
-----------------------------------------------------------
Samsung Primitive Bootloader (PBL) v3.0
Copyright (C) Samsung Electronics Co., Ltd. 2006-2010
-----------------------------------------------------------
+n1stVPN 2688
+nPgsPerBlk 64
PBL found bootable SBL: Partition(3).
MAX8893_REG_ONOFF return val 1
MAX8893_REG_DISCHARGE return val ff
MAX8893_REG_LSTIME return val 8
MAX8893_REG_DVSRAMP return val 9
MAX8893_REG_BUCK return val 2
MAX8893_REG_LDO1 return val 2
MAX8893_REG_LDO1 new val e
MAX8893_REG_LDO2 return val e
MAX8893_REG_LDO2 new val 10
MAX8893_REG_ONOFF return val 1
MAX8893_REG_ONOFF new val 21
MAX8893_REG_ONOFF return val 21
MAX8893_REG_ONOFF new val 31
Set cpu clk. from 400MHz to 800MHz.
OM=0x29, device=OnenandMux(Audi)
IROM e-fused - Non Secure Boot Version.
-----------------------------------------------------------
Samsung Secondary Bootloader (SBL) v3.0
Copyright (C) Samsung Electronics Co., Ltd. 2006-2010
Board Name: ARIES REV 03
Build On: May 19 2011 22:17:14
-----------------------------------------------------------
Re_partition: magic code(0x0)
[PAM: ] ++FSR_PAM_Init
[PAM: ] OneNAND physical base address : 0xb0000000
[PAM: ] OneNAND virtual base address : 0xb0000000
[PAM: ] OneNAND nMID=0xec : nDID=0x50
[PAM: ] --FSR_PAM_Init
fsr_bml_load_partition: pi->nNumOfPartEntry = 12
partitions loading success
board partition information update.. source: 0x0
Now Read Images - ID : 1
.Done.
read 1 units.
==== PARTITION INFORMATION ====
ID : IBL+PBL (0x0)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 0
NO_UNITS : 1
===============================
ID : PIT (0x1)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 1
NO_UNITS : 1
===============================
ID : EFS (0x14)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 2
NO_UNITS : 40
===============================
ID : SBL (0x3)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 42
NO_UNITS : 5
===============================
ID : SBL2 (0x4)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 47
NO_UNITS : 5
===============================
ID : PARAM (0x15)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 52
NO_UNITS : 20
===============================
ID : KERNEL (0x6)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 72
NO_UNITS : 30
===============================
ID : RECOVERY (0x7)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 102
NO_UNITS : 30
===============================
ID : FACTORYFS (0x16)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 132
NO_UNITS : 1146
===============================
ID : DBDATAFS (0x17)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 1278
NO_UNITS : 536
===============================
ID : CACHE (0x18)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 1814
NO_UNITS : 130
===============================
ID : MODEM (0xb)
ATTR : RO SLC (0x1002)
FIRST_UNIT : 1944
NO_UNITS : 60
===============================
loke_init: j4fs_open success..
load_lfs_parameters valid magic code and version.
reading nps status file is successfully!.
nps status=0x504d4f43
load_debug_level reading debug level from file successfully(0x574f4c44).
init_fuel_gauge: vcell = 4101mV, soc = 80
check_quick_start_condition_with_charger- Voltage: 4101.25000, Linearized[67/82/97], Capacity: 83
init_fuel_gauge: vcell = 4101mV, soc = 80, rcomp = d01f
reading nps status file is successfully!.
nps status=0x504d4f43
PMIC_IRQ1 = 0x0
PMIC_IRQ2 = 0x0
PMIC_IRQ3 = 0x0
PMIC_IRQ4 = 0x0
PMIC_STATUS1 = 0x40
PMIC_STATUS2 = 0x2c
get_debug_level current debug level is 0x574f4c44.
aries_process_platform: Debug Level Low
keypad_scan: key value ----------------->= 0x0
CONFIG_ARIES_REV:48 , CONFIG_ARIES_REV03:48
check_download: micorusb_status1 = 4, key_value = 0
aries_process_platform: final s1 booting mode = 0
DISPLAY_PATH_SEL[MDNIE 0x1]is on
MDNIE setting Init start!!
vsync interrupt is off
video interrupt is off
[fb0] turn on
MDNIE setting Init end!!
lcd_power_on_ld9040
s6e63m0_c110_spi_read_byte-------------------------: 86
DA lcd ID1 = 86
s6e63m0_c110_spi_read_byte-------------------------: 48
DB lcd ID2 = 48
s6e63m0_c110_spi_read_byte-------------------------: 44
DC lcd ID3 = 44
LCD_ID == 3
Autoboot (0 seconds) in progress, press any key to stop
get_debug_level current debug level is 0x574f4c44.
get_debug_level current debug level is 0x574f4c44.
boot_kernel: Debug Level Low
FOTA Check Bit
Read BML page=, NumPgs=
FOTA Check Bit (0x871f8801)
Load Partion idx = (6)
..............................done
Kernel read success from kernel partition no.6, idx.6.
setting param.serialnr=0x31352402 0x61dc00ec
setting param.board_rev=0x30
setting param.cmdline=console=ttySAC2,115200 loglevel=4
Starting kernel at 0x32000000...
Uncompressing Linux..............................................................................................................
[ 0.000000] copy: bad source 0
[ 0.000000] mout_audss: bad source 0
[ 0.090122] KERNEL:kernel_sec_get_debug_level_from_boot=0x574f4c44
[ 0.094863] KERNEL:magic_number=0x0 DEBUG LEVEL low!!
[ 0.099874] (kernel_sec_set_upload_cause) : upload_cause set 0
[ 0.802403] irq requested hpd irq
[ 0.846178] --------A1026 i2c driver A1026_probe called
[ 0.849942] --------A1026_probe: device not supported
[ 0.855208] --------A1026_driver_init successful
[ 0.859587] --------A1026_dev_powerup called
[ 3.004125] Failed to request gpio touchkey_init:738
[ 3.007639] Failed to request gpio touchkey_init:740
[ 12.613596] init: [disk_config] initialize_mbr_flash for S1_EUR
[ 12.617987] init: [disk_config] [Disk Size (16005464064), (15630336k), sector_size 512 :: num_lba 31260672 ]
[ 12.627716] init: [disk_config] calc_pte_of_disk -> start 64 num lba 27328448 next : 27328512
[ 12.636293] init: [disk_config] calc_pte_of_disk -> start 27328512 num lba 3932160 next : 31260672
[ 12.645348] init: [disk_config] compare_partition -> num_part 0 , offset (446)(0x1be)
[ 12.653148] init: [disk_config] [ target -> Disk0 : 13992165376 (13664224k) 00:0c:00000040:01a0ffc0 ]
[ 12.662313] init: [disk_config] Match partition table entry ... skip(0)
[ 12.668924] init: [disk_config] compare_partition -> num_part 1 , offset (462)(0x1ce)
[ 12.676721] init: [disk_config] [ target -> Disk1 : 2013265920 (1966080k) 00:0c:01a10000:003c0000 ]
[ 12.685729] init: [disk_config] Match partition table entry ... skip(1)
[ 12.692391] init: [disk_config] compare_partition -> num_part 2 , offset (478)(0x1de)
[ 12.700135] init: [disk_config] [ target -> Disk2 : 0 (0k) 00:00:00000000:00000000 ]
[ 12.707841] init: [disk_config] Match partition table entry ... skip(2)
[ 12.714454] init: [disk_config] compare_partition -> num_part 3 , offset (494)(0x1ee)
[ 12.722244] init: [disk_config] [ target -> Disk3 : 0 (0k) 00:00:00000000:00000000 ]
[ 12.729962] init: [disk_config] Match partition table entry ... skip(3)
[ 12.736538] init: [disk_config] bNeedRoot : 0x00
[ 12.748654] init: cannot open '/initlogo.rle'
[ 12.832898] Failed to request FM_RESET!
[ 12.931189] init: [disk_config] :::: /dev/block/mmcblk0p1 :::::
[ 12.938955] init: [disk_config] vfat_identify -> ok
[ 12.942398] init: [disk_config] :::: /dev/block/mmcblk0p2 :::::
[ 12.948354] init: [disk_config] Error ::rfs_identify -> oem_name ()
[ 12.954696] init: [disk_config] rfs_identify -> failed
[ 12.960739] init: [disk_config] Error ::rfs_identify -> oem_name ()
[ 12.966056] init: [disk_config] rfs_identify -> failed
[ 12.972089] init: [disk_config] Error ::rfs_identify -> oem_name ()
[ 12.977424] init: [disk_config] rfs_identify -> failed
[ 12.983432] init: [disk_config] rfs_format -> /system/bin/fat.format -F 32 -S 4096 -s 4 /dev/block/mmcblk0p2
[ 13.009915] init: [disk_config] rfs_format -> ok[BIF: ] FSR VERSION: FSR_1.2.1p1_b139_RTM
[ 13.310236] init: cannot find '/system/bin/false', disabling 'noplaylogos'
[ 13.337944] init: cannot find '/system/etc/install-recovery.sh', disabling 'flash_recovery'
sh: can't access tty; job control turned off
$ [ 19.257644] init: no such service 'bootanim'
[ 39.060649] init: sys_prop: permission denied uid:1000 name:wifi.interface
[ 44.151646] init: no such service 'bootanim'
the commands run were:
Code:
sudo smdk-usbdl -a d0020000 -f ./Infuse_HIBL_3.bin
sudo smdk-usbdl -a d40244000 -f ./Sbl.bin
You can get these pre-release binaries here: http://www.mediafire.com/file/yewg81mwdklb357/HIBLandSblBinaries.zip
Everything is working but I have not yet tested flashing. Flashing should go off without a hitch. You will use Odin 1.7 or 1.8.

[DEV] Discussion about USB-TTL UART JIG

Hey all,
I've created this thread to gather all the info and doubts about UART JIG (also so <I> don't pollute OpenFIMG's thread ).
Readings of interest:
Fun with resistors
Setup in a Nexus S (with pictures)
UART / Serial / JTAG
Odd serial port on Spica (samdroid)
Galaxy S UART JIG & Debugging connector
Developing methods to recover bricks without JTAG
Kernel serial console on i9100
UART Output / Bootloader Hacking / Kernel debugging
Configuration:
Vcc (Pin 1) -> Disconnected.
D- (Pin 2) -> RXD.
D+ (Pin 3) -> TXD.
ID (Pin 4) -> Connected to GND with 523k ohm attached.
GND (Pin 5) -> GND
Baud rate: 115200, 8N1. No control flow.
Boot from the SBL:
Code:
SBL>loadkernel
SBL>loadmodem
SBL>boot
How to get output from kernel.

tom3q said:
<Quote Snipped>.
Click to expand...
Click to collapse
Awesome. Thanks donator!
You've got the uart jig there? Can you test it? (I'm not getting any output.. not [X]BL, nor kernel)

moikop said:
Awesome. Thanks donator!
You've got the uart jig there? Can you test it? (I'm not getting any output.. not [X]BL, nor kernel)
Click to expand...
Click to collapse
This is what I get from the serial port of G3:
Code:
Secondary Boot Loader(SBL)
Built for apollo rev02 by root on Oct 27 2010 17:10:33
Copyright (C) SAMSUNG Corporation 2006-2010
[PAM: ] ++FSR_PAM_Init
[PAM: ] OneNAND physical base address : 0xb0000000
[PAM: ] OneNAND virtual base address : 0xb0000000
[PAM: ] OneNAND nMID=0xec : nDID=0x50
[PAM: ] --FSR_PAM_Init
fsr_bml_load_partition: pi->nNumOfPartEntry = 10
partitions loading success
==== PARTITION INFORMATION ====
ID : IBL & PBL (0x0)
ATTR : RO SLC PREWRITING (0x9002)
FIRST_UNIT : 0
NO_UNITS : 1
===============================
ID : SBL (0x1)
ATTR : RO ENTRYPOINT SLC BOOTLOADING PREWRITING (0xd402)
FIRST_UNIT : 1
NO_UNITS : 5
===============================
ID : PARAM (0x2)
ATTR : RW SLC (0x1001)
FIRST_UNIT : 6
NO_UNITS : 2
===============================
ID : EFS (0x18)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 8
NO_UNITS : 32
===============================
ID : KERNEL (0x4)
ATTR : RO SLC PREWRITING (0x9002)
FIRST_UNIT : 40
NO_UNITS : 30
===============================
ID : FACTORYFS (0x15)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 70
NO_UNITS : 880
===============================
ID : DATAFS (0x16)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 950
NO_UNITS : 810
===============================
ID : CACHE (0x17)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 1760
NO_UNITS : 152 (*mismatch* 152 should be 150)
===============================
ID : TEMP (0x3)
ATTR : RW SLC (0x1001)
FIRST_UNIT : 1912
NO_UNITS : 28 (*mismatch* 28 should be 30)
===============================
ID : MODEM (0x5)
ATTR : RO SLC PREWRITING (0x9002)
FIRST_UNIT : 1940
NO_UNITS : 64
===============================
Read image(PARAM) from flash .......
..Done
read 2 units.
Normal Case : MAIN(O) & BACKUP(O)
main: Debug Level Low
RST_STAT = 0x00000004 WAKEUP_STAT = 0x00000000
s5p_fb_info_init start
s5p_fb_info_init end
s5p_fimd_info_init start
s5p_fimd_info_init end
LoadPNG: width:240, height:400, bpp:32, color_type:6, channels:4, rowbytes:960
lcd_gpio_init start
lcd_gpio_init end
lcd_backlight_ctrl start
lcd type: 1
ldi mtpdata: 52 9 11
lcd type is smd
set brightness:0x43
lcd_backlight_ctrl end
SBL:Phone Boot Mode=0
AST_POWERON
usb_download_mode:0
Autoboot (0 seconds) in progress, press any key to stop
AST_ERROR
Autoboot aborted
Type "help" to get a list of commands
SBL>
SBL>
SBL>
SBL> help
Following commands are supported:
* setenv
* savedefault
* saveenv
* printenv
* help
* sec_log
* kernel
* boot
* reset
* nandwrite
* nandread
* nkernel
* readcheck
* savepart
* delpart
* addpart
* showpart
* loadmodem
* loadkernel
* eraseall
* erasepart
* close
* open
* format
* getreg
* setreg
* getadc
* sleep
To get commands help, Type "help <command>"
SBL>
When I let the kernel boot instead of entering the console I get no output from the kernel, possibly because UART switch is being reconfigured to modem somewhere in the kernel, kernel doesn't have serial console enabled or the serial port passed to the kernel in kernel arguments by the bootloader isn't the serial port accessible from microUSB connector.
For reference:
Code:
Secondary Boot Loader(SBL)
Built for apollo rev02 by root on Oct 27 2010 17:10:33
Copyright (C) SAMSUNG Corporation 2006-2010
[PAM: ] ++FSR_PAM_Init
[PAM: ] OneNAND physical base address : 0xb0000000
[PAM: ] OneNAND virtual base address : 0xb0000000
[PAM: ] OneNAND nMID=0xec : nDID=0x50
[PAM: ] --FSR_PAM_Init
fsr_bml_load_partition: pi->nNumOfPartEntry = 10
partitions loading success
==== PARTITION INFORMATION ====
ID : IBL & PBL (0x0)
ATTR : RO SLC PREWRITING (0x9002)
FIRST_UNIT : 0
NO_UNITS : 1
===============================
ID : SBL (0x1)
ATTR : RO ENTRYPOINT SLC BOOTLOADING PREWRITING (0xd402)
FIRST_UNIT : 1
NO_UNITS : 5
===============================
ID : PARAM (0x2)
ATTR : RW SLC (0x1001)
FIRST_UNIT : 6
NO_UNITS : 2
===============================
ID : EFS (0x18)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 8
NO_UNITS : 32
===============================
ID : KERNEL (0x4)
ATTR : RO SLC PREWRITING (0x9002)
FIRST_UNIT : 40
NO_UNITS : 30
===============================
ID : FACTORYFS (0x15)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 70
NO_UNITS : 880
===============================
ID : DATAFS (0x16)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 950
NO_UNITS : 810
===============================
ID : CACHE (0x17)
ATTR : RW STL SLC (0x1101)
FIRST_UNIT : 1760
NO_UNITS : 152 (*mismatch* 152 should be 150)
===============================
ID : TEMP (0x3)
ATTR : RW SLC (0x1001)
FIRST_UNIT : 1912
NO_UNITS : 28 (*mismatch* 28 should be 30)
===============================
ID : MODEM (0x5)
ATTR : RO SLC PREWRITING (0x9002)
FIRST_UNIT : 1940
NO_UNITS : 64
===============================
Read image(PARAM) from flash .......
..Done
read 2 units.
Normal Case : MAIN(O) & BACKUP(O)
main: Debug Level Low
RST_STAT = 0x00000004 WAKEUP_STAT = 0x00000000
s5p_fb_info_init start
s5p_fb_info_init end
s5p_fimd_info_init start
s5p_fimd_info_init end
LoadPNG: width:240, height:400, bpp:32, color_type:6, channels:4, rowbytes:960
lcd_gpio_init start
lcd_gpio_init end
lcd_backlight_ctrl start
lcd type: 1
ldi mtpdata: 52 9 11
lcd type is smd
set brightness:0x43
lcd_backlight_ctrl end
SBL:Phone Boot Mode=0
AST_POWERON
usb_download_mode:0
Autoboot (0 seconds) in progress, press any key to stop
FOTA Check Bit
Read BML page=1e4ff, NumPgs=1
FOTA Check Bit (0x0)
Load Partion idx = (4)
..............................done
Kernel read success from kernel partition
setKernelParam: setting param.serialnr=3930c0cf08x 0x159100ec
setKernelParam: setting param.board_rev=0x2
setKernelParam: setting param.cmdline=console=ttySAC1,115200 loglevel=4 version=Sbl(1.0.0) 2010-10-27 17:10:33
Starting kernel at 0x22000000...

moikop said:
Awesome. I think ttySAC1 is defined as s3c2410_serial1 in the kernel. And maybe you'll have to change SWITCH_SEL from the sbl console (from 65 to 6543).
I still don't understand why all I get this � weird character :/
Vcc connected to 3.3v, 150k ohm (though tried with 619k too) resistor and baud rate 115200 8N1, right?
Click to expand...
Click to collapse
Maybe something wrong with your level converter?
Also, if I decoded color codes of resistors correctly, I have 522k ohms connected between GND and ID pins (two 1M connected in parallel and additional 22k after them).
Edit: Would make sense, as according to http://forum.xda-developers.com/showthread.php?t=820275 it would be
Code:
RID_FM_BOOT_OFF_UART, /* 1 1 1 0 0 523K Factory Mode Boot OFF-UART */

tom3q said:
Maybe something wrong with your level converter?
Also, if I decoded color codes of resistors correctly, I have 522k ohms connected between GND and ID pins (two 1M connected in parallel and additional 22k after them).
Edit: Would make sense, as according to http://forum.xda-developers.com/showthread.php?t=820275 it would be
Code:
RID_FM_BOOT_OFF_UART, /* 1 1 1 0 0 523K Factory Mode Boot OFF-UART */
Click to expand...
Click to collapse
Tried with both, 522k & 523k (just in case) and still the same.. So it's gotta be my level converter... that's weird :S

moikop said:
Tried with both, 522k & 523k (just in case) and still the same.. So it's gotta be my level converter... that's weird :S
Click to expand...
Click to collapse
Just for reference, my level converter: http://translate.google.com/transla...unikacja-przez-usb---modul-em212.html&act=url
EDIT: Maybe we should create new topic for discussion on such things?

tom3q said:
Just for reference, my level converter: http://translate.google.com/transla...unikacja-przez-usb---modul-em212.html&act=url
EDIT: Maybe we should create new topic for discussion on such things?
Click to expand...
Click to collapse
You're right. So here it is.
I don't see why my level converter wouldn't work, since it supports the right voltage, baud rate, etc.
mmm, some weird idea: what's you're bootloader version? (I mean from which release). I'm thinking maybe the bootloader version is my problem? (since I have Samsungs latest installed)

moikop said:
You're right. So here it is.
I don't see why my level converter wouldn't work, since it supports the right voltage, baud rate, etc.
mmm, some weird idea: what's you're bootloader version? (I mean from which release). I'm thinking maybe the bootloader version is my problem? (since I have Samsungs latest installed)
Click to expand...
Click to collapse
I don't know the exact version as it was already on the phone as I got it. The only thing saying a bit about the version is its output:
Code:
Built for apollo rev02 by root on Oct 27 2010 17:10:33
Have you tried different baud rates? Common ones other than 115200 are 9600 and 38400.
Also this thread would become a bit more informative if all the posts on this topic would get moved here from OpenFIMG thread.
EDIT: Also make sure that ground signal is properly connected, otherwise the converter might not recognize voltage levels correctly. What's exactly your connection layout? I have only 4 lines wired to the microUSB connector, RX, TX, GND and ID with VCC left unconnected.

tom3q said:
I don't know the exact version as it was already on the phone as I got it. The only thing saying a bit about the version is its output:
Code:
Built for apollo rev02 by root on Oct 27 2010 17:10:33
Click to expand...
Click to collapse
mmm.. I have JPU, so my bootloader is at least from 2011..
tom3q said:
Have you tried different baud rates? Common ones other than 115200 are 9600 and 38400.
Click to expand...
Click to collapse
Tried with those 3. With 9600 and 38400 I don't get anything, when with 115200 I get the "?" character.
tom3q said:
Also this thread would become a bit more informative if all the posts on this topic would get moved here from OpenFIMG thread.
Click to expand...
Click to collapse
I'll contact a mod and see what can be done.
tom3q said:
EDIT: Also make sure that ground signal is properly connected, otherwise the converter might not recognize voltage levels correctly. What's exactly your connection layout? I have only 4 lines wired to the microUSB connector, RX, TX, GND and ID with VCC left unconnected.
Click to expand...
Click to collapse
Double checked my GND connection and is ok. My layout is the following:
VCC -> 3.3v
Tx & Rx with their corresponding pins.
ID connected to GND with 523k ohm in between
and GND connected to GND.

Could you try without VCC connected?
I really don't think that Samsung would disable bootloader console used in service centers for phone diagnostics...

tom3q said:
Could you try without VCC connected?
Click to expand...
Click to collapse
Exact same result.
With GND disconected also same result.
If Tx is disconnected there's no output (obviously). So a badly soldered/connected Pin2 can be discarded.
Checked Rx too, So a badly soldered/connected Pin3 can be discarded as well..
tom3q said:
I really don't think that Samsung would disable bootloader console used in service centers for phone diagnostics...
Click to expand...
Click to collapse
You must be right..
Edit: I changed pin2 & pin3 (now Pin2 is to Rx and Pin3 to Tx). Also connected GND (but left vcc disconnected as you) and got it working
Thanks for the help!

moikop said:
Edit: I changed pin2 & pin3 (now Pin2 is to Rx and Pin3 to Tx). Also connected GND (but left vcc disconnected as you) and got it working
Thanks for the help!
Click to expand...
Click to collapse
So what good is this that you are doing? Benefits etc.
And are we meant to be doing something similar to make phone work better?
Sent from the Persian Sphinx's private Galaxy

PersianSphinx said:
So what good is this that you are doing? Benefits etc.
And are we meant to be doing something similar to make phone work better?
Sent from the Persian Sphinx's private Galaxy
Click to expand...
Click to collapse
With this, we can get into the SBL console, get information about kernel panics (not yet) and this will help us debug kernel ports, drivers ports, etc.
And no. This would be useless for a normal user. Unless that (s)he wants to make a Download JIG (to get into download mode without having to use the three-button combo). In that case, a different resistor value (301k) is needed (and no level converter, of cource )

@PersianSphinx
This wud resurrect a hard bricked phone...this JTAG thing
Sent from my GT-I9100 using Tapatalk

Orr.Penn.18 said:
@PersianSphinx
This wud resurrect a hard bricked phone...this JTAG thing
Sent from my GT-I9100 using Tapatalk
Click to expand...
Click to collapse
This is not JTAG.

moikop said:
Edit: I changed pin2 & pin3 (now Pin2 is to Rx and Pin3 to Tx). Also connected GND (but left vcc disconnected as you) and got it working
Thanks for the help!
Click to expand...
Click to collapse
This is common fault people are doing - phone Rxd must be connected to converter Txd and vice versa.

Kernel output:
To get kernel output, all you need to do is:
Code:
setenv SWITCH_SEL 6543
And then boot normally from SBL.
To make this setting permanent:
Code:
setenv SWITCH_SEL 6543
saveenv
Result:
Code:
SBL> boot
setKernelParam: setting param.serialnr=3830f5ff08x 0xd44100ec
setKernelParam: setting param.board_rev=0x2
setKernelParam: setting param.cmdline=console=ttySAC1,115200 version=Sbl(1.0.0)2
Starting kernel at 0x22000000...
Uncompressing Linux.............................................................
<6>Initializing cgroup subsys cpu
<5>Linux version 2.6.32.9 ([email protected]) (gcc version 4.5.2 (Sourcery G++ Lite2
CPU: ARMv6-compatible processor [410fb767] revision 7 (ARMv6TEJ), cr=00c5387f
CPU: VIPT nonaliasing data cache, VIPT nonaliasing instruction cache
Machine: GT-I5800
Memory policy: ECC disabled, Data cache writeback
<7>On node 0 totalpages: 65536
<7>free_area_init_node: node 0, pgdat c0aa7640, node_mem_map c0c3e000
<7> Normal zone: 512 pages used for memmap
<7> Normal zone: 0 pages reserved
<7> Normal zone: 65024 pages, LIFO batch:15
<7>On node 1 totalpages: 0
<7>free_area_init_node: node 1, pgdat c0aa7cf8, node_mem_map c0e47800
<4> Normal zone: 1 pages exceeds realsize 0
<7>On node 2 totalpages: 0
<7>free_area_init_node: node 2, pgdat c0aa83b0, node_mem_map c0e4f880
<4> Normal zone: 1 pages exceeds realsize 0
<7>On node 3 totalpages: 0
<7>free_area_init_node: node 3, pgdat c0aa8a68, node_mem_map c0e57900
<4> Normal zone: 1 pages exceeds realsize 0
CPU S5P6442 (id 0xababab00)
<7>s5p6442_init_clocks: initialising clocks
<6>S3C24XX Clocks, (c) 2004 Simtec Electronics
<7>s5p6442_setup_clocks: registering clocks
<6>mout_apll: source is fout_apll (1), rate is 667000000
<6>mout_epll: source is fout_epll (1), rate is 48000000
<6>mout_mpll: source is mpll (1), rate is 166000000
<6>mout_d0: source is mout_mpll (0), rate is 166000000
<6>mout_d1: source is mout_mpll (0), rate is 166000000
<6>mout_d0sync: source is mout_d0 (0), rate is 166000000
<6>mout_d1sync: source is mout_d1 (0), rate is 166000000
<6>mmc_bus: source is mout_mpll (6), rate is 83000000
<6>mmc_bus: source is mout_mpll (6), rate is 83000000
<6>mmc_bus: source is mout_mpll (6), rate is 83000000
<6>sclk_uart: source is mout_mpll (6), rate is 166000000
<6>sclk_uart: source is mout_mpll (6), rate is 166000000
<6>sclk_uart: source is mout_mpll (6), rate is 83000000
<6>spi-bus: source is mout_epll (7), rate is 48000000
<6>sclk_lcd: source is mout_mpll (6), rate is 166000000
<6>sclk_cam0: source is mout_mpll (6), rate is 166000000
<6>sclk_cam1: source is mout_mpll (6), rate is 166000000
<6>lclk_fimc: source is mout_mpll (6), rate is 166000000
<6>lclk_fimc: source is mout_mpll (6), rate is 166000000
<6>lclk_fimc: source is mout_mpll (6), rate is 166000000
<6>clk_g2d: source is mout_mpll (1), rate is 166000000
<6>i2sclk: source is i2smain_clk (0), rate is 48000000
<6>audss_hclk: source is i2smain_clk (0), rate is 48000000
<6>i2smain_clk: source is fout_epll (1), rate is 48000000
Built 1 zonelists in Zone order, mobility grouping on. Total pages: 65024
<5>Kernel command line: console=ttySAC1,115200 version=Sbl(1.0.0) 2011-05-27 142
<6>PID hash table entries: 1024 (order: 0, 4096 bytes)
<6>Dentry cache hash table entries: 32768 (order: 5, 131072 bytes)
<6>Inode-cache hash table entries: 16384 (order: 4, 65536 bytes)
<6>Memory: 256MB = 256MB total
<5>Memory: 247040KB available (7488K code, 1639K data, 2972K init, 0K highmem)
<6>SLUB: Genslabs=11, HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=4
<6>NR_IRQS:287
<7>s5p64xx_init_irq: initialising interrupts
<6>VIC @f4000000: id 0x00041192, vendor 0x41
<6>VIC @f4010000: id 0x00041192, vendor 0x41
<6>VIC @f4020000: id 0x00041192, vendor 0x41
<3>vic_pm_register: too few VICs, increase CONFIG_ARM_VIC_NR
Console: colour dummy device 80x30
s3c24xx_serial_initconsole
s3c24xx_serial_init_ports: initialising ports...
s3c24xx_serial_init_port: port=c0ad8a60, platdev=c0aabb10
s3c24xx_serial_init_port: c0ad8a60 (hw 0)...
...

moikop said:
To get kernel output, all you need to do is:
Code:
setenv SWITCH_SEL 6543
And then boot normally from SBL.
To make this setting permanent:
Code:
setenv SWITCH_SEL 6543
saveenv
Result:
Code:
SBL> boot
setKernelParam: setting param.serialnr=3830f5ff08x 0xd44100ec
setKernelParam: setting param.board_rev=0x2
setKernelParam: setting param.cmdline=console=ttySAC1,115200 version=Sbl(1.0.0)2
Starting kernel at 0x22000000...
Uncompressing Linux.............................................................
<6>Initializing cgroup subsys cpu
<5>Linux version 2.6.32.9 ([email protected]) (gcc version 4.5.2 (Sourcery G++ Lite2
CPU: ARMv6-compatible processor [410fb767] revision 7 (ARMv6TEJ), cr=00c5387f
CPU: VIPT nonaliasing data cache, VIPT nonaliasing instruction cache
Machine: GT-I5800
Memory policy: ECC disabled, Data cache writeback
<7>On node 0 totalpages: 65536
<7>free_area_init_node: node 0, pgdat c0aa7640, node_mem_map c0c3e000
<7> Normal zone: 512 pages used for memmap
<7> Normal zone: 0 pages reserved
<7> Normal zone: 65024 pages, LIFO batch:15
<7>On node 1 totalpages: 0
<7>free_area_init_node: node 1, pgdat c0aa7cf8, node_mem_map c0e47800
<4> Normal zone: 1 pages exceeds realsize 0
<7>On node 2 totalpages: 0
<7>free_area_init_node: node 2, pgdat c0aa83b0, node_mem_map c0e4f880
<4> Normal zone: 1 pages exceeds realsize 0
<7>On node 3 totalpages: 0
<7>free_area_init_node: node 3, pgdat c0aa8a68, node_mem_map c0e57900
<4> Normal zone: 1 pages exceeds realsize 0
CPU S5P6442 (id 0xababab00)
<7>s5p6442_init_clocks: initialising clocks
<6>S3C24XX Clocks, (c) 2004 Simtec Electronics
<7>s5p6442_setup_clocks: registering clocks
<6>mout_apll: source is fout_apll (1), rate is 667000000
<6>mout_epll: source is fout_epll (1), rate is 48000000
<6>mout_mpll: source is mpll (1), rate is 166000000
<6>mout_d0: source is mout_mpll (0), rate is 166000000
<6>mout_d1: source is mout_mpll (0), rate is 166000000
<6>mout_d0sync: source is mout_d0 (0), rate is 166000000
<6>mout_d1sync: source is mout_d1 (0), rate is 166000000
<6>mmc_bus: source is mout_mpll (6), rate is 83000000
<6>mmc_bus: source is mout_mpll (6), rate is 83000000
<6>mmc_bus: source is mout_mpll (6), rate is 83000000
<6>sclk_uart: source is mout_mpll (6), rate is 166000000
<6>sclk_uart: source is mout_mpll (6), rate is 166000000
<6>sclk_uart: source is mout_mpll (6), rate is 83000000
<6>spi-bus: source is mout_epll (7), rate is 48000000
<6>sclk_lcd: source is mout_mpll (6), rate is 166000000
<6>sclk_cam0: source is mout_mpll (6), rate is 166000000
<6>sclk_cam1: source is mout_mpll (6), rate is 166000000
<6>lclk_fimc: source is mout_mpll (6), rate is 166000000
<6>lclk_fimc: source is mout_mpll (6), rate is 166000000
<6>lclk_fimc: source is mout_mpll (6), rate is 166000000
<6>clk_g2d: source is mout_mpll (1), rate is 166000000
<6>i2sclk: source is i2smain_clk (0), rate is 48000000
<6>audss_hclk: source is i2smain_clk (0), rate is 48000000
<6>i2smain_clk: source is fout_epll (1), rate is 48000000
Built 1 zonelists in Zone order, mobility grouping on. Total pages: 65024
<5>Kernel command line: console=ttySAC1,115200 version=Sbl(1.0.0) 2011-05-27 142
<6>PID hash table entries: 1024 (order: 0, 4096 bytes)
<6>Dentry cache hash table entries: 32768 (order: 5, 131072 bytes)
<6>Inode-cache hash table entries: 16384 (order: 4, 65536 bytes)
<6>Memory: 256MB = 256MB total
<5>Memory: 247040KB available (7488K code, 1639K data, 2972K init, 0K highmem)
<6>SLUB: Genslabs=11, HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=4
<6>NR_IRQS:287
<7>s5p64xx_init_irq: initialising interrupts
<6>VIC @f4000000: id 0x00041192, vendor 0x41
<6>VIC @f4010000: id 0x00041192, vendor 0x41
<6>VIC @f4020000: id 0x00041192, vendor 0x41
<3>vic_pm_register: too few VICs, increase CONFIG_ARM_VIC_NR
Console: colour dummy device 80x30
s3c24xx_serial_initconsole
s3c24xx_serial_init_ports: initialising ports...
s3c24xx_serial_init_port: port=c0ad8a60, platdev=c0aabb10
s3c24xx_serial_init_port: c0ad8a60 (hw 0)...
...
Click to expand...
Click to collapse
Yep, on Spica setenv SWITCH_SEL 3 is enough. According to SBL sources, bit 0 selects USB switch mode and bit 1 selects UART swtich mode.

Orr.Penn.18 said:
@PersianSphinx
This wud resurrect a hard bricked phone...this JTAG thing
Sent from my GT-I9100 using Tapatalk
Click to expand...
Click to collapse
this is not jtag.... this is UART...this gives us info on what went wrong when the phone dosnt boot up properly when devs are testing new things.

I just received my level converter and it's working fine, I can get SBL logs.
But how to access the SBL prompt ?
I tried with some key combinaison but nothing work :/

[Q] Bluetooth media doesnt work on ported rom. Please help?

Any developer here??? Pls help me to fix bt media... My rom is HTC Sense 4 for htc explorer/pico which is ported by derefas from HTC Desire C. Bluetooth file transfer works very well but bt headset doesnt work. Here is the logcat.
E/BluetoothA2dpService.cpp( 349): onConnectSinkResult: D-Bus error: org.bluez.E
rror.Failed (Stream connection failed)
D/BluetoothA2dpService( 349): checkSinkSuspendState(): state=0,mTargetA2dpState
=-1
D/StateMachine( 349): handleMessage: new destination call exit
D/StateMachine( 349): invokeExitMethods: PendingCommandState
I/BluetoothProfileState( 349): Message:Entering Stable State
D/AudioService( 349): isSpecialCase=true , mEventAudioOnly=false , isStreamActi
ve=false
D/AudioService( 349): checkEqIdAndApplyEffect isHeadsetPlugged()=false , mBluet
oothHeadsetConnected=false , id=900 , mHtcSpecificAP=false , mGlobalSoundEffect=
900
V/AudioHardwareMSM72XX( 114): setParameters() global_effect=none
D/AudioService( 349): broadcastSoundEffectChanged beats state=false appName=BT
state changed
V/BluetoothEventManager( 2780): Received android.bluetooth.a2dp.profile.action.C
ONNECTION_STATE_CHANGED
I/LocalBluetoothProfileManager( 2780): Failed to connect A2DP device
D/StateMachine( 349): handleMessage: new destination call exit
D/StateMachine( 349): invokeExitMethods: OutgoingA2dp
I/BluetoothDeviceProfileState( 349): Entering ACL Connected state with: 102
D/BluetoothA2dpService( 349): A2DP state : device: C4:85:08:05:59:5A State:1->0
I/BluetoothA2dpService( 349): [embedded] A2DP state : address: C4:85:08:05:59:5
A name: SHEKHAR-PC State:1->0
D/BluetoothAdapterStateMachine( 349): BluetoothOn process message: 52
D/BluetoothService( 349): CONNECTION_STATE_CHANGE: C4:85:08:05:59:5A: 1 -> 0
V/BluetoothEventManager( 3562): Received android.bluetooth.a2dp.profile.action.C
ONNECTION_STATE_CHANGED
I/LocalBluetoothProfileManager( 3562): Failed to connect A2DP device
I/USERIAL_LINUX( 3593): ##### USERIAL_Ioctl: BT_Sleep, USERIAL_IO_BT_WAKE_DEASSE
RT ####
D/PhoneStatusBarPolicy( 634): isCdma():false hasService:true mSimState=UNKNOWN
gprsState=0 mDataState=0 dataActivity=1 mPhone.htcModemLinkOn:false hspa==true
E/ ( 3593): btm_sec_disconnected - Clearing Pending flag
W/ ( 3593): BTA_DM_LINK_DOWN_EVT::bdaddr c4:85:08:05:59:5a reason x13
I/ ( 3593): send_ctrl_msg: [BTL_IFS CTRL] send BTLIF_DTUN_SIGNAL_EVT (CTR
L) 11 pbytes (hdl 22)
D/DTUN_HCID4( 3608): dtun_dm_sig_link_down()
I/DTUN_HCID4( 3608): dtun_dm_sig_link_down device = 0x6f7900 reason = 19
I/DTUN_HCID4( 3608): [embedded]LINK_DOWN name = SHEKHAR-PC, address = C4:85:08:0
5:59:5A, reason = 0x13
D/BluetoothEventLoop( 349): Device property changed: C4:85:08:05:59:5A property
: Connected value: false
D/ ( 3593): >>> STOP GKI_timer_update(), wake_lock_count:0
D/ ( 3593): >>> SUSPENDED GKI_timer_update()
Can anyone guide me to fix this?

somthing intresting help unbrick

[PWRAP] pwrap_init_preloader
[PWRAP] pwrap_init
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=0 rdata=5AA5
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=1 rdata=5AA5
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=2 rdata=5AA5
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=3 rdata=5AA5
[PMIC_WRAP]wrap_init pass,the return value=0.
pl pmic init start
pl pmic efuse start
pl pmic efuse BUCK trim
[0x1C8]=0xF802
[0x1CA]=0x807F
[0x20E]=0xE0
[0x260]=0xF0
[0x286]=0xF0
pl pmic efuse end
pl pmic en rst [0x126]=0x13
[0xE]=0x1
[0x540]=0xA0
Battery exist
[0xE]=0x1
[0x540]=0xA0
pl vm read [0x290]=0x50
pl vm set [0x290]=0x52
pl vm check [0x290]=0x52
pl pmic init done
[PLFM] Init I2C: OK(0)
[PLFM] Init PWRAP: OK(0)
[PLFM] Init PMIC: OK(0)
[PLFM] chip[CA00]
[I2C][PL] [i2c0 write] i2c transaction complate
[BLDR] Build Time: 20140218-141828
==== Dump RGU Reg ========
RGU MODE: 75
RGU LENGTH: FFE0
RGU STA: 40000000
RGU INTERVAL: FFF
RGU SWSYSRST: 0
==== Dump RGU Reg End ====
RGU: g_rgu_satus:2
mtk_wdt_mode_config mode value=35, tmp:22000030
PL RGU RST: ??
SW reset with bypass power key flag
Find bypass powerkey flag
mtk_wdt_mode_config mode value=70, tmp:22000071
kpd register for pmic set!
mt_usb_calibraion: input_reg = 0x0
mt_usb_calibraion: term_vref = 0x0, clkref = 0x0, vrt_vref = 0x0,
[RTC] bbpu = 0x5, con = 0x426
[RTC] irqsta = 0x0, pdn1 = 0x0, pdn2 = 0x201, spar0 = 0x40, spar1 = 0x800
[RTC] new_spare0 = 0x0, new_spare1 = 0x1, new_spare2 = 0x1, new_spare3 = 0x1
[RTC] bbpu = 0x5, con = 0x424
SW reset with bypass power key flag
SW reset with bypass power key flag
[PLFM] WDT reboot bypass power key!
p1 pmic read INT_RSV(bit7)[0x138][0x80]
[RTC] rtc_bbpu_power_on done
[SD0] Bus Width: 1
[SD0] SET_CLK(260kHz): SCLK(259kHz) MODE(0) DDR(0) DIV(193) DS(0) RS(0)
[SD0] Switch to High-Speed mode!
[SD0] SET_CLK(260kHz): SCLK(259kHz) MODE(2) DDR(1) DIV(96) DS(0) RS(0)
[SD0] Bus Width: 8
[SD0] Size: 3696 MB, Max.Speed: 52000 kHz, blklen(512), nblks(7569408), ro(0)
[SD0] Initialized
[SD0] SET_CLK(52000kHz): SCLK(50000kHz) MODE(2) DDR(1) DIV(0) DS(0) RS(0)
msdc_ett_offline_to_pl: size<2> m_id<0x90>
msdc <0> <HYNIX > <H4G1d>
msdc <1> <xxxxxx> <H4G1d>
msdc failed to find
*******EMMC_INFO*******
eMMC partition size(1 block = 512Bytes):
BOOT1:<4096> blocks
BOOT2:<4096> blocks
RPMB :<4096> blocks
GP1 :<0> blocks
GP2 :<0> blocks
GP3 :<0> blocks
GP4 :<0> blocks
USER :<7569408> blocks
*******EMMC_INFO*******
fw id len:1
found:1,i:1
[EMI] DDR2
[EMI] eMMC/NAND ID = 90,1,4A,48,34,47,31,64,4
[EMI] MDL number = 1
[MEM] 1066 MHZ
rank 0 coarse = 15
rank 0 fine = 48
10:| 0 0 1 1 1 0
opt_dle value:8
rank 1 coarse = 15
rank 1 fine = 48
10:| 0 0 1 1 1 0
opt_dle value:8
byte:0, (DQS,DQ)=(8,8)
byte:1, (DQS,DQ)=(8,A)
byte:2, (DQS,DQ)=(8,8)
byte:3, (DQS,DQ)=(8,A)
[EMI] DRAMC calibration passed
[EMI] DQSINCTL:50000
[MEM] complex R/W mem test pass
[PLFM] Init Boot Device: OK(0)
[ROM_INFO] 'v2','0x2700000','0x20000','0x46C0000','0x2C00'
[SEC_K] SML KEY AC = 0
[SEC_K] SBC_PUBK Found
[SEC] AES Legacy : 0
[SEC] SECCFG AC : 1
[SEC] read '0x2700000'
0x41,0x4E,0x44,0x5F,0x53,0x45,0x43,0x43,
[LIB] SecLib.a '20121226-155014'
[LIB] CFG read size '0x4000' '0x1860'
[LIB] Name = SOMC
[LIB] Config = 0x11, 0x11
0x31,0x41,0x35,0x35
0x6F679858
[LIB] HW DEC
0x49494949
[LIB] SEC CFG 'v3' exists
[LIB] Status = 0x43434343
[LIB] ty = 0 , ld = 0
[PART] Image with part header
[PART] name : LK
[PART] addr : FFFFFFFFh
[PART] size : 316772
[PART] magic: 58881688h
[PART] load "UBOOT" from 0x0000000003960200 (dev) to 0x81E00000 (mem) [SUCCESS]
[PART] load speed: 9374KB/s, 316772 bytes, 33ms
[LIB] HW DEC
[SECRO] secroimg '0x41414141'
[SECRO] secroimg '0x35353535'
[SECRO] factory mode enabled
[AUTHEN] rsa.N length = 1024 bytes
[AUTHEN] rsa.E length = 20 bytes
[LIB] Verify 'UBOOT'
0x43434343
[LIB] part load '0x3960000'
[AUTHEN] 0x53,0x53,0x53,0x53
[AUTHEN] verify signature ... pass
[LIB] Verify 'LOGO'
0x43434343
[LIB] part load '0x4D40000'
[AUTHEN] 0x53,0x53,0x53,0x53
[AUTHEN] verify signature ... failed, error is 7
[SECLIB_IMG_VERIFY] Signature Fail.
[LIB] Fail (0x0)
<ASSERT> sec_boot.c:line 181 0
[PLFM] preloader fatal error...
[PLFM] emergency download mode(timeout: 30s).
mtk_arch_reset at pre-loader!
this is console with serial interface
i will post picture with pin layaut

how to unbrick?

botioni said:
[PWRAP] pwrap_init_preloader
[PWRAP] pwrap_init
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=0 rdata=5AA5
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=1 rdata=5AA5
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=2 rdata=5AA5
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=3 rdata=5AA5
[PMIC_WRAP]wrap_init pass,the return value=0.
pl pmic init start
pl pmic efuse start
pl pmic efuse BUCK trim
[0x1C8]=0xF802
[0x1CA]=0x807F
[0x20E]=0xE0
[0x260]=0xF0
[0x286]=0xF0
pl pmic efuse end
pl pmic en rst [0x126]=0x13
[0xE]=0x1
[0x540]=0xA0
Battery exist
[0xE]=0x1
[0x540]=0xA0
pl vm read [0x290]=0x50
pl vm set [0x290]=0x52
pl vm check [0x290]=0x52
pl pmic init done
[PLFM] Init I2C: OK(0)
[PLFM] Init PWRAP: OK(0)
[PLFM] Init PMIC: OK(0)
[PLFM] chip[CA00]
[I2C][PL] [i2c0 write] i2c transaction complate
[BLDR] Build Time: 20140218-141828
==== Dump RGU Reg ========
RGU MODE: 75
RGU LENGTH: FFE0
RGU STA: 40000000
RGU INTERVAL: FFF
RGU SWSYSRST: 0
==== Dump RGU Reg End ====
RGU: g_rgu_satus:2
mtk_wdt_mode_config mode value=35, tmp:22000030
PL RGU RST: ??
SW reset with bypass power key flag
Find bypass powerkey flag
mtk_wdt_mode_config mode value=70, tmp:22000071
kpd register for pmic set!
mt_usb_calibraion: input_reg = 0x0
mt_usb_calibraion: term_vref = 0x0, clkref = 0x0, vrt_vref = 0x0,
[RTC] bbpu = 0x5, con = 0x426
[RTC] irqsta = 0x0, pdn1 = 0x0, pdn2 = 0x201, spar0 = 0x40, spar1 = 0x800
[RTC] new_spare0 = 0x0, new_spare1 = 0x1, new_spare2 = 0x1, new_spare3 = 0x1
[RTC] bbpu = 0x5, con = 0x424
SW reset with bypass power key flag
SW reset with bypass power key flag
[PLFM] WDT reboot bypass power key!
p1 pmic read INT_RSV(bit7)[0x138][0x80]
[RTC] rtc_bbpu_power_on done
[SD0] Bus Width: 1
[SD0] SET_CLK(260kHz): SCLK(259kHz) MODE(0) DDR(0) DIV(193) DS(0) RS(0)
[SD0] Switch to High-Speed mode!
[SD0] SET_CLK(260kHz): SCLK(259kHz) MODE(2) DDR(1) DIV(96) DS(0) RS(0)
[SD0] Bus Width: 8
[SD0] Size: 3696 MB, Max.Speed: 52000 kHz, blklen(512), nblks(7569408), ro(0)
[SD0] Initialized
[SD0] SET_CLK(52000kHz): SCLK(50000kHz) MODE(2) DDR(1) DIV(0) DS(0) RS(0)
msdc_ett_offline_to_pl: size<2> m_id<0x90>
msdc <0> <HYNIX > <H4G1d>
msdc <1> <xxxxxx> <H4G1d>
msdc failed to find
*******EMMC_INFO*******
eMMC partition size(1 block = 512Bytes):
BOOT1:<4096> blocks
BOOT2:<4096> blocks
RPMB :<4096> blocks
GP1 :<0> blocks
GP2 :<0> blocks
GP3 :<0> blocks
GP4 :<0> blocks
USER :<7569408> blocks
*******EMMC_INFO*******
fw id len:1
found:1,i:1
[EMI] DDR2
[EMI] eMMC/NAND ID = 90,1,4A,48,34,47,31,64,4
[EMI] MDL number = 1
[MEM] 1066 MHZ
rank 0 coarse = 15
rank 0 fine = 48
10:| 0 0 1 1 1 0
opt_dle value:8
rank 1 coarse = 15
rank 1 fine = 48
10:| 0 0 1 1 1 0
opt_dle value:8
byte:0, (DQS,DQ)=(8,8)
byte:1, (DQS,DQ)=(8,A)
byte:2, (DQS,DQ)=(8,8)
byte:3, (DQS,DQ)=(8,A)
[EMI] DRAMC calibration passed
[EMI] DQSINCTL:50000
[MEM] complex R/W mem test pass
[PLFM] Init Boot Device: OK(0)
[ROM_INFO] 'v2','0x2700000','0x20000','0x46C0000','0x2C00'
[SEC_K] SML KEY AC = 0
[SEC_K] SBC_PUBK Found
[SEC] AES Legacy : 0
[SEC] SECCFG AC : 1
[SEC] read '0x2700000'
0x41,0x4E,0x44,0x5F,0x53,0x45,0x43,0x43,
[LIB] SecLib.a '20121226-155014'
[LIB] CFG read size '0x4000' '0x1860'
[LIB] Name = SOMC
[LIB] Config = 0x11, 0x11
0x31,0x41,0x35,0x35
0x6F679858
[LIB] HW DEC
0x49494949
[LIB] SEC CFG 'v3' exists
[LIB] Status = 0x43434343
[LIB] ty = 0 , ld = 0
[PART] Image with part header
[PART] name : LK
[PART] addr : FFFFFFFFh
[PART] size : 316772
[PART] magic: 58881688h
[PART] load "UBOOT" from 0x0000000003960200 (dev) to 0x81E00000 (mem) [SUCCESS]
[PART] load speed: 9374KB/s, 316772 bytes, 33ms
[LIB] HW DEC
[SECRO] secroimg '0x41414141'
[SECRO] secroimg '0x35353535'
[SECRO] factory mode enabled
[AUTHEN] rsa.N length = 1024 bytes
[AUTHEN] rsa.E length = 20 bytes
[LIB] Verify 'UBOOT'
0x43434343
[LIB] part load '0x3960000'
[AUTHEN] 0x53,0x53,0x53,0x53
[AUTHEN] verify signature ... pass
[LIB] Verify 'LOGO'
0x43434343
[LIB] part load '0x4D40000'
[AUTHEN] 0x53,0x53,0x53,0x53
[AUTHEN] verify signature ... failed, error is 7
[SECLIB_IMG_VERIFY] Signature Fail.
[LIB] Fail (0x0)
<ASSERT> sec_boot.c:line 181 0
[PLFM] preloader fatal error...
[PLFM] emergency download mode(timeout: 30s).
mtk_arch_reset at pre-loader!
this is console with serial interface
i will post picture with pin layaut
Click to expand...
Click to collapse
how did you check this out?

theonecallednick said:
how did you check this out?
Click to expand...
Click to collapse
I found uart pin on mainboard for debuging .
with serial usb cable pl2303

This is the red light only and unknown hardware found (the unknown hardware is in fact mtk usb vcom driver buth sony version ) if you try sp flash tool for mtk then it comunicates with de phone buth it needs some authentication file.

Help..
I am also having same problem..I falshed wrong rom..
It just shows red led and does not detects by PC...
Were you able to solve the problem..if yes..please help..

botioni said:
[PWRAP] pwrap_init_preloader
[PWRAP] pwrap_init
[PWRAP] _pwrap_init_sidly [Read Test] pass,SIDLY=0 rdata=5AA5
.........................
this is console with serial interface
i will post picture with pin layaut
Click to expand...
Click to collapse
Samuel Wankhede said:
I am also having same problem..I falshed wrong rom..
It just shows red led and does not detects by PC...
Were you able to solve the problem..if yes..please help..
Click to expand...
Click to collapse
Try the guide given in thread linked below
http://forum.xda-developers.com/showpost.php?p=57614511&postcount=13

Please share uart pinout
Baudrate should be 115200??
Thanks

uart
please share the uart pinout , thanks

Nokia 5230: help me to unlock it

IMEI : 356267042608971
Conf key : 8000000000000000
Provider key : 2140700000000000
Provider : Movistar (DCT3);Spain
Counters : Key 0 [3] , Fbus 0 [10]
Blocks : 2
LOCK STATUS :
=============================
BLK : 1
Lock1:Close
BLK : 2
Lock1:Close
=============================
LOCKS : Closed
=============================
CRT308 Backup Created...
User code : Crypted
UserDataExLevel : Low [Gallery]
Done!