« PreviousPages: 1 2 3 4 [5]
| mr_woggle | Posted: 26 Feb 2024, 12:45 PM |
|---|---|
 Member Posts: 8 Joined: 17-February 24 |
Great work nonetheless :D I'll try to free up some time to look at it. I kinda busted the TESTEN on my board, so I'm using the trace to set the signal high. I also realized I dumped the firmware wrong. Quickly wrote my own, will try use the Jlink SPI flash tool next time. Haven't studies the firmware dump that much, but I saw that @0x80000, a similar configuration(?) is: block starts with 48 14 1A 08 15 18 0C 12 Besides the flash and config, I also saw some other non 0xFF values at 0xFE800 amongst others. Could be garbage though. Last edit by mr_woggle at 26 Feb 2024, 12:52 PM ------------- |
| [top] | |
| PookyFan | Posted: 26 Feb 2024, 06:24 PM |
 Member Posts: 8 Joined: 11-February 24 |
QUOTE (mr_woggle)
But 0x80000 is just beyond the flash capacity (which is 512 kB). How do you read your chip's flash? It looks like your method may be erroneous.Haven't studies the firmware dump that much, but I saw that @0x80000, a similar configuration(?) is: block starts with ------------- |
| [top] | |
| mr_woggle | Posted: 26 Feb 2024, 07:21 PM |
|
Member Posts: 8 Joined: 17-February 24 |
Datasheet does say these chips go up to 4M-bytes. Got some weird bluetooth tag and not the more commonly seen JDY-31. Last edit by mr_woggle at 26 Feb 2024, 08:09 PM ------------- |
| [top] | |
| PookyFan | Posted: 26 Feb 2024, 07:50 PM |
|
Member Posts: 8 Joined: 11-February 24 |
QUOTE (mr_woggle)
Datasheet does say these chips go up to 4M-bytes. Got some weird bluetooth tag and not the more commonly seen JDY-31. I see, but it didn't look like you had any kind of external flash memory on this tag, so I just assumed this is the same variant that I have on JDY-31, with built-in flash memory (described as "QFN32 package(SIP with flash)" on page 14 of BK3231S datasheet). But if your device actually has external flash (on the other side of the PCB maybe), then it would be any other flash chip with different size, that for sure. So the question is, which variant of BK3231S do you have and what kind of flash memory does it have? I prepared that SDK with JDY-31 in mind so it may be that you'd need to change this and that to make an use of it. Last edit by PookyFan at 26 Feb 2024, 07:50 PM ------------- |
| [top] | |
| PookyFan | Posted: 2 Mar 2024, 02:58 PM |
|
Member Posts: 8 Joined: 11-February 24 |
I'm still stuck with Bluetooth issues. Can't really figure out why it doesn't work, and have no idea how to troubleshoot it. For starters, there are way too many reasons as for why it might not work. It may be that I accidentally deleted some code that is required to work (a few functions had multiple implementations, some of which would not compile, maybe there were some headers missing for registers descriptions). It may be that the code built from source is in some way binary incompatible with pre-compiled library (although linker had no issues with linking it). It may be that something blows up upon MCU booting up and it screws BT stack later on (it looks like the module restarts once after it enters main loop, maybe something bad happens right then). Just too many things could have gone wrong and it's really hard to even start troubleshooting it, as the code base is really horrible. Also after looking more into that pre-compiled library that's linked statically to the project, it turns out to be not only some kind of BT stack, but also binary blob that controls proprietary Bluetooth IP by CEVA. This BlueStream project described in header files from "include/Core" might have been provided to Beken from CEVA without source code or even internal registers description. If that's the case, then replacing it with open source alternatives might not be possible at all, if it doesn't just depend on MCU internal registers (that would be reverse engineered to some degree from SDK source code), but also on Bluetooth IP's internal registers that would be not known even to MCU manufacturer. So I guess that makes figuring out what's wrong with BT in my firmware image even harder. It's frustrating after all the work I put into building new fw and troubleshooting it, but if some enlightenment doesn't soon occur to me (or anyone to whom it may concern), it may be better to drop modules with this chip altogether, or accept them as blackbox tools with no way to extend their functionality. ------------- |
| [top] | |
| mr_woggle | Posted: 3 Mar 2024, 10:08 AM |
|
Member Posts: 8 Joined: 17-February 24 |
Good to put it out there anyway, some new code/datasheet might pop up some day. This really is some ancient stuff. I think some of the code goes back 20+ years. Looking at the code comments, the radio hardware might be very similar to this: https://www.hitachi.co.jp/New/cnews/2002/0624/index.html ------------- |
| [top] | |
| LeisureSuitLarry | Posted: 9 May 2024, 12:29 PM |
 Member Posts: 4 Joined: 19-December 20 |
I wanted to share some progress on programming the BK3231Q using AsProgrammer with CH341A and davidalfa’s script. The script needed some modification since it didn’t consider endianness correctly. The dumped content wasn’t in the right sequence, as davidalfa himself noticed already. For those, who would like to use the script, here is the modified copy: // Contents will be written to the editor buffer Since it seems to be impossible to read back data during the programming sequence (it never returned all words correctly) I eliminated that feature. Simply do a comparison after flashing. Connections to the chip need to be done as per my earlier post, which may be difficult with some boards, where the P10/MOSI pin is not available. In this case you have to solder a tiny wire to the chip directly (that's what I had to do as well). So there is no need to further spend time on Beken’s SPI programmer nor their HID Download Tool. AsProgrammer with a CH341A will do the job. The reason why I was interested in the BK3231Q was, that I had a Bluetooth module from on OBDII adapter, which I couldn’t configure at all. Even it wasn’t connected to another device, it didn’t respond to any common AT+ command. So I decided to flash a binary with the same functionality, which was uploaded here by NasAH end of 2021. However, it turned out, that this binary behaved exactly like the previously installed one. The only difference I noticed was, that the MAC address was different. So I started to investigate the structure of the file and found a list of AT commands, which the module is supposed to support. None of them worked. But I also noticed, that there was a version string saying “YXY-BT3231 Ver 1.6”. My first impression was, that the name must be fake. Who would name his binary “YXY-…”, but Google returned the name of company YORXIN and luckily they offer a manual on their website for this binary. Before the module connects it is required to enable the AT commands by sending: AT+EN1 After that it is possible to configure Baud rate, name and address of the module. So I achieved basically what I wanted, but should anyone be able to find another binary for the BK3231Q for SPP connections (with the functionality of HC-06 or HC-05) please upload it. I would be interested to try that one out as well. Compiling something from source seems to be out of reach for the time being based on PookyFan’s experience (nevertheless, thanks a lot for your inspiring work) with the BK3231S and there is even no SDK available for the BK3231Q. ------------- |
| [top] | |
« PreviousPages: 1 2 3 4 [5]
Sign in to post a reply.