newRPL - build 1255 released! [updated to 1299]
|
06-03-2019, 05:26 PM
Post: #472
|
|||
|
|||
RE: newRPL - build 1255 released! [official and unofficial]
I have a theory regarding the recent flashing failures on the 39gs ... if:
- the firmware image is longer than the flash space (1MiB) minus the length of the bootloader (probably 16KiB, because that's the length on 49g+ and 50g), - the firmware update code doesn't check if the firmware fits into 1MiB (either because it doesn't check at all, or because Kinpo goofed and left it at the 2MiB appropriate for 49g+ and 50g), and - the flash memory repeats in the adress space, e.g. by leaving the extra address pin unconnected, then a catastrophic buffer overflow happens during the update process. The write process would fill the flash, then wrap around and overwrite the bootloader by writing into the start of the mirror image. That would not only crash as the update code deletes itself during the sector clear part of the write operation, but also brick the machine preventing any further use as the rest of the bootcode goes poof along with the updater. The firmware was displayed to me as 1020 KiB long, so the first condition seems to be fulfilled. If this theory is correct, the machines affected so far will definitely need a new bootcode. NewRPL would also need some adjustment as it cannot fit into the flash memory anyway. By the way, if someone manages to un-brick one of the victims, could you fork over a copy of the bootcode as well? x49gp has the 49g+ and 50g bootcodes (or at least one version each, if there were multiple versions over the models' lifetimes), but no others. I was looking into adding support for 39/40 emulation, and even though the 49/50 bootcode might just do the trick, it'd be nicer to have the matching one. |
|||
« Next Oldest | Next Newest »
|
User(s) browsing this thread: 1 Guest(s)