Revert to factory from upgrade image written with xflash

Technical questions regarding the XTC tools and programming with XMOS.
Post Reply
susnak
Member
Posts: 13
Joined: Fri Apr 12, 2019 1:01 pm

Revert to factory from upgrade image written with xflash

Post by susnak »

Dear community,

using the reference usb audio implementation on a custom board with QSPI flash, I ran into the following problem:
I generate a flash image to a bin file and then program the flash using xflash --write-all.
The flash image contains both the factory image and an upgrade image. I can confirm that the processor boots from the upgrade image.
I however cannot revert back to the factory image by sending the XMOS_DFU_REVERTFACTORY in the dfu mode.
It appears that the code in module_dfu/src/flash_interface.c does not recognize the upgrade image. upgrade_image_valid is 0 and the erase is therefore not performed. Since the libquadflash is closed-source, I cannot track it further.
I can also confirm that the factory image is there and I can "revert to it" by canceling a DFU upgrade process i.e. writing an incomplete upgrade image.
As soon as I write a new upgrade image trough DFU, XMOS_DFU_REVERTFACTORY starts to work.

Any help is appreciated!

Cheers,
Zdenek


susnak
Member
Posts: 13
Joined: Fri Apr 12, 2019 1:01 pm

Post by susnak »

UPDATE 1: I am using XU208 and IS25LQ010B QSPI flash and call xflash like this:
xflash --spi-spec IS25LQ010B.txt --boot-partition-size 126976 --factory-version 14.3 --factory normal.xe --upgrade 1 testing.xe -o flash_image.bin --data data_section.bin --noinq
and later program the flash by
xflash --spi-spec IS25LQ010B.txt --write-all flash_image.bin --target-file file.xn

UPDATE 2: It turns out that it works as expected without the --noinq parameter. The difference is that the upgrade image is placed at the 4kB sector boundary and the 2nd stage bootloader is 4 bytes longer.
With the --noinq parameter, I tried to mimic that behavior by supplying size in the factory argument ( --factory <file> [size] ).
The upgrade image is now at the same address, but I still cannot revert back to factory in the dfu mode.

Here are some details I got by parsing the image headers in flash dumps:

Without --noinq (XTAG must be connected):
Starting address 3944
Found factory image at 3944 [('Image Size', 47204), ('Image Version', 0), ('Image Length', 47204)]
Found upgrade image at 53248 [('Image Size', 43516), ('Image Version', 1), ('Image Length', 43516)]

... after successful DFU revert factory:
Starting address 3944
Found factory image at 3944 [('Image Size', 47204), ('Image Version', 0), ('Image Length', 47204)]

... after DFU update:
Starting address 3944
Found factory image at 3944 [('Image Size', 47204), ('Image Version', 0), ('Image Length', 47204)]
Found upgrade image at 53248 [('Image Size', 47216), ('Image Version', 1), ('Image Length', 47216)]

With --noinq and with with --factory normal.xe 53248:
Starting address 3940
Found factory image at 3940 [('Image Size', 53248), ('Image Version', 0), ('Image Length', 47204)]
Found upgrade image at 53248 [('Image Size', 43516), ('Image Version', 1), ('Image Length', 43516)]

... after unsuccessful DFU revert factory:
Starting address 3940
Found factory image at 3940 [('Image Size', 53248), ('Image Version', 0), ('Image Length', 47204)]
Found upgrade image at 53248 [('Image Size', 43516), ('Image Version', 1), ('Image Length', 43516)]

... after successful(!) DFU update:
Starting address 3940
Found factory image at 3940 [('Image Size', 53248), ('Image Version', 0), ('Image Length', 47204)]
Found upgrade image at 53248 [('Image Size', 43516), ('Image Version', 1), ('Image Length', 43516)] <-- this one is now partially overwritten
Found upgrade image at 57344 [('Image Size', 47216), ('Image Version', 1), ('Image Length', 47216)]

... and another, this time successful DFU revert factory:
Starting address 3940
Found factory image at 3940 [('Image Size', 53248), ('Image Version', 0), ('Image Length', 47204)]
Found upgrade image at 53248 [('Image Size', 43516), ('Image Version', 1), ('Image Length', 43516)] <-- this one is now incomplete

According to fl_getNextBootImage from here https://github.com/xcore/sc_flash/blob/ ... flashlib.c
the upgrade image is searched for at sector boundaries starting from Starting address + Image Length.
I however do not know if the libquadflash I have was compiled from that git repo. It looks like it is instead using
Starting address + Image Size since the problem persists even without --noinq and with --factory normal.xe 53248.
Post Reply