From: "jhogerhuis" <jhoger@...>
Apr 16, 2004
There are flash access subroutines starting around 01f0 in
Page001.dat
Disassemble it and search for 555 which is the address for the first
bus write cycle in the command sequence, and you'll see what's
obviously flash access code.
From: "jhogerhuis" <jhoger@...>
Apr 16, 2004
More details:
Assuming the code in Page 1 dump starts at 8000,
At 81F0 is a subroutine for programming a single byte of flash
At 82FC is a subroutine for erasing a sector of flash
A jump table starts at the top of 8000. At
8012 is a jump to 81F0 (byte write)
8015 is a jump to 82FC (sector erase)
Calls are made to 8012, and 8015 from within Page 1 code at
At 8602 is a call to 8012 (which vectors to byte write).
At 8756 is a call to 8015 (which vectors to sector erase).
Getting closer to that parallel port flash routine. Even if no
parallel port flash routine, there's probably a 'reflash from the
internet' lurking here somewhere...
From: "jhogerhuis" <jhoger@...>
Apr 16, 2004
Errata: the sector erase code is at 825C, not 82FC.
Sorry...
wrote: