How to flash BK7231M/BL2028N non-Tuya devices with 000000 keys?
Here I will show you how to flash BK7231M chips (or BL2028N) with our open source, Tasmota-style firmware. BK7231M/BL2028N are very similiar to BK7231N, and the only difference in the encryption key stored in efuse.
Tuya BK7231N seems to be using always the following key: 510fb093 a3cbeadc 5993a17e c7adeb03.
There are, however, also some BK7231M or BL2028N devices that are using other key, namely: 00000000 00000000 00000000 00000000. Note that not all BL2028N are using the "all zero" keys, only some of them.
In their case, for the firmware to work, you must flash a proper version (compiled with correct key).
You can do it easily with out flasher (version 1.3 or later):
https://github.com/openshwprojects/BK7231GUIFlashTool
To know your key, just run Do firmware backup (read) only. In older versions, it will just print the key:
In new versions, if you are using BK7231N mode and key is not as expected, it will show error:
So, the solution is simple - but just remember to make 2MB backup first!.
Just set the BK7231M role:
Then get latest build from web:
And then, finally, flash it to your BK7231M/similiar in BK7231M mode.
The flasher is configured in such a way that even for QIO, it will leave old M-style bootloader, and only append OBK to it.
Now you can also do two more things:
- do restore RF (if your MAC ends with 00 00 , and most likely it will):
- configure your WiFi without using AP mode, in the flasher (this is also optional):
It should flash correctly, and OBK should boot:
BK7231n_1.0.11
REG:cpsr spsr r13 r14
SVC:0x000000D3 0x00401C1C 0x000033AC
IRQ:0x000000D2 0x00000010 0x00401E0C 0x9CB94EF0
FIR:0x000000D1 0x00000010 0x00401FFC 0xBF77FAB6
SYS:0x000000DF 0x0040192C 0x00000158
ST:0x00000000
[32;22m[I/FAL] Fal(V0.4.0)success[0m
[36;22m[I/OTA] RT-Thread OTA package(V0.2.4) initialize success.[0m
[31;22m[E/OTA] (ota_main:171) App verify failed! Need to recovery factory firmware.[0m
go os_addr(0x10000)..........
bk_misc_init_start_type 0 0
prvHeapInit-start addr:0x4143d8, size:113704
[Flash]id:0xeb6015
sctrl_sta_ps_init
cset:0 0 0 0
Entering initLog()...
Commands registered!
initLog() done!
Info:MAIN:Main_Init_Before_Delay
Info:CFG:####### Boot Count 2 #######
Warn:CFG:CFG_InitAndLoad: Correct config has been loaded with 1 changes count.
Error:CMD:lfs is absent
Info:GEN:PIN_SetupPins pins have been set up.
Info:MAIN:Main_Init_Before_Delay done
Main_Init_Before_Delay done
Info:MAIN:Main_Init_Delay
Main_Init_Delay
delaying start
bandgap_calm_in_efuse=0x61
[load]bandgap_calm=0x61->0x21,vddig=4->5
[FUNC]rwnxl_init
[bk]tx_txdes#Startup delayed 0ms#
cyed 0ms#
[FUNC]intc_init
[FUNC]calibration_main
gpio_level=1,txpwr_state=0
user define rfcali mode:1
get rfcal#Startup delayed 10ms#
ielayed 10ms#
#Startup delayed 20ms#
#Startup delayed 30ms#
#Startup delayed 40ms#
#Startup delayed 50ms#
#Startup delayed 60ms#
#Startup delayed 70ms#
#Startup delayed 80ms#
#Startup delayed 90ms#
#Startup delayed 100ms#
#Startup delayed 110ms#
#Startup delayed 120ms#
#Startup delayed 130ms#
#Startup delayed 140ms#
#Startup delayed 150ms#
#Startup delayed 160ms#
#Startup delayed 170ms#
#Startup delayed 180ms#
#Startup delayed 190ms#
#Startup delayed 200ms#
#Startup delayed 210ms#
#Startup delayed 220ms#
#Startup delayed 230ms#
#Startup delayed 240ms#
#Startup delayed 250ms#
#Startup delayed 260ms#
#Startup delayed 270ms#
#Startup delayed 280ms#
#Startup delayed 290ms#
#Startup delayed 300ms#
#Startup delayed 310ms#
#Startup delayed 320ms#
#Startup delayed 330ms#
#Startup delayed 340ms#
#Startup delayed 350ms#
#Startup delayed 360ms#
#Startup delayed 370ms#
#Startup delayed 380ms#
#Startup delayed 390ms#
#Startup delayed 400ms#
#Startup delayed 410ms#
#Startup delayed 420ms#
#Startup delayed 430ms#
#Startup delayed 440ms#
#Startup delayed 450ms#
#Startup delayed 460ms#
calibration_main over
NO TXPWR_TAB_TAB found in flash
Load default txpwr for b:0xb229c
Load default txpwr for g:0xb22aa
fit n20 table with dist:4
Load default txpwr for n40:0xb22b8
Load default txpwr for ble:0xb3131
#Startup delayed 470ms#
temp in flash is:350
xtal in flash is:12
xtal_cali:12
--init_xtal = 12
[FUNC]ps_init
[FUNC]func_init_extende#Startup delayed 480ms#
d
start_type:0
Version:
Initializing TCP/IP stack
app_init finished
#Startup delayed 490ms#
#Startup delayed 500ms#
#Startup delayed 510ms#
#Startup delayed 520ms#
#Startup delayed 530ms#
#Startup delayed 540ms#
#Startup delayed 550ms#
#Startup delayed 560ms#
#Startup delayed 570ms#
#Startup delayed 580ms#
#Startup delayed 590ms#
#Startup delayed 600ms#
#Startup delayed 610ms#
#Startup delayed 620ms#
#Startup delayed 630ms#
#Startup delayed 640ms#
#Startup delayed 650ms#
#Startup delayed 660ms#
#Startup delayed 670ms#
#Startup delayed 680ms#
#Startup delayed 690ms#
#Startup delayed 700ms#
#Startup delayed 710ms#
#Startup delayed 720ms#
#Startup delayed 730ms#
#Startup delayed 740ms#
starting....
Info:MAIN:Main_Init_Delay done
Main_Init_Delay done
Info:MAIN:Main_Init_After_Delay
Info:MAIN:Using SSID []
Info:MAIN:Using Pass []
Info:MQTT:MQTT_RegisterCallback called for bT obk8C000000/ subT obk8C000000/+/set
Info:MQTT:MQTT_RegisterCallback called for bT bekens_n/ subT bekens_n/+/set
Info:MQTT:MQTT_RegisterCallback called for bT cmnd/obk8C000000/ subT cmnd/obk8C000000/+
Info:MQTT:MQTT_RegisterCallback called for bT cmnd/bekens_n/ subT cmnd/bekens_n/+
Info:MQTT:MQTT_RegisterCallback called for bT obk8C000000/ subT obk8C000000/+/get
Error:CMD:LFS_ReadFile: lfs is absent
Info:CMD:CMD_StartScript: failed to get file autoexec.bat
Info:MAIN:Main_Init_After_Delay done
temperature_type=2
temp_code:36 - adc_code:328 - adc_trend:[13]:350->[15]:330
Info:MAIN:Time 1, idle 262300/s, free 80816, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 2/38
Info:MAIN:Time 2, idle 190742/s, free 80816, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 2/38
Info:MAIN:Time 3, idle 188788/s, free 80816, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 2/38
Info:MAIN:Time 4, idle 188580/s, free 80816, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 2/38
Info:MAIN:Time 5, idle 189736/s, free 80816, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 2/38
Info:MAIN:no flash configuration, use default
Info:MAIN:set ip info: 192.168.4.1,255.255.255.0,192.168.4.1
Info:MAIN:ssid:OpenBK7231N_8C000000 key: mode:0
hostapd_main_exiting
hostapd_exit_handler
hostapd_exit_done
Soft_AP_start
[saap]MM_RESET_REQ
[bk]tx_txdesc_flush
[saap]ME_CONFIG_REQ
[saap]ME_CHAN_CONFIG_REQ
[saap]MM_START_REQ
hapd_intf_add_vif,type:3, s:0, id:0
apm start with vif:0
me_set_ps_disable:840 0 0 1 0 0
------beacon_int_set:100 TU
set_active param 0
[msg]APM_STOP_CFM
update_ongoing_1_bcn_update
vif_idx:0, ch_idx:0, bcmc_idx:1
update_ongoing_1_bcn_update
enter low level!
mac c8:47:8c: 0: 0: 1
leave low level!
net_wlan_add_netif done!, vif_idx:0
uap_ip_start
configuring interface uap (with Static IP)WARN: TCPIP mutex is NOT locked (1) caller 53D07
def netif is no ap's netif, sending boardcast or no-subnet ip packets may failed
sending broadcast_deauth:5
Info:MAIN:Time 6, idle 184226/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
Info:MAIN:Boot complete time reached (5 seconds)
Info:CFG:####### Set Boot Complete #######
Info:MAIN:Time 7, idle 180838/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
Info:MAIN:Time 8, idle 188316/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
temp_code:38 - adc_code:323 - adc_trend:[15]:330->[16]:320
Info:MAIN:Time 9, idle 187432/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
Info:MAIN:Time 10, idle 188399/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
Info:GEN:dhcp=0 ip=0.0.0.0 gate=0.0.0.0 mask=0.0.0.0 mac=00:00:00:00:00:00
Info:GEN:sta: 0, softap: 1, b/g/n
Info:GEN:softap:ssid=OpenBK7231N_8C000000,channel=1,dhcp=1,cipher_type:OPEN
Info:GEN:ip=192.168.4.1,gate=192.168.4.1,mask=255.255.255.0,dns=192.168.4.1
Info:MAIN:Time 11, idle 196627/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
Info:MAIN:Time 12, idle 188566/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
Info:MAIN:Time 13, idle 188681/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
Info:MAIN:Time 14, idle 203628/s, free 73096, MQTT 0(0), bWifi 0, secondsWithNoPing -1, socks 5/38
Info:MAIN:Time 320, idle 187125/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:GEN:dhcp=0 ip=0.0.0.0 gate=0.0.0.0 mask=0.0.0.0 mac=00:00:00:00:00:00
Info:GEN:sta: 0, softap: 1, b/g/n
Info:GEN:softap:ssid=OpenBK7231N_8C000000,channel=1,dhcp=1,cipher_type:OPEN
Info:GEN:ip=192.168.4.1,gate=192.168.4.1,mask=255.255.255.0,dns=192.168.4.1
Info:MAIN:Time 321, idle 180226/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 322, idle 185042/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 323, idle 187819/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 324, idle 185465/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 325, idle 183827/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 326, idle 187444/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 327, idle 185459/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 328, idle 185320/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 329, idle 187294/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 330, idle 184974/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:GEN:dhcp=0 ip=0.0.0.0 gate=0.0.0.0 mask=0.0.0.0 mac=00:00:00:00:00:00
Info:GEN:sta: 0, softap: 1, b/g/n
Info:GEN:softap:ssid=OpenBK7231N_8C000000,channel=1,dhcp=1,cipher_type:OPEN
Info:GEN:ip=192.168.4.1,gate=192.168.4.1,mask=255.255.255.0,dns=192.168.4.1
Info:MAIN:Time 331, idle 194209/s, free 73008, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
hapd_intf_sta_add:1, vif:0
rc_init: station_id=0 format_mod=0 pre_type=0 short_gi=0 max_bw=0
rc_init: nss_m
ax=0 mcs_max=255 r_idx_min=0 r_idx_max=11 no_samples=10
sta_idx:0, pm_state:0
ctrl_port_hdl:1
Info:MAIN:Time 332, idle 183041/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
WARN: TCPIP mutex is NOT locked (1) caller 51DFF
WARN: TCPIP mutex is NOT locked (1) caller 52DC9
WARN: TCPIP mutex is NOT locked (1) caller 51E25
WARN: TCPIP mutex is NOT locked (1) caller 51DFF
WARN: TCPIP mutex is NOT locked (1) caller 52DC9
WARN: TCPIP mutex is NOT locked (1) caller 51E25
Info:MAIN:Time 333, idle 176355/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 334, idle 181786/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 335, idle 185663/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 336, idle 184417/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 337, idle 183804/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 338, idle 186666/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 339, idle 186983/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:MAIN:Time 340, idle 184551/s, free 72816, MQTT 0(0), bWifi 0, secondsWithNo
Ping -1, socks 5/38
Info:GEN:dhcp=0 ip=0.0.0.0 gate=0.0.0.0 mask=0.0.0.0 mac=00:00:00:00:00:00
Info:GEN:sta: 0, softap: 1, b/g/n
Info:GEN:softap:ssid=OpenBK7231N_8C000000,channel=1,dhcp=1,cipher_type:OPEN
Info:GEN:ip=192.168.4.1,gate=192.168.4.1,mask=255.255.255.0,dns=192.168.4.1
Even in AP mode, you should be able to access your device and configure it:
Once you configure it, it should connect to your WiFi easily.
And that's all! That's how you can run your BK7231M modules with OBK.
Now, here is some miscelaneous information:
- BK7231 Easy UART flasher used to overwrite bootloader for N platform, but this is no longer the case - it detects QIO file and skips the bootloader section. You can still change this behaviour in advanced options
- here is a TX2 boot log from BK7231M:
BK7231n_1.0.11
REG:cpsr spsr r13 r14
SVC:0x000000D3 0x00401C1C 0x000033AC
IRQ:0x000000D2 0x00000010 0x00401E0C 0x8C204EB0
FIR:0x000000D1 0x00000010 0x00401FFC 0xBF75EAB6
SYS:0x000000DF 0x0040192C 0x00000158
ST:0x00000000
[32;22m[I/FAL] Fal(V0.4.0)success[0m
[36;22m[I/OTA] RT-Thread OTA package(V0.2.4) initialize success.[0m
go os_addr(0x10000)..........
0
prvHeapInit-start addr:0x40ecb0, size:136016
[Flash]id:0xeb6015
[Flash]init over
sctrl_sta_ps_init
SDK Rev: 3.0.56 7e6923f
[THD]app:[tcb]40fe80 [stack]40ee78-40fe78:4096:5
[THD]extended_app:[tcb]4106f0 [stack]40fee8-4106e8:2048:4
[THD]idle:[tcb]410b60 [stack]410758-410b58:1024:0
[THD]timer_thd:[tcb]4118e8 [stack]410ce0-4118e0:3072:2
OSK Rev: F-3.0.35 7e6923f
cset:0 0 0 0
[D/FAL] (fal_flash_init:42) Flash device | bl7231n2m | addr: 0x00000000 | len: 0x00025000 | blk_size: 0x00001000 |initialized finish.
[32;22m[I/FAL] ==================== FAL partition table ====================[0m
[32;22m[I/FAL] | name | flash_dev | offset | length |[0m
[32;22m[I/FAL] -------------------------------------------------------------[0m
[32;22m[I/FAL] | usercfg | bl7231n2m | 0x00000000 | 0x00010000 |[0m
[32;22m[I/FAL] | fac_data | bl7231n2m | 0x00010000 | 0x00004000 |[0m
[32;22m[I/FAL] | log | bl7231n2m | 0x00014000 | 0x00010000 |[0m
[32;22m[I/FAL] =============================================================[0m
[32;22m[I/FAL] Flash Abstraction Layer (V0.5.99) initialize success.[0m
[FlashDB][kv][usercfg] (fdb_kvdb_init:1638) KVDB size is 65536 bytes.
[FlashDB][kv][usercfg] (fdb_kvdb_init:1642) kv load result 0
[FlashDB]FlashDB V1.1.2 is initialize success.
[FlashDB]You can get the latest version on https://github.com/armink/FlashDB .
[FlashDB][kv][fac_data] (fdb_kvdb_init:1638) KVDB size is 16384 bytes.
[FlashDB][kv][fac_data] (fdb_kvdb_init:1642) kv load result 0
[FlashDB][kv][log] (fdb_kvdb_init:1638) KVDB size is 65536 bytes.
[FlashDB][kv][log] (fdb_kvdb_init:1642) kv load result 0
[THD]ves_evt:[tcb]413fe0 [stack]4133d8-413fd8:3072:6
[THD]ves_scanner:[tcb]414918 [stack]414110-414910:2048:6
[THD]ves_init:[tcb]415358 [stack]414b50-415350:2048:3
bandgap_calm_in_efuse=0x61
[load]bandgap_calm=0x20->0x21,vddig=4->5
[FUNC]rwnxl_init
chip id=7231c device id=20521028
IP Rev: W4-3.0.56-P0
txdesc flush
[FUNC]intc_init
[FUNC]calibration_main
get rfcali_mode:1
device_id=0x20521028
calibration_main over
NO TXPWR_TAB_TAB found in flash
Load default txpwr for b:0xe3720
Load default txpwr for g:0xe3756
fit n20 table with dist:4
Load default txpwr for n40:0xe3666
Load default txpwr for ble:0xe372e
uncali adc value:[00 00 00]
NO TXID_THERMAL found in flash, use def temp:330
temp in flash is:330
[THD]temp_detct:[tcb]415948 [stack]415540-415940:1024:3
NO TXID_LPFCAP found in flash, use def 114, 108
NO TXID_THERMAL found in flash, use def xtal:38
xtal in flash is:38
xtal_cali:38
--init_xtal = 38
[FUNC]ps_init
int watchdog enabled, period=10000
task watchdog enabled, period=60000
[FUNC]func_init_extended OVER!!!
start_type:0
[THD]kmsgbk:[tcb]416a10 [stack]415a08-416a08:4096:6
[THD]init_thread:[tcb]417250 [stack]416a78-417248:2000:5
Initializing TCP/IP stack
tcp_port:60281
[THD]tcp/ip:[tcb]417ca0 [stack]417498-417c98:2048:7
[THD]wpas_thread:[tcb]419168 [stack]418160-419160:4096:4
bk_wlan_app_init finished
[THD]core_thread:[tcb]41a0c8 [stack]4198c0-41a0c0:2048:7
[THD]rf_arbitrate:[tcb]41aa30 [stack]41a228-41aa28:2048:8
rf_thread_init ok
[THD]ble:[tcb]41b348 [stack]41ab40-41b340:2048:5
ble mac:fc-58-4a-b8-cf-d3
xvr_reg_init
h4tl_init-1 ok
hci_init ok
!!!!!!init_type=0
rwble_hl_init ok
BLE Rev: B5-3.0.56-P0
rwble_init ok
rwip_driver_init ok
enter normal mode
EM_BLE_END:0x1b40
!!!!!!init_type=1
llm_init:312
[gapm_cmp_evt_handler] conidx:0,operation:0x1,status:0x0
cmd->addr.addr[5] :0
!!!!!!init_type=2
[gapm_cmp_evt_handler] conidx:0,operation:0x3,status:0x0
gapm_cmp_evt:GAPM_SET_DEV_CONFIG
gapm_cmp_evt:wait GAPM_GEN_RAND_NB
[gapm_cmp_evt_handler] conidx:0,operation:0x1a,status:0x0
gapm_cmp_evt:GAPM_GEN_RAND_NB
[gapm_cmp_evt_handler] conidx:0,operation:0x1a,status:0x0
gapm_cmp_evt:GAPM_GEN_RAND_NB
[gapm_cmp_evt_handler] conidx:0,operation:0x28,status:0x0
gapm_cmp_evt:BLE_STACK_OK
[THD]cli:[tcb]41c2a8 [stack]41bea0-41c2a0:1024:3
[THD]ves_ble:[tcb]41d4c0 [stack]41c4b8-41d4b8:4096:5
ble create new db
ble_env->start_hdl = 0x10
[gapm_profile_added_ind_handler] prf_task_id:0x78,prf_task_nb:9,start_hdl:16,state:0x1
conidx:0x0,role:0x0,dest_id:0x3,src_id:0x7,param->status:0x0
[gapm_cmp_evt_handler] conidx:0,operation:0x1b,status:0x0
ble create new db
ble_env->start_hdl = 0x16
[gapm_profile_added_ind_handler] prf_task_id:0x79,prf_task_nb:10,start_hdl:22,state:0x1
conidx:0x0,role:0x0,dest_id:0x3,src_id:0x7,param->status:0x0
[gapm_cmp_evt_handler] conidx:0,operation:0x1b,status:0x0
[gapm_cmp_evt_handler] conidx:0,operation:0xa0,status:0x0
[gapm_cmp_evt_handler] conidx:0,operation:0xaa,status:0x0
[gapm_cmp_evt_handler] conidx:0,operation:0xa9,status:0x0
rw_ieee80211_set_country code:
code: EP
channel: 1 - 13
mode: MANUAL
[gapm_cmp_evt_handler] conidx:0,operation:0xa4,status:0x0
[THD]ves_mqtt:[tcb]40f940 [stack]41d6b8-41e6b8:4096:5
[0;33m[SDK W vesync_net_config_read_from_flash:97] read flash error
[0m[0;33m[SDK W vesync_device_print_info:277]
---------------Device Info---------------
Device MAC: fc:58:4a:b8:cf:d2
Device CID: vsotada32554d609b9c408a0919e68bd
Device type: outlet
Device model: BSDOG02
Device alias model: BSDOG02
Firmware type: release
Hardware version: 1.0
Vesync SDK version: v1.2.1-1d1881fe
Firmware version: 1.0.01
Country code: EU
----------------------------------------
[0m[0;33m[SDK W tb_default_rd_cfg_cb:120] read flash fail[1]
[0m[0;33m[SDK W vesync_timebase_init:660] config no found: -5
[0mvalue:0x400, group:0, channel:1
ctrl:0x400
mode: 34, REG_PWM_GROUP_CTRL= 0x1400
value:0x1c04, group:0, channel:0
ctrl:0x1c04
mode: 34, REG_PWM_GROUP_CTRL= 0x1c14
[0;33m[SDK W away_default_rd_cfg_cb:131] read flash fail[1]
[0m[THD]app_task:[tcb]416c68 [stack]41a228-41aa28:2048:5
[THD]ves_netcfg:[tcb]416cf8 [stack]41e6c0-41f2c0:3072:4
[gapm_cmp_evt_handler] conidx:0,operation:0xa9,status:0x0
[sa_sta]MM_RESET_REQ
txdesc flush
[sa_sta]ME_CONFIG_REQ
[sa_sta]ME_CHAN_CONFIG_REQ
[sa_sta]MM_START_REQ
[gapm_cmp_evt_handler] conidx:0,operation:0xa9,status:0x0
sizeof(wpa_supplicant)=1016
mm_add_if_req_handler:0
hapd_intf_add_vif,type:2, s:0, id:0
wpa_dInit
hapd_intf_del_key: mac ff:ff:ff:ff:ff:ff, hw key idx 65
hapd_intf_del_key: mac ff:ff:ff:ff:ff:ff, hw key idx 65
hapd_intf_del_key: mac ff:ff:ff:ff:ff:ff, hw key idx 65
hapd_intf_del_key: mac ff:ff:ff:ff:ff:ff, hw key idx 65
hapd_intf_del_key: mac ff:ff:ff:ff:ff:ff, hw key idx 65
hapd_intf_del_key: mac ff:ff:ff:ff:ff:ff, hw key idx 65
wpa S: DISCONNECTED -> INACTIVE
wpa S: INACTIVE -> DISCONNECTED
enter low level!
mac fc:58:4a:b8:cf:d2
leave low level!
[net]addvif_idx:0
wpa_supplicant_req_scan
Setting scan request: 0.000000 sec
wpa_supplicant_scan
wpa S: DISCONNECTED -> SCANNING
wpa_supplicant_scan 1004
wpa_drv_scan
wpa_send_scan_req
no ht in scan
scan_start_req_handler
wpa_driver_scan_start_cb
wpa rx E SCAN_STARTED
temperature_type=2
temp_code:18 - adc_code:343 - adc_trend:[13]:330->[12]:339
init_xtal:38, delta:3, last_xtal:38
wpa_driver_scan_cb
wpa rx E SCAN_RESULTS
Scan completed in 1.326000 seconds
wpa_get_scan_rst:8
wpa S: SCANNING -> DISCONNECTED
temp_code:17 - adc_code:346 - adc_trend:[12]:339->[11]:348
init_xtal:38, delta:4, last_xtal:41
[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0m[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0m[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0m[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0m[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0m[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0m[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0m[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0mtemp_code:19 - adc_code:341 - adc_trend:[11]:348->[12]:339
init_xtal:38, delta:3, last_xtal:42
[0;33m[SDK W report_cloud:79] cloud disconnect. state(0)
[0m
If you see a similiar bootlog before flashing, it may be BK7231M
- CB2S with BK7231M was send to me by a reader and it was in LSPA9 clone marked as BSD33
- if you have overwritten your bootloader before (for example, with old flasher, that flashed QIO without skipping bootloader), you may need to restore the original bootloader for your chip to work
That's all for now, let me know if the new binary type works for you! I'm available and ready to fix potential issues, just let me know.
p.kaczmarek2 wrote 11957 posts with
rating 9993 , helped 572 times.
Been with us since 2014 year.
Comments
There were some bugfixes made, latest version is now 1.3.2, thanks @divadiow for pointing that out via private message. @divadiow is 1.3.2 working better now? https://github.com/openshwprojects/BK... [Read more]
yes, thanks. 1.3.2 appears to have resolved the issue of Easy Flasher quitting unexpectedly when trying the 'Restore RF part' function in M-type chip mode. Also, the overwrite bootloader advanced option... [Read more]
Ok any other suggestions? Or do you think it's a good time to just add an advanced (hidden for most users) "write N bytes at offset X" command? [Read more]
Well, I would certainly make use of more flexible flashing options. The ability to flash from a specific address and or skip a custom portion of a file. Even specifying the start and end address of a source... [Read more]
Sure, would something like that work for you? https://obrazki.elektroda.pl/9838494800_1717842270_thumb.jpg [Read more]
Ooh yeh [Read more]
I pushed release due to the ReadOBKConfig bug: https://github.com/openshwprojects/BK7231GUIFlashTool/releases/ This release contains unfinished custom read. [Read more]
Hi, I’ve flashed another one of the matter relay module with cbu following your instructions (no rf restore yet) But when I plugged it to the main, there’s no access point. What am i missing here? Here... [Read more]
these Beken-based Matter devices are different. I've flashed your dumps to my CB3S uHome device and both have the RT-Threads 1.0.13 bootloader. The experience with these will be the same as mine here... [Read more]
@divadiow just to clarify after some flashing acrobatics, you could get it to boot up and connected to wifi? Just that it can’t show the AP? Should be the same one you’ve purchased before from aliexpress Just... [Read more]
oh interesting. I didn't know some come with a CBU. Yes, mine is CB3S. No, no AP and no connecting to wifi. No mac assigned wireless interface, as seen in OBK boot log in other thread. Added after... [Read more]
So how are they different @divadiow ? Have you tried restoring or transplanting RF partition from, for example, the working OBK BK7231M device? By the way, it seems we've got first user that flashed... [Read more]
Yes. I have tried restoring RF from normal Tuya device and the one from factory from this device. Both to usual RF address and I think to the different address the factory fw has RF. I'm away from home... [Read more]
Ok, I've added the warning you mentioned to the flasher: https://github.com/openshwprojects/BK7231GUIFlashTool/commit/2ee1f316036454f0ca1684433b4d39e9a44accb8 [Read more]
I have flashed your dump of that LSPA9 clone/BSD33 to a 4mb SparkleIoT XH-CB2S/BK7231M module from a Matter device - the same as can be seen here https://www.elektroda.com/rtvforum/topic4086986.html The... [Read more]
@ferbulous your backups are queued to be added to collection. Did you ever get/dump the 2CH version? https://github.com/openshwprojects/FlashDumps/commit/19f54aa1690bcda9b623f9063e089c431303284a [Read more]