On 7 Jun 2016, at 10:12, Kevin Townsend wrote:
Hi Sterling,
If a faulty image is uploaded, the boot loader will fall back to the
previous image. So the process typically works, upgrade the new
image, ensure stability, then confirm it as the default image.
In my experience, if the flash is corrupted you generally want a RMA,
as these flashes should not corrupt themselves. That said, the use
case I was previously acquainted with was devices out in the field,
that required field techs to bring them in. I can see how if it’s
a consumer, re-flashing serially might be desirable.
The problem here is that an image can be valid, but the 'code' can be
bad such as an inappropriate clock setup so it locks up waiting for
the PLL to get a fix. This shouldn't happen in the real world but bad
images do get out into the wild, of course, and the bootloader will
still accept it as valid, and customers may not be able to recover
their device.
Yup, the previous scenarios I’ve worked in have been primarily large
scale mesh. So a field tech would never reflash a device serially, but
would rather pull it out, replace it with a new one, and return it to
RMA facility, where JTAG was easy (we had a fixture.)
In this case, I can definitely see the benefit of serial in boot loader.
Sterling
