GPS SIM Fault. MAX2839 chip and Chinese HackRF_PortaPack H2+

[Sats301]

          Hello everybody! I am completely upset! 

Completely same situation, but with one little difference...

1. All actions with FW/CPLD manually flashing - not working.
2. Can't check situation with 1.6.0 and lower FW (screen not working, buttons can't help).
3. Can work only with 1.7.0 and other latest FW
4. I've bought 100 PCS of HackRF PortaPack H2+ for student education, and the part of education program - not available, because we cant discover lite spoofing...
5. .C8 folder generated by gps-sdr-sim pack.
6. SD cards no make sense.
7. But in HackRF with PC - is fine.

I am really not understand what I need to do. Just look on photos... Hacrf_info

Chipsets

GPS_Sim - completely bad!

HackRF mode - is ok

Friends could I ask you for a help? Because this situation is a really nervous...

Originally posted by @Sats301 in https://github.com/eried/portapack-mayhem/issues/1070#issuecomment-1648826316

[jLynx]

So you are saying you can't flash the latest firmware and are stuck on 1.6.0?

[Sats301]

So you are saying you can't flash the latest firmware and are stuck on 1.6.0?

No, I tested with every latest FW from 1.7.0 (all nightly releases and stabile 1.7.1-1.7.3).

I can’t test 1.6.0 and lower, because PortaPack can’t activate screen :(

[jLynx]

If it's working with the computer then it should still work with the PP. I'm not sure what the issue is here myself, hopefully someone else with gps experience could chime in.

I assume you have read the wiki? https://github.com/eried/portapack-mayhem/wiki/GPS-Sim

[Sats301]

If it's working with the computer then it should still work with the PP. I'm not sure what the issue is here myself, hopefully someone else with gps experience could chime in.

I assume you have read the wiki? https://github.com/eried/portapack-mayhem/wiki/GPS-Sim

Sure, I created really good dynamic paths and static points. On old portapacks everything is fine. But new batch… 100PCS it is really strange. From other side maybe I need adjust something, frequency maybe.

If you want I can share I/Q (.bin) or .C8 with parameter .TXT folders

[jLynx]

I think I know the problem. A couple of questions first though:

1. By any chance are your new HackRF's the R9 version?
2. Does the non working new ones work when done via the computer, or not at all?

[NotherNgineer]

@Sats301 You said that GPS Sim is working on old PortaPacks. Which model PortaPack did it work on, and does GPS Sim work with any version of firmware on the old PortPack, or did it stop working after a certain firmware version?

[Sats301]

I think I know the problem. A couple of questions first though:

1. By any chance are your new HackRF's the R9 version?
2. Does the non working new ones work when done via the computer, or not at all?

1. I can’t check, HackRF_info shows (no name). can I see this on the board?
2. From a PC - everything is fine.

[jLynx]

I think I know the problem. A couple of questions first though:

1. By any chance are your new HackRF's the R9 version?
2. Does the non working new ones work when done via the computer, or not at all?

1. I can’t check, HackRF_info shows (no name). can I see this on the board?
2. From a PC - everything is fine.

Can you please upload a photo of the top of the HackRF (remove the PP)

[Sats301]

@Sats301 You said that GPS Sim is working on old PortaPacks. Which model PortaPack did it work on, and does GPS Sim work with any version of firmware on the old PortPack, or did it stop working after a certain firmware version?

On “old” HackRF PortaPack H2+ with any FWversions everything is fine. I wait my working PortaPack from colleague for checking HackRF_info.

[Sats301]

I think I know the problem. A couple of questions first though:

1. By any chance are your new HackRF's the R9 version?
2. Does the non working new ones work when done via the computer, or not at all?

1. I can’t check, HackRF_info shows (no name). can I see this on the board?
2. From a PC - everything is fine.

Can you please upload a photo of the top of the HackRF (remove the PP)

Sure, please wait a 30-40 min

[Sats301]

I think I know the problem. A couple of questions first though:

1. By any chance are your new HackRF's the R9 version?
2. Does the non working new ones work when done via the computer, or not at all?

1. I can’t check, HackRF_info shows (no name). can I see this on the board?
2. From a PC - everything is fine.

Can you please upload a photo of the top of the HackRF (remove the PP)

That’s true: r9

[jLynx]

@Sats301 Ok, so if you try that portapack on a non R9 I think you will find it works perfectly. The issue is the TCXO design changed with the R9 and 99% if not all portapack have been built with their TCXO out of spec, which means it does not actually work and as far as I am aware. A working TCXO is needed for gps spoofing. So sadly I don't think any of these will be able to work, not unless you get non R9's or unless you get new PP's with the correct TCXO.

Specifically the issue is the TCXO needs to output a peak-to-peak voltage of 3v3 but thy all seem to output around 1v or less. This means they are out of spec. There was a "bug" in the older HackRF versions (<R9) where it allows this 1v TCXO to work, but with the new design R9's this "bug" was fixed and now they no longer work.

HOWEVER, you said these r9's work on the computer? Can you 100% confirm that? Because I would not have expected that to work, and if they do then there is potentially hope. I'm just not sure how they are working with the current TCXO

[Sats301]

@Sats301 Ok, so if you try that portapack on a non R9 I think you will find it works perfectly. The issue is the TCXO design changed with the R9 and 99% if not all portapack have been built with their TCXO out of spec, which means it does not actually work and as far as I am aware. A working TCXO is needed for gps spoofing. So sadly I don't think any of these will be able to work, not unless you get non R9's or unless you get new PP's with the correct TCXO.

Specifically the issue is the TCXO needs to output a peak-to-peak voltage of 3v3 but thy all seem to output around 1v or less. This means they are out of spec. There was a "bug" in the older HackRF versions (<R9) where it allows this 1v TCXO to work, but with the new design R9's this "bug" was fixed and now they no longer work.

HOWEVER, you said these r9's work on the computer? Can you 100% confirm that? Because I would not have expected that to work, and if they do then there is potentially hope. I'm just not sure how they are working with the current TCXO

Yes, all HackRF from a new batch working fine with a PC. Already test it. I think if the quartz generator will be “bad” also HackRF will not work with a PC.

just look - all fake satellites signals are coming.

[jLynx]

Yeah that is odd, maybe I'm wrong with it requiring the TCXO.

Also you can confirm it's not using it by going to setting > radio, and it should say HackRF if it's using the 25mhz internal one or PortaPack or External if it's using the portapack one. Are you able to confirm what it says on the PortaPack?

[Sats301]

Yeah that is odd, maybe I'm wrong with it requiring the TCXO.

Also you can confirm it's not using it by going to setting > radio, and it should say HackRF if it's using the 25mhz internal one or PortaPack or External if it's using the portapack one. Are you able to confirm what it says on the PortaPack?

Yes, internal 25MHz.

[jLynx]

Ok cool, so that confirms the HackRF is not using the TCXO on the PortaPack. No are able to remove the PP and test it with the computer again and see if it still works? (I'm not sure if it automatically runs in Hackrf mode with it removed, you may have to flash the HackRF firmware by itself to test)

(I ask because Hackrf mode used diffrent code to PortaPack mode)

[Sats301]

Ok cool, so that confirms the HackRF is not using the TCXO on the PortaPack. No are able to remove the PP and test it with the computer again and see if it still works? (I'm not sure if it automatically runs in Hackrf mode with it removed, you may have to flash the HackRF firmware by itself to test)

(I ask because Hackrf mode used diffrent code to PortaPack mode)

Ok, will test it ASAP, 40-60 min

[jLynx]

The hackrf code is here btw if you do end up needing it https://github.com/greatscottgadgets/hackrf/releases

[Sats301]

The hackrf code is here btw if you do end up needing it https://github.com/greatscottgadgets/hackrf/releases

FW - done

Test the GPS Sim - no

I am completely not understand... With a PP - working in HackRF mode - working normal.

[jLynx]

@bernd-herzog take a look at this. With the HackRF code and the 1v TCXO it seems to actually work in Hackrf mode, but it's not stable enough to work in PortaPack mode.

As for you @Sats301 if you want to use gps spoofing, you will have to attach the PP to the HackRF (like you had before) and just use it though the computer.

Unless you have any other thoughts @bernd-herzog?

[bernd-herzog]

It looks like in hackrf mode it runs somewhat stable with the out of spec TCXO. The portapack firmware really doesn't like it and I'm not sure why that is.

Currently the portapack will not use any portapack TCXO if it runs on an r9 hackrf due to a bug. @Sats301 could try a (future) version that enables the use of the portapack TCXO and see whats happens. Maybe it is stable.

portapack-h1_h2-mayhem_173_r9_clk_2.zip But maybe it is not stable, then it will turn on only every 20th power on try and when it turns on it will crash after starting an app. But you should be able to go to setting > radio. So give it a try.

[Brumi-2021]

@Sats301 , I also tried several times the EASTER.C8 And CATHEDRAL.C8 and the mobile detects the gps simul constellation but imagine that just with 20 secs (90 or 100 MB) no time to sync and detect any new position . I think you need good TXCO and fast SD card able to handle read 5.2 MB/sec. (2M6 x I,Q C8)

which MB size has the file that you have created ? How long time is the hole file to be replayed ? Are you replaying in loop or just once ? When you run with pc and HackRF mode, how long Does it takes to your mobile to get sync and decode a lat / long ?

If your file is longer than 20 secs and you can share it , I can also try it in an old HackRF r6 or older .

Thanks

[Sats301]

It looks like in hackrf mode it runs somewhat stable with the out of spec TCXO. The portapack firmware really doesn't like it and I'm not sure why that is.

Currently the portapack will not use any portapack TCXO if it runs on an r9 hackrf due to a bug. @Sats301 could try a (future) version that enables the use of the portapack TCXO and see whats happens. Maybe it is stable.

portapack-h1_h2-mayhem_173_r9_clk_2.zip But maybe it is not stable, then it will turn on only every 20th power on try and when it turns on it will crash after starting an app. But you should be able to go to setting > radio. So give it a try.

Hello! Will check it ASAP. And return with feedback.

[Sats301]

@Sats301 , I also tried several times the EASTER.C8 And CATHEDRAL.C8 and the mobile detects the gps simul constellation but imagine that just with 20 secs (90 or 100 MB) no time to sync and detect any new position . I think you need good TXCO and fast SD card able to handle read 5.2 MB/sec. (2M6 x I,Q C8)

which MB size has the file that you have created ? How long time is the hole file to be replayed ? Are you replaying in loop or just once ? When you run with pc and HackRF mode, how long Does it takes to your mobile to get sync and decode a lat / long ?

If your file is longer than 20 secs and you can share it , I can also try it in an old HackRF r6 or older .

Thanks

No problem I will upload .C8 and parameters folder when I return to the lab and wil send the link. SD card with maximum speed, not more 32GB and also tested on 8GB.

[Brumi-2021]

Hello @Sats301 , no need to upload your created file.bin I already could create one as a testing and so far it works well from pc + hackrf , now pending to check from Portapack. I will tell you soon

[Brumi-2021]

Hi again @Sats301 , I could duplicate your problem . With PC + Hackrf , it detects the new position in a few minutes (the first time, 20 secs definitively is not enough ). With Portapack standalone it should work just copying the gpssim.c8 file there , but we have small bug , and it needs that you attach the related gpssim.txt

It is just a TXT file with the same name as the gps_file_to_be_played.c8 , with same name.txt , with two lines , sample_rate=2600000 center_frequency=1575420000

You can try, I already succeed with TXCO and without TXCO versions. We will ammend it soon . but meanwhile , pls confirm that workaround also works in your set up .

Cheers,

[Sats301]

YOOOOOO!!!! Thank you! You save me!

Working fine! Can you integrate this fix in 1.7.4?

[Brumi-2021]

Glad to see that confirmation ! I already comment to @NotherNgineer and he is following it , and we will validate it together . As soon as we fix it , we will integrate it . Our target is to solve it and integrate it in the next fw 1.7.4 . But as the problem is clear , and we have now a clear workaround , let's close that issue. (No need further investigation, but do not worry we will not forget it ) .

[jLynx]

I am working on integrating this fix already, hopefully it's not far away from release. There are just a few techinal challenges to get it to play nicely with everyone.

CC: @Brumi-2021 leave it to me since I half way though doing it already

[jLynx]

Also I'm keeping this issue open until the fix is implemented. That way we know it's still active

[Sats301]

Also I'm keeping this issue open until the fix is implemented. That way we know it's still active

Ok, Will wait for new release. Thank you so much!

[Brumi-2021]

Hello @jLynx ,
Sorry , but I already discussed and tested several versions from @NotherNgineer , and he already submittted a perfect PR . I will add my evaluation commnets there .

Additional notes :
well in fact, I can see , that it is already merged . (Gps default frequency #1309 ) Well no problems , it is fully validated and now ok, !

[jLynx]

Your changes are complelty different to what @bernd-herzog and I are talking about. So if your solves it that's great, but I also still need to implement these other changes

[jLynx]

@Sats301 just to confirm, was the fix the firmware that @bernd-herzog sent you, or was it @Brumi-2021 suggestion above?

[NotherNgineer]

@jLynx @bernd-herzog I suspect it was the test firmware from bernd, since his initial post above showed the correct frequency & sample rate.

[Brumi-2021]

Hi @Sats301 ,

thanks to @NotherNgineer , yesterday , we just merged into latest nightly fw my yesterday proposed solution (when we do not attach the related .txt)

But we had two possible root causes about that issue , and we need to understand from you , if your confirmed solution ,

• was due to this issue (already integrated, set up correct parameters, when missing .txt file )
• or due to the successful new @bernd-herzog's beta binary test (shared above) .
  (If that is the case, we need to know , in order to coordinate its final validation / merge toward next fw 1.7.4.)

Waiting for your clarification about it , thanks,

[Sats301]

@Sats301 просто для подтверждения, было ли исправление прошивкой, которую @bernd-herzog отправил вам, или это было предложение @Brumi-2021 выше?

@Sats301 just to confirm, was the fix the firmware that @bernd-herzog sent you, or was it @Brumi-2021 suggestion above?

This fix from bernd-herzog. Just install it and GPS sim start normally. All magic with frequencies in parameters folder can't fix it.

[Brumi-2021]

Ok , thanks for your confirmation , @jLynx was right , it was from the new binary .

@jLynx , now you can close correctly that issue , Apologise for my confusion , we just fixed another minor second bug .

Cheers

[jLynx]

We wont close the issue until my PR is merged in https://github.com/eried/portapack-mayhem/pull/1313

Its almost ready. Just found a bug I am fixing

[jLynx]

@Sats301 Can you please test this firmware file https://github.com/eried/portapack-mayhem/files/12181665/portapack-h1_h2-mayhem.zip (c21bd9e3)

Go into Settings > Radio and enabled Force external TCXO

Please let me know if this works. If it does we can merge it in

[Sats301]

But last nightly release not fix this problem.

look:

1. with bernd-herzog FW

2. with nightly release n_230727

3. Radio settings scr

Friends please check the difference…

[jLynx]

@Sats301 Please try with the one I linked. Its not the same as the nightly. Its a custom built one https://github.com/eried/portapack-mayhem/files/12181665/portapack-h1_h2-mayhem.zip

[Sats301]

@Sats301 Please try with the one I linked. Its not the same as the nightly. Its a custom built one https://github.com/eried/portapack-mayhem/files/12181665/portapack-h1_h2-mayhem.zip

Wait a second...

[jLynx]

Did you reboot in between enabling it? (There is a bug I just found when rebooting it wont save the changes)

[Sats301]

Did you reboot in between enabling it? (There is a bug I just found when rebooting it wont save the changes)

Yes. Set in Radio -> reboot -> test it. Already test it. Results - not working.

[jLynx]

ok can you please test without rebooting. So first disable it, save then enable it, save then test (without rebooting)

[jLynx]

Scratch that. Please try this one here @Sats301 portapack-h1_h2-mayhem v2.zip

[Sats301]

ok can you please test without rebooting. So first disable it, save then enable it, save then test (without rebooting)

Checked - still no satellites

[jLynx]

Please try with new v2 one I attached just above your last comment, after enabling it, try reboot and go into that menu and see if it shows 10mhz

[Sats301]

Scratch that. Please try this one here @Sats301 portapack-h1_h2-mayhem v2.zip

Tested - not working. Details: tested with settings external TCXO and without, with reboot and without.