Trying some tricks on the Shuttle HOT433 with a (probably unofficial / homebrew modified) BIOS, I encountered the problem, that different AWDFLASH versions I tried resulted in the situation that the BIOS enters the boot block recovery mode - although the image I tried to flash created by modbin (or AWDHACK invoking modbin) was perfectly fine. Going back to the previous BIOS is using a version of AWDFLASH that doesn't require the currently running BIOS to implement the board-specific flashing interface (the boot block doesn't implement it) worked fine, though.

In the latest widely used unofficial BIOS for the HOT433 still, there is a classic boot-block that assumes the whole area from E000:0 to F000:DFFF to be read-only data. In this HOT433 BIOS, the layout is (quite typical for Non-ESCD Award BIOSes):

• 112KB space for compressed BIOS modules (E000:0 - F000:BFFF)
• 4KB space for a out-of-bootblock memory setup function (the bootblock falls back to its internal memory setup function if this block is "invalid") (F000:C000-F000:CFFF)
• 4KB space for the LZH decompressor "Award Decompression Bios" (F000:D000 - F000:DFFF)
• 8KB boot block (F000:E000 - F000:FFFF)

The boot block finds the decompressor and the memory init block by searching for a "BIOS layout info block" (name invented by me), which is typically located in the same 4K block as the decompressor. The memory init block and the decompressor block are individually checksummed (the last byte needs to be equal to the sum of the first 4095 bytes. Note that this is not the classic checksum in which the sum over all bytes is 0, because in that case, the last byte is the negation of the sum of the first 4095 bytes). Furthermore (and that is the key point in this post), the complete non-bootblock-area is checksummed. As the last byte of the pre-bootblock area is already containing the D000..DFFE checksum, that byte can not be used for checksumming "the whole thing", so Award decided to use the byte before that as the "master checksum byte": The byte at F000:DFFE equals to the 8-bit sum of all bytes preceding it (i.e. E000:0..F000:DFFD). The process to calculate the checksums thus requires to calculate the master checksum at F000:DFFE first, and then updating the decompressor checksum at F000:DFFF, as the master checksum is stored inside the range of the "decompressor block". There is no need to know the algorithms yourself, as MODBIN calculates all those checksums just fine, I checked that with version 4.50.80 (and you can use AWDHACK that hooks into MODBIN to run HIEW to do arbitrary modifications to the BIOS, with MODBIN still re-calculating all the checksums afterwards). The only thing you need to take away from this paragraph: If you patch the compressed run-time BIOS, the checksum bytes at F000:DFFE and F000:DFFF need to be updated in the ROM chip.

Updating those checksum bytes turns out to be more difficult than expected, though. AWDFLASH contains flawed logic that tries to not clear the ESCD (persistent plug-and-play configuration data) on BIOS updates. AWDFLASH (I checked different versions) contains the following assumptions:

• If an Award BIOS offers any PNP BIOS services (as indicated by having a "$PnP" signature block in the currently running BIOS), it is assumed that the BIOS stores ESCD data in the flash chip.
• If ESCD data is stored in the flash chip, the ESCD data is assumed to be at F000:D000..F000:DFFF

In the case of the HOT433 BIOS, the first assumption turns out to be false (and "ex falso quodlibet"), as that BIOS (as I already said in the introduction, it is most likely an unofficial homebrew merge of a late Award runtime kernel with an original HOT433 boot block) does offer PnP services - but none that require persistent data storage. The HOT433 BIOS allows enumeratin the mainboard resources (including the UMC Super I/O) and reconfiguring the reconfigurable resources (including disabling IRQ12 being assigned to the PS/2 mouse interface, in case you have a PS/2 mouse port modded HOT433) while the system is running. This allows Windows 95 to move e.g. the on-board serial ports to COM3 and COM4 if a conflicting ISA card is installed. The HOT433 BIOS rejects all calls (the legacy "store non-PnP resource info" and the newer ESCD calls) with error code 82 ("call not implemented"). Thus AWDFLASH falsely assumes that the range a D000..DFFF contains the ESCD (which isn't there at all), and skips updating the checksum.

The following recourses can be taken:

• flash the BIOS again when running in boot-block recovery mode. In boot-block recovery mode, no Plug-and-Play compatible BIOS is installed, so AWDFLASH doesn't skip the supposed ESCD area.
• patch AWDFLASH.EXE with a hex-editor of your choice, damaging the one and only occurrence of "$PnP", for example by patching it to "!PnP".