does call_func_ptr on a function with no arguments work on this port? For example, in chdkptp=call_func_ptr(0xfc021059)
Yes, your example does work.
The question seems to imply that you're having trouble with it on your cam...?
Yes, g7x seems to crash with no arguments, but works if there is one, even though the address is just a BX LR. The port is quite unfinished, so it could be an unrelated bug.
fc13bef6: 4770 bx lr
con 1> =return call_func_ptr(0xfc13bef7)
Tick ,Op,Address ,Name (2016:02:13 11:51:59) 12130,LD,005190d0,lua.flt
arm-none-eabi-objdump.exe -d -x --adjust-vma=0x5190d0 lua.elf > lua-5190d0.dumpobj
005190f4 l d .text 00000000 .text
lua_pushnumber( L, call_func_ptr(fptr, argbuf, n_args) );
Exception!! Vector 0x10Occured Time 2016:02:13 11:53:16Task ID: 17760295Task name: PhySwExc Registers:0xFC13BEF7 ; r0 - > should be lua_state, but it's the function called?0x00000004 ; r10x00000000 ; r20xCB486D47 ; r30xFC13BEF7 ; r4 -> should be lua_state too0x00000000 ; r50x005436C8 ; r60x00000000 ; r70xFC13BEF7 ; r80x00000000 ; r90x00544FE8 ; r100x00544F20 ; r110xFC13BEF7 ; r120x006421E0 ; SP0x0051B6CD ; LR luaCB_call_func_ptr ret from lua_pushnumber0x0051E11A ; PC lua_pushnumber 51e11a: 6019 str r1, [r3, #0]0x20000073StackDump:0x003734C0 ; call_func_ptr (as an ARM adr?)0xFC13BEF7 ; called func0x000000000x0051B6CD ; luaCB_call_func_ptr ret from lua_pushnumber (same as LR), above matches push r3-r5, lr0x005434680x005437800x005436C80xFFFFFFFF
0051e114 <lua_pushnumber>: 51e114: b538 push {r3, r4, r5, lr} 51e116: 4604 mov r4, r0 51e118: 6883 ldr r3, [r0, #8] 51e11a: 6019 str r1, [r3, #0] ; < data abort here
51b6ba: 4640 mov r0, r8 51b6bc: 4639 mov r1, r7 51b6be: 462a mov r2, r5 51b6c0: 4b0b ldr r3, [pc, #44] ; (51b6f0 <luaCB_call_func_ptr+0x88>) 51b6c2: 4798 blx r3 ; < call_func_ptr call 51b6c4: 4601 mov r1, r0 ; < return value goes in r1 51b6c6: 4620 mov r0, r4 ; < should be lua state L going in R0 for push 51b6c8: f7ff fffe bl 51e114 <lua_pushnumber> 51b6c8: R_ARM_THM_CALL lua_pushnumber 51b6cc: 4638 mov r0, r7 ; < LR in romlog
$ ./capdis.exe -nofwdata ../platform/g7x/sub/100d/main.bin 0x36a354 -s=0x3734c0 -c=10WARNING gaonisoy string not found, assuming code start offset 0 andeq r4, r0, r8, ror r7 push {r4, r5, lr} mov ip, r0 mov r4, sp add r5, r1, r2, lsl #2
which means that with the toolchain I am using at least (arm-none-eabi-gcc.exe (GNU Tools for ARM Embedded Processors) 4.9.3 20141119 (release) [ARM/embedded-4_9-branch revision 218278]), the bx pc is not needed.
Assuming this is correct, should clarified in the wiki but I don't understand it well enough to clarify.
I've removed the offending code. It was interworked automatically on pre-digic 6 cams (arm assembly mostly called from thumb code), so I think it should work the same. It seems to in my build environment anyway
Started by moroz General Discussion and Assistance
Started by tzurek « 1 2 ... 5 6 » Firmware Dumping
Started by srsa_4c « 1 2 ... 36 37 » DryOS Development
Started by TheMrRafus General Discussion and Assistance
Started by reyalp DryOS Development
