code you HAVE RUN on your dslr - page 5 - DSLR Hack development - CHDK Forum
« previous next »
Pages: 1 2 3 4 [5] 6 7 8 9 10 ... 15   Go Down

code you HAVE RUN on your dslr

  • 141 Replies
  • 63649 Views
*

Offline Seklth

  • **
  • 54
  • 400D
Re: code you HAVE RUN on your dslr
« Reply #40 on: 19 / May / 2008, 10:11:49 »
Advertisements
@owerlord
run native eventproc_GenerateDDD don't create file too?

@jeff666
eventproc_EdLedBlink, what store dword to mem - not worked.

@owerlord
maybe need find over code, what working with led. you find hook buttons? button "direct print" have led)
Logged
*

Offline jeff666

  • ****
  • 181
  • A720IS
Re: code you HAVE RUN on your dslr
« Reply #41 on: 19 / May / 2008, 11:36:36 »
Quote from: Seklth on 19 / May / 2008, 10:11:49
eventproc_EdLedBlink, what store dword to mem - not worked.

Ever thought that Event Procedures might not work?

The P&S-cams clear the OS when "Firm Update" is selected. Close to nothing works then.

To light up an LED we write directly to MMIO-addresses. Read eventproc_EdLedBlink and check for write access between 0xC000000 and 0xC2000000. Chances are, that you find the correct MMIO-address and are able to control an led. Have a look at the camera-specific articles in CHDK-wiki to see a list of typical addresses.

Once you have an address, the LED should turn on if you write 0x46 or off if you write 0x44 to the location.

Cheers.
Logged
*

Offline DataGhost

  • ****
  • 314
  • EOS 40D, S5IS
    • DataGhost.com
Re: code you HAVE RUN on your dslr
« Reply #42 on: 19 / May / 2008, 12:27:39 »
Ok, I'm new here (in the DSLR section) so I started looking at this stuff about 15 minutes ago.

Quote from: Seklth on 19 / May / 2008, 10:11:49
@jeff666
eventproc_EdLedBlink, what store dword to mem - not worked.
What is the exact address you found for that function or how do you call it? I don't have that particular name in my IDA dump, maybe this was done by your signatures or scripts but I'm not sure. Anyway, I may know how to call it or what it does, unless you already use that method.
Oh and.. how many LEDs are on the camera and how many are lit while running your code?
Logged
*

Offline owerlord

  • ***
  • 115
Re: code you HAVE RUN on your dslr
« Reply #43 on: 19 / May / 2008, 12:33:40 »
the function list is exported with Seklth idc scripts, and imported by them also. (see attachments in this thread). on the body of 400D are only 3 leds: power led, CompactFlash access led, PTP (print direct) led.

I do not know witch is the EdLed - from the source - becose it didn't work.
while running the code the power led is led. and when I initialize the system the CF led blinks a bit.
Logged
*

Offline DataGhost

  • ****
  • 314
  • EOS 40D, S5IS
    • DataGhost.com
Re: code you HAVE RUN on your dslr
« Reply #44 on: 19 / May / 2008, 12:41:03 »
Okay.... I guess I'm a little bit blind then, I still don't see eventproc_EdLedBlink in the function lists I found in this thread and the idc files don't really look like they're going to identify it. Can you verify that you have that function in your list and export it or tell me the address?
Logged
*

Offline owerlord

  • ***
  • 115
Re: code you HAVE RUN on your dslr
« Reply #45 on: 19 / May / 2008, 12:58:35 »
Sorry - accidently they are not functions - so idc didn't export them. here thy are:

ROM:FFAFCC78                   eventproc_EdLedOff
ROM:FFAFCCA4                   eventproc_EdLedOn
ROM:FFAFCCD0                   eventproc_EdLedBlink
Logged
*

Offline DataGhost

  • ****
  • 314
  • EOS 40D, S5IS
    • DataGhost.com
Re: code you HAVE RUN on your dslr
« Reply #46 on: 19 / May / 2008, 13:10:36 »
Ah, ok. Yes, those are the same ones I found and IDA identified them as loc_.... so indeed not a function. Anyway, did you also try EdLedOn and EdLedOff or did you only try EdLedBlink? If you tried them all, they probably confirm my theory. Those functions give me a PostLEDMessage (present on compact cameras) feeling, so they probably tell the OS to turn on/off or blink a specific LED. If the OS isn't running anymore... well.. do the math. I guess you'll have to search for the addresses 0xCAF0 and 0xCAD8 (or 0xC0210014 and 0xC0220000, their respective values), as they seem to tell the OS what to do.

Equivalent, abbreviated C:
void EdLedOff() {
    *((long *) 0xC0210014) = 0;
    *((long *) 0xC0220000) = 0x44;
}

void EdLedOn() {
    *((long *) 0xC0220000) = 0x48;
    *((long *) 0xC0210014) = 1;
}

void EdLedBlink() {
    *((long *) 0xC0220000) = 0x48;
    *((long *) 0xC0210014) = 3;
}
Logged
*

Offline owerlord

  • ***
  • 115
Re: code you HAVE RUN on your dslr
« Reply #47 on: 19 / May / 2008, 13:23:30 »
yes. I know what it does. I done the asigments in memory without calling the functions.
It didn't blink or lit anything. Before or after OS rewriten procedures. Even after the EdLed register procedures and memory initializations.
Logged
*

Offline Seklth

  • **
  • 54
  • 400D
Re: code you HAVE RUN on your dslr
« Reply #48 on: 19 / May / 2008, 15:35:08 »
test other addresses from this function: sub_FFAFCAF0
Logged
*

Offline DataGhost

  • ****
  • 314
  • EOS 40D, S5IS
    • DataGhost.com
Re: code you HAVE RUN on your dslr
« Reply #49 on: 19 / May / 2008, 15:37:18 »
They might do other things, though. Anyway, Maybe you could try setting 0x46 into 0xC0220000 (or another addresses) since that's the value other cameras usually use to turn on a LED.
Logged
Pages: 1 2 3 4 [5] 6 7 8 9 10 ... 15   Go Up
« previous next »
 

Related Topics