I've discovered that canon has changed the parameters to PT_Playsound.
CHDK expects it to take a short as a the first argument, as it does on say the a540:
MOV R0, R0,LSL#16
MOV R0, R0,LSR#16
STR LR, [SP,#var_4]!
BL sub_FFEBD248
MOV R0, #0
LDR PC, [SP],#arg_4
On newer cameras (a470, sd990, sx10 at least) it expects a pointer to a struct, where the first member is a short, and the second a pointer (a470 102c for example)
ADD R1, R0, #4
STMFD SP!, {R4,LR}
LDRH R0, [R0]
LDR R1, [R1]
BL sub_FFC465F0
MOV R0, #0
LDMFD SP!, {R4,PC}
On the a470 at least, attempting to call it like the old function crashes. It probably does on the others too. (note that in SVN, this a470 port as another error, it points at the STMFD, which is not actually first instruction in the function!)
The function can be found on many cameras by
- look for the string "PT_Playsound"
- look for a pointer to that string.
- The pointer immediately following the pointer to the string is a pointer to the function.
In some cameras, the string and function may be directly referenced from code instead of being in a table.
It looks to me like the function called by PT_Playsound in the new cameras (sub_FFC465F0 above) may be equivalent to the old PT_Playsound. There are calls to it with familiar values.
If someone who has one of these cameras can figure out how to call it correctly, that would be helpful. I can make test builds if needed, but I need to know which camera. Otherwise, we should identify all the "new" cameras and nullsub this function.
Lesson:
Don't stop when you find the function with the right name, make sure it's actually the right function! (and yes, I'm guilty)