G11 porting - page 13 - DryOS Development - CHDK Forum
« previous next »
Pages: 1 ... 8 9 10 11 12 [13] 14 15 16 17 18 ... 54   Go Down

G11 porting

  • 530 Replies
  • 221090 Views
*

Offline stevenkelby

  • *
  • 4
Re: G11 porting
« Reply #120 on: 31 / December / 2009, 04:41:08 »
Advertisements
Wow you guys rock! Great work!

Let me know if I can donate anywhere.

Logged
*

Offline ERR99

  • ****
  • 339
Re: G11 porting
« Reply #121 on: 31 / December / 2009, 05:18:13 »
I have made a custom build of the udumper, to check why it is not working to dump directly so SD card.
So i encoded my build with dancingbits encoding 3 and used some of the G11 LEDs, to see how far the
code is executed.
As far i can see, the search for the write function signature fails, and thats the reason for the not working udumper.

The if clause does not find a hit:
Code: [Select]
 for (i=0x1900;i<0xF0000;i+=4)
  if ((*(unsigned int*)(i+0x34)==0) &&
      (*(unsigned int*)(i+0x38)==0) &&
      (*(unsigned int*)(i+0x3C)==3) &&
      (*(unsigned int*)(i+0x4C)>MIN_ADDRESS) &&
      (*(unsigned int*)(i+0x50)>MIN_ADDRESS) ) an so the program execution ends in the endless while(1); loop of the udumper main.c.
Logged
*

Offline Microfunguy

  • ****
  • 4037
    • StereoData Maker
Re: G11 porting
« Reply #122 on: 31 / December / 2009, 06:32:40 »
Quote from: ERR99 on 31 / December / 2009, 03:54:48
I loaded the firmware into IDA with this values, and it works:
Startaddress: 0xFF810000
Length:  0x7EFFFC

Well, I have now tried with the drop.io version and that does at least load.

The DRYOS signatures do not work, the whole process completes in about 30 seconds.
Logged
*

Offline ERR99

  • ****
  • 339
Re: G11 porting
« Reply #123 on: 31 / December / 2009, 06:42:33 »
Quote from: Microfunguy on 31 / December / 2009, 06:32:40
Quote from: ERR99 on 31 / December / 2009, 03:54:48
I loaded the firmware into IDA with this values, and it works:
Startaddress: 0xFF810000
Length:  0x7EFFFC

Well, I have now tried with the drop.io version and that does at least load.

The DRYOS signatures do not work, the whole process completes in about 30 seconds.


Which script do you use? If i start the dryos script, it finds roundabout 600 Signatures in the G11 firmware.
Logged
*

Offline Microfunguy

  • ****
  • 4037
    • StereoData Maker
Re: G11 porting
« Reply #124 on: 31 / December / 2009, 06:48:18 »
How long did it take ?

The DRYOS CHDK.idc script :-

Code: [Select]
#include <idc.idc>
#include "scan-code.idc"
#include "scan-tasks.idc"
#include "scan-events.idc"
#include "scan-strings.idc"
#include "scan-refs.idc"

static main()
{
  auto sb, se, b;

  Message("*** START OF ANALYSIS ***\n");

//  b = Batch(1);

  sb = MinEA();
  se = MaxEA();

  Message("Searching for code...\n");

  MakeCode(sb);
  findCode2(sb, se);
  Message("Please wait...\n");
  Wait();

  Message("Searching for tasks...\n");
  findTasks(sb, se);
  Message("Please wait...\n");
  Wait();
 
  Message("Searching for events...\n");
  findEvents(sb, se);
  Message("Please wait...\n");
  Wait();

  Message("Searching for strings...\n");
  MakeStr(sb+4, BADADDR);
  findStrings(sb, se);
  Message("Please wait...\n");
  Wait();
 
  Message("Searching for references...\n");
  findRefs(sb, se);
  Message("Please wait...\n");
  Wait();

//  Batch(b);

  Message("*** END OF ANALYSIS ***\n");
}
Logged
*

Offline ERR99

  • ****
  • 339
Re: G11 porting
« Reply #125 on: 31 / December / 2009, 08:20:35 »
The DRYOS script take a few minutes to finish. But did you load before the DryOs Signature File (CanonFW_DryOS_A-Series.sig) as described in the Wiki?
Logged
*

Offline fe50

  • ******
  • 3147
  • IXUS50 & 860, SX10 Star WARs-Star RAWs
    • fe50
Re: G11 porting
« Reply #126 on: 31 / December / 2009, 08:34:07 »
@Microfunguy

The signatures and also the idc scripts are working fine on this dump, the same way as on the others...

- load the dump in IDA pro, as binary file, ARM processor, macros disabled
- start address & loading address: 0xFF810000, ROM size:  0x003FFFFF
- edit the segment offset: ALT+S in IDA, set End address to 0xFFFFFFFE <-- !
- apply the dryos signatures
- run the main CHDK idc script, use the package from here

(read more about IDA macros & the single-run script here)
« Last Edit: 31 / December / 2009, 08:39:07 by fe50 »
Logged
*

Offline Microfunguy

  • ****
  • 4037
    • StereoData Maker
Re: G11 porting
« Reply #127 on: 31 / December / 2009, 08:52:32 »
Yes, I have already  done all that.

I will download the script again and try later.

EDIT:

Quote
- edit the segment offset: ALT+S in IDA, set End address to 0xFFFFFFFE <-- !

Forgot that !
Logged
*

Offline kingcang

  • **
  • 61
Re: G11 porting
« Reply #128 on: 31 / December / 2009, 11:52:09 »
« Last Edit: 31 / December / 2009, 11:55:43 by kingcang »
Logged
*

Offline ERR99

  • ****
  • 339
Re: G11 porting
« Reply #129 on: 31 / December / 2009, 14:34:21 »
I think the next steps to do are described here: http://chdk.wikia.com/wiki/Adding_support_for_a_new_camera
I started to follow the steps, and checked out the current CHDK cvs and added the G11 platform (based on the G9) and started to adapt the led adresses, MEMIOSET and this stuff. So far, i can compile a G11 CHDK DISKBOOT.BIN dummy project and i am currently reached the "Implementing the CHDK boot process" step in the Wiki. This means currently i reached the step, that my "platform/g11/main.c" code gets called if i start my DISKBOOT.BIN CHDK build on the G11.  :)

To get CHDK compiled for the G11 platform, i had to add this stubs to stubs_entry2.s, because the automatic
signature finder in the build process was not able to find them:

Code: [Select]
NHSTUB(EnterToCompensationEVF, 0x12345678)
NHSTUB(ExitFromCompensationEVF, 0x12345678)
NHSTUB(Lseek, 0x12345678)
NHSTUB(PT_PlaySound, 0x12345678)
NHSTUB(RefreshPhysicalScreen, 0x12345678)
NHSTUB(Remove, 0x12345678)
NHSTUB(TurnOffBackLight, 0x12345678)
NHSTUB(TurnOnBackLight, 0x12345678)
NHSTUB(UIFS_WriteFirmInfoToFile, 0x12345678)
NHSTUB(kbd_pwr_on, 0x12345678)
NHSTUB(openfastdir, 0x12345678)
NHSTUB(readfastdir, 0x12345678)
NHSTUB(rename, 0x12345678)
NHSTUB(SetScriptMode, 0x12345678)
NHSTUB(apex2us, 0x12345678)
NHSTUB(MakeAFScan, 0x12345678)
NHSTUB(ExpCtrlTool_StartContiAE, 0x12345678)
NHSTUB(WriteSDCard, 0x12345678)
NHSTUB(UnlockAF, 0x12345678)
NHSTUB(DoAFLock, 0x12345678)
NHSTUB(rewinddir, 0x12345678)
NHSTUB(SetZoomActuatorSpeedPercent, 0x12345678)
NHSTUB(Unmount_FileSystem, 0x12345678)
NHSTUB(Mount_FileSystem, 0x12345678)
NHSTUB(GetKbdState, 0x12345678)
NHSTUB(UnsetZoomForMovie, 0x12345678)
NHSTUB(PutInNdFilter, 0x12345678)
NHSTUB(PutOutNdFilter, 0x12345678)
NHSTUB(GiveSemaphore, 0x12345678)
So it would ne nice if someone with CHDK development skills can help to find the addresses of this function in the firmware dump.
But okay, thats enough G11 development for this year.
 :PHappy new year CHDK community!  :P
Logged
Pages: 1 ... 8 9 10 11 12 [13] 14 15 16 17 18 ... 54   Go Up
« previous next »
 

Related Topics