IXUS 1000 HS Porting Thread - page 5 - DryOS Development - CHDK Forum
supplierdeeply
« previous next »
Pages: 1 2 3 4 [5] 6 7 8 9 10 ... 45   Go Down

IXUS 1000 HS Porting Thread

  • 440 Replies
  • 150241 Views
*

Offline asm1989

  • *****
  • 527
  • SX720, SX260, SX210 & SX200
Re: IXUS 1000 HS Porting Thread
« Reply #40 on: 29 / October / 2010, 13:37:48 »
Advertisements
@reyalp
Quote
blind porting is a challenge
  8) yes indeed it is,
some of the stuff is deductive work like finding the stubs and coping code from the firmware for boot, captseq.....

But as a first step porting is possible, but someone needs to do the testing!
Logged
*

Offline asm1989

  • *****
  • 527
  • SX720, SX260, SX210 & SX200
Re: IXUS 1000 HS Porting Thread
« Reply #41 on: 29 / October / 2010, 14:58:01 »
@Bernd R

I Include the sentences from reyalp, for testing only at camera.h for your cam, replace it in the includes directory

get it here http://es.drop.io/asm1989

then you can use
ASM_SAFE( ".....")   inside your  asm volatile (
Logged
*

Online reyalp

  • ******
  • 13938
Re: IXUS 1000 HS Porting Thread
« Reply #42 on: 29 / October / 2010, 16:34:11 »
A romlog http://chdk.wikia.com/wiki/Canon_Basic/Scripts/Romlog may also provide some clues
Logged
Don't forget what the H stands for.
*

Offline asm1989

  • *****
  • 527
  • SX720, SX260, SX210 & SX200
Re: IXUS 1000 HS Porting Thread
« Reply #43 on: 29 / October / 2010, 16:40:59 »
yes Bernd R , a romlog could help to trace it , it's better to have a small spare SD card for this, since you have to manually change some bytes of the card, follow the realyp link for the details,

 and try to get a romlog file just after the crash.
Logged
*

Offline Bernd R

  • ****
  • 430
Re: IXUS 1000 HS Porting Thread
« Reply #44 on: 30 / October / 2010, 04:44:48 »
ok, it try V4 and after
    "BLLT    sub_FF815FD4\n"       //Mising err_init_task

i add a bl blink

and i do romlog soon.

today i find some more maybe intresting information.when the accu show on normal camera use (lens are out) 2 bars(mean 66% full) and i call update the firmware menu (with the testcode in V3 above) i get a message on the camera display "replace akku" (text is diffrent language, so i do only a weak translate.).i test this 2 times and the accu message happen always on firmware update immidiatly

after i charge accu a little (20 miniutes), then crash happen as before( no accu message come), i do also call the menu factory settings load, but it do not help.

that register trashes by C functions i know, and so i call only the blink code as last funtion and the camera never leave the function so it doesnt matter if a register is trash.the blink only show if a codeplace is reach.I remove after every test after 10-15 sec the battery to reset to original firmware.


I get in mind if nobody know whats the problem is, its best then to copy the ixus 1000 firmware code original in GCC and get it working.

and if that work, merge the chdk code in.so can see what chdk code bring the problem.
« Last Edit: 30 / October / 2010, 04:47:15 by Bernd R »
Logged
Ixus 1000 HS
*

Offline Bernd R

  • ****
  • 430
Re: IXUS 1000 HS Porting Thread
« Reply #45 on: 30 / October / 2010, 05:16:22 »
I have test now the V4.result is same as V3
Logged
Ixus 1000 HS
*

Offline Bernd R

  • ****
  • 430
Re: IXUS 1000 HS Porting Thread
« Reply #46 on: 30 / October / 2010, 09:06:58 »
I get also a romlog.txt file.My clock is set correct, but as can see in the Date it happen not today.
I remember when i buy the camera new, i test and i get once a crash without chdk.this seem store in log.

also when i use new chdk file without blink before, i must remove battery, and insert the card with the script.but seem the log is battery remove safe.

also remember that this text output is not show on display.

 LCDMsg_SetStr(a,"done")

or maybe there need add a delay command so this can read


I use this script

private sub Initialize()
  UI.CreatePublic()
  a=LCDMsg_Create()
  LCDMsg_SetStr(a,"Get ROM Log to file")
  System.Create()
  GetLogToFile("A/romlog.txt",1)
  LCDMsg_SetStr(a,"done")
end sub


ASSERT!! EvntProc.c Line 221
Occured Time  2010:10:05 20:18:33
Task ID: 17104930
Task name: CtrlSrv
SP: 0x00389900
StackDump:
0x00000000
0xFF892258
0x000000DD
0x00003744
0x00389944
0x00000000
0x0038995C
0x00000001
0x00000000
0x0000082A
0x0000085C
0xFF892188
0x00003758
0x00198700
0x003D15D4
0xFF9913F0
0x003CE914
0x003CE90C
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x00000000
0x002E1F20
0x0000365C
0x00000000
0xFF9D5A98
0x002E1F20
0xFF88F598
0x00000027
0x002E1F20
0x0000085C
0x00000000
0x20000000
0x00008D34
0x00000000
0x0000085E
0x0000082A
0xFF9D5780
0x00000000
0x001EA6D8
0x0000391C
0x0000085C
0x000013D8
0x20000000
0x20000000
0x19980218
0x19980218
0xFF899B08
0x001EA6D8
0x00000001
0x0000391C
0x0000085C
0x000013D8
0xFF89A014
0x0003D1C8
0x00003904
0x19980218
0x19980218
0x19980218
0x19980218
0x19980218
0xFF8994D4
0x0003D1C8
0x00372B64
0x19980218
0xFF816B74
0x19980218
0x19980218
0x00000808
ShootConDump:
0f 0f 0f 0f 0f 0f 0f 0f 0f 0f
CameraConDump:
07 0a 02 0f 0f 0f 0f 0f 0f 0f
00000150: *** Camera Log Start ***

00000210: UI:LogicalEvent:0x5001:adr:0,Para:0

00000210: SS:S-Imag

00000230: UI:ScreenLock

00000230: UI:ScreenUnLock

00000230: UI:LogicalEvent:0x300a:adr:0,Para:0

00000230: UI:HDMIConnectCnt

00000230: UI:PB.Create

00000240: UI:LogicalEvent:0x301c:adr:0,Para:0

00000280: UI:PB.CreateE

00000280: UI:DisplayPhysicalScreenCBR

00000280: UI:DispSwCon_TurnOnBackLight

00000280: UI:TurnOnBackLight

00000340: UI:MuteOffPhysicalScreen

00000340: UI:LogicalEvent:0x3138:adr:0,Para:0

00000420: UI:Button:0x00001004:UnpressPBButton

00000870: UI:LogicalEvent:0x5006:adr:0,Para:0

00000870: UI:AC:StartPB

00000870: UI:DispSwCon_TurnOnDisplayDevice

00000870: UI:AC:EBtn

00000870: UI:PB.Start

00000870: UI:DSIC:47,0

00000890: UI:CC_CompFlhJpg

00000890: UI:_CompFlhJpg

00000890: UI:PB.Flash

00000890: UI:ScreenLock

00000890: UI:DSIC:47,0

00000890: UI:ScreenUnLock

00000900: UI:ScreenLock

00000900: UI:DSIC:47,0

00000900: UI:LogicalEvent:0x3209:adr:0x1,Para:1

00000950: UI:LogicalEvent:0x320a:adr:0,Para:0

00001070: UI:PB.DrawI

00001190: UI:LogicalEvent:0x3203:adr:0,Para:0

00001380: UI:PB.StartE

00001380: UI:PB.TOTAL

00001380: UI:DisplayPhysicalScreenCBR

00001380: UI:PB.DPOF

00001380: UI:PB.IHist

00001390: UI:PB.DcdCBR

00001390: UI:PB.RfrsI

00001390: UI:LogicalEvent:0x321f:adr:0,Para:0

00001400: UI:LogicalEvent:0x3201:adr:0,Para:0

00001400: UI:ScreenUnLock

00001420: UI:PB.CTG

00001420: UI:DSIC:48,0

00001430: UI:DispSw: Unlock

00001430: UI:DispSwCon:Unlock

00001430: UI:DispSwCon_TurnOnBackLight

00001430: UI:DispSwCon_MuteOffPhysicalScreen

00001430: UI:MuteOffPhysicalScreen

00001430: UI:AC:EnryPB

00001430: UI:AP:ChkCnctUSB

00001430: UI:DisplayPhysicalScreenCBR

00003410: UI:ScreenLock

00003410: UI:ScreenUnLock

00003410: UI:ScreenLock

00003420: UI:ScreenUnLock

00003420: UI:DisplayPhysicalScreenCBR

00003430: UI:DisplayPhysicalScreenCBR

00004840: UI:Button:0x0000085C:PressSetButton

00005080: UI:Button:0x0000085D:UnpressSetButton

« Last Edit: 30 / October / 2010, 09:26:41 by Bernd R »
Logged
Ixus 1000 HS
*

Offline asm1989

  • *****
  • 527
  • SX720, SX260, SX210 & SX200
Re: IXUS 1000 HS Porting Thread
« Reply #47 on: 30 / October / 2010, 09:50:40 »
Bernd R,

This romlog seams to be from a script execution if you trace back in the asm code 0xFF892258 -> 0xFF892188 .....

to trace the actual error compile with v3 or v4 with out blink stuff, and inmediatly after the crash:
1.- Open the battery door
2.- Insert the sd card with the romlog script
3.- close the battery door
4.- start in play mode, preess set
5.- open the battery door
6.- remove the card and copy with a sd card reader the romlog file

-> Regarding creating the boot.c file
It will help to join develop,  if you have disasembled the firmware in ida or something like it , and processed with the chdk idc scripts...
Logged
*

Offline Bernd R

  • ****
  • 430
Re: IXUS 1000 HS Porting Thread
« Reply #48 on: 30 / October / 2010, 11:18:01 »
>This romlog seams to be from a script execution if you trace back in the asm code 0xFF892258 -> >0xFF892188 .....

i am sure i have only after 10. day of october begin with chdk script.so this was a problem in original firmware.have you find what address the assert function of Ixus 1000 is ?
maybe when call instead of blink assert, this give more info ?

>to trace the actual error compile with v3 or v4 with out blink stuff, and inmediatly after the crash:
>1.- Open the battery door
>2.- Insert the sd card with the romlog script
>3.- close the battery door
>4.- start in play mode, preess set
>5.- open the battery door
>6.- remove the card and copy with a sd card reader the romlog file

this i have do, the blink code is not execute(i try also a version without it) and the romlog i get is always same from 5. day of october.
Logged
Ixus 1000 HS
*

Offline Bernd R

  • ****
  • 430
Re: IXUS 1000 HS Porting Thread
« Reply #49 on: 30 / October / 2010, 11:33:55 »
I see that IDA is a commercial product which cost around 500$.in the wiki to dissasemble Firmware stand version 5.2

Is the 4.9 freeware version also able to reassemble the cannon firmware dumps ?

http://www.hex-rays.com/idapro/idadownfreeware.htm
« Last Edit: 30 / October / 2010, 11:42:23 by Bernd R »
Logged
Ixus 1000 HS
Pages: 1 2 3 4 [5] 6 7 8 9 10 ... 45   Go Up
« previous next »
 

Related Topics