IXUS 1000 HS Porting Thread - page 6 - DryOS Development - CHDK Forum

IXUS 1000 HS Porting Thread

  • 437 Replies
  • 95402 Views
*

Offline fe50

  • ******
  • 3105
  • IXUS50 & 860, SX10 Star WARs-Star RAWs
    • fe50
Re: IXUS 1000 HS Porting Thread
« Reply #50 on: 30 / October / 2010, 13:24:40 »
Advertisements
Is the 4.9 freeware version also able to reassemble the cannon firmware dumps ?
No, the free version doesn't have ARM support, only the full version can be used...

You may have a look to Pelican's ARMu: http://chdk.setepontos.com/index.php?topic=5100.0 and maybe to the GPL Tools here: http://chdk.wikia.com/wiki/GPL_Tools

*

Offline reyalp

  • ******
  • 12105
Re: IXUS 1000 HS Porting Thread
« Reply #51 on: 30 / October / 2010, 17:09:33 »
Romlog probably means that whatever is crashing isn't getting caught. Assert in EvntProc.c generally means you tried to call an unknown eventproc (probably by running a canon basic script). Maybe you tried to use the cbasic dumper once ?
Don't forget what the H stands for.

Re: IXUS 1000 HS Porting Thread
« Reply #52 on: 31 / October / 2010, 04:56:28 »
>Romlog probably means that whatever is crashing isn't getting caught. Assert in EvntProc.c generally >means you tried to call an unknown eventproc (probably by running a canon basic script). Maybe you tried >to use the cbasic dumper once ?

ahm yes, i look on all post i have written and i register in Forum on 3. Oktober.so its possible that i try to read firmware on 5. Oktober.

time goes by too fast.

I try now to use the canon boot code in gcc.there is not much code execute so i hope when i add this code it work.

then i put all chdk relatet in #ifdef CHDK_CODE so i can see more easy what is chdk code and when i enable this step by step so i can tell you what chdk code really force the crash.

maybe some code before task create do a register trash that is need for the task create.

really bad luck that it currently not work
« Last Edit: 31 / October / 2010, 04:58:31 by Bernd R »
Ixus 1000 HS

*

Offline asm1989

  • *****
  • 527
  • SX720, SX260, SX210 & SX200
Re: IXUS 1000 HS Porting Thread
« Reply #53 on: 31 / October / 2010, 05:52:25 »
Bernd R
 you may comment this for testing out v3 or v4:
Code: [Select]
*(int*)0x1938 = (int)taskCreateHook;

if ((*(int*) 0xC022010C) & 1) // look at play switch
*(int*)(0x254C) = 0x400000; // start in play mode
else
*(int*)(0x254C) = 0x200000; // start in rec mod


Re: IXUS 1000 HS Porting Thread
« Reply #54 on: 31 / October / 2010, 06:06:56 »
When i activate this code to jump direct to old firmware code, the Camera work as before (show last image.i test 2 times)

void __attribute__((naked,noinline)) boot() {
    asm volatile (
             "B        sub_FF81000C\n" // work


But when do the code

 "B       0xFF81000C\n"

it work not(Camera crash.i test 2 times).In theory it should work.

I want add code that jump from time to time to original firmware, but there are not for all addresses sub labels.

For example at end of boot func i want jump to old Firmware ROM

this was new code

 "B sub_FF810354_my\n"

i do

 "B sub_FF810354\n"

but there is the label not found.

 "B 0xFF810354\n"

compiles but, Camera crash

So what can i do, to add own label or use a direct B call to Camera ?

>you may comment this for testing out v3 or v4:

I test now too on V4.Problem is same.

maybe when i can change

"LDR     R1, =sub_FF815EE0_my\n"

to

"LDR     R1, =sub_FF815EE0\n"

or

"LDR     R1, =0xFF815EE0\n"

it can work.
« Last Edit: 31 / October / 2010, 06:13:12 by Bernd R »
Ixus 1000 HS

*

Offline whim

  • ******
  • 2013
  • A495/590/620/630 ixus70/115/220/230/300/870 S95
Re: IXUS 1000 HS Porting Thread
« Reply #55 on: 31 / October / 2010, 06:17:50 »
@Bernd R

Check this post

hope that helps,

wim

*

Offline asm1989

  • *****
  • 527
  • SX720, SX260, SX210 & SX200
Re: IXUS 1000 HS Porting Thread
« Reply #56 on: 31 / October / 2010, 06:21:28 »
@Bernd R
yes check whim post to see how to call subs,

anyway call sub_FF810160  instead of FF810354   it should continue the firmware.

and since none of this funcs is in stubs you can call them using :

LDR PC, =0xFF810354
« Last Edit: 31 / October / 2010, 06:23:18 by asm1989 »

Re: IXUS 1000 HS Porting Thread
« Reply #57 on: 31 / October / 2010, 08:00:56 »
>LDR PC, =0xFF810354

thanks for info, when i add this at end of boot function Camera work ok.

now i test on function

void __attribute__((naked,noinline)) sub_FF810354_my()

I notice when i change code later in this function to call old Function

          "mov LR,PC\n"
          "LDR PC, =0xFF811198\n"
          //  "BL sub_FF811198_my\n"
                      //------------>

Camera work only with old Firmware when i remove too


//   *(int*)0x1938 = (int)taskCreateHook;

//
//   if ((*(int*) 0xC022010C) & 1)               // look at play switch
//      *(int*)(0x254C) = 0x400000;               // start in play mode
//   else
//      *(int*)(0x254C) = 0x200000;               // start in rec mode

this

I try also this code with and without ASM_SAFE_ENTER.still not work.

ASM_SAFE_ENTER;
   *(int*)0x1938 = (int)taskCreateHook;
ASM_SAFE_LEAVE;

romlog output is same as before.

now i deactivate above and activate only this lines.

   if ((*(int*) 0xC022010C) & 1)               // look at play switch
      *(int*)(0x254C) = 0x400000;               // start in play mode
   else
      *(int*)(0x254C) = 0x200000;               // start in rec mode

old Firmware work well.
only diffrence is, that i hear no boot jingle after click ok in Firmware update.But this i always not hear when i jump to original ROM.Is this on other cameras same ?
« Last Edit: 31 / October / 2010, 08:03:17 by Bernd R »
Ixus 1000 HS


Re: IXUS 1000 HS Porting Thread
« Reply #58 on: 31 / October / 2010, 10:06:34 »
Good news, the Camera is now working and the blink before start diskboot is execute

             "BL blink\n"
//             "BL sub_FF83D2AC\n" // start diskboot.bin
Ixus 1000 HS

*

Offline asm1989

  • *****
  • 527
  • SX720, SX260, SX210 & SX200
Re: IXUS 1000 HS Porting Thread
« Reply #59 on: 31 / October / 2010, 12:39:31 »
Ok, maybe its a problem with the hooks,

do you see the chdk logo ?

please upload your working boot.c to keep working on it.

 

Related Topics