@ARM assembly gurus: How can we do a "cold reboot" from CHDK ? - General Discussion and Assistance - CHDK Forum
« previous next »
Pages: [1] 2 3 4   Go Down

@ARM assembly gurus: How can we do a "cold reboot" from CHDK ?

  • 34 Replies
  • 16768 Views
*

Offline whim

  • ******
  • 2044
  • A495/590/620/630 ixus70/115/220/230/300/870 S95
@ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« on: 05 / March / 2008, 14:16:11 »
Advertisements
In order to build a 'Swapper' for CHDK (on the fly switching from 1 version or configuration to another)
we need a cold reboot method, that is (roughly) the equivalent of pressing the on/off button twice.

Since CHDK's C code does not provide any function for it, I can only hope that some of you ARM assembly
savvy people can help us on this.

Thanks in advance,

wim
Logged
*

Offline GrAnd

  • ****
  • 916
  • [A610, S3IS]
    • CHDK
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #1 on: 05 / March / 2008, 16:03:21 »
That should be some kind of magic in 'loader' folder. :)
Logged
CHDK Developer.
*

Offline whim

  • ******
  • 2044
  • A495/590/620/630 ixus70/115/220/230/300/870 S95
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #2 on: 05 / March / 2008, 18:08:43 »
@GrAnd

Alas, I'm neither a magician nor an ARM assemby buff... I had an idea though, to to get the processor to jump to an
address between RAM and ROM (in a hole, so to speak). Do you think there's any chance that that would provoke a
reset ?

wim

BTW (unrelated) I'm just sross-ref'ing #319, and I get the same warning as for#317:
  "in /idc-scripts/resolve-tasks.idc: include file idc.idc not found"  I never got this warning before,
  I seem to remember that cail mentioned adding some stuff to the IDA scripts ?
« Last Edit: 05 / March / 2008, 18:20:19 by whim »
Logged
*

Offline DataGhost

  • ****
  • 314
  • EOS 40D, S5IS
    • DataGhost.com
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #3 on: 05 / March / 2008, 18:39:52 »
As far as I know (I've only used the diskboot-method, not the 'firmware update'-method yet... and only DryOS), CHDK already reboots the camera when it's loaded. I think it's as easy as loading the necessary bits into 0x1900 and jumping there. I think the new CHDK will then load itself into the proper location and setup the camera.

Anyway, to do it the easy way, you can of course copy the chosen CHDK into diskboot.bin and call the reboot routine. It should be as easy as jumping to the beginning of the firmware (at least, the entrypoint) or maybe to a slightly different location. If I recall correctly, at least DryOS-based cameras have a separate reboot-routine (which does the same, more or less), I'm not sure about VxWorks cameras.

About jumping into holes: as far as I've experienced, the camera just shuts off (no reboot) when trying to read from a non-existant address. It will, of course, save you a keypress but there are better methods :)
Logged
*

Offline whim

  • ******
  • 2044
  • A495/590/620/630 ixus70/115/220/230/300/870 S95
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #4 on: 05 / March / 2008, 19:06:57 »
@DataGhost

Thanks !  If I understand you correctly, does that mean the first called entry.S actually performs the reset
(from: loader/a620/entry.S, example, platform-dependant of course)
Code: [Select]
    .section .entry

// Turn OFF SD Card power
// to support autostart
LDR     R3, =0xC02200BC
MOV     R2, #0x44
STR     R2, [R3]

// looks like idle cycle is required for proper shutdown
MOV     R3, #0x8000
1:
SUB R3, R3, #1
CMP R3, #0
BNE 1b

// ordinary startup...

MOV     SP, #0x1900
MOV     R11, #0
B my_restart

And about the easy method, that would be like jumping to 0xFFC0 0000 ?


wim
« Last Edit: 05 / March / 2008, 19:17:01 by whim »
Logged
*

Offline DataGhost

  • ****
  • 314
  • EOS 40D, S5IS
    • DataGhost.com
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #5 on: 06 / March / 2008, 04:58:12 »
You mean this? http://stack.dataghost.com/S5-dualboot.avi
I didn't really feel like doing a lot of work so I just took the original diskboot routine from the camera firmware, however I bypassed the initialization steps. Sometimes (happened 2 times in 7 attempts) the camera display turns off and it hangs, I have to disconnect the batteries before it'll listen again. I guess this is because I'm bypassing some checks and I'm not exactly sure what to feed that thing. It shouldn't be an issue when this is rewritten in C, I think. All that needs to be done is load the file into 0x1900 and jump there.

edit: and I just noticed my clock is WAY off. I'm using linux in vmware to compile my stuff (I prefer my Windows editor and wireless drivers :) ) and I hibernate my laptop, so without synchronization... well. build date is not feb 13 but march 6 :)
« Last Edit: 06 / March / 2008, 05:03:20 by DataGhost »
Logged
*

Offline whim

  • ******
  • 2044
  • A495/590/620/630 ixus70/115/220/230/300/870 S95
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #6 on: 06 / March / 2008, 06:37:03 »
@DataGhost

Looks like you're close .... was that a swap from Allbest to SDM there (never used the latter) ?
Also noticed good ol' 0xDEADBEEF is still popular as a magic number  :D
Anyway, just remembered I forgot to tell you there is some discussion on this subject in this thread:
Have fun and utility with the camera too, and look what mx3 said there:

Quote from: mx3 on 05 / March / 2008, 21:44:48
I can foretell CHDK will be without built-in games, text viewer, rawmerge, memory dumper etc.
I would say it will be very soon.

Hope you get your system clock problem sorted (btw: have you checked the battery?) cause that might
eliminate your lock-ups (if you get lucky)

thanks,
wim

« Last Edit: 06 / March / 2008, 06:42:18 by whim »
Logged
*

Offline DataGhost

  • ****
  • 314
  • EOS 40D, S5IS
    • DataGhost.com
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #7 on: 06 / March / 2008, 11:52:01 »
SDM? No, not as far as I know. That second one is a stripped-down-to-basic old CHDK build I got from jeff666... It's easier to start with a small one to get the camera going, I ported my stuff to allbest trunk about a week ago. I just swapped to that development version :)

About the clock... it's my Linux clock, which is inside a virtual machine with no time synchronization, so it runs at about half the speed and doesn't know about hibernation so it just pauses when I do that. I was just pointing out the odd compilation date in the CHDK splash screen.
Logged
*

Offline whim

  • ******
  • 2044
  • A495/590/620/630 ixus70/115/220/230/300/870 S95
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #8 on: 08 / March / 2008, 12:09:23 »
@GrAnd
@DataGhost


After several days of struggle with the trunk source, I still did not manage to get a
cold reboot, so I think it's time to ask some more advice and/or help.

I think I'm just gonna explain my approach so far:

What I want: to fully initialize the cam, just like Canon does, I'm assuming
that means a jump to 0xffc0 0000, aka $(ROMBASEADDR). I've looked at 3 IDA dumps, and in all 3
this address contains a jump to (I hope) the actual initialization code

What I've done (just for a620, for the moment):

I have tried to copy the calling sequence for the function enable_shutdown:
just like my cold_reboot, it is defined in wrappers.c, and calls a lowlevel function
_UnlockMainPower() which is, like my _Jump2CanonOEP(), defined in lolevel.h and
points to another NSTUB, NSTUB(UnlockMainPower, 0xffd49e50), in stubs_entry.S
(is stubs_entry.S treated any different than stubs_entry_2.S, BTW ?)

what I did in detail:

1. Create an entry in platforms/a620/sub/100f/stubs_entry_2.S:
        NSTUB(Jump2CanonOEP, 0xffc00000)

2. Create an entry in /include/lolevel.h:
        extern void _Jump2CanonOEP();

3. Create an entry in /platform/generic/wrappers.c:
        void cold_reboot()  {  _Jump2CanonOEP(); }

4. Create an entry in /include/platform.h
        void cold_reboot(void);

5. Replaced in /core/gui.c:
        The body of the function gui_draw_reversi(int arg) with:
        cold_reboot();

It does not work though - it compiles fine, no errors, but after booting from the created
DISKBOOT.BIN and starting "reversi" I get a screen freeze, 12 seconds pause and then a
camera shutdown.



wim
« Last Edit: 08 / March / 2008, 12:22:40 by whim »
Logged
*

Offline whim

  • ******
  • 2044
  • A495/590/620/630 ixus70/115/220/230/300/870 S95
Re: @ARM assembly gurus: How can we do a "cold reboot" from CHDK ?
« Reply #9 on: 08 / March / 2008, 14:19:15 »
 :D :D :D :D As usual, help came from totally unexpected side  :D :D :D :D

After answering in this topic Where are the strings for menus in original fw? I browsed the resulting text file
and searched 'Restart called'. (Jef666 refers to this in the DryOS porting topic)
Well, as a result I now replaced the address to jump to from FFC0 0000 to FFC1 27E0, recompiled, loaded, and.....

it WORKS !  I got a reliable cold reboot 10 times out of 10 !

Gonna have myself a nice beer to celebrate first, then I'm gonna hunt for the addresses in the other cam's binaries.

wim

Logged
Pages: [1] 2 3 4   Go Up
« previous next »
 

Related Topics