Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - saint tropez

Pages: [1]
Reverse Engineering / Re: JTAG on DIGIC chips
« on: April 28, 2018, 02:18:51 PM »
Effectively, that shutdown seems to be related to a watchdog timer. By analyzing Canon's watchdog functions, it seems that the only addressed used for interfacing with the watchdog is 0xC0410000.

The first line of code is equivalent to this :
Code: [Select]
*(0xC0410000) = 0;
So I thought this might disable the watchdog. In order to try this, I used chdkptp and used the EngDrvOut function :
=call_func_ptr(0xFF025C0C, 0xC0410000, 0, 0)

It seems that this solves the issue of the camera shutting down a few seconds after entering JTAG. However the camera remains non-responsive to physical buttons or USB communication  :-\

Reverse Engineering / JTAG on DIGIC chips
« on: April 22, 2018, 12:41:09 PM »
Hi !

A few days ago, I started a topic on the CHDK forum, about DIGIC 5 JTAG on a Canon S100 :

So far, I'm able to connect to the ARM, but I can't do more than peeking registers values. The camera immediately freezes, and eventually turns off.

Does anyone here has some experience with JTAG on DIGIC chips ?

Pages: [1]