« previous next »
Pages: 1 [2]  All

Author Topic: DIGIC 8 MPU investigation  (Read 8131 times)

leegong

  • Contributor
  • New to the forum
  • *****
  • Posts: 47
Re: DIGIC 8 MPU investigation
« Reply #25 on: Yesterday at 08:27:28 AM »
structure of MPU Msg in RP is exactly same as that in EOS.
MainTimeLapse_SW1OFF : mpu_send(0x5 0x3 0x21 0x00 0x00);
MainTimeLapse_SW1ON : mpu_send(0x5 0x3 0x21 0x01 0x00);
MainTimeLapse_SW2OFF : mpu_send(0x5 0x3 0x22 0x00 0x00);
MainTimeLapse_SW2ON : mpu_send(0x5 0x3 0x22 0x01 0x00);
Logged

leegong

  • Contributor
  • New to the forum
  • *****
  • Posts: 47
Re: DIGIC 8 MPU investigation
« Reply #26 on: Yesterday at 08:35:14 AM »
Quote from: coon on December 14, 2020, 10:58:34 PM
Code: [Select]
MEMR 0 FFFFF

Does a hex dump from a region of the MPUs memory. First argument is start address, second argument is number of bytes to read.
Maximum value allowed for second argument is FFFFF.

When executing the command above, the complete firmware of MPU is dumped, since firmware is mapped to 0.
From address ~0x60000 to 0xFFFFF data bytes are all 0xFF on EOS RP and do not need to be dumped.

The firmware of MPU on EOS RP can be dumped by executing the following command:

Code: [Select]
MEMR 0 60000

Be careful not to type MEMW by accident, which will overwrite data in RAM and may lead to undefined behaviour of the MPU! This meight destroy hardware components in worst case.

Based on analyzing of RP MPU firmware, Both of First argument and second argument are address ,
so Usage : MEMR StartingADDR EndingADDR
StartingADDR and EndingADDR could add prefix "0x"
Logged
Pages: 1 [2]  All
« previous next »