Firmware bring-up status
Das Signal
das.signal at freecalypso.org
Sun May 17 20:12:54 CEST 2015
Hi SF,
Congratulations on finding the int_osx_receive_prim() bug! Certainly
was no easy to find, like that elusive power cycle bug that I'm glad
you found too :)
Also thanks for the Firmware_Architecture documentation, I've read a
good part of it and it's really interesting! This firmware is a very
complex piece of work, to be sure.
So I've followed your advice on GPIO 2, and indeed AI_{Re,}SetBit is
called by DM_earpiece_modem_set, itself called by L1_EARPIECE_MODEM_
DRIVER (just a shim) called by devmgr_process, called finally by
dev_entry as part of hardware initialization I suppose. I patched this
call, replacing it with NOPs, and now the trace output never stops!
The lack of str2ind.tab is a bummer, however I have this idea: it might
be possible to match identifiers with strings by parsing the disassembly
of R87.2.1.03 and pairing identifiers with function names, then parsing
the source to match the trace strings from those function names with
the identifiers.
--DS
More information about the Community
mailing list