Disable data access memory abort : Патчи : Форум

Страница 2 из 2: « 1 [2]

 ndt:
 07.06.09, 23:33
 ouch

disassembled high vectors
Код: 
ROM:FFFF0010 @ ---------------------------------------------------------------------------
ROM:FFFF0010                 LDR     PC, off_FFFF0030

...

ROM:FFFF0030 off_FFFF0030:   .long loc_FFFF05E8      @ DATA XREF: ROM:FFFF0010r

...

loc_FFFF05E8

ROM:FFFF05E8 @ ---------------------------------------------------------------------------
ROM:FFFF05E8
ROM:FFFF05E8 loc_FFFF05E8:                           @ CODE XREF: ROM:FFFF0030j
ROM:FFFF05E8                 SUBS    PC, LR, #8


obviously i need to change it to SUBS PC, LR, #4 (aborted instruction shouldn't be re-executed) but the access to this domain is Client

so i changed it to Manager

Код: 
...

bx pc
nop

.code 32
mvn r2, 0 ; set domains mode to manager
mcr p15, 0, r2, c3, c0
adr lr, @thumb+1
bx lr

@thumb:
.code 16
ldr r1, _vect
ldr r2, _instr
str r2, r1, 0 ; fix the data abort exception

ldr r3, r3, 0 ; load from memory

...

_vect:
DD FFFF05E8

_instr:
.code 32
SUB PC, LR, #4


but it still cause phone restart :(



[ Edited by ndt в 7.6.09 21:33 ]

 den_po:
 08.06.09, 00:06
 
ndt пишет:
im pretty sure, im accessing it in supervisor mode ( CPSR, M[4:0] = 0b10011 )

check it again.
how do you enter to supervisor?

 ndt:
 08.06.09, 00:56
 well i didnt enter to supervisor at all, system did

Код: 

.ens LITTLE_ENDIAN
.org 13F00000
.global hook

hook:
push {r4, lr}
sub sp, #0x10
bx pc
nop

.code 32
mrs r3, CPSR

adr lr, _thumb+1
bx lr

_thumb:
.code 16
adr r2, _fmt
mov r1, #0x10
add r0, sp, #0x10
ldr r4, _sprintf
blx r4

add sp, #0x10
pop {r4, pc}

.align 4

_fmt:
.ascii "0x%08X\n"

_sprintf:
.long sprintf+1

return 0x00000013


[ Edited by ndt в 11.6.09 16:59 ]


Added 11.6.09 16:59

btw, could someone explain how the debug_printf work? i mean where the output buffer is send to, via usb or what?

 den_po:
 11.06.09, 21:44
 ndt, service cable
Страница 2 из 2: « 1 [2]

URL этой темы:
https://mobilefree.justdanpo.ru/newbb_plus/viewtopic.php?topic_id=4045&start=10

© 2005-2018 supertrubka.org