|
因为我的OT906不能进fashboot,不知道开机时是怎么识别按键的,于是产生了反编译bootloader的念头。拿起IDA6.1,对着刚刚提取出来的bootloader开始反汇编。。。于是乎。。。
得到的N多字符串
- ROM:9F00B4E0 0000013D C console=ttyS0,115200n8 mem=234M root=/dev/ram0 rw mtdparts=bcm_umi-nand:16384K@0K(modem),1M@16384K(bootloader)ro,512K@17408K(systemdata),20M@17920K(kpanic),5M@38400K(boot)ro,256K@43520K(deviceinfo),256K@43776K(ckdatablock),4864K@44032K(recovery),128K@48896K(misc),150M@49024K(system),15M@202624K(cache),-(userdata)rw
- ROM:9F00B4C4 00000007 C (null)
- ROM:9F00B4B8 0000000A C mtdparts=
- ROM:9F00B4A8 0000000D C after write\n
- ROM:9F00B47C 0000002B C Using cmdline directly to populate mtable\n
- ROM:9F00B450 0000002B C Reading systemdata ptn to populate mtable\n
- ROM:9F00B440 0000000E C before write\n
- ROM:9F00B428 00000017 C parsing <%c %c %c %c>\n
- ROM:9F00B41C 0000000B C no mtd-id\n
- ROM:9F00B414 00000008 C fail \r\n
- ROM:9F00B3DC 00000038 C \n systemdata partition not found on flash! so reflash.\n
- ROM:9F00B39C 0000003D C \nloadPartitionTable: Error, invalid parition table received.
- ROM:9F00B35C 0000003F C \nloadPartitionTable: Error, Invalid partition table signaure\r\n
- ROM:9F00B31C 00000040 C \nloadPartitionTable: Error, all blks of systemdata ptn are bad\n
- ROM:9F00B310 0000000B C systemdata
- ROM:9F00B2E8 00000026 C flash_find_ptn: can not find ptn %s\r\n
- ROM:9F00B2D0 00000017 C ptn %x %s : %x@%x %x\r\n
- ROM:9F00B2A8 00000027 C no closing %c found in partition name\n
- ROM:9F00B288 00000020 C partition size too small (%lx)\n
- ROM:9F00B264 00000021 C command line len=%d\ncmdline=%s\r\n
- ROM:9F00B218 00000049 C \nEntry #%d\nname: %s\nstart addr: 0x%x\nLength: 0x%x\nFlag: 0x%x\nused: 0x%x\n
- ROM:9F00B204 00000014 C len=%d cmdline=%s\r\n
- ROM:9F00B1EC 00000015 C ptn %d %s:%x@%x %x\r\n
- ROM:9F00B1DC 00000010 C dump at %d %s\r\n
- ROM:9F00B1BC 0000001E C Truly QVGA HX8347_TFT1P5158-E
- ROM:9F00B1B4 00000006 C done.
- ROM:9F00B1AC 00000005 C done
- ROM:9F00B198 00000012 C [%s]: Delay:%dms\n
- ROM:9F00B174 00000021 C Just dummy write full screen now
- ROM:9F00B16C 00000006 C enter
- ROM:9F00B160 0000000A C [%s]: %s\n
- ROM:9F00B12C 00000031 C (****** lcd_backlight_enable:disable ****** ) \r\n
- ROM:9F00B0FC 00000030 C (****** lcd_backlight_enable:enable ****** ) \r\n
- ROM:9F00B0E8 00000014 C TurnOnRedLed=%d. \r\n
- ROM:9F00B0D0 00000016 C TurnOnGreenLed=%d. \r\n
- ROM:9F00B0C8 00000007 C VGA8x8
- ROM:9F00B09C 0000002C C lcdprintf x coordinate out of boundary \r\n
- ROM:9F00B088 00000011 C ++lcd init %d \r\n
- ROM:9F00B05C 0000002B C No Cable insert, Run Power On Procedure \r\n
- ROM:9F00B030 0000002A C Wakeup due to RTC alarm. Shutting down.\r\n
- ROM:9F00B008 00000027 C Cable insert, Run Charging Procedure\r\n
- ROM:9F00AFE0 00000027 C Read I2C ID = %x, dataPtr_int2 = %x \r\n
- ROM:9F00AFBC 00000022 C Run Identify Charger Procedure \r\n
- ROM:9F00AF94 00000026 C Soft Reset - Normal Boot Procedure \r\n
- ROM:9F00AF70 00000021 C Ponkey Run Power On Procedure \r\n
- ROM:9F00AF48 00000027 C Read I2C ID = %x, dataPtr_int1 = %x \r\n
- ROM:9F00AF30 00000017 C before ChargingInit \r\n
- ROM:9F00AF08 00000025 C Ready to Turn On Keypad Backlight \r\n
- ROM:9F00AEE8 0000001E C Ready to Turn On Backlight \r\n
- ROM:9F00AEA0 00000045 C The temperature un-normal or Main Battery Over-voltage. INT7 = %x \r\n
- ROM:9F00AE5C 00000043 C An overcurrent condition on the designated regulator. INT6 = %x \r\n
- ROM:9F00AE18 00000043 C An overcurrent condition on the designated regulator. INT5 = %x \r\n
- ROM:9F00ADD4 00000043 C An overcurrent condition on the designated regulator. INT4 = %x \r\n
- ROM:9F00ADAC 00000028 C Main battery charging Timeout error. \r\n
- ROM:9F00AD54 00000057 C USB or AC adaptor voltage is greater then the Over-Voltage threshold. Turn off PMU. \r\n
- ROM:9F00AD24 0000002F C USB or AC adaptor is removed. Turn off PMU. \r\n
- ROM:9F00ACF8 0000002B C Run Power On Procedure during Charging. \r\n
- ROM:9F00ACC4 00000032 C EOC is detected. We finish charging procedure. \r\n
- ROM:9F00ACAC 00000016 C I2C_DRV_Read failed\r\n
- ROM:9F00ACA0 0000000B C AC Cable\r\n
- ROM:9F00AC94 0000000C C USB Cable\r\n
- ROM:9F00AC7C 00000017 C USB Register: 0x%08x\r\n
- ROM:9F00AC64 00000017 C I2C_DRV_Write failed\r\n
- ROM:9F00AC4C 00000015 C SaveNormalBootFlag\r\n
- ROM:9F00AC34 00000017 C SaveChargingBootFlag\r\n
- ROM:9F00AC20 00000014 C NACK error %d exit\n
- ROM:9F00AC04 0000001A C Subaddress NACK retry %d\n
- ROM:9F00ABDC 00000025 C USB ID Change and ID status = 0x%x\r\n
- ROM:9F00ABA4 00000037 C Receive Invalid Setup packet BCnt(0x%x), EPNum(0x%x)\r\n
- ROM:9F00AB8C 00000017 C DevSvcRxEndp unknown\r\n
- ROM:9F00AB70 0000001B C DevSvcRxEndp EN 1 reset \r\n
- ROM:9F00AB5C 00000014 C FAILinvalid command
- ROM:9F00AB38 00000021 C FAILsignature not 256 bytes long
- ROM:9F00AB2C 0000000A C signature
- ROM:9F00AB18 00000012 C booting linux...\n
- ROM:9F00AB00 00000017 C FAILinvalid boot image
- ROM:9F00AAF8 00000006 C cache
- ROM:9F00AAE0 00000018 C partition '%s' updated\n
- ROM:9F00AAC8 00000018 C FAILflash write failure
- ROM:9F00AABC 00000009 C userdata
- ROM:9F00AAB4 00000007 C system
- ROM:9F00AA94 00000020 C FAILimage is not a boot image\r\n
- ROM:9F00AA74 0000001E C FAILimage is not a boot image
- ROM:9F00AA54 00000020 C FAILpartition does not existd\r\n
- ROM:9F00AA48 0000000B C bootloader
- ROM:9F00AA2C 0000001A C FAILno image downloaded\r\n
- ROM:9F00AA14 00000018 C FAILno image downloaded
- ROM:9F00AA0C 00000007 C flash:
- ROM:9F00AA00 00000009 C - OKAY\n
- ROM:9F00A9E8 00000017 C partition '%s' erased\n
- ROM:9F00A9DC 00000009 C - FAIL\n
- ROM:9F00A9BC 0000001E C FAILfailed to erase partition
- ROM:9F00A9AC 0000000E C erasing '%s'\n
- ROM:9F00A98C 0000001D C FAILpartition does not exist
- ROM:9F00A984 00000007 C erase:
- ROM:9F00A978 0000000C C status=%s\r\n
- ROM:9F00A970 00000005 C DATA
- ROM:9F00A954 0000001B C recv data addr=%x size=%x\n
- ROM:9F00A948 0000000A C download:
- ROM:9F00A940 00000007 C OKAY\r\n
- ROM:9F00A930 00000009 C serialno
- ROM:9F00A928 00000008 C Martini
- ROM:9F00A920 00000008 C product
- ROM:9F00A910 0000000D C BRCM USB 0.1
- ROM:9F00A908 00000008 C version
- ROM:9F00A900 00000008 C getvar:
- ROM:9F00A8F8 00000007 C reboot
- ROM:9F00A8F0 00000007 C \n> %s\n
- ROM:9F00A8E8 00000005 C OKAY
- ROM:9F00A8C8 0000001D C Get Data finish 0x%x ..Ok\n
- ROM:9F00A8B4 00000012 C Tx FIFO FULL!!!\r\n
- ROM:9F00A898 0000001C C flash_write_image: success\n
- ROM:9F00A864 00000031 C flash_write_image: restart write @ %d (src %d)\n
- ROM:9F00A834 0000002D C flash_write_image: erase failure @ block %d\n
- ROM:9F00A7FC 00000035 C flash_write_image: write failure @ addr %x (src %d)\n
- ROM:9F00A7D8 00000023 C flash_write_image: bad block @ %d\n
- ROM:9F00A7B4 00000021 C flash_write_image: out of space\n
- ROM:9F00A77C 00000038 C flash_write_image: name %s start address %x length %x \n
- ROM:9F00A75C 0000001F C BCM NAND chip BBT scan failed\n
- ROM:9F00A734 00000027 C create_bbt: Bad eraseblock %d at 0x%x\n
- ROM:9F00A704 00000030 C create_bbt: chipnr (%d) > available chips (%d)\n
- ROM:9F00A6E4 00000020 C Scanning device for bad blocks\n
- ROM:9F00A6C4 0000001D C bcm_scan_bbt: Out of memory\n
- ROM:9F00A698 0000002C C BCM1161 NAND chip could not be initialized\n
- ROM:9F00A680 00000015 C Block0 BBT found...\n
- ROM:9F00A668 00000018 C No Block0 BBT found...\n
- ROM:9F00A648 00000020 C cannot erase @ %d (bad block?)\n
- ROM:9F00A624 00000024 C flash_erase_block is bad block %d\r\n
- ROM:9F00A604 00000020 C nand_update_bbt: Out of memory\n
- ROM:9F00A5D0 00000033 C write_bbt: Error while writing bad block table %d\n
- ROM:9F00A5A0 0000002F C Bad block table written to 0x%x, version 0x%x\n
- ROM:9F00A578 00000028 C No space left to write bad block table\n
- ROM:9F00A544 00000031 C BCM_flash_write_page nand_program_page: failed!\n
- ROM:9F00A510 00000033 C isProgrammedOK Spare error %x: src=0x%x read=0x%x\n
- ROM:9F00A4DC 00000034 C isProgrammedOk error in %x_ex: src=0x%x read=0x%x\r\n
- ROM:9F00A4C0 00000019 C flash_read_ext: success\n
- ROM:9F00A4A0 00000020 C flash_read_ext: bad block @ %d\n
- ROM:9F00A46C 00000034 C flash_read_ext: exceded partition length. FAILURE!\n
- ROM:9F00A438 00000034 C flash_read_ext: name %s start address %x length %x\n
- ROM:9F00A408 00000030 C Bad block table found at page %d, version 0x%x\n
- ROM:9F00A3E0 00000027 C Bad block table not found for chip %d\n
- ROM:9F00A3C8 00000018 C Reserved block at 0x%x\n
- ROM:9F00A3B4 00000013 C Bad block at 0x%x\n
- ROM:9F00A384 0000002F C read_bbt: error while reading bad block table\n
- ROM:9F00A354 0000002E C read_bbt: error while reading from addr 0x%x\n
- ROM:9F00A334 00000020 C \n\rBlock Erase Failed! Addr=0x\n
- ROM:9F00A324 0000000D C BadBlk=0x%x
- ROM:9F00A30C 00000017 C It is a bad block %x \n
- ROM:9F00A2D0 0000003B C nand_force_erase: erase not done! factory block bad 0x%x\r\n
- ROM:9F00A2B4 0000001C C nand_program_page: failed!\n
- ROM:9F00A29C 00000016 C nand_status BUSY %x\r\n
- ROM:9F00A288 00000013 C get Chip ID=0x%x\r\n
- ROM:9F00A260 00000028 C \r\n Check bus strap -> switch to 8bit\r\n
- ROM:9F00A24C 00000011 C Device ID= %x \r\n
- ROM:9F00A228 00000023 C flash_get_bad_blk_offset: SUCCESS\n
- ROM:9F00A214 00000014 C Mark Bad Block %x\r\n
- ROM:9F00A204 0000000F C CMDLINE: '%s'\n
- ROM:9F00A1F4 0000000F C cmdline: '%s'\n
- ROM:9F00A1D0 00000022 C bootimg: ramdisk addr=%x size=%x\n
- ROM:9F00A1AC 00000021 C bootimg: kernel addr=%x size=%x\n
- ROM:9F00A190 0000001C C bootimg: invalid image size
- ROM:9F00A174 0000001C C bootimg: invalid page size\n
- ROM:9F00A15C 00000015 C bootimg: bad header\n
- ROM:9F00A130 00000028 C \nBoot Mode = %d********************* \r\n
- ROM:9F00A10C 00000022 C \n ** BOOTING LINUX FROM FLASH **\n
- ROM:9F00A0F0 0000001B C \n enter the recovery mode\n
- ROM:9F00A0D8 00000016 C \nScan the keyboard...
- ROM:9F00A0C0 00000017 C Not booting recovery\r\n
- ROM:9F00A0A8 00000018 C Booting into recovery\r\n
- ROM:9F00A084 00000023 C check_for_recovery: command = %s\r\n
- ROM:9F00A04C 00000037 C check_for_recovery: command 'boot-recovery' not found\n
- ROM:9F00A03C 0000000E C boot-recovery
- ROM:9F009FF4 00000045 C check_for_recovery error: can't read flash %x@%x into buffer 0x%lx\r\n
- ROM:9F009FE0 00000013 C NO MISC PARTITION\n
- ROM:9F009FD8 00000005 C misc
- ROM:9F009F98 0000003E C check_for_recovery error: can't allocate memory for the BCB\r\n
- ROM:9F009F78 00000020 C \nmtable loaded, but incorrect!\n
- ROM:9F009F64 00000014 C Serial Number: %s\n\n
- ROM:9F009F5C 00000008 C UNKNOWN
- ROM:9F009F34 00000027 C Build Date: May 9 2011, 19:24:05\n\n
- ROM:9F009F1C 00000017 C Machine ID: %d v%d\n
- ROM:9F009F04 00000016 C \n\nUSB FastBoot: V%s\n
- ROM:9F009ED8 0000002C C \nCommnad line is not passed via bootloader\n
- ROM:9F009E8C 0000004B C \n=======================================================================\n\n
- ROM:9F009E80 00000009 C 19:24:05
- ROM:9F009E74 0000000C C May 9 2011
- ROM:9F009E6C 00000006 C 1.0.0
- ROM:9F009E28 00000041 C \nBroadcom Android Bootloader Version %s \nBuild date: %s time: %s
- ROM:9F009DDC 0000004A C \n\n=======================================================================
- ROM:9F009DD0 00000009 C \nFAILED!
- ROM:9F009DC8 00000005 C boot
- ROM:9F009DB8 00000010 C \nBooting Linux\n
- ROM:9F009DAC 00000009 C recovery
- ROM:9F009D98 00000013 C read cmd line %s\r\n
- ROM:9F009D78 0000001F C No cmdline should not happen\r\n
- ROM:9F009D5C 0000001B C ramdisk @ %x (%d bytes)\n\n\n
- ROM:9F009D40 0000001A C \nkernel @ %x (%d bytes)\n
- ROM:9F009D20 0000001D C CANNOT READ RAMDISK IMAGE\n
- ROM:9F009D04 0000001A C CANNOT READ KERNEL IMAGE\n
- ROM:9F009CE8 0000001B C INVALID BOOT IMAGE HEADER\n
- ROM:9F009CDC 00000009 C ANDROID!
- ROM:9F009CBC 0000001F C CANNOT READ BOOT IMAGE HEADER\n
- ROM:9F009CA8 00000013 C NO BOOT PARTITION\n
- ROM:9F009C98 00000010 C lcd_init_panels
- ROM:9F009C84 00000014 C lcd_poweroff_panels
- ROM:9F009C6C 00000016 C lcd_send_cmd_sequence
- ROM:9F00937C 00000010 C 1.Download img
- ROM:9F009368 00000014 C Broadcom Fastboot
复制代码
文本文件:
bootloader.txt
(68.89 KB, 下载次数: 15)
|
|