It seems I can find data into the program code... I must dig into this... What I don't understand is that the bootloader jumps directly to an invalid instruction code for the ARM7... (and I'm in the right endian style as some parts of the program are coherent judging by jumps and operations). --- In bc2000@yahoogroups.com, "rpcfender" <rpcfender@...> wrote: > > The BC OS can be updated by sysex. > On a quick initial inspection these short sysex messages look to be of > the form > Header + 2 (possibly 3) flash address + OS data + $F7 > If this is the case the OS data is scrambled (not in order) and so > will have to extracted into a block of memory to reorder it inside the > PC line by line then disassembled. > > As the OS data is either 8 or 16 bit, 7 bit Midi will have to be > converted. I'm not sure what conversion is used. > > The flash seems to be divided into 3 sections. My guess is a boot > loader, the main program and program data. > > There is this message about $200 bytes in > 'be in control with the b-control by BEHRINGER hw/sw by Thomas Zint' > > So thanks Thomas, my BCR2000 is great. >
Message
Re: Firmware decoding
2008-01-12 by bjonnh