Hiro Lynx 🐾♫🐧I bought a 2DS a few days ago, and while flashing the custom firmware, I encountered an unusual little problem!
https://hiro.elynx.fr/posts/An-Emotional-Roller-Coaster-on-2DS.15/
Kefen@kefen Thank you ♥
There's a paradox in tinkering with a zombie device: it's dead so there's no consequence in breaking it more, but it's alive so one should still be careful to not break what still works!
In the end I was really lucky that the faulty bit was located at an avoidable place, if it had been anywhere else the console would have been unstable and frustrating to use!
@Hiro It's still awesome that you not only figured it out but found an actual workaround!
(My first thought was: "I wonder if we could just ensure that the firmware byte stored at the bad address always has its highest bit unset...")
@kefen Maybe I can find a firmware base address that has the bad memory address receive a value unaffected by the dead bit for each firmware, so I can reclaim part of the wasted 128kB
Balinares@balinares @kefen Well the thing is I have at least two firmwares to be able to load at the same address so the probability is at most 25%!
I'm not sure about how this work though, I'd like to extract the firmwares to be able to determine the good address without trying 10 addresses and checking which one works for all modes ^^'
@Hiro @balinares I guess if you had the raw firmware dumps, you could just run a quick script to check each byte from the beginning of each FW and find the largest common offset in both of them that yields a byte that does not have the faulty bit set. You should then be able to load the firmwares at (faulty_address - offset)?
There might be alignment issues to take into account tho... also I'm still desperately trying to fix DMA in my emulator so I'm not a reliable source. :P