sb16dump V0.09
dumping 4.04, 4.05, 4.13 works.
4.11 can work - needs testing.
fixed problem 4.04 (4.05) displayed as 4.4 (4.5)

Maelgrum wrote on 2023-10-03, 23:57:

4.04 and 4.05 is done ! ))

no one here so far reported access to card with V4.11 - so I don't expect that will be tested anytime soon. I guess next major goal 4.12 or 4.16...

mattw wrote on 2023-10-04, 00:03:

no one here so far reported access to card with V4.11 - so I don't expect that will be tested anytime soon. I guess next major goal 4.12 or 4.16...

So let's begin hacking the unknown.

Maelgrum wrote on 2023-10-04, 00:05:

So let's begin hacking the unknown.

yeah, that looks as best next step.

BTW, 4.11 could be tested by someone with PLCC-44 socket installed and the old known dump burned to a new 8052 MCU chip - if no one wants to do so much effort, I will do it, but it will take several weeks the parts I ordered to arrive.

mattw wrote on 2023-10-04, 00:03:

no one here so far reported access to card with V4.11 - so I don't expect that will be tested anytime soon. I guess next major goal 4.12 or 4.16...

I have one with the firmware and will do it but it needs some more time to setup on as i have to get the external cd-rom drive out for it.
( Re: Sound Blaster: From best to worst )

If someones looking for a card, its either on a CT1770, CT2230 or CT2770 (most likely cards)

Maelgrum wrote on 2023-10-03, 23:54:

Why we need to dump known fw ? To make sure what fw is same as previously known. This is done - many times successful dumps are […]
Show full quote

DerBaum wrote on 2023-10-03, 23:44:

I now have dumped the probably faulty ct3600 for about a hour. each dump took about 1 minute and 30 seconds. around 40 to 50 tri […]
Show full quote

I now have dumped the probably faulty ct3600 for about a hour. each dump took about 1 minute and 30 seconds.
around 40 to 50 tries.
this is the result:

xdump.rar

Why we need to dump known fw ? To make sure what fw is same as previously known.
This is done - many times successful dumps are done, saved, and passes CRC check.
So in CT3600 is definetely old known 4.13.

im not sure what you try to say.

i thought you wanted me to try the new version of the tool and report back.
iam not dumpin the card to get a new version of the firmware, i tried to provide examples of broken dumps.
but maybe im just confused again.

DerBaum wrote on 2023-10-04, 00:11:

im not sure what you try to say.

most of time it succeeds, it's like it failed 10 times out of many and in the successful cases it's V4.13 that is known as byte-sequence. So, there is nothing more that can be gained from that particular card as far as this project is concerned. as far as why it's failing - I doubt anyone can give any definitive answer, but for me, even if 1 out of many dumps is good, then it's still a win, i.e. we got successful dump and can move on.

DerBaum wrote on 2023-10-04, 00:11:

im not sure what you try to say. […]
Show full quote

im not sure what you try to say.

i thought you wanted me to try the new version of the tool and report back.
iam not dumpin the card to get a new version of the firmware, i tried to provide examples of broken dumps.
but maybe im just confused again.

Clearly, i see a problem with this card. So far it is only card with this kind of problems. Simple little patching dont remove this problem. Some solutions on software side can be made sometime later - you dumps helps in understanding of symptoms.
I am just cannot understand root cause of this case.
Anyway, i am grateful for you efforts, DerBaum !

Maelgrum wrote on 2023-10-04, 00:22:

DerBaum wrote on 2023-10-04, 00:11:

im not sure what you try to say. […]
Show full quote

im not sure what you try to say.

i thought you wanted me to try the new version of the tool and report back.
iam not dumpin the card to get a new version of the firmware, i tried to provide examples of broken dumps.
but maybe im just confused again.

Clearly, i see a problem with this card. So far it is only card with this kind of problems. Simple little patching dont remove this problem. Some solutions on software side can be made sometime later - you dumps helps in understanding of symptoms.
I am just cannot understand root cause of this case.

maybe it isnt important after all.
this is an untested card from my collection and i dont know if it even fully works.
i just tested fm playback and that worked.
now i am curious and will install and test all features of the card properly.
if my chip is dying there should be problems i guess...

So hacking begins.
This tool makes simple injection attack to read stack (so MIDI loopback is required)
Targets are 4.12 and 4.16

single log is enough.

PS. Despite of doing injection attack, this version of tool must be safe as it is does not disrupt code flow and dont do any agressive probing.

[EDIT] tool tested on 4.13 by @DerBaum, so it can be used on 4.12 and 4.16
[EDIT] tool updated, see below

DerBaum wrote on 2023-10-04, 00:38:

maybe it isnt important after all. this is an untested card from my collection and i dont know if it even fully works. i just te […]
Show full quote

maybe it isnt important after all.
this is an untested card from my collection and i dont know if it even fully works.
i just tested fm playback and that worked.
now i am curious and will install and test all features of the card properly.
if my chip is dying there should be problems i guess...

Looking at you logs, sometimes even RESET fails !
May be problem is in capacitors on board ?

Well I was going to stick a 4.05 FW in one of my socketed cards but since that one has been done I guess I can do 4.11. I actually have a couple of those in factory mask ROM.

Can dump that, as well as try the cracker on 4.12 tomorrow afternoon

maxtherabbit wrote on 2023-10-04, 02:16:

Well I was going to stick a 4.05 FW in one of my socketed cards but since that one has been done I guess I can do 4.11. I actually have a couple of those in factory mask ROM.

Can dump that, as well as try the cracker on 4.12 tomorrow afternoon

Thanks, maxtherabbit !

Maelgrum wrote on 2023-10-04, 01:18:

...this version of tool must be safe...

i tested it on the ct3600 ... its broken anyway 😁

DerBaum wrote on 2023-10-04, 02:30:

Maelgrum wrote on 2023-10-04, 01:18:

...this version of tool must be safe...

i tested it on the ct3600 ... its broken anyway 😁

Thanks for testing, DerBaum !
Tool works almost as expected, so it can be used on 4.12 and 4.16, to fetch some information from stack.

I think there is something wrong with the tool. now my ct3600 isnt dtected anymore and a vibra16vx is also not detected anymore after i have run the tool. i have to do some more testes.

EDIT: now they work again... after i ran the setup of duke nukem

i have no idea what happened.

it said "couldnt reset" after i ran the crack. even after rebooting the system the normal dump tool reported "couldnt reset".
now both report the dsp infos again.

Edit edit : now windows 98 detects the vibra16vx again.

DerBaum wrote on 2023-10-04, 03:08:

I think there is something wrong with the tool. now my ct3600 isnt dtected anymore and a vibra16vx is also not detected anymore […]
Show full quote

I think there is something wrong with the tool. now my ct3600 isnt dtected anymore and a vibra16vx is also not detected anymore after i have run the tool. i have to do some more testes.
EDIT: now they work again... after i ran the setup of duke nukem
i have no idea what happened.
it said "couldnt reset" after i ran the crack. even after rebooting the system the normal dump tool reported "couldnt reset".
now both report the dsp infos again.
Edit edit : now windows 98 detects the vibra16vx again.

It just leaves card is strange state, but it must not hurt it in any way.
Power off and on is best solution to restore to known state (reset of computer is not resets memory in DSP, and even if DSP reset is done with SB reset port, fw does not initializes all DSP memory to some default values).

Anyway, to restore card memory to more sane state i will make some changes.
Thanks for testing !

Changes:
Must leave card in more sane state.

I have to leave further testing to other people.
After proper testing the ct3600 seems really broken. it behaves in games like when i dump it. sometimes sound work sometimes not. sometimes it goes away.
maybe i will try recapping the card.

And i dont know if its normal for the vibra to work in windows but in duke nukem it always has a dma error. maybe its broken too.

other people with known good cards should test it.
i have to go to bed now.. that was an expensive evening 😁

Notice for everyone !
sb16dump and sbcrack is very special tools. They work with DSP on very low, undocumented level, and may leave internal state of DSP and Bus control/interface chip in strange state.
If you want to use you SB in normal way afterwards, you MUST do power off and on (not reset !)