00:34.32 | *** join/#htc-linux raymonddull (~raymonddu@c-69-245-114-102.hsd1.mi.comcast.net) |
01:56.35 | *** join/#htc-linux rajkosto (~rajkosto@wan.rajkonet.info) |
01:57.48 | jonpry | what is a good illegal instruction? |
01:58.24 | raymonddull | umm... no idea |
01:58.31 | jonpry | like if i have a void (*foo)(). and want to *(u32*)foo=illegal |
02:00.51 | jonpry | ssxaryj6uyn7s2zw' |
02:16.32 | *** join/#htc-linux surge (surge@pool-98-118-183-214.bflony.fios.verizon.net) |
02:33.27 | *** join/#htc-linux detule (~detule@unaffiliated/d3tul3) |
02:35.59 | *** join/#htc-linux jonpry (~jon@c-24-17-200-206.hsd1.wa.comcast.net) |
02:51.35 | *** join/#htc-linux ALoGeNo (~alogeno@243.Red-217-125-20.staticIP.rima-tde.net) |
02:51.35 | *** join/#htc-linux ALoGeNo (~alogeno@unaffiliated/alogeno) |
03:15.47 | *** join/#htc-linux ALoGeNo (~alogeno@unaffiliated/alogeno) |
03:29.08 | *** join/#htc-linux bzo (~chatzilla@c-71-196-133-131.hsd1.co.comcast.net) |
03:47.05 | *** join/#htc-linux AstainHellbring (AstainHell@unaffiliated/astainhellbring) |
03:48.51 | detule | jonpry, the beast compiled |
03:53.22 | jonpry | nice |
03:57.21 | jonpry | i'm getting walked on by this padconf thing as usual |
03:59.52 | detule | at some point i need to pick your brain about how to go hunting for a ram_console location |
04:00.36 | jonpry | i think it basically doesn't matter as long as you carve it out of your known good kernel |
04:01.29 | jonpry | probably towards the end of memory so the boot loaders don't hit it |
04:02.07 | detule | yeah but I am used to our pmem-like kernel where i can see the smi and ebi1 and ebi2 |
04:02.17 | detule | i can't find anything like a map in here |
04:05.45 | jonpry | proc/vmallocinfo? |
04:08.02 | jonpry | it might be that your kernel has no holes |
04:08.26 | jonpry | some might be visible in dmesg if they are setup through atags or nodes |
04:09.39 | detule | i'll see if i can get lucky |
04:09.54 | detule | just need to figure out what "end of memory" is |
04:10.13 | jonpry | thats easy |
04:10.25 | jonpry | load address + 2gb |
04:13.53 | detule | i'll try that |
04:24.10 | *** join/#htc-linux mes (~mes@sentry.lazo.ca) |
05:20.30 | *** join/#htc-linux BabelO (~wdlxtv@AMontpellier-553-1-168-32.w92-133.abo.wanadoo.fr) |
06:02.19 | *** join/#htc-linux kiozen (~kiozen@p578a42db.dip0.t-ipconnect.de) |
07:16.50 | *** join/#htc-linux |lippa|^ (~lippa@CPE-124-181-203-204.lnse3.win.bigpond.net.au) |
07:31.51 | *** join/#htc-linux tmzt (~tmzt@adsl-99-164-36-59.dsl.akrnoh.sbcglobal.net) |
07:32.00 | *** join/#htc-linux Willd_ (willd@citu-202.citu.kth.se) |
07:32.01 | *** join/#htc-linux toer_ (~tore@179.81-166-86.customer.lyse.net) |
07:45.56 | *** join/#htc-linux eR^zeRa` (zzeratul@kaj-0011.koleje.cuni.cz) |
07:55.11 | *** join/#htc-linux lamikr (lamikr@nat/nokia/x-cbmmmtmhssqvdzzp) |
08:09.55 | *** join/#htc-linux AK523 (~AK@41.78.77.178) |
08:11.39 | AK523 | hie,I need help on a Sony Ericson Aspen Faith |
08:34.17 | *** join/#htc-linux ychavan (ychavan@nat/redhat/x-vqoatlgbnllxohyk) |
09:25.46 | *** join/#htc-linux marc1706 (~Marc@phpbb/modifications/marc1706) |
09:46.11 | *** join/#htc-linux Alex[sp3dev] (d5551202@gateway/web/freenode/ip.213.85.18.2) |
11:08.27 | *** join/#htc-linux Bry8Star{EB (Bry8Star-@2607:f128:42:fb::2) |
11:47.19 | *** join/#htc-linux helicopter88 (~helicopte@host161-8-dynamic.55-79-r.retail.telecomitalia.it) |
11:57.11 | *** join/#htc-linux skodde (~skodde@unaffiliated/skodde) |
12:27.20 | *** join/#htc-linux MethoS- (~clemens@134.102.106.250) |
13:36.43 | *** join/#htc-linux detule (~detule@unaffiliated/d3tul3) |
13:43.03 | *** join/#htc-linux Cotulla (~myfakemai@nat100-255-205-109.tvoe.tv) |
14:54.05 | zeusk | wtf, krait has 40 bit addressing |
14:56.37 | Alex[sp3dev] | heil PAE |
14:57.58 | zeusk | maybe that is the reason US sgs3 has 2gb ram.. |
14:59.02 | Alex[sp3dev] | let's just wait for 64-bit armv8 |
14:59.51 | Cotulla | no it's because Samsung's CPU supports only 1 Gb |
14:59.52 | Cotulla | :D |
15:02.25 | *** join/#htc-linux conantroutman (~chatzilla@cpc5-pert4-2-0-cust205.sgyl.cable.virginmedia.com) |
15:26.39 | *** join/#htc-linux helicopter88_2 (~helicopte@host167-116-dynamic.55-79-r.retail.telecomitalia.it) |
15:29.23 | *** join/#htc-linux jonpry (~jon@c-24-17-200-206.hsd1.wa.comcast.net) |
16:11.42 | *** join/#htc-linux AstainHellbring (~AstainHel@unaffiliated/astainhellbring) |
16:14.36 | *** join/#htc-linux ALoGeNo (~alogeno@243.Red-217-125-20.staticIP.rima-tde.net) |
16:14.37 | *** join/#htc-linux ALoGeNo (~alogeno@unaffiliated/alogeno) |
16:32.14 | zeusk | I HATE LK |
16:32.24 | zeusk | FUCKING TABS EVERYWHERE |
16:32.25 | zeusk | WTF |
16:35.10 | Alex[sp3dev] | OMGWTFBBQRUMADBRO |
16:39.48 | *** join/#htc-linux kiozen (~kiozen@ppp-93-104-89-17.dynamic.mnet-online.de) |
16:42.09 | arrrghhh | lol |
16:43.36 | *** join/#htc-linux helicopter88_2 (~helicopte@host167-116-dynamic.55-79-r.retail.telecomitalia.it) |
16:59.38 | jonpry | mmmm BBQ |
16:59.45 | *** join/#htc-linux rob_w (~bob@host-188-174-143-194.customer.m-online.net) |
16:59.46 | *** join/#htc-linux rob_w (~bob@unaffiliated/rob-w/x-1112029) |
17:02.46 | detule | jonpry this I assume tells me the available pages http://pastebin.com/uK5K8yPr |
17:03.04 | detule | so presumably i can steal 32 of those pages for ram_console? |
17:03.47 | Alex[sp3dev] | jonpry: you may or may not be interested but omapflash sources are available. seems a PITA to port them to linux, though, but that's allow to easily reflash even without fastboot https://gforge.ti.com/gf/project/flash/scmsvn/ |
17:05.23 | jonpry | pfn shift thing is 12? |
17:06.20 | detule | yes |
17:06.40 | jonpry | i think anywhere not in a hole will work |
17:06.59 | jonpry | except near 0x80200000 |
17:07.04 | detule | alright the holes i assume are things the kernel has memblock reserved |
17:07.17 | detule | got it, that's where the kernel is loaded |
17:08.02 | detule | so do I need to reserve my ram_console pages, or ioremap make sure the ram_console pages don't get overritten |
17:09.08 | *** join/#htc-linux helicopter88 (~helicopte@host167-116-dynamic.55-79-r.retail.telecomitalia.it) |
17:10.00 | jonpry | reserve it somehow |
17:11.38 | jonpry | you have reserve_bootmem()? |
17:12.41 | detule | i see that api yes |
17:13.44 | jonpry | looks like that can be used in boards map_io() |
17:21.38 | *** join/#htc-linux helicopter88 (~helicopte@host167-116-dynamic.55-79-r.retail.telecomitalia.it) |
17:23.15 | *** join/#htc-linux Kookstar (~Kookstar@p4FFF2AE1.dip.t-dialin.net) |
17:29.07 | zeusk | Do Qualcomm's scorpion and krait follow standard implementation of cp15 c0, c0 (main id register) |
17:29.20 | zeusk | i want to identify cpu architecture at runtime |
17:32.30 | *** join/#htc-linux gauner1986 (~Miranda@89.204.137.25) |
17:41.02 | jonpry | Alex[sp3dev], will that work on HS devices? |
17:44.22 | Alex[sp3dev] | jonpry: yes, provided that you have the signed xloader/uboot. there are packaged versions of omapflash for galaxy nexus and i9100G both of which are HS. so, basically, you only need the signed loader |
17:44.51 | zeusk | Alex, galaxy nexus is A9MP based omap cpu right ? |
17:45.22 | Alex[sp3dev] | jonpry: look for OMAPFLASH_tuna.zip if you want to have a look at a pre-compiled package |
17:45.31 | Alex[sp3dev] | zeusk: yes, omap4460 |
17:48.44 | zeusk | is even omap using the the epic fail SCU in A9MP ? (snoop control unit) |
17:50.29 | jonpry | i'm not sure how useful that will be since there is no reason to flash any of the secure stuff on d3 |
17:52.01 | Alex[sp3dev] | jonpry: gnex is a security fail - the signed xloader doesn't verify SBL signature. since we're replacing SBL with uboot, we need omapflash for recovery |
17:54.08 | Cotulla | fail |
17:54.29 | Cotulla | how often u fails alexx? |
17:55.34 | Alex[sp3dev] | Cotulla: it's not my fault, it's samsung who left a security hole we can abuse |
17:55.51 | Cotulla | I got that |
17:55.53 | jonpry | i fail w/ padconf still |
17:56.03 | Alex[sp3dev] | and yeah, I now have camera working when booting with uboot since I fixed pinmux |
17:56.09 | Cotulla | what is it jonpry? |
17:56.21 | Alex[sp3dev] | Cotulla: gpio mux |
17:56.34 | Cotulla | padconf? |
17:56.35 | jonpry | i'm trying to change the mux and it changes back all by itself |
17:56.43 | Cotulla | maybe RO? |
17:56.50 | jonpry | nah it works for a minute |
17:56.55 | Cotulla | :O |
17:56.57 | Cotulla | so |
17:57.00 | Cotulla | u know solution ^^ |
17:57.08 | jonpry | blast it? |
17:57.09 | Cotulla | setup timer for 500 ms |
17:57.15 | Alex[sp3dev] | windows way |
17:57.19 | Cotulla | no |
17:57.20 | zeusk | lol |
17:57.21 | Cotulla | china way |
17:57.42 | Cotulla | jonpry, did u try to keep it for 5 minutes without interrupts or so? |
17:57.48 | Cotulla | to check if it's not hardware problem |
17:58.08 | jonpry | i don't understand |
17:58.17 | jonpry | i can't disable interrupts for 5 minutes |
17:58.19 | Alex[sp3dev] | maybe it jumps to the secure world and pwns you? |
17:58.32 | Cotulla | turn off interrupts -> config -> wait for 2 minutes -> check the state |
17:58.42 | Cotulla | is it MSM8960 thing? |
17:58.49 | jonpry | omap4430 |
17:59.02 | jonpry | if i turn off interrupts the watchdog will reboot the phone |
17:59.10 | Cotulla | hm |
17:59.15 | Alex[sp3dev] | turn off the watchdog |
17:59.16 | Cotulla | u can touch watchdog in loop |
17:59.22 | Cotulla | or disable it |
17:59.58 | jonpry | maybe |
18:00.19 | jonpry | i want to unmap a 1mb super section |
18:00.27 | jonpry | at 0x4a10 0000 |
18:00.34 | Cotulla | so it's simple |
18:00.41 | jonpry | 4u maybe |
18:00.44 | Cotulla | just take PTE |
18:00.47 | Cotulla | and |
18:00.47 | Cotulla | then |
18:00.58 | Cotulla | pte[0x4a100000 >> 20] = 0; |
18:01.08 | Cotulla | I believe it has only one global PTE right? |
18:01.12 | Cotulla | at BASE + 0x8000 |
18:01.18 | Cotulla | *at BASE + 0x4000 |
18:01.21 | Cotulla | *at KERNEL_BASE + 0x4000 |
18:01.35 | jonpry | so 0x82004000 |
18:01.36 | Cotulla | try it |
18:01.47 | Cotulla | but before dump it |
18:02.02 | jonpry | so iormap the pte? |
18:02.14 | Cotulla | no use kernel address directly |
18:02.23 | Cotulla | *(uint32_t)(0x82004000 + 4 * 0x4A1) = 0 |
18:02.24 | Cotulla | should be |
18:02.36 | Cotulla | wait |
18:02.42 | jonpry | but that is just a vaddr |
18:02.45 | Cotulla | is 0x4a100000 VA? |
18:02.47 | Cotulla | :O |
18:02.54 | jonpry | 4a1 phys |
18:02.59 | Cotulla | oh |
18:03.03 | Cotulla | so get VA |
18:03.11 | jonpry | load is 0x8200 0000 phys |
18:03.26 | Cotulla | but u need VA for access |
18:03.31 | Cotulla | how it's mapped btw? |
18:03.35 | Cotulla | at the start up time? |
18:03.41 | Cotulla | I mean 0x4a100000 |
18:03.50 | jonpry | yeah iotables_init |
18:04.29 | jonpry | lots of things seem to have there own mapping for whatever reason |
18:04.42 | jonpry | but i was able to zonk most of them |
18:05.14 | Cotulla | can u disable that mapping to see who access it? |
18:05.34 | jonpry | that is what i'm trying to do |
18:05.39 | Cotulla | at the start up time |
18:05.48 | jonpry | its a secure kernel so this is a runtime patch |
18:05.58 | Cotulla | oh |
18:06.00 | Cotulla | so |
18:06.10 | Cotulla | do u know PA -> VA for that address? |
18:06.23 | jonpry | i can get the va |
18:06.31 | Cotulla | is it inside kernel space? |
18:06.45 | jonpry | yes. 0xf8c10000 or so |
18:06.55 | Cotulla | what is VA address of 0x8200 0000? |
18:07.09 | Cotulla | is it 0xC000 0000? |
18:07.11 | jonpry | well that i don't know how to find |
18:07.19 | Cotulla | do u have kernel config ? |
18:07.29 | jonpry | its 3g/1g split |
18:07.29 | jonpry | yes |
18:07.39 | Cotulla | CONFIG_PAGE_OFFSET=0xC0000000 |
18:07.49 | Cotulla | dunno about 3.X.X but in 2.X.X it was here |
18:07.53 | Cotulla | look |
18:08.16 | jonpry | 0xc000000 |
18:08.20 | Cotulla | ok |
18:08.52 | Cotulla | wait 0xf8c10000 is not section . . . |
18:09.28 | Cotulla | should be coarse |
18:09.29 | jonpry | i'll get the address |
18:09.41 | Cotulla | ok |
18:12.29 | jonpry | 0xfc100000 |
18:13.24 | Cotulla | can be section |
18:13.26 | Cotulla | so check at |
18:13.39 | Cotulla | value at (0xC000 4000 + 4 * 0xFC1) |
18:13.48 | Cotulla | read it |
18:16.10 | Cotulla | but what about aliases? |
18:16.14 | Cotulla | maybe it's mapped to user space? |
18:18.00 | jonpry | PTE Was 0x4A100412 |
18:18.16 | Cotulla | hm |
18:18.28 | Cotulla | it's ur crappy 0x4a100000 |
18:18.29 | Cotulla | really |
18:18.33 | Cotulla | 402 is uncached |
18:18.37 | Cotulla | and 10 is XN I think |
18:18.41 | Cotulla | or shared |
18:18.48 | Cotulla | well try to put ZERO there |
18:18.57 | Cotulla | then do tlb clear |
18:19.01 | Cotulla | flush |
18:19.06 | Cotulla | maybe u need also dflush |
18:19.36 | Cotulla | also u can try to write there something to check if it will crash |
18:19.42 | Cotulla | write after PTE change |
18:21.59 | jonpry | no crash yet |
18:23.26 | Cotulla | ? tlb flush, dcache flush? |
18:23.57 | jonpry | like local_flush_tlb_all()? |
18:24.10 | Cotulla | yes |
18:25.22 | *** join/#htc-linux helicopter88 (~helicopte@host167-116-dynamic.55-79-r.retail.telecomitalia.it) |
18:28.42 | jonpry | kernel doesn't export flush_cache_all |
18:29.05 | *** join/#htc-linux mes (~mes@S0106000ce55186df.cc.shawcable.net) |
18:30.17 | Cotulla | so copy it |
18:30.18 | Cotulla | by hands |
18:30.41 | jonpry | working on it |
18:33.48 | jonpry | can i just call v7_flush_kern_cache_all? |
18:33.58 | Cotulla | maybe |
18:34.05 | Cotulla | try |
18:34.20 | Cotulla | maybe u should start from TLB flush |
18:34.23 | Cotulla | memory can be uncached |
18:34.39 | Cotulla | try to dump from 0xC000 0000 + 4 * 0xC00 and look |
18:35.25 | jonpry | i think that function is not safe to call from C. it corrupts r0-r7 and r9-r11 |
18:38.09 | Cotulla | should be |
18:38.31 | Cotulla | dump entry |
18:38.35 | zeusk | ... ldmfdsp!, {r4-r5, r7, r9-r11, lr} |
18:38.36 | Cotulla | and try with tlb flush only |
18:38.45 | zeusk | it saves to stack and loads back, should be sage |
18:39.11 | zeusk | s/sage/safe/ |
18:40.23 | jonpry | how many tlb entries do you want? |
18:41.21 | Cotulla | ? |
18:41.25 | Cotulla | flush full - it's better |
18:41.55 | jonpry | <Cotulla> try to dump from 0xC000 0000 + 4 * 0xC00 and look |
18:42.16 | zeusk | lol, 4096 entries.. |
18:42.26 | Cotulla | ok 4 nytes' |
18:42.29 | Cotulla | bytes' |
18:42.44 | jonpry | you want all? |
18:42.50 | Cotulla | 4 bytes |
18:42.53 | Cotulla | one entry |
18:43.00 | Cotulla | 0xC000 0000 + 4 * 0xC00 |
18:43.04 | zeusk | oh |
18:43.09 | Cotulla | we will know if PTE cached |
18:43.32 | Cotulla | don't forget about ISB and DSB alos |
18:43.50 | jonpry | 0x8001140E |
18:43.56 | Cotulla | cached |
18:44.03 | Cotulla | u need cache flush |
18:44.24 | jonpry | i added it |
18:44.29 | Cotulla | tlb flush also? |
18:44.29 | jonpry | no crash |
18:44.33 | jonpry | yes |
18:44.40 | jonpry | tlb before cache? |
18:44.41 | Cotulla | tlb flush after cache flush? |
18:44.57 | jonpry | no |
18:45.01 | Cotulla | and put DSB ISB also |
18:45.05 | Cotulla | to be sure no reordering |
18:46.56 | jonpry | i don't think it can reorder function calls |
18:47.25 | Cotulla | outstanding memory writes can be |
18:47.25 | zeusk | memory operation can be re-ordered if it's not strongly ordered |
18:48.20 | jonpry | i got a crash but i think i caused it |
18:48.27 | Cotulla | ? |
18:48.31 | Cotulla | check PC |
18:51.07 | jonpry | yeah it was me |
18:51.22 | *** join/#htc-linux helicopter88 (~helicopte@host167-116-dynamic.55-79-r.retail.telecomitalia.it) |
18:51.33 | Cotulla | what ? |
18:51.38 | Cotulla | a test write? |
18:51.48 | Cotulla | pte entry zerofilling? |
18:51.50 | jonpry | no i loaded the module twice |
18:51.53 | Cotulla | lol |
18:51.56 | Cotulla | :( |
18:52.16 | jonpry | so first it sets up padconf and then disables padconf writing |
18:52.26 | Cotulla | ok |
18:52.46 | Cotulla | u can try to memset(0xC0004000, 0, 0x4000); :D |
18:52.48 | Cotulla | to be sure |
18:55.20 | jonpry | i guess someone must have an alias? |
18:55.33 | jonpry | i blame all things on hwmod |
18:55.49 | Cotulla | wait |
18:55.53 | Cotulla | maybe this PTE not used |
18:56.30 | jonpry | yeah i think that is possible |
18:56.38 | Cotulla | show code |
18:56.49 | jonpry | my code or the rest of the kernel |
18:56.50 | Cotulla | u don't forgot volatile and etc? |
18:57.00 | Cotulla | ur test code |
18:57.27 | Cotulla | also u can read TTBR0 and TTBR1 |
18:57.35 | Cotulla | to know where PTE is |
18:57.49 | jonpry | http://pastebin.com/cVSj2C1G |
18:58.00 | jonpry | it's horrible |
18:58.06 | jonpry | i can barely look at it |
18:59.22 | Cotulla | 0xFC1 can be differnet after reboot? |
18:59.47 | jonpry | no |
19:00.02 | jonpry | its hard coded. they use macros for hardware access |
19:00.24 | Cotulla | wait where is *(volatile uint32*)0xFC10 0000 = 0; ? |
19:00.27 | Cotulla | as test |
19:00.52 | Cotulla | put after flush_tlb_all_ptr(); to test |
19:01.18 | jonpry | loading the module twice has essentially the same effect |
19:01.31 | Cotulla | ? |
19:01.37 | Cotulla | just to be sure |
19:01.38 | jonpry | write_omap_mux_register() writes to 0xfc10 0000 |
19:01.43 | jonpry | and it blows up |
19:02.05 | Cotulla | so basic idea is working |
19:02.18 | jonpry | <4>[ 1285.231048] [<c0046bec>] (__dabt_svc+0x4c/0x60) from [<c006bf78>] (omap_readw+0x4/0xc) |
19:02.19 | jonpry | <4>[ 1285.231079] [<c006bf78>] (omap_readw+0x4/0xc) from [<bf00f458>] (write_omap_mux_register+0x3c/0x5c [board_mapphone_emu_uart]) |
19:02.35 | Cotulla | so should be alias or hardware? |
19:03.09 | jonpry | i suspect this may all stop if i can somehow shutdown the usb port |
19:04.07 | jonpry | i think it has some kind of internal power management crud where its constantly going in and out of some state that causes the pins to get remuxed |
19:05.07 | *** join/#htc-linux bzo (~chatzilla@c-71-196-133-131.hsd1.co.comcast.net) |
19:06.21 | Cotulla | what about docs? |
19:10.24 | jonpry | i think its code in the kernel |
19:10.32 | jonpry | so must be an alias |
19:11.28 | jonpry | the usb controller is some core they bought from mentor graphics. there aren't really and docs for it. |
19:12.07 | jonpry | anyways thanks cotulla |
19:13.49 | Cotulla | hm |
19:13.54 | Cotulla | u may scan table |
19:13.55 | Cotulla | by hands |
19:13.57 | Cotulla | and find them |
20:14.13 | *** join/#htc-linux jonpry (~jon@c-24-17-200-206.hsd1.wa.comcast.net) |
20:22.57 | *** join/#htc-linux BabelO (~wdlxtv@AMontpellier-553-1-168-32.w92-133.abo.wanadoo.fr) |
20:47.03 | *** join/#htc-linux Bry8Star{EB (Bry8Star-@2607:f128:42:fb::2) |
21:00.59 | *** join/#htc-linux skodde (~skodde@unaffiliated/skodde) |
21:40.22 | zeusk | what will happen if my first virtual mb is unmapped ? will a null dereference behave differently ? (data abort ?) |
21:42.49 | *** join/#htc-linux MethoS- (~clemens@134.102.106.250) |
21:50.27 | *** join/#htc-linux MethoS- (~clemens@134.102.106.250) |
21:51.52 | *** part/#htc-linux Cotulla (~myfakemai@nat100-255-205-109.tvoe.tv) |
22:36.04 | *** join/#htc-linux raymonddull (~raymonddu@c-69-245-114-102.hsd1.mi.comcast.net) |
23:23.50 | *** join/#htc-linux detule (~detule@unaffiliated/d3tul3) |
23:34.47 | detule | jonpry, something like this? http://pastebin.com/93AkWcgL |
23:37.04 | jonpry | is that the .map_io ? |
23:38.36 | detule | i think this is in the machine_init |
23:39.19 | jonpry | i think there are some requirements about when reserve_bootmem can be called |
23:53.55 | detule | oh the machine has a reserve handle |
23:54.04 | detule | probably it's meant to go in there |