Attached is the new V2 version of the firmware address signature matching and stub finding code that I've been working on for a while.
Thanks to waterwingz for validating the results along the way and helping to test this.
I think this is ready for beta testing now; but before I post it as a patch I'd like to have wider usage & testing to make sure there are no serious problems.
I've implemented this as a new version of gensig and finsig (gensig2 & finsig2) and associated files so it can work in parallel with the existing version. There is a compile time option to switch between them (see below).
Note: This is for DryOS cameras only at the moment. VxWorks based cameras will continue to use the existing system.To use this, unpack the attached .zip file into your trunk directory.
This will replace platform/makefile_sub.inc and tools/Makefile with updated versions for the new stuff.
It should also add a bunch of new files to the tools directory (gensig2.c, gensig2.sh, finsig2.c, ...).
You will also need to have your firmware dump (PRIMARY.BIN) in the 'platform/
camera/sub/
fwversion' directory for your camera/firmware in order to trigger the rebuild of stubs_entry.S below.
First step is to do a normal clean build to make sure you have a valid stubs_entry.S file for the camera/firmware you want to test.
Then add the option OPT_SIGS_V2=1 to either buildconf.inc or localbuildconf.inc and do another clean build.
The first time the V2 version is used it will rename stubs_entry.S to stubs_entry.S.orig and then use the new V2 code to build a new stubs_entry.S.
The V2 code reads the existing stubs_entry.S.orig, stubs_entry_2.S and stubs_min.S files so that it can compare the addresses it finds against the old addresses. Any discrepancies are reported in the new stubs_entry.S file to be investigated.
The recompiled CHDK should run as before; but it is worth opening up the new stubs_entry.S file to check for any issues that may need to be looked at. Also the V2 code tries to find some of the other addresses that might be useful for a new port (stubs_min.S, kbd.c and lib.c values).
This is a work in progress so it's likely that I may have some bugs in there. I've validated the results against the exisitng values for quite a few cameras and it seems to be pretty solid. If you find something that looks wrong please post details here.
So what's new in V2:
- Includes some camera info strings from the firmware (dryos version, firmware version, camera name).
- Will include a warning message if the firmware dump looks incorrect (too small, etc).
- Includes new signature matching algorithms (primarily based on finding function name strings in the firmware with nearby function pointers).
- Looks for some of the addresses that are needed for stubs_min.s, kbd.c and lib.c
- Addresses found are checked against the existing stubs_entry_2.s, stubs_min.s and the old stubs_entry.S files. Any discrepancies are reported.
- Close to 100% signature matching for all existing camera and firmware versions in the core trunk.
- Slightly faster than the current system.
- For each address found includes the reference location in the firmware where it was found.
If you want to rebuild the 'signatures2_dryos.h' file you will need to copy the 10 firmware dump files to the tools directory (see the readme_gensig2.txt file for details).
Hopefully the format and layout of the new stubs_entry.S file will be self explanatory; but a couple of notes.
- The first section is the camera info stuff.
- This is followed by stubs that may have issues, e.g. they did not match 100% or the new address found does not match the one in stubs_entry_2.s or the old stubs_entry.S
- Next is the stubs_min.S values found along with comparison to the existing stubs_min.S values.
- Then comes the lib.c values (note these are not validated against the existing lib.c stuff so should be checked manually).
- After that is the kbd.c values (again not validated so please check manually).
- Finally are all the stubs that matched 100% and also match existing values.
Edit:- 2nd July. Updated version now finds kbd.c values for IXUS 960 (SD950)
- 7th July - Fixed kbd.c values for A1100. Added platform_camera.h values (CAM_DRYOS, CAM_DRYOS_2_3_R39, CAM_RAW_ROWPIX, CAM_RAW_ROWS, CAM_UNCACHED_BIT)
- 10th July - Now finds the shooting mode table in the firmware and uses it to do some checks on the modemap data in platform/
CAMERA/shooting.c. Note because the mode numbers change from camera to camera I can't validate that the mode names in 'modemap' are correct. This version looks for modes in the firmware table that are missing from 'modemap' and for values in 'modemap' that aren't in the firmware.
- 12 July - Updated tools/Makefile to include the new font_8x16_pack tool (changeset 1234).
- 14 July - Updated with missing functions for G10.
- 18 July - Updated output format to make it easier to see discrepancies (thx waterwingz). Updated for R47 cameras which don't have UpdateMBROnFlash function; but have MakeSDCardBootable function instead.
- 24 July - Removed old version from post, fixed crash on A2200, handle NSTUB entries in stubs_entry_2.S
Phil.