supplierdeeply

A480 Porting

  • 75 Replies
  • 27807 Views
A480 Porting
« on: 29 / December / 2009, 13:39:35 »
Advertisements
As a firmware dump is now available (http://chdk.setepontos.com/index.php/topic,3598.15.html), we can begin porting the A480.

I just created a branch of CHDK at http://github.com/pegahic/chdk-a480 and will try to keep it up-to-date with all contributions related to the A480 (including mine) until it's stable enough to enter SVN - it currently contains nothing but the SVN sources, though.

Re: A480 Porting
« Reply #1 on: 29 / December / 2009, 14:17:59 »
Good job! We should somehow coordinate our work, I created a git repository at github so I could mirror everyone's changes there (I've also started looking at the firmware to locate some functions, but haven't committed anything yet).

Maybe you could drop by on IRC?
I will try to do this later, right now I'm trying to do something on work, and I can't access IRC here, i'm afraid.
Quote
I am not yet familiarized with CHDK's build system, my guess is that some .a/.o is missing from the makefile / linker command, or you didn't put the stubs in the right file so the .a/.o doesn't get built in the first place (?), but it's really nothing but a guess.
Well, after messing a bit today morning, I found out that in my rush to get something working on the camera, I jumped various steps. I will concentrate my job on the boot.c at the moment.
The Sigfinder didn't found some functions, and I was not sure on how to proceed, since I'm not aware what that functions do and could not just scan the whole firmware trying to find them.
I think I've found one strchr, for instance, but functions that mess with EVF is too much for me :)

About the GitHub, I'll try to put what I done in boot.c as soon as I stop working on it. But it is much bigger than I originally thought :(

--Edit
Having a hard time putting something to use git on the windows here. Here's what I already done in boot.c:
http://gist.github.com/265542

I think these are correct, but they need closer examination:
NHSTUB(strrchr,       0xFFC63488)
NHSTUB(strchr,       0xFFC634D4)

And these are the ones that were not found by SigFinder:
kbd_pwr_on
EnterToCompensationEVF
ExitFromCompensationEVF
GetBatteryTemperature
GetCCDTemperature
GetDrive_ClusterSize
GetDrive_FreeClusters
GetDrive_TotalClusters
RefreshPhysicalScreen
TurnOffBackLight

« Last Edit: 29 / December / 2009, 21:14:34 by RenatoLond »

Re: A480 Porting
« Reply #2 on: 29 / December / 2009, 21:08:26 »
I've had a look at the libc functions with <100% matches and located them using the A720 (ref1) firmware:

Code: [Select]
NHSTUB(strchr, 0xffc634d4) // a720 primary
NHSTUB(strrchr, 0xffd4c1c8) // a720 primary
NHSTUB(strncmp, 0xffc63488) // a720 primary
NHSTUB(qsort, 0xffdf2a18) // a720 primary
NHSTUB(rand, 0xffc0dabc) // a720 primary
NHSTUB(srand, 0xffc0dab0) // a720 primary
NHSTUB(strtolx, 0xffc1bf44) // a720 primary

Re: A480 Porting
« Reply #3 on: 07 / January / 2010, 06:16:41 »
yesterday i've looked into functions with <100%, and found these addresses:

Code: [Select]
NHSTUB(GetParameterData, 0xffd08d30) // a720 primary
NHSTUB(LockMainPower, 0xffc55210) // a720 primary
NHSTUB(PostLogicalEventToUI, 0xffc54884) // a720 primary, kinda different, has a jump
NHSTUB(SleepTask, 0xffc16578) // a720 primary
NHSTUB(MakeDirectory_Fut, 0xffc12b4c) // a720 primary
NHSTUB(RenameFile_Fut, 0xffc12a84) // a720 primary
NHSTUB(SetParameterData, 0xffd08ca0) // a720 primary
NHSTUB(SetAutoShutdownTime, 0xffc55284) // a720 primary
NHSTUB(GetPropertyCase, 0xffc51944) // a720 primary
NHSTUB(UnlockMainPower, 0xffc55164) // a720 primary
NHSTUB(SetCurrentCaptureModeType, 0xffc5b514) // a720 primary
NHSTUB(SetPropertyCase, 0xffc5183c) // a720 primary
NHSTUB(PostLogicalEventForNotPowerType, 0xffc54838) // a720 primary
NHSTUB(IsStrobeChargeCompleted, 0xffc7ccc4) // a720 primary
NHSTUB(GetZoomLensCurrentPoint, 0xffce3dac) // a720 primary
NHSTUB(VbattGet, 0xffc10294) // a720 primary
NHSTUB(MoveZoomLensWithPoint, 0xffdc2454) // a720 primary
NHSTUB(MoveFocusLensToDistance, 0xffe04080) // a720 primary
NHSTUB(kbd_read_keys, 0xffc11360) // a720 primary, seems the same, but no call to kbd_pwr_off or kbd_power_on
NHSTUB(kbd_p1_f, 0xffc113dc) // a720 primary
NHSTUB(kbd_p1_f_cont, 0xffc113e8) // a720 primary, seems right. Starts in the middle of nowhere?
NHSTUB(NewTaskShell, 0xffc513e8) // a720 primary
NHSTUB(SetLogicalEventActive, 0xffc54f8c) // a720 primary
NHSTUB(TurnOnBackLight, 0xffc5fcd4) // a720 primary
NHSTUB(TurnOffBackLight, 0xffc5fcec) // looks like a720 primary, is just after TurnOnBackLight like in a720
// has "TurnOffBackLight" in it

NHSTUB(PT_PlaySound, 0xffc40a50) // sd1100 ixus80 primary

Remains to be found:
EnterToCompensationEVF
ExitFromCompensationEVF
GetDrive_ClusterSize
GetDrive_FreeClusters
GetDrive_TotalClusters
RefreshPhysicalScreen
kbd_pwr_on

Remains to be confirmed:
NSTUB(TakeSemaphore, 0xffc0b850)
NSTUB(UIFS_WriteFirmInfoToFile, 0xffcfa8ec)
NSTUB(kbd_pwr_off, 0xffc2c8c4)
NSTUB(kbd_read_keys_r2, 0xffc2c3c0)
// ALT: NSTUB(kbd_read_keys_r2, 0xffc2c3a4) // 16/6


Re: A480 Porting
« Reply #4 on: 26 / January / 2010, 09:22:20 »
I have literally no experience in IDA, and though I know it is mostly done by disassembly - can I be useful in any way? I want to learn something about it - when I'll have few hours of free time.

I would LOVE to see A480 port operating as soon as it's possible and if I can do anything APAT from disassembly itself - please let me know.

Also - how is it going? How much is there to do?
And I am asking because I want to know if I'll manage to learn how to use IDA before you guys finish :)
« Last Edit: 26 / January / 2010, 09:23:59 by amras »

Re: A480 Porting
« Reply #5 on: 26 / January / 2010, 10:12:38 »
Well, from my side, there has been no progress lately. I've been a little tangled with some work, and the last thing I've done is what I've posted here.

Basically, unless pegahic had some progress, there's still all the .c files to write, and the functions in my previous reply to confirm.

You're welcome to try anything :)

Re: A480 Porting
« Reply #6 on: 26 / January / 2010, 11:48:04 »
So you mean that all what is to be done is to adjust/rewrite a720 code, find those:

EnterToCompensationEVF
ExitFromCompensationEVF
GetDrive_ClusterSize
GetDrive_FreeClusters
GetDrive_TotalClusters
RefreshPhysicalScreen
kbd_pwr_on

compile and check if it works? Sounds neat, though I would love to get some pointers on how to determine where a certain function is. Is it to be recognised by its name somewhere in the binary or do I have to compare it with functions from, say a720 byte-by-byte and check if I'll stumble upon anything?

I'd love to get any guidance but I know that teaching me would be twice as time-consuming as actually porting it. So would you please confirm that I am not terribly wrong somewhere with what I understood, and I'll try to figure out the rest myself :)

Sorry for such naive questions but as long as it comes to copying/adjusting code I may be able to help at least a bit :)
« Last Edit: 26 / January / 2010, 12:22:22 by amras »

Re: A480 Porting
« Reply #7 on: 26 / January / 2010, 12:53:15 »
Well, I have little experience as well, what I was doing to find the functions was to open both the a720 and the a480 firmware, then, using the reference from sigfinder, finding the function originally in the a720 and try to find something that I could recognize in the a480.

This is the reason why, otherwise noted, all the functions in a480 are exactly the same as in a720, I compared it instruction by instruction.

About adjust/rewrite, I think I started on the wrong foot writing the boot.c, as I was inspiring on a470, rather than a720. What I was doing is basically the same as for the functions: opening the a470 code side-by-side with the firmware, locating it, and then copying and seeing what have to be rewritten.

I don't know if I was doing mistakes, but that was what I was doing :)


Re: A480 Porting
« Reply #8 on: 03 / March / 2010, 08:32:34 »
Bump.
Any news?

*

Offline ewavr

  • ****
  • 1057
  • A710IS
Re: A480 Porting
« Reply #9 on: 07 / March / 2010, 18:27:09 »
Hi, here is "quick-n-dirty" port for A480 1.00b
This is "port in one day", and I cannot test all features, but at first look it works.

Some remarks:
- 'mode' key used as <alt> key:
  - press 'mode' key shortly to enter/exit <alt> mode
  - press 'mode' key longer to access original function
- playback (>) key used as 'disp/erase' key in CHDK menu etc.
- if autostart is used, press 'on/off' button longer to turn camera on in record mode (usual CHDK drawback).
- DNG settings are copied from SX10 and colors may be wrong.

Binaries: attached to this post
Sources: here.
« Last Edit: 07 / March / 2010, 18:32:30 by ewavr »

 

Related Topics