and don't seem like the values I'm finding.. are any of these even adjusted for the 500d yet? One more thing: there's a few stubs files in there (two for the 500d), any idea which one is the main one that should be edited?
coutts: where a quick primer in stubs.
as alex pointed out the stubs file that is used is this one: stubs-500d.110.S where 110 is the firmware number. If canon where to release a 1.2.0 firmware for 500d we will have to generate a new stubs file that most likely will be named stubs-500d.120.S.
where's this file coming from? well, somebody generate it..i would guess either chuchin or arm.indy generated the one that we use. you can generate stubs using various tools: finsig/gensig tools from CHDK
http://chdk.wikia.com/wiki/Signature_finder or
http://magiclantern.wikia.com/wiki/GPL_Tools/match.py are the top two that comes in mind. I haven't tried finsig/gensig myself, the setup is a little bit confusing and complex and i just didn't spend the time to figure it out. I did try match.py but on my setup is crashing with bus error which is a shame since it could really help me figure out the sound meters.
in 500d codebase you will also find a stubs file named something like: stubs500d<don't remember what follows>. This file looks to be a raw generated stub using one of the above tools and is there for reference. sometimes i look into this file to see if it has some address that's not present in the main stubs-500d.110.S.
now, what memory values have been found:
- i will guess most of them are valid. I personally added a few values and/or fix some of them based either on my iDA Pro database or using the stubs500* file that i mentioned or simply trying different values until it works. I was focused on the main features, like making sure the sound device memory address is correct or (with a lot of help from RoaldFre) figure out where the VRAM segment is and how is built (as a result of this we now have zebras support and i'm hoping soon focus peaking).
things that you mentioned (focus confirmation...and all) i haven't checked if the values are correct. If you find that the values are wrong please update the stubs file. I would also like if you don't mind to start adding comments in the stub file for values that we change to specify what the value is used for. I'm hoping this is gonna help the next developer.
about ida pro: here's a starting point for ida pro just to give you an idea:
http://chdk.wikia.com/wiki/Loading_dump_to_IDA. using ida pro _is_ the best way to understand the firmware with couple of issues: the tool is commercial and is not cheap (don't ask me how i got my copy) and second is really really complex (it has to be considering what it does). i personally understand maybe < 5% of what i see in ida pro, usually i just use names or string search, look at xrefs and see if i can figure out whatever i need at the moment. now from ida pro you can generate these IDC files ((think of them like a database of the disassembled firmware in an open format) which can then be queried used open source tools. alex i believe wrote arm console (search for it in ml wikia) to automate firmware analysis using IDC files (this tool also crashes on my setup with bus error).
one last thing about IDC/ida pro: when you first load the firmware in ida pro, the output that you see is not very "clean". ida pro does it's best to figure out the dump but is not perfect. there are scripts to help cleaning up the output which can help some and there's a LOT of manual work to actually get a "clean" or at least "cleaner" disassemble. arm.indy told me that he spend days manually cleaning stuff.
i hope all these helps
