ELPH300HS aka IXUS220HS - Porting Thread - page 6 - DryOS Development - CHDK Forum supplierdeeply

ELPH300HS aka IXUS220HS - Porting Thread

  • 899 Replies
  • 420578 Views
Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #50 on: 04 / May / 2011, 16:58:23 »
Advertisements
You are right with "half the fun", but my microcopter wants to fly with camera and remote control ;)

I compiled sx30 and G12 with my PRIMARY.BIN and only a handful mismatches happend:

Fgets_Fut
Fread_Fut
Fwrite_Fut
LocalTime
Write
_log
_log10
_pow
memcpy
memset
set_control_event
strtolx
vsprintf

Identical list of mismatches for both!
It seems to be feasible to find them!?

Any comments are welcome...

...have fun...

Michi

*

Offline philmoz

  • *****
  • 3450
    • Photos
Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #51 on: 04 / May / 2011, 18:29:32 »
You are right with "half the fun", but my microcopter wants to fly with camera and remote control ;)

I compiled sx30 and G12 with my PRIMARY.BIN and only a handful mismatches happend:

Fgets_Fut
Fread_Fut
Fwrite_Fut
LocalTime
Write
_log
_log10
_pow
memcpy
memset
set_control_event
strtolx
vsprintf

Identical list of mismatches for both!
It seems to be feasible to find them!?

Any comments are welcome...

...have fun...

Michi

Not sure what you mean by mismatches; but you can't just copy your cameras firmware to an existing port and expect it to work.

Have you read http://chdk.wikia.com/wiki/Adding_support_for_a_new_camera.

The signature finder attempts to find functions in the firmware by matching code from other firmware versions. It writes these out to stubs_entry.S along with the % match if it was not 100%. Sometimes multiple signatures will match and you will get a comment with the ALT signature match details. A lot of times it won't find a match at all and you get an 'ERROR' comment for the function in stubs_entry.S.

Every function must match 100% for CHDK to work.
Any function not found by finsig or found with less than 100% match must be manually found and/or confirmed in the firmware dump by you. You then put these correct addresses in stubs_entry_2.s (manually) - it helps to add comments on how you found/matched them for future reference.

The build process scans stubs_entry.s and stubs_entry_2.s to make sure that every function has an entry in at least one of the files. If there are missing functions the compile stops with errors and a dump of the missing functions is created.

If you put your PRIMARY.BIN into my G12 or SX30 port you are just using the addresses I have found for these two cameras - which will be wrong for yours, so you still need to verify everything. It's best to start with an empty stubs_entry_2.s file so you get a list of all the functions not matched. You can then put all these into your stubs_entry_2.s along with any that did not match 100%. Then you start the painstaking process of finding and verifying each one in the firmware code - this can take days, weeks or months depending on how much free time you have to work on it, and how many similar cameras you have to compare firmware dumps.

When trying to find missing functions I find it useful to have the firmware dumps loaded into IDA (or whatever tool you use) for a few similar cameras that have working ports (release date, features, etc). You can then find the functions in the working dump to see what the code looks like and try and find some way to identify the function to allow you to search for it in your camera firmware.

Hope this helps,
Phil.
CHDK ports:
  sx30is (1.00c, 1.00h, 1.00l, 1.00n & 1.00p)
  g12 (1.00c, 1.00e, 1.00f & 1.00g)
  sx130is (1.01d & 1.01f)
  ixus310hs (1.00a & 1.01a)
  sx40hs (1.00d, 1.00g & 1.00i)
  g1x (1.00e, 1.00f & 1.00g)
  g5x (1.00c, 1.01a, 1.01b)
  g7x2 (1.01a, 1.01b, 1.10b)

Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #52 on: 04 / May / 2011, 19:18:47 »
I compiled sx30 and G12 with my PRIMARY.BIN and only a handful mismatches happend:
I assume what you mean is that you put your primary.bin file into an sx30 and a G12 build directory, started a build and then looked at the resulting stub_entry.S files ?

This is okay to a point.  What you have done is run the signature finder program located in the trunknnnn/tools directory against your primary.bin file.  The resulting stub_entry.S files will be identical because nothing from the sx30 or G12 ports was actually used in creating the stub_entry.S files.  So just as  reyalp and Phil have pointed out,  you need to look for those missing routines manually in the dissassembly of  the IXUS220HS primary.bin file.

Just for fun,  I tried using CHDK-PT to convert the stub_entry.S and stubs_entry_2.S files from the G12 to the IXUS220HS.  No surprise - it could not find the routines you mentioned either - confirming that the code for those is very different in the IXUS220HS.    I wonder if a different camera might be closer ?


« Last Edit: 04 / May / 2011, 19:21:31 by waterwingz »
Ported :   A1200    SD940   G10    Powershot N    G16

*

Offline reyalp

  • ******
  • 14117
Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #53 on: 04 / May / 2011, 22:31:05 »
In the end, you need to be able to understand the disassembly and find the relevant functions. No tool will replace this any time soon.

Note that the Fut functions should mostly be available from event procs, which are very easy to find (find the name as a string, find the address the of the string and a function pointer together). We know Fwrite_Fut must exist, because the dumper worked. The others will be nearby.

For the ones that aren't event procs, you generally have to work from context: Disassemble a known port, find where the function you want is used in that port, then find the equivalent location in your dump. The easiest landmarks are strings, but if there aren't any obvious ones, you can go by sequences of calls to other identified functions, where it appears in the dump etc.

Don't forget what the H stands for.


Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #54 on: 04 / May / 2011, 23:08:43 »
In the end, you need to be able to understand the disassembly and find the relevant functions. No tool will replace this any time soon.
I completely agree for a new port like this.   I'm just hoping that once somebody does all the hard work to port to a new camera,  we can provide tools to more easily add different firmware versions of the same camera.

Ported :   A1200    SD940   G10    Powershot N    G16

Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #55 on: 05 / May / 2011, 06:24:02 »
Thx for your advice...

that supports, at least paritally, what I assumed...

I just posted the mismatches to document what I believe, I have to dissassemble, find and patch manually...

I hope, correct me when I'm wrong, that the matching signatures (:= not listed) are usable/reliable for my cam, so that I can concentrate on finding the addresses of the mismatches I listed...

I will do some more experiments to find the best matching platform...it is just important for me to learn if the stubs matched by finsig are reliable.

...have fun...

Michi


Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #56 on: 05 / May / 2011, 06:30:48 »
...
Not sure what you mean by mismatches; but you can't just copy your cameras firmware to an existing port and expect it to work.

Have you read http://chdk.wikia.com/wiki/Adding_support_for_a_new_camera.

The signature finder attempts to find functions in the firmware by matching code from other firmware versions. It writes these out to stubs_entry.S along with the % match if it was not 100%. Sometimes multiple signatures will match and you will get a comment with the ALT signature match details. A lot of times it won't find a match at all and you get an 'ERROR' comment for the function in stubs_entry.S.

Every function must match 100% for CHDK to work.
Any function not found by finsig or found with less than 100% match must be manually found and/or confirmed in the firmware dump by you. You then put these correct addresses in stubs_entry_2.s (manually) - it helps to add comments on how you found/matched them for future reference.

The build process scans stubs_entry.s and stubs_entry_2.s to make sure that every function has an entry in at least one of the files. If there are missing functions the compile stops with errors and a dump of the missing functions is created.

If you put your PRIMARY.BIN into my G12 or SX30 port you are just using the addresses I have found for these two cameras - which will be wrong for yours, so you still need to verify everything. It's best to start with an empty stubs_entry_2.s file so you get a list of all the functions not matched. You can then put all these into your stubs_entry_2.s along with any that did not match 100%. Then you start the painstaking process of finding and verifying each one in the firmware code - this can take days, weeks or months depending on how much free time you have to work on it, and how many similar cameras you have to compare firmware dumps.

When trying to find missing functions I find it useful to have the firmware dumps loaded into IDA (or whatever tool you use) for a few similar cameras that have working ports (release date, features, etc). You can then find the functions in the working dump to see what the code looks like and try and find some way to identify the function to allow you to search for it in your camera firmware.

Hope this helps,
Phil.


With mismatches I mean the signatures which are not 100% matching the reference as reported in the build output.
It's pretty clear that I have to solve them by hand (brain if available).

Please don't treat my analysis attempts as idiots work...I'm not as naive to believe everything is going automatically, I just want to use the done work as much as possible.

Better to steal good than to implement bad!

...have fun...

Michi

*

Offline funnel

  • ****
  • 349
Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #57 on: 05 / May / 2011, 06:50:18 »
For the SX220 stubs I checked them all and found that a lot of them were wrong, even when the match % was high and some were right when the % was small. So is best to recheck them all manually to be sure.


Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #58 on: 05 / May / 2011, 07:31:19 »
For the SX220 stubs I checked them all and found that a lot of them were wrong, even when the match % was high and some were right when the % was small. So is best to recheck them all manually to be sure.

Oh!
That's not what I expected...thanks for the warning, so I can skip the search for the best match!

Thx a lot...

With these facts I've to recalculate if the port will exceed my time budget  :-[

...have fun...

Michi
« Last Edit: 05 / May / 2011, 07:36:15 by michi1911 »

Re: ELPH300HS aka IXUS220HS - Porting Thread
« Reply #59 on: 05 / May / 2011, 09:48:49 »
With these facts I've to recalculate if the port will exceed my time budget  :-[
As you've figured out,  porting to a new camera is a really big job.  Especially if you are coming up the learning curve from scratch.  Even if you only value your time a $1/hr,  its still a better deal to go out and purchase one of the supported camera / firmware combinations. Especially if what you really want to do is enhanced photography rather than software.

Ported :   A1200    SD940   G10    Powershot N    G16

 

Related Topics


SimplePortal 2.3.6 © 2008-2014, SimplePortal