Starting port on A430, some progress has been made, help still needed - General Discussion and Assistance - CHDK Forum

Starting port on A430, some progress has been made, help still needed

  • 23 Replies
  • 9923 Views
*

Offline zfeet

  • **
  • 67
Advertisements
Ok, I've made some progress. On booting I can see the CHDK version etc but after that the camera hangs showing text "No picture" (in my language...). I've uploaded the source code I've made so far and the .lst made with IDA to zshare so anyone interested in helping can see what I've done so far. I think capt_seq.c is ok but lib.c might be incorrect.

Here's the source:

http://www.zshare.net/download/16322685385a28a8/

And here's the lst:

http://www.zshare.net/download/1632296329f55a07/
« Last Edit: 31 / July / 2008, 17:45:43 by zfeet »

*

Offline zfeet

  • **
  • 67
Re: Starting port on A430, help needed
« Reply #1 on: 31 / March / 2008, 05:31:44 »
Ok, I manage to compile CHDK and camera suggest updating the firmware but after that the screen just stays blank and I after open the battery door to get the camera working. I am really not sure if I've been able to modify the source code correctly, here's what I've done so far. The firmware is available here: http://www.zshare.net/download/979592221ca65e/

Should I modify something else?

boot.c
Code: [Select]
#include "lolevel.h"
#include "platform.h"
#include "core.h"

const long new_sa = MEMISOSTART + MEMISOSIZE;

/* Ours stuff */
extern long wrs_kernel_bss_start;
extern long wrs_kernel_bss_end;
extern void createHook (void *pNewTcb);
extern void deleteHook (void *pTcb);


void boot();

/* "relocated" functions */
void __attribute__((naked,noinline)) h_usrInit();
void __attribute__((naked,noinline)) h_usrKernelInit();
void __attribute__((naked,noinline)) h_usrRoot();



void boot()
{
    long *canon_data_src = (void*)0xFFEC54F0;
    long *canon_data_dst = (void*)0x1900;
    long canon_data_len = 0xE460 - 0x1900;
    long *canon_bss_start = (void*)0xE460; // just after data
    long canon_bss_len = 0x95730 - 0xE460;
    long i;

    asm volatile (
"MRC     p15, 0, R0,c1,c0\n"
"ORR     R0, R0, #0x1000\n"
"ORR     R0, R0, #4\n"
"ORR     R0, R0, #1\n"
"MCR     p15, 0, R0,c1,c0\n"
    :::"r0");

    for(i=0;i<canon_data_len/4;i++)
canon_data_dst[i]=canon_data_src[i];

    for(i=0;i<canon_bss_len/4;i++)
canon_bss_start[i]=0;

    asm volatile (
"MRC     p15, 0, R0,c1,c0\n"
"ORR     R0, R0, #0x1000\n"
"BIC     R0, R0, #4\n"
"ORR     R0, R0, #1\n"
"MCR     p15, 0, R0,c1,c0\n"
    :::"r0");

    h_usrInit();
}


void h_usrInit()
{
    asm volatile (
"STR     LR, [SP,#-4]!\n"
"BL      sub_FFC01968\n"
"MOV     R0, #2\n"
"MOV     R1, R0\n"
"BL      sub_FFEAB86C\n"     //unknown_libname_206 ; "Canon A-Series Firmware"
"BL      sub_FFE9CEDC\n"     //excVecInit
"BL      sub_FFC011C4\n"
"BL      sub_FFC01728\n"
"LDR     LR, [SP],#4\n"
  "B       h_usrKernelInit\n"
    );
}

void  h_usrKernelInit()
{
    asm volatile (
"STMFD   SP!, {R4,LR}\n"
"SUB     SP, SP, #8\n"
"BL      sub_FFEABD6C\n"    //classLibInit
"BL      sub_FFEBEB54\n"    //taskLibInit
"LDR     R3, =0xDBD8\n"
"LDR     R2, =0x9C460\n"
"LDR     R1, [R3]\n"
"LDR     R0, =0x9F190\n"
"MOV     R3, #0x100\n"
"BL      sub_FFEB7C64\n"   //qInit
"LDR     R3, =0xDB98\n"
"LDR     R0, =0xE3E0\n"
"LDR     R1, [R3]\n"
"BL      sub_FFEB7C64\n"   //qInit
"LDR     R3, =0xDC54\n"
"LDR     R0, =0x9F164\n"
"LDR     R1, [R3]\n"
"BL      sub_FFEB7C64\n"   //qInit
"BL      sub_FFEC36D4\n"   //workQInit
"BL      sub_FFC012B0\n"
"MOV     R4, #0\n"
"MOV     R3, R0\n"
"MOV     R12, #0x800\n"
"LDR     R0, =h_usrRoot\n"
"MOV     R1, #0x4000\n"
    );   
// "LDR     R2, =0xDF7D0\n" // 0x9F7D0 + 0x40000
    asm volatile (
        "LDR     R2, =new_sa\n"
        "LDR     R2, [R2]\n"
    );
    asm volatile (
"STR     R12, [SP]\n"
"STR     R4, [SP,#4]\n"
"BL      sub_FFEBBD94\n"  //kernelInit
"ADD     SP, SP, #8\n"
"LDMFD   SP!, {R4,PC}\n"
    );
}

static long drv_struct[16];
 
static long dh_err()
{
    return -1;
}

static void drv_self_hide()
{
    long drvnum;
   
    drvnum = _iosDrvInstall(dh_err,dh_err,dh_err,dh_err,dh_err,dh_err,dh_err);
    if (drvnum >= 0)
_iosDevAdd(drv_struct, "A/DISKBOOT.BIN", drvnum);
}


void  h_usrRoot()
{
    asm volatile (
"STMFD   SP!, {R4,R5,LR}\n"
"MOV     R5, R0\n"
"MOV     R4, R1\n"
"BL      sub_FFC019D0\n"
"MOV     R1, R4\n"
"MOV     R0, R5\n"
"BL      sub_FFEB0A00\n"     //memInit
"MOV     R1, R4\n"
"MOV     R0, R5\n"
"BL      sub_FFEB1478\n"     //memPartLibInit
"BL      sub_FFC017E8\n"
"BL      sub_FFC01A10\n"
"BL      sub_FFC019F4\n"
"BL      sub_FFC01A3C\n"
"BL      sub_FFC019C4\n"
    );

    _taskCreateHookAdd(createHook);
    _taskDeleteHookAdd(deleteHook);

    drv_self_hide();

    asm volatile (
"LDMFD   SP!, {R4,R5,LR}\n"
"B       sub_FFC07518\n"   //IsEmptyWriteCache_2
    );
}


makefile.inc
Code: [Select]
#30F8
PLATFORMID=12536

PLATFORMOS=vxworks

MEMBASEADDR=0x1900
RESTARTSTART=0x50000
MEMISOSTART=0x9F7D0
MEMISOSIZE=0x40000
ROMBASEADDR=0xffc00000

TARGET_PRIMARY=$(topdir)platform/$(PLATFORM)/sub/$(PLATFORMSUB)/PRIMARY.BIN

PLFLAGS=-DMEMBASEADDR=$(MEMBASEADDR) -DMEMISOSTART=$(MEMISOSTART) -DMEMISOSIZE=$(MEMISOSIZE)
PLFLAGS+=-DRESTARTSTART=$(RESTARTSTART)

stubs_entry.S
Code: [Select]
// !!! THIS FILE IS GENERATED. DO NOT EDIT. !!!
#include "stubs_asm.h"

NSTUB(AllocateMemory, 0xffc01ab4)
NSTUB(AllocateUncacheableMemory, 0xffc048f4)
NSTUB(Close, 0xffc5d7a8)
NSTUB(CreatePhysicalVram, 0xffd0c9f4)
NSTUB(CreateTask, 0xffc11260)
NSTUB(CreateTaskStrict, 0xffc12300)
NSTUB(DisableDispatch, 0xffc11084)
// Best match: 96%
NSTUB(DisplayImagePhysicalScreen, 0xffd0bca0)
NSTUB(EnableDispatch, 0xffc11110)
NSTUB(ExecuteEventProcedure, 0xffc0680c)
NSTUB(ExitTask, 0xffc11620)
NSTUB(Fclose_Fut, 0xffc56a84)
NSTUB(Fopen_Fut, 0xffc56a48)
NSTUB(Fread_Fut, 0xffc56b68)
NSTUB(FreeMemory, 0xffc01ac0)
NSTUB(FreeUncacheableMemory, 0xffc04928)
NSTUB(Fseek_Fut, 0xffc56c50)
NSTUB(Fwrite_Fut, 0xffc56bb8)
NSTUB(GetCurrentAvValue, 0xffe694a0)
NSTUB(GetCurrentTargetDistance, 0xffe69448)
// Best match: 96%
NSTUB(GetFocusLensSubjectDistance, 0xffe5bc90)
// Best match: 52%
NSTUB(GetFocusLensSubjectDistanceFromLens, 0xffe5c230)
// Best match: 86%
NSTUB(GetParameterData, 0xffd40e2c)
NSTUB(GetPropertyCase, 0xffc14518)
// Best match: 96%
NSTUB(GetSystemTime, 0xffc04b2c)
// ALT: NSTUB(GetSystemTime, 0xffc04b2c) // 26/1
// Best match: 93%
NSTUB(GetZoomLensCurrentPoint, 0xffe4c738)
// ALT: NSTUB(GetZoomLensCurrentPoint, 0xffe4c738) // 27/2
// Best match: 93%
NSTUB(GetZoomLensCurrentPosition, 0xffe4c74c)
// ALT: NSTUB(GetZoomLensCurrentPosition, 0xffe4c74c) // 27/2
NSTUB(IsStrobeChargeCompleted, 0xffce7fac)
NSTUB(LockMainPower, 0xffd3c1f4)
NSTUB(MakeDirectory, 0xffc5da4c)
// Best match: 90%
NSTUB(Mount_FileSystem, 0xffc5ca48)
// ALT: NSTUB(Mount_FileSystem, 0xffc5ca48) // 27/3
// Best match: 96%
NSTUB(MoveFocusLensToDistance, 0xffe696e8)
NSTUB(MoveZoomLensWithPoint, 0xffe4c618)
// ALT: NSTUB(MoveZoomLensWithPoint, 0xffe4c618) // 25/0
NSTUB(Open, 0xffc5d780)
// Best match: 96%
NSTUB(PhySw_testgpio, 0xffc17bc8)
NSTUB(ProtectFile, 0xffc560b0)
// Best match: 92%
NSTUB(PutInNdFilter, 0xffe674bc)
// ALT: NSTUB(PutInNdFilter, 0xffe674bc) // 25/2
// ALT: NSTUB(PutInNdFilter, 0xffe6904c) // 25/2
// ALT: NSTUB(PutInNdFilter, 0xffe6904c) // 25/2
// ALT: NSTUB(PutInNdFilter, 0xffe69094) // 25/2
// ALT: NSTUB(PutInNdFilter, 0xffe69094) // 25/2
// Best match: 94%
NSTUB(PutOutNdFilter, 0xffe67504)
// ALT: NSTUB(PutOutNdFilter, 0xffe67504) // 16/1
NSTUB(Read, 0xffc5d83c)
NSTUB(RefreshPhysicalScreen, 0xffd52390)
NSTUB(Remove, 0xffc5d7c8)
NSTUB(SetAutoShutdownTime, 0xffd3c0ec)
// Best match: 86%
NSTUB(SetParameterData, 0xffd40d4c)
NSTUB(SetPropertyCase, 0xffc143ec)
NSTUB(SleepTask, 0xffc11174)
NSTUB(TakeSemaphore, 0xffc10c70)
NSTUB(UnlockMainPower, 0xffd3c2a8)
NSTUB(Unmount_FileSystem, 0xffc5cb60)
// Best match: 89%
NSTUB(UnsetZoomForMovie, 0xffd76190)
NSTUB(UpdateMBROnFlash, 0xffc5ccb4)
// ERROR: VbattGet is not found!
NSTUB(Write, 0xffc5d848)
NSTUB(_log, 0xffea2c50)
// ALT: NSTUB(_log, 0xffea2c50) // 27/0
NSTUB(_log10, 0xffe9f128)
// ALT: NSTUB(_log10, 0xffe9f128) // 27/0
NSTUB(_pow, 0xffe9f2b0)
// ALT: NSTUB(_pow, 0xffe9f2b0) // 25/0
NSTUB(_sqrt, 0xffea104c)
// ALT: NSTUB(_sqrt, 0xffea104c) // 24/0
NSTUB(chdir, 0xffeaf524)
// ALT: NSTUB(chdir, 0xffeaf524) // 27/0
NSTUB(close, 0xffeaee64)
NSTUB(closedir, 0xffeac2ec)
// ERROR: free is not found!
NSTUB(ints_disable, 0xffc0d6e0)
NSTUB(ints_enable, 0xffc0d6ec)
NSTUB(ioctl, 0xffeaefa4)
NSTUB(iosDevAdd, 0xffeb0084)
NSTUB(iosDrvInstall, 0xffeb0348)
NSTUB(iosDevFind, 0xffeb0010)
NSTUB(isalpha, 0xffea6390)
// ALT: NSTUB(isalpha, 0xffea6390) // 4/0
NSTUB(isdigit, 0xffea63c0)
// ALT: NSTUB(isdigit, 0xffea63c0) // 4/0
NSTUB(islower, 0xffea63f0)
// ALT: NSTUB(islower, 0xffea63f0) // 4/0
NSTUB(isspace, 0xffea6438)
// ALT: NSTUB(isspace, 0xffea6438) // 4/0
NSTUB(isupper, 0xffea6450)
// ALT: NSTUB(isupper, 0xffea6450) // 4/0
NSTUB(kbd_p1_f, 0xffc16914)
NSTUB(kbd_p1_f_cont, 0xffc16920)
NSTUB(kbd_p2_f, 0xffc16cf0)
// Best match: 83%
NSTUB(kbd_pwr_off, 0xffc18e98)
// ALT: NSTUB(kbd_pwr_off, 0xffc18eb4) // 5/1
// ERROR: kbd_pwr_on is not found!
NSTUB(kbd_read_keys_r2, 0xffc17678)
// Best match: 93%
NSTUB(localtime, 0xffeaaae0)
NSTUB(lseek, 0xffeaefa8)
// Best match: 53%
NSTUB(malloc, 0xffeb1ea4)
// ALT: NSTUB(malloc, 0xffeb1ea4) // 15/13
NSTUB(memcmp, 0xffea9ec0)
// ALT: NSTUB(memcmp, 0xffeb6064) // 9/0
NSTUB(memcpy, 0xffea9efc)
NSTUB(memset, 0xffea9f74)
NSTUB(mkdir, 0xffc5d990)
NSTUB(open, 0xffeaf4a8)
NSTUB(opendir, 0xffeac320)
NSTUB(qsort, 0xffea9720)
NSTUB(rand, 0xffea9744)
// ALT: NSTUB(rand, 0xffea9744) // 8/0
NSTUB(read, 0xffeaeec4)
NSTUB(readdir, 0xffeac2b8)
NSTUB(rename, 0xffeaf4b0)
// ALT: NSTUB(rename, 0xffeaf4b0) // 26/0
NSTUB(rewinddir, 0xffeac2e0)
NSTUB(srand, 0xffea9768)
// ALT: NSTUB(srand, 0xffea9768) // 4/0
NSTUB(stat, 0xffeac3b4)
NSTUB(strcat, 0xffea9f94)
NSTUB(strchr, 0xffea9fc0)
NSTUB(strcmp, 0xffea9fe4)
NSTUB(strcpy, 0xffeaa178)
NSTUB(strlen, 0xffeaa2dc)
NSTUB(strncmp, 0xffeaa340)
NSTUB(strncpy, 0xffeaa384)
// ALT: NSTUB(strncpy, 0xffeaa384) // 24/0
NSTUB(strpbrk, 0xffeaa3cc)
NSTUB(strrchr, 0xffeaa408)
// ALT: NSTUB(strrchr, 0xffeaa408) // 8/0
NSTUB(strtol, 0xffea9b5c)
NSTUB(taskCreateHookAdd, 0xffeb4b04)
NSTUB(taskDeleteHookAdd, 0xffeb4a40)
// Best match: 82%
NSTUB(taskIdListGet, 0xffebeacc)
NSTUB(taskLock, 0xffebf188)
NSTUB(taskName, 0xffebe9c4)
NSTUB(taskResume, 0xffebeda8)
NSTUB(taskSuspend, 0xffebebd4)
NSTUB(taskUnlock, 0xffebf230)
NSTUB(time, 0xffeab82c)
// ALT: NSTUB(time, 0xffeab82c) // 25/0
NSTUB(utime, 0xffeac448)
// ALT: NSTUB(utime, 0xffeac448) // 26/0
NSTUB(vsprintf, 0xffeadc0c)
NSTUB(write, 0xffeaef34)
NSTUB(fprintf, 0xffea6cf0)
NSTUB(fputs, 0xffea6e10)
NSTUB(puts, 0xffeadfc8)

stubs_entry_2.S
Code: [Select]
#include "stubs_asm.h"


NHSTUB(VbattGet, 0xffc1bca0)
NHSTUB(free, 0xFFC01B38)
NHSTUB(kbd_pwr_off, 0xFFC017E8)   //null stub
NHSTUB(kbd_pwr_on, 0xFFC017E8)    //null stub

NHSTUB(SetZoomActuatorSpeedPercent, 0xFFC017E8)  //null stub
NHSTUB(GetDrive_ClusterSize, 0xFFE1CFBC)
NHSTUB(GetDrive_TotalClusters, 0xFFE1CFF8)
NHSTUB(GetDrive_FreeClusters, 0xFFE1D034)

*

Offline GrAnd

  • ****
  • 916
  • [A610, S3IS]
    • CHDK
Re: Starting port on A430, help needed
« Reply #2 on: 31 / March / 2008, 06:57:44 »
> long canon_bss_len = 0x95730 - 0xE460;
> MEMISOSTART=0x9F7D0

These two should be the same at least.

CHDK Developer.

*

Offline zfeet

  • **
  • 67
Re: Starting port on A430, help needed
« Reply #3 on: 31 / March / 2008, 08:59:00 »
Thanks, didn't work yet. I haven't had much time to really go through with the necessary changes needed. Also, I don't have that much experience with ARM reverse engineering but I am learning as I go.


Re: Starting port on A430, help needed
« Reply #4 on: 09 / May / 2008, 00:29:37 »
Have you succeed porting on A430 now?
Just found about CHDK a few days ago. I have A430.
I have everything (I think) needed to do porting after digging this forum, just don't know where to start.

 :)

*

Offline zfeet

  • **
  • 67
Re: Starting port on A430, help needed
« Reply #5 on: 09 / May / 2008, 13:35:10 »
Sorry but I had a major setback when my harddrive crashed, thanks to Vista. I might start working on the port again but I've been extremely busy at work.

Re: Starting port on A430, help needed
« Reply #6 on: 07 / July / 2008, 01:53:04 »
When I download the file (a430 100b 0xff810000 .rar),from (zSHARE - a430 100b 0xff810000 .rar) ,while extracting it shows error,what to do!!!!

Re: Starting port on A430, help needed
« Reply #7 on: 07 / July / 2008, 06:17:05 »
I have this one. (also from zShare but without any errors)
How do I send you this?


*

Offline zfeet

  • **
  • 67
Re: Starting port on A430, help needed
« Reply #8 on: 07 / July / 2008, 14:47:11 »

*

Offline zfeet

  • **
  • 67
Re: Starting port on A430, help needed
« Reply #9 on: 07 / July / 2008, 14:48:14 »
Have you succeed porting on A430 now?
Just found about CHDK a few days ago. I have A430.
I have everything (I think) needed to do porting after digging this forum, just don't know where to start.

 :)


Sorry, I haven't got the time to start porting...

 

Related Topics