Calculator Community > HP Calculators

HP Prime Emulator

<< < (2/8) > >>

gigi1237:
I thought I had written another reply before but I'm either crazy or it somehow got deleted.

Anyway I've attempted to hack up something with qemu. Figured out how it works, kind of and got to the point of having most of the first stage bootloader run, reading the rest from NAND and finally starting the os I assume (don't remember the exact address it hands off execution to). It's also throwing the usual uart startup output at me. But it's crashing somewhere after that and I haven't been able to figure out why yet.

Do you happen to have a UART dump from the prime? The output it gives at startup, as I have no ability to grab it for myself right now. So I can compare it to the output I'm getting.

Also I haven't posted the source yet because it's so bad I'm embarrassed about it  :-\ If you're interested I can do it anyway though. 

Jean-Baptiste Boric:
I don't have access to my HP Prime right now, but I posted an UART dump here a long time ago : https://www.omnimaga.org/introduce-yourself!/hello-everybody-22224/msg403203/#msg403203. It was with an early version of my own firmware.

From memory, the HP Prime booting process has three stages :

* BXCBOOT0.BIN (the first 256 KiB of the NAND) : the first 8 KiB initializes the hardware and chainloads the rest of the stage, it also contains the recovery and the first splashscreen ;
* PRIME_OS.ROM (the next 1 MiB) : this is what Rip'Em replaces ;
* Either armfir.elf for the normal firmware, or the diagnostics utility.
An incomplete, reverse-engineered disassembly of the first 8 KiB of BXCBOOT0.BIN is available at https://tiplanet.org/hpwiki/index.php?title=BXCBOOT0.BIN_reverse_engineering, if that can be of help.

I can take a look at your sources if you want. I promise I won't judge :)

gigi1237:
Thanks for giving the link to the UART log, it was helpful. The output qemu is giving me is slightly different: https://gist.github.com/Gigi1237/0a5c3bd41f53bea14434c6673e6f0cbf#file-gistfile1-txt. Mainly becaus it spams me with "B"s right after printing start. I haven't figured out why yet though. Probably some mistake in the UART implementation.

I also uploaded my qemu branch to github: https://github.com/Gigi1237/qemu I'd be very glad if you could check it out. Mainly the s3c2416.c file, as i generated the rest automatically from the datasheet (except s3c2416_lcd.c). I'd be very happy to have some feedback especially if you spot any mistakes. Keep in mind the code is literally hacked together at the moment. I've done many things I shouldn't have as I was just basically playing around to see if I could get anything working. Most things are not even close to functional and I wasn't even following any coding convention although I should have been. If you feel like it, you could contribute and send a pull request, but I know you're busy.

Right now I'm a bit stuck with it, don't really know what exactly to do next to get it working. I'm especially in a hard spot because I don't have acess to my IDA Pro databases of both the OS and the bootloader which would help a ton with debugging at this stage.

Hooloovoo:
I am glad to see Prime dev going on! I have just ordered a prime, and have the tools for jtagging. Once I get the prime, I'll have a look at stuff, and can maybe help get more things done.

Jean-Baptiste Boric:

--- Quote from: gigi1237 on August 17, 2017, 06:00:08 pm ---Thanks for giving the link to the UART log, it was helpful. The output qemu is giving me is slightly different: https://gist.github.com/Gigi1237/0a5c3bd41f53bea14434c6673e6f0cbf#file-gistfile1-txt. Mainly becaus it spams me with "B"s right after printing start. I haven't figured out why yet though. Probably some mistake in the UART implementation.

--- End quote ---

Wow, you've reached PRIME_OS.ROM, that's impressive! That means the first stage of the bootloader actually worked.


--- Quote from: gigi1237 on August 17, 2017, 06:00:08 pm ---Right now I'm a bit stuck with it, don't really know what exactly to do next to get it working. I'm especially in a hard spot because I don't have acess to my IDA Pro databases of both the OS and the bootloader which would help a ton with debugging at this stage.

--- End quote ---

I would try to make Rip'Em work. Since it's vastly simpler and the source code is available (unlike the official firmware), figuring out why stuff is not working should be much easier. Next goal would be the diagnostics utility.

Today is the last day of my internship, so I'll be able to take a closer look at your QEMU tree real soonTM.

Navigation

[0] Message Index

[#] Next page

[*] Previous page