What's the architecture I should select?
ARM Little endian with the load addresses that I've previously indicated, after stripping the 32 byte headers!
Not clear what you mean by "stripping the 32 byte headers". Could you give a novice a more detailed description?
Once I can decompile the whole thing I should be able to discover quite a lot. I haven't attacked a completely undocumented code in 30 years, but that was how I was introduced to C & Unix. A 5000 line C code which didn't work correctly on a little endian machine. It had 2 comments both of which read
/* handling special cases */
thanks,
Reg
What's the architecture I should select?
ARM Little endian with the load addresses that I've previously indicated, after stripping the 32 byte headers!
Not clear what you mean by "stripping the 32 byte headers". Could you give a novice a more detailed description?
Once I can decompile the whole thing I should be able to discover quite a lot. I haven't attacked a completely undocumented code in 30 years, but that was how I was introduced to C & Unix. A 5000 line C code which didn't work correctly on a little endian machine. It had 2 comments both of which read
/* handling special cases */
thanks,
Reg
Read and process this
msg.
Attached is the start of the 2nd executable loaded as I explained before (as seen in IDA Pro).
I selected "ARM v4t little endian" and Ghidra is thinking about it. Probably wrong, but I just fed it the entire file. I can always go back and do it over in pieces.
From the look of it Ghidra may already do the stuff I was going to do. But we'll see. It's about time I learned more about this. It makes for considerable incentive to get a sacrificial GDS-2072E either by means of a new board or buying another along with a Siglent SDS-1104X. The fact that NSA created Ghidra greatly increases my enthusiasm for this. IDA Pro is a bit pricey for my purposes at least for now. And I'd really rather focus on analog front end design.
Have Fun!
Reg
Thanks!
I'd *really* like to crack this to the point we can write open source FW for it. I'd expect it to sell like mad if we can do that. Which might actually persuade Rigol, Siglent et al to open source their FW or better yet, use a common set of base open source FW and just compete on HW design.
Have Fun!
Reg
(the 1st 32 bytes of each block are its header) In the header, at offset 0x10, there is the size of the block (including header).
SPL has a Load Address = 0x00000000
The executables have a Load Address = 0x80000000
A teaser function in the attached file.
addon
In the header, at offset 0x10, there is the size of the block (including header), aligned to 0x200 (size = (size + 0x1FF) & 0xFFFFFE00)
In the header, at offset 0x0C, there is the SUM32 checksum (sum of all words) of the block (including header), but previously set checksum to 0x5F0A6C39
(mksunxi.exe align the size and calc checksum)
ARM V4T little endian
actually
CPU: ARM926EJ-S [41069265] revision 5 (ARMv5TEJ)
https://steward-fu.github.io/website/mcu/lichee-nano/flash_image.htm
Would you please elaborate on the link? How does this relate to the 1013D? From what I found I probably want to get a couple but it's not clear what to get as I found lots of very different hits.
Ghidra finished, but I'm *way* in over my head. LoL!
Can someone point me to some basic instructions suitable for someone who knows nothing about Ghidra, a lot generally about HW, but nothing at all about this HW and only very little about the ARM. After studying a dozen or more CPUs (e.g Burroughs 5000) going back 50 years it becomes a bit of a blur. On top of which I've not been into a machine at this level since the VIC20 and C64.
Thanks,
Reg
Well,
FNIRSI responded to my WTF "100 Mhz???" snot-gram (actually I was quite polite):
So, it turns out that 100 Mhz is the "
maximum theoretical value" and if you actually want a 100 Mhz bandwidth you should "
buy other better oscilloscope, such as TEKTRONIX..."
Kind of like what I told my wife when we first met, "my đick is 'theoretically' 9 inches"...
So, it turns out that 100 Mhz is the "maximum theoretical value" and if you actually want a 100 Mhz bandwidth you should "buy other better oscilloscope, such as TEKTRONIX..."
It's the Nyquist limit of a 200Mhz sample rate and we know it's 200Mhz.
What about their claim of 1GHz sampling? I'd love to see how they spin that.
So, it turns out that 100 Mhz is the "maximum theoretical value" and if you actually want a 100 Mhz bandwidth you should "buy other better oscilloscope, such as TEKTRONIX..."
It's the Nyquist limit of a 200Mhz sample rate and we know it's 200Mhz.
What about their claim of 1GHz sampling? I'd love to see how they spin that.
I hadn't considered that perspective--they know damned well the front-end cannot pass 100 Mhz!
But hot damn, that makes my 1 Gs/s 60 MHz Hantek DSO1062B a 500 Mhz machine!
In my snot-gram I had questioned the sample rate and <3 ns rise time claims as well, they ignored both...
I suspect that with the exception of a handful of geeks who need not be named outright (no offense guys), 99.44% of the buyers of this "instrument" have no real need for a 100MHz 'scope, have no access to signals of near that frequency anyway, and will never know the claim is a complete bucket of hogwash...
I don't get why everybody is so angry about it at this price point.
In my country we have a saying about people who start looking the teeth when you're trying to give them a free horse.
False advertising!
In engineering specifications are everything!
If something is specified to be 100MHz and1G samples - it had better be!
Realistically, based on the price most sensible engineers would know this is an obvious scam.
There are other sayings about being cheap and buy crappy stuff ...
If is known that this is a 20MHz scope or so , many people wouldn't buy it , cheap as it is
The display , parts and manufacturing are very cheap from tablet/phone industry , no surprise they can afford to make it . Of course the know-how and time to make a scope right are not that cheap
I don't get why everybody is so angry about it at this price point.
In my country we have a saying about people who start looking the teeth when you're trying to give them a free horse.
I have no "anger" over this, nor have I seen anymore than "bemusement" by most of the posters here. i knew going in it was a "too-good-to-be-true" device; but I am annoyed by the blatant deception and total disregard for the customer. Sort of like if I went to pick up the free horse and was told "Well, it's not EXACTLY 'free'".
It takes a lot to get me angry--no one wants to see me like that.
False advertising!
In engineering specifications are everything!
If something is specified to be 100MHz and1G samples - it had better be!
That's just a cultural expectation, not a physical law.
False advertising!
In engineering specifications are everything!
If something is specified to be 100MHz and1G samples - it had better be!
That's just a cultural expectation, not a physical law.
I was raised to believe that a man's word was his bond. I once, many years back, spent $16.4 million (of my employer's money) with a "handshake" contract--but that was back when men had decency and honor; long lost characteristics I fear.
"Cultural expectation" sounds like a way of self-justifying sniveling out of a deal...
I was raised to believe that a man's word was his bond.
That has
NEVER been true.
But getting back to the point: How do we get the most from these things?
I was raised to believe that a man's word was his bond.
That has NEVER been true.
Perhaps not in your circles...
Perhaps not in your circles...
You've never seen anti-hairloss products, diet products, abdominal training devices in yours?
The preceding seems like a lot of senseless argument about something we all knew long before. Lets get on with open sourcing the FW.
FWIW My "200 MHz" Rigol DS1202Z-E has a 300 MHz -3 dB point and is quite usable to almost 1 GHz on a sine wave.
This was done with an HP 8648C set at 0 dBm output into a 50 ohm thru termination. The horizontal line is -3 dB. The scope is severely aliased of course which will lead to incorrect results for an FFT. I'm still trying to devise a good time domain test for aliasing effects other than the standard sine wave appears to be lower frequency than it actually is. The modulation options for the 8648C are somewhat limited.
The 100 MHz trigger instability is a consequence of sampling the sine wave consistently at less than peak value.
Have Fun!
Reg
Despite my simply feeding Ghidra the flash image and specifying the wrong architecture, it seems to have worked.
However, learning to use Ghidra looks pretty daunting and I don't think I have the time to do anything serious. All the stuff I know to do and then some is already implemented in Ghidra. Unfortunately I don't yet know how to access what I want.
For example, 0xb34e() has an infinite loop following a series of function calls suggesting that it is the main loop when the DSO is running. However, I can't figure out how to walk back up the call tree from there.
I'm certainly impressed by Ghidra. I had not known of it before, so it's been a very valuable education. I can see lots of uses for it, but I think I need to start by analyzing a less complex program.
Have Fun!
Reg