Rockbox.org home
release
dev builds
extras
themes manual
wiki
device status forums
mailing lists
IRC bugs
patches
dev guide



Rockbox mail archive

Subject: RE: iAudio M5 / X5 ?

RE: iAudio M5 / X5 ?

From: RaeNye <raenye_at_netvision.net.il>
Date: 2006-04-21

> :-D What do you use to disasm it, IDA? Hmm, the free version of IDA
doesn't support the ColdFire chip, I'm afraid...

Yes. Load the binary from 0x1030 at address 0x10000; then follow the
subroutine at 0x10010 that copies segments (~20 of them) from flash to IRAM
& DRAM.
Note that from address 0x170000 you have read-only data, mostly GUI related
(menus, images, strings).
I can send you my IDC to do that, but the Right Thing [TM] is to write a
loader plugin for it...
(Planned to do when I have some free time)

ColdFire is supported as a variant of M68k, so I think the free version can
handle it...
Alas, no IDA version supports the ColdFire v2 chip (read: 5249 and 5250),
e.g., EMAC instructions (only one accumulator is supported).
The easy cases create bogus instructions (e.g., _FixAtan2); the harder cases
cannot be disassembled (so analysis stops) and the worst cases create bogus
instructions of incorrect length (so you loose phase in decoding...).
The Right Thing [TM] is again to write a processor definition plugin, but
there's so little to add over the original m68 code that it seems pointless
to recode it w/o the original source.

BTW,
Is anyone else interested in X5 firmware disassembly? I saw a Wiki page on
this, but it hasn't been updated since January.

I aim to patch the firmware with the rockbox bootloader to enable dual-boot.

R.
Received on Fri Apr 21 15:03:09 2006


Page was last modified "Jan 10 2012" The Rockbox Crew
aaa