Skip to main content

Show Posts

This section allows you to view all Show Posts made by this member. Note that you can only see Show Posts made in areas you currently have access to.

Messages - Darren

2
General discussion / Open Source USB Protocol Analyzer
http://www.openvizsla.org/

http://www.kickstarter.com/projects/bus ... l-analyzer

It had crosssed my mind recently with talk on various forums/blogs about the xbox Kinect device and capturing data from it with the beagle usb analyzer and the beagle costing $1200! there must be a cheaper option, perhaps something would be possible with even just a cypress CY7C68013A capturing raw data and feeding it through to a pc for decoding ?
3
Bus Pirate Development / Re: Compiling Bus Pirate firmware with MPLABX (under linux, mac, ...)
I can only speak from the windows point of view and I've not yet tried this new IDE, but as far as I'm aware the IDE just passes command lines to the compiler tools and they decide what to do with them, after a set time (60 days i think) they inform you in the build window the evaluation period is over and just compile with lite options, with the little fiddling I did with optimizations, the -O1 option produces smaller/faster code
4
Bus Pirate Development / Re: Compiling Bus Pirate firmware with MPLABX (under linux, mac, ...)
Options for Controlling Optimization

The following options control compiler optimizations.

-O0  Do not optimize. (This is the default.)
Without -O, the compiler's goal is to reduce the cost of compilation and to make debugging produce the expected results. Statements are independent: if you stop the program with a breakpoint between statements, you can then assign a new value to any variable or change the program counter to any other statement in the function and get exactly the results you would expect from the source code.The compiler only allocates variables declared register in registers.
 
-O
-O1  Optimize. Optimizing compilation takes somewhat longer, and a lot more host memory for a large function. With -O, the compiler tries to reduce code size and execution time. When -O is specified, the compiler turns on -fthread-jumps and -fdefer-pop. The compiler turns on -fomit-frame-pointer. 

-O2  FULL VERSION ONLY
Optimize even more. The compiler performs nearly all supported optimizations that do not involve a space-speed trade-off. -O2 turns on all optional optimizations except for loop unrolling (-funroll-loops), function inlining (-finline-functions), and strict aliasing optimizations (-fstrict-aliasing). It also turns on force copy of memory operands (-fforce-mem) and Frame Pointer elimination (-fomit-frame-pointer). As compared to -O, this option increases both compilation time and the performance of the generated code. 

-O3  FULL VERSION ONLY
Optimize yet more. -O3 turns on all optimizations specified by -O2 and also turns on the inline-functions option. 

-Os  FULL VERSION ONLY
Optimize for size. -Os enables all -O2 optimizations that do not typically increase code size. It also performs further optimizations designed to reduce code size.


This is from hlpMPLABC30.chm (windows), so you can only use options higher than -O1 while you are evaluating the compiler, then it reverts to the lite version
6
Bus Pirate Development / I2C Sniffer
Had a fiddle with the I2C_Sniffer code to see if I could increase the capture rate, space was tight in the firmware, so I used the Optimization flag to see if it could help me out

I compiled I2C.c with '-g -Wall -mlarge-code -mlarge-data -O' and managed to squeeze it in

Optimized Output:

Code: [Select]
				if(termMode) //output for the terminal 
 350:	0d 04 e0    	cp0.b     w13
 352:	00 00 32    	bra       Z, 0x354
				{
					RingBuffer[RingWritePostion++]='0';
 354:	00 c3 b3    	mov.b     #0x30, w0
 356:	00 73 7c    	mov.b     w0, [w6+w8]
					RingBuffer[RingWritePostion++&0xfff]='x';
 358:	06 00 e8    	inc.w     w6, w0
 35a:	0a 00 60    	and.w     w0, w10, w0
 35c:	81 c7 b3    	mov.b     #0x78, w1
 35e:	01 70 7c    	mov.b     w1, [w0+w8]
					RingBuffer[RingWritePostion++&0xfff]=HXASCII[dat>>4];
 360:	06 80 e8    	inc2.w    w6, w0
 362:	0a 00 60    	and.w     w0, w10, w0
 364:	0c 81 fb    	ze        w12, w2
 366:	c4 10 de    	lsr.w     w2, #0x4, w1
 368:	e1 40 7f    	mov.b     [w1+w14], w1
 36a:	01 70 7c    	mov.b     w1, [w0+w8]
					RingBuffer[RingWritePostion++&0xfff]=HXASCII[dat&0x0f];
 36c:	63 00 43    	add.w     w6, #0x3, w0
 36e:	0a 00 60    	and.w     w0, w10, w0
 370:	6f 01 61    	and.w     w2, #0xf, w2
 372:	62 41 7f    	mov.b     [w2+w14], w2
 374:	02 70 7c    	mov.b     w2, [w0+w8]
 376:	64 00 43    	add.w     w6, #0x4, w0
					RingWritePostion&=0xfff;
 378:	8a 00 60    	and.w     w0, w10, w1
 37a:	00 00 37    	bra       0x37c <.L101>


Unoptimized Output:

Code: [Select]

 				if(termMode) //output for the terminal 
 422:	6e 48 90    	mov.b     [w14+14], w0
 424:	00 04 e0    	cp0.b     w0
 426:	00 00 32    	bra       Z, 0x428
				{
					RingBuffer[RingWritePostion++]='0';
 428:	9e 00 78    	mov.w     [w14], w1
 42a:	2e 00 90    	mov.w     [w14+4], w0
 42c:	80 80 40    	add.w     w1, w0, w1
 42e:	00 c3 b3    	mov.b     #0x30, w0
 430:	80 48 78    	mov.b     w0, [w1]
 432:	1e 0f e8    	inc.w     [w14], [w14]
					RingBuffer[RingWritePostion++&0xfff]='x';
 434:	f0 ff 20    	mov.w     #0xfff, w0
 436:	1e 00 60    	and.w     w0, [w14], w0
 438:	80 00 78    	mov.w     w0, w1
 43a:	2e 00 90    	mov.w     [w14+4], w0
 43c:	80 80 40    	add.w     w1, w0, w1
 43e:	80 c7 b3    	mov.b     #0x78, w0
 440:	80 48 78    	mov.b     w0, [w1]
 442:	1e 0f e8    	inc.w     [w14], [w14]
					RingBuffer[RingWritePostion++&0xfff]=HXASCII[dat>>4];
 444:	f0 ff 20    	mov.w     #0xfff, w0
 446:	1e 00 60    	and.w     w0, [w14], w0
 448:	80 00 78    	mov.w     w0, w1
 44a:	2e 00 90    	mov.w     [w14+4], w0
 44c:	00 81 40    	add.w     w1, w0, w2
 44e:	6e 40 90    	mov.b     [w14+6], w0
 450:	00 80 fb    	ze        w0, w0
 452:	44 00 de    	lsr.w     w0, #0x4, w0
 454:	80 80 fb    	ze        w0, w1
 456:	00 00 20    	mov.w     #0x0, w0
 458:	00 80 40    	add.w     w1, w0, w0
 45a:	10 40 78    	mov.b     [w0], w0
 45c:	00 49 78    	mov.b     w0, [w2]
 45e:	1e 0f e8    	inc.w     [w14], [w14]
					RingBuffer[RingWritePostion++&0xfff]=HXASCII[dat&0x0f];
 460:	f0 ff 20    	mov.w     #0xfff, w0
 462:	1e 00 60    	and.w     w0, [w14], w0
 464:	80 00 78    	mov.w     w0, w1
 466:	2e 00 90    	mov.w     [w14+4], w0
 468:	00 81 40    	add.w     w1, w0, w2
 46a:	6e 40 90    	mov.b     [w14+6], w0
 46c:	00 80 fb    	ze        w0, w0
 46e:	ef 00 60    	and.w     w0, #0xf, w1
 470:	00 00 20    	mov.w     #0x0, w0
 472:	00 80 40    	add.w     w1, w0, w0
 474:	10 40 78    	mov.b     [w0], w0
 476:	00 49 78    	mov.b     w0, [w2]
 478:	1e 0f e8    	inc.w     [w14], [w14]
					RingWritePostion&=0xfff;
 47a:	f0 ff 20    	mov.w     #0xfff, w0
 47c:	1e 0f 60    	and.w     w0, [w14], [w14]
 47e:	00 00 37    	bra       0x480 <.L106>


It helped out alot on this section of the code, I've uploaded a Hex file and source snippet, would be interesting to hear if it can capture 400khz traffic now, as I've not got anything here to test that with and of course if the code is useful, your welcome to use and abuse however you like
7
Bus Pirate Support / Re: I2C sniffing on Nintendo Wii Extensions
Hi,

I was actually fiddling with the I2C sniffer code yesterday, trying to improve the capture speed, I've uploaded my hex file, would be interesting to hear if it copes with 400kHz ok, I'll open a separate thread with the code next day or so.
8
Bus Pirate Development / Re: Firmware v5.3
Hi Ian, just had another looked at UARTbuf() and UARTbufService() when I'd first looked at them I just decided to skip them as they seemed a bottleneck, firstly being calls and for some reason I'd read UARTbufService() as actually waiting till the buffer was empty to output a byte, but i see now it checks if the buffer is free and if so sends a byte, one of the things that was causing slowness in the original sniffer was the I2Csniff structure, everytime members where accessed it was wasting cycles, rotating or anding off bytes, I see the UART buffer routines uses structures again, but they are static so I guess they compile out to static addresses fine ? Must admit when I read code, especially on time critical routines, I get my optimization head on, its surprising how many cycles simple high level functions can take, when i coded that alternative scanner, I ran it through the dissembler a number of times to see what was happening, I think you are able to use the -O compiler flag (Level 1 Optimize) even in the free version of the compiler, this should use alot more of the PICs registers, rather than using stack based variables and increase speed, maybe improve code size as well ??

Off the top of my head, U1STAbits.UTXBF could be checked in the main scanner loop and if free then do the call, haha I'm off again with the optimization head

You guys do great work btw :)
9
Bus Pirate Development / Re: Firmware v5.3
Hi, I don't think you will be able to make the I2C sniffer run @ 400khz with realtime output, the UART just wastes too many cycles :( perhaps if the scanner was interrupt based/triggered a compromise could be found, the scanner could gather info and the main loop could spit out the results via UART and as long as there wasn't a constant stream and the buffer was big enough, the main loop might have a change of keeping up, but also there might be overheads with a interrupt based routine, pushing and popping all the regs on each trigger would waste alot of cycles, just a few thoughts anyways :)
10
General discussion / Re: 3EEPROM preorder
If you search on 3EEPROM on ebay, you can find a seller from Hong Kong selling the original 3EEPROM boards that are used in the Bus Pirate demo, if that helps
11
General discussion / Re: Utiilities to access USB serial devices that aren't comm ports.
Just seen this thread, maybe you have solved your problem ??

You could edit the ftdibus.inf and ftdiport.inf files and add in a custom VID+PID line and this should make the device use the FTDI driver you may need to add the VID+PID line in 2 places in each file, have a look through those files and get an idea of the information in there and add your own entries, not saying this is the correct way to go about things and could even make your windows unstable, but it may allow you to achieve what you want
12
Bus Pirate Development / Re: Bus Pirate v4 hardware
You mention above about no bootloader or driver for this design, are you aware of libusb? http://www.libusb.org/ if this was used then no custom driver would be needed and would work across many platforms, once a device is found, packets can be sent/received directly, only a generic client/console app would need to be created to display information and transmit options, like a terminal currently does

Don't know if you was aware of this regarding a usb bootloader

http://www.schmalzhaus.com/UBW/FW/Micro ... aders.html

Hope its ok to pitch in an idea, if I got this correct, your planning on a High voltage programming addon for the bus pirate ? What about having a programmable high voltage pin in this design ? say max 15v or 24v, fully controllable from firmware, then it could be used to program various chips or to be used to power other external devices that maybe connected to the bus pirate
14
Bus Pirate Development / Re: Firmware v5.0 to do
Hi ian+Sjaak,

I have developed the I2C sniffer further, it now uses compression and still captures 400kHz fine I'm happy to share the code, if your interested, I don't know what direction you want the scanner to go in, as the original displays results realtime and that was a nice feature and the code I have developed returns results after a capture, perhaps a new macro could be added for high speed capture ?

Darren
15
Bus Pirate Support / Re: Continious logic analyzer mode?
s3c, I just wanted a function and I'm familar with c/c++ so I downloaded the source+IDE+Compiler, read through abit of the source and hacked something together for my needs, the only real problem I had was getting the hex to work in ds30 loader, I downloaded the lastest version from the developers homepage and magically it all worked :) He had mentioned on his page, was a hex parsing issue, code attached, I still need to tweak it abit, the buffer storage isnt optimal by any means, but it got me the data i wanted

Sjaak, yeah i was familar with the I2C sniffer, but i wanted to capture @ 400khz, sure I could of used my logic analyzer, But i wanted to have more control, so bus pirate seemed ideal, I can start and stop a capture as I like and process the data pc side

The function is slighlty different to the original, In that you must send a byte in, to receive the buffer

Code: [Select]
void I2C_Sniffer(unsigned char termMode)
{
        unsigned char c;
        
        short BufferPos=0;
        short n;
        
        unsigned char DataState=0;
        unsigned char DataBits=0;
        unsigned char Data=0;

        unsigned char I2CSda,I2CSdaOld=0;
        unsigned char I2CScl,I2CSclOld=0;

        SDA_TRIS=1; // -- Ensure pins are in high impedance mode --
        SCL_TRIS=1;
        
        SCL=0; // writes to the PORTs write to the LATCH
        SDA=0;
        
        CNEN2bits.CN21IE=1; // enable change notice on SCL and SDA
        CNEN2bits.CN22IE=1;

        IFS1bits.CNIF=0; // clear the change interrupt flag
        

        while((!U1STAbits.URXDA)&&(BufferPos<TERMINAL_BUFFER-4)) // Loops While No User Input Or Buffer Not Full
        {
                if(IFS1bits.CNIF==0)continue; // If Pins Haven't Changed, Skip Sampling
                
                IFS1bits.CNIF=0; // Clear Change Flag

                I2CScl=SCL; // Get Current State
                I2CSda=SDA; 
                
                if(DataState&&I2CScl&&!I2CSclOld) // Sample When Clock Goes Low To High
                {       
                        if(DataBits<8) // The Next 8 Bits Are Data
                        {                               
                                Data=Data<<1;
                                Data=Data|I2CSda;
                                DataBits++;
                        }
                        else
                        {
                                bpConfig.terminalInput[BufferPos]=ESCAPE_CHAR; // Dump Data To Buffer
                                BufferPos++;
                                bpConfig.terminalInput[BufferPos]=Data;
                                BufferPos++;
                                
                                if(I2CSda) // SDA High Means NACK
                                {
                                        bpConfig.terminalInput[BufferPos]='-';
                                        BufferPos++;                                    
                                }       
                                else // SDA Low Means ACK
                                {
                                        bpConfig.terminalInput[BufferPos]='+';
                                        BufferPos++;
                                }
                                                
                                DataBits=0; // Ready For Next Data Byte
                        }       
                }
                else if(I2CScl&&I2CSclOld) // clock high, must be data transition
                {                          // if data changed while clock is high, start condition (HL) or stop condition (LH)
                                                        
                        if(!I2CSda&&I2CSdaOld) // start condition (High To Low)
                        {
                                DataState=1; // start condition, allow data byte collection
                                DataBits=0;
                                bpConfig.terminalInput[BufferPos]='[';
                                BufferPos++;
                        }
                        else if(I2CSda&&!I2CSdaOld) // stop condition (Low To High)
                        {
                                DataState=0; // stop condition, don't allow byte collection
                                DataBits=0;
                                bpConfig.terminalInput[BufferPos]=']';
                                BufferPos++;
                        }       
                }
                
                // Save Last Pin State
                
                I2CSdaOld=I2CSda;
                I2CSclOld=I2CScl;               
        }
        
        CNEN2bits.CN21IE=0; // Clear Change Notice
        CNEN2bits.CN22IE=0;
        
        while(!U1STAbits.URXDA) // Always Wait For User Input Even If Buffer Is Full
        c=U1RXREG;

        for(n=0;n<BufferPos;n++)
        {
                if(bpConfig.terminalInput[n]==ESCAPE_CHAR) // Look For Escape Character
                {
                        n++;
                        c=bpConfig.terminalInput[n];
                        
                        if(termMode) // Deside What To Do 
                        {
                                bpWhex(c); // Terminal Mode
                        }
                        else
                        {
                                UART1TX(ESCAPE_CHAR); // Raw Mode
                                UART1TX(c);
                        }
                }
                else
                {
                        UART1TX(bpConfig.terminalInput[n]); // Send Captured Data Back
                }       
        }
        
        bpBR;
}

( ! ) Fatal error: Uncaught exception 'Elk_Exception' with message 'Please try again. If you come back to this error screen, report the error to an administrator.' in /var/www/dangerousprototypes/forum/sources/database/Db-mysql.class.php on line 696
( ! ) Elk_Exception: Please try again. If you come back to this error screen, report the error to an administrator. in /var/www/dangerousprototypes/forum/sources/database/Db-mysql.class.php on line 696
Call Stack
#TimeMemoryFunctionLocation
10.01582489008session_write_close ( )...(null):0
20.01612620584ElkArte\sources\subs\SessionHandler\DatabaseHandler->write( )...(null):0
30.01612621360Database_MySQL->query( ).../DatabaseHandler.php:119
40.06012760072Database_MySQL->error( ).../Db-mysql.class.php:273