136 replies to this topic

[LordNPS]

The delay in the releasing of the SDK makes me strongly consider reverse assembling.Let's face it people ,I don't think a SDK is on his way....

Does anyone have an idea of how to make a log of the intern operations in an 9860? Memory alocations, etc.?
Also it would be nice for us if we could understand the .g1a extension, its sintax etc.
From this we could start to "reveal the code" and from it we could possibly make an C compiler for 9860.

[LordNPS]

There's going to be an SDK, it is just that it will take time.

About the reverse Assemby if we could get our hands in a register, stack, and alocations procedures document, it would be the best, thought, it is not likely for that to happen, so how do we log the procedures in a calc?

[huhn_m]

I would really like to try this but I don't currently have the money for such a calc.
Anyhow, here is what we DO need to have/know to understand the functioning of the g1a format:

1) Calc or working emulator for G1A programs
2) The processor of the calc or at least its architecture to disassemble the g1a files
3) the Operating System of the calc
4) We need to find out if the g1a files are in some way encrypted or compressed. This is best done by sniffing the memory of the transfer program while transfering I think
5) We need to have an add-in where we know some strings (e.g. text on the screen) that we can use as a basis for analysing the structures.

I already have the definitions for the flash and the RAM and stuff, so we already have some of the things we need. The next step is to find a way to get OUR stuff in such a plugin and make the program transfer and execute it. And if it is only by changing a string in a current program this would already be a great progress!!

Does ANYONE own a FX 1.0+ and can tell me if it is worth selling this calc and getting the FX-9860? Maybe I could give it a try ...

or, other suggestion:

could all of you non-germans, tell me what prices you would pay for such a calc?
A link to a shop would be nice too

[LordNPS]

I think you wouldn't regret it. You own an AFX, a Fx1 is somewhat unecessary.
You will like 9860 very much huhn.
Do you have the emulator?

[LordNPS]

I don't think they are compressed/encrypted. You can just save the g1a into an SD and then run at once on the calc.
it would be really nice if the emulator casio launched could have add-ins, but I think it can't.
how do we dump the OS?

[huhn_m]

yes, I have the emulator.

However, as you said it does not play g1a files.
The 9860 is without cas, right? since I need a calc that has no CAS since I think they are not allowed at university I think they require us to think on our own. Stupid eh

What did you pay for your 9860?

[huhn_m]

yeah, I know ... this is where I intended to buy it from. But I thought it might be cheaper to buy it in another country than germany. I once saw AFX calcs go for like 50$ in the USA when they are like 150$ over here.

[LordNPS]

I got mine (SD) for 108€ but they cost 149€ here in Portugal.
got it Tax free and at importer's price.

[huhn_m]

ok. so not really cheaper.

I found some 1GB DDR400 sticks lying arround here.
I'll see what I get for them on eBay. Maybe enough for the calc.

[LordNPS]

So how much are you asking for the ram?

[huhn_m]

well, it is high density RAM, so I think like 50-60? should be ok.

I hope that the people look into their manuals or ask the mobo manufacturer this time and not buy and then come "the ram does not work on my intel mobo!!111!!". I already sold 8 of these and the people some times were really a pain in the a??.

[huhn_m]

ok. I'm sorry. I changed my mind.

I want to get a divers license, so I can go diving with a girlfriend. Since this is quite expensive I do not have the money to get the calc (or better said, I need the money to get the license ...)

once again sorry if I got any hopes up.

[LordNPS]

LooL
Well, I don't think there's any of us who would do otherwise on the same circunstances...
It's a shame thought... without you here, I might as well delete de topic.

[huhn_m]

well, I can try to support you as far as I can but you must do the initial steps. at fist we need to know in some way what kind of processor this little beast has. If anyone has an idea how to find this out then please tell me.

I already have the docs for the flash and the ram so only the docs for the screen controler and the CPU are missing. Once we have these in our hands we might be able to do some things (and even without the calc!)

[huhn_m]

Falls CPU hier = Buscontroller ist, dann w?re das folgende bezeichnung:

U101 (stand in der n?he eines der bauteile).
Flash:
Docs: http://www.mail.teas...e...bMAEVziAw==
(4MB Chip) / Spansion (AMD)
RAM:
http://www.mail.teas...e...bMAEVziAw==
512KB
70ns 40mA 256K x 16bit low voltage CMOS SRAM in 44-pin TSOP package. Operational temperature range from 0?C to 70?C.

nur zu diesem U101 habe ich nix gefunden.


1-2 hoch aufl?sende bilder vom inneren des Rechners w?ren praktisch...

[alias4399]

If someone has the calc, what can they do to help ?

[huhn_m]

at first they can make detailed photos of its PCB (high resolution) if possible from both sides as well as from the LCDs backside and stuff and upload them somewhere (but please not compressed)

Later I need someone to test code introduced into one of the official plugins.

[alias4399]

Ok, cool!

[alias4399]

Well, we could all help test code

[LordNPS]

Was going around through my posts on this forum and faced this old topic...
Why does this topic allways die?

Just want to bring it to atention of the public.
I want to continue.
Come on hunh.
Say whatever you need... we might get things done, and by now... you perhaps have the cash already to buy the calc:

[kucalc]

I would like to help in diassembling and finding out the architecture of the fx-9860 and create a SDK! I have some experience in computer programming and microcontrollers. Has anyone tested out the new emulator for the fx-9860? Does add-ins work in the emulator? Haven't gotten around to using it myself, but I will someday. If it does we could play around with the add-ins and put it in the emulator and test things out.

[LordNPS]

no they do not... plugins don't work in the emulator.
For now we need to find out which processor 9860 uses and then, perhaps ask the manufacturer how does it work, they usually have some kind of manual...
That's our main goal for now.
How do we know which processor it uses? I guess we have to figure that out from the shape, markings on it



Edit:
Might as well get Huhn a calc... if we all contribute, it wouldn't be very expensive...

edit Edit :
Second thought I am going to open my calc myself... nevermind the warranty .
Thing is, I am afraid it will get less... rigid... I mean the calc semas like a rock, all tight rigid one bloc as if it wasn't screwed , vlucanized instead... I am afraid It will loose the solidity of my calc... twingling piecies I mean...

[LordNPS]

Very well . my conlcusions from my peak inside the 9860:

It uses a U101 oscilator at 40 Mhz Colledge Oscillator

As flash a 4mbit 512 KB Flash Spansion Spansion S29

There's a full manual in how the flash works th the above link.. however it's very technical...


About the IC memory chip :
AMIC
The reference is Lp62S16256 which is a 4Mb (16*256 kb) The Manual

I will remain the calculator Opened.
My Digital Camera is out of bateries and I have none at the moment, so If anyone needs any information...
ask

[kucalc]

LordNPS, is it possible for you to get the info on the CPU of the fx-9860? (Identification number, name or manufacturer?)

There are two ways I see in getting our own SDK for the fx-9860:

Way #1: You can find out the what CPU the fx-9860 is using and get a proper disassembler for it. Next, you would extract the ROM from its memories and disassemble it into code so we can study everything (how it works).

Way #2: With the add-ins Casio already has released, you can compare and study the add-ins through a hex or binary editor. I doubt we would get a lot of info using this process though.

edit: Hold on, I think you can get the ROM (OS itself) from the OS updates or the emulators Casio has been providing. Just need to figure out where these programs store the ROM temporarly and then copy it. All I probably need now is the info on the CPU and get the ROM and I can start working.

[LordNPS]

Way #2: With the add-ins Casio already has released, you can compare and study the add-ins through a hex or binary editor. I doubt we would get a lot of info using this process though.

edit: Hold on, I think you can get the ROM (OS itself) from the OS updates or the emulators Casio has been providing. Just need to figure out where these programs store the ROM temporarly and then copy it. All I probably need now is the info on the CPU and get the ROM and I can start working.

I've tried analyzing the files with an hex editor and they actually seam to be some kind of interpreted code, rather than x86 instructions, both because the size of the files are much smaller than their AFX ASM equivalents and because the N of identified strings by my Hex editor is way way above from the AFX assemblers one...
I compared Physium
I've reached a couple of conclusions: There is a common header, with add in deffinitions, followed by the bitmap (You 'll see it If you change to binary view and then rezise a couple of times ) short after the "Physium" word

About the OS updates... well I don't really see how we are going to do that, yet it's quite possible any sugestions ? perhaps internal loopbacks?

[kucalc]

Yes, LordNPS the add-ins are not x86 but are codes interpreted by fx-9860's OS. If I could just get info on the name, brand, architecture or identification number of the CPU, I could then disassemble the ROM and find out EVERYTHING on the fx-9860 OS. With the info on the CPU and the disassembly of the ROM we can figure out how the fx-9860 interprets, figure out the syntax or format of the fx-9860. Not only that, we could do a lot more with the CPU (its clocked at 40MHz right?) and the ROM. We can create our own OS, give it wireless communication or maybe even port <{GNULINUX}> to it. All this may sound bizarre, but it could be possible!

All I need is what CPU the fx-9860 is using and to get hold of the ROM (the OS software).

[LordNPS]

Hey kucalc, if you have an idea how to find the name of the CPU I am listening... yet It looks like a big fat bloc of dark plastic, it does not really have a shape.
The CPU and the oscilator are most likely welded into thermic "pasta".
And abou tthat OS Update any particular pratical ideas( like disassembling the windows program ? )?

[kucalc]

So we can't get the name of the CPU since its covered in an insulator.....

Theres still a way though of building our own SDK. When you install the OS Update for the Casio, the ROM is extracted from the installtion program, waiting for it to be copied and downloaded in your calc. The ROM for the calc gotta be in the update installtion program. Just need to find a way to crack the install file and grab it.

[LordNPS]

That does sound pretty magical... well how do we actually do that?

[kucalc]

Let's take a look at what huhn_m has said earlier:

Anyhow, here is what we DO need to have/know to understand the functioning of the g1a format:
1) Calc or working emulator for G1A programs

Add-ins don't work in emulator. We could test add-in prototypes, since some of us have fx-9860.

2) The processor of the calc or at least its architecture to disassemble the g1a files

The CPU is covered in thermal plastic. It could be possible to find out what type of architecture (or core) is the CPU.

3) the Operating System of the calc

A very vital part to lead the creation of an SDK. I know the ROM (OS) is in that Casio OS Update program. Just need to find a way to get it out.

4) We need to find out if the g1a files are in some way encrypted or compressed. This is best done by sniffing the memory of the transfer program while transfering I think

We know that g1a files are files containing codes that are interpreted by the fx-9860 operating system. Obtaining the ROM can tell us how the calc interprets the g1a format.

5) We need to have an add-in where we know some strings (e.g. text on the screen) that we can use as a basis for analysing the structures.

We could use hex or binary editors, compare the add-ins that have been released and search for patterns. This would be a tedious process and might not even get that much research done.

[LordNPS]

I could just dump the ROM..., yet I don't think I could weld the chip back to place.
We would probaly destroy it in the process.
Nonetheless if anyone fells like trying, you are welcomed.
Or we could ask real nice to Casio for their OS...or blackmail them

Edit : why the fuc* doesn't the emulator run add-ins? You can transfer them to the memory yet it woun't run them like a calc would.
Perhaps the FA124 creates a reg entry or something in the calc, stating the presence of the add-in.
The import file suports g1a, so it should be a technical error from casio rather than a decision not to include...


Edit Edit:
Well, I've been around with my hex editor, and thinking.. the best way for us to decode that thing is trough frquency analysis, like in cryptography, Spaces are bound to be the most frquent character, then enters (or some kind of line swap character ) etc...

[kucalc]

I wouldn't recommend desoldering the memory chip. Might destroy your calculator. A nice high resolution pic of the PCB could help. I could proably guess what type of architecture the fx-9860 is using by seeing how the components are wired up...

Or we can email CASIO and ask them to give us data on the g1a format. If a whole bunch of us email and ask nicely, then they might think about giving us what we need to create our own add-ins.

[huhn_m]

Hey Back from holidays but will be gone again soon.

casio will never give us information.

Maybe if someone sees a (cheap!!!) 9860 at ebay that is deffect he could buy
it and remove the coating from the CPU. I'll have a look on this. There MUST be deffective calcs.

[kucalc]

Buy it huhn_m! Buy it! A fx-9860 on ebay! Only a couple of hours left!

http://cgi.ebay.com/...1QQcmdZViewItem

[huhn_m]

looks nice. I'll try it (though I have to get up at 3 in the moning to buy this

[LordNPS]

You better...
Just kidding
Gald to see you back in the forum Huhn
At last , the stars have aligned so that ultimatly you may have a 9860 and can therefor contribute in our (failing so far) reverse assemblage.

We have not found out much usefull information so far, however, we managed to get to some conclusions, wich are indeed interesting.
The 9860 runs interpreted code for g1a's
The Machine uses a U101 Oscillator for frequency(I am aware that this is not new however I found out something about this code)
well that's what we have so far

I think we should try to get working add-ins... kind of changing a couple of strings... something like that... messing with the bitmap

[kucalc]

There is only less than an hour left before the calc gets sold. huhn_m, are you going to go get it?

http://cgi.ebay.com/...1QQcmdZViewItem

[kucalc]

The bidding has ended. Calc sold for $53.00. Hope it was you huhn_m who got it.

[huhn_m]

sorry. 79$ is too much for me. my border was 60$ (50€). I must keep my money together.