Skip to content

MD380 Emulator

Jump to bottom
alex, df8av edited this page Dec 12, 2016 · 5 revisions

The MD380 Emulator is a 32-bit ARM/Linux executable that has the MD380's firmware linked into memory at the appropriate location, as well as symbols from our reverse engineering. You can run it on amd64 through qemu, but it will not run on OS X or Windows.

Compiling

The emulator is compiled by an ARM/Linux cross compiler. To compile use a Debian/Testing machine with gcc-6-arm-linux-gnueabi and qemu.

dell13% cd md380tools/emulator 
dell13% make clean all
rm -f *.o *~ md380-emu *.wav *.raw *.elf
arm-linux-gnueabi-gcc-6 -static -g    -c -o md380-emu.o md380-emu.c
arm-linux-gnueabi-gcc-6 -static -g    -c -o ambe.o ambe.c
arm-linux-gnueabi-objcopy \
        -I binary ../firmware/unwrapped/D002.032.img \
        --change-addresses=0x0800C000 \
        --rename-section .data=.firmware \
        -O elf32-littlearm -B arm firmware.o
arm-linux-gnueabi-objcopy \
        -I binary ../cores/d02032-core.img \
        --change-addresses=0x20000000 \
        --rename-section .data=.sram \
        -O elf32-littlearm -B arm ram.o
arm-linux-gnueabi-gcc-6 -static -g -o md380-emu md380-emu.o ambe.o firmware.o ram.o \
        -Xlinker --just-symbols=../applet/src/symbols_d02.032 \
        -Xlinker --section-start=.firmware=0x0800C000 \
        -Xlinker  --section-start=.sram=0x20000000 
dell13%

Running

The emulator runs through qemu using the binfmt framework for running foreign binaries on Linux.

dell13% uname -m
x86_64
dell13% file md380-emu 
md380-emu: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), statically linked, for GNU/Linux 3.2.0, BuildID[sha1]=f9113214a37f12aed8c66a3fdb7decea1220e329, not stripped
dell13% ./md380-emu 
Usage: ./md380-emu [OPTION]
        -d          Decodes AMBE
        -e          Encodes AMBE
        -V          Version Info
        -h          Help!

        -v          Verbose mode.
        -vv         Very verbose!

        -i foo      Input File
        -o bar      Output File
dell13%

AMBE Decoding

As of this writing, the only useful thing the emulator does outside of development is AMBE audio decoding. The following example shows an AMBE recording being decoded to WAV, just as you might do with DSD.

./md380-emu -d -i sample.amb -o out.raw 
Decoding AMBE sample.amb to 8kHz Raw Mono Signed out.raw.
Done with AMBE test.
sox -r 8000 -e signed-integer -L -b 16 -c 1 -v 5 out.raw out.wav
sox WARN sox: `out.wav' output clipped 6 samples; decrease volume?
sox WARN sox: `out.raw' balancing clipped 8 samples; decrease volume?
dell13% file out.wav
out.wav: RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 8000 Hz
dell13%

AMBE Encoding

The following example shows to convert wav to AMBE.

sox demo.wav --bits 16 --encoding signed-integer -c1 -r 8000 -L demo.raw
qemu-arm  ./md380-emu -e -i demo.raw -o demo.amb

The file format output is dsd compatible.

Clone this wiki locally