*crys* radio firmware inefficiency.

Balcora

Member
Feb 6, 2011
59
15
Hey all,

Just letting you know, i've been poking around the radio firmware wading through alot of their incredibly um... unoptimized code.

I'll be looking at writing an optimized version of the radio firmware after i do some more hole finding etc to make it nice and easy for me.
Unless of course Huawei decides to actually release a new radio firmware with decent optimization.
Things lacking...

Decent use of extended instruction sets like thumb1/2 where appropriate (and a lot faster).
Horrible constructs, using very power inefficient looping around all over the place like its doing some kind of drug.
(these things just from a 10 min look around....)

I'm not sure what compiler they used for this thing; but it was nasty... and didn't know the difference between ARM and a bag of peanuts.

Anyone else who knows a bit of ARM asm (v6 and a bit of v7 for app side proc nubcakery), and of course their other execution states.
go ahead and PM me, as i'm lazy and can always use useful people :p.
 
Looking at the system; i think it might have a diag interface which would make poking around this thing a lot easier.
Either way, most of the system seems fine for code availability.
With a bit of pain; we may be able to get this thing off the ground running 2.3 or 3.0.
The hardware seems capable of it despite silly remarks about 3.0 requiring dual core (not from initial intentions it wasn't, its probably a minor flaw).
Either way; the S7 has 3 processors....
1x Adreno 200 (GPU)
1x Scorpion (App processor)
1x ARM 11 if i'm not mistaken from the literature and the code being v6 compliant (baseband processor).
 
Also, before anyone complains, yes i know 3 specialized procs aren't the same as a dedicated dual core app proc :p.
 
It wont be a problem for the hardware to support version 3 the problem is to find talented people to work on getting this. as you can see we do not have yet to many gurus here but allways is hope.
 
Last edited:
I think i've worked out what they did; they have just opted to run with ASM only as it usually is a smaller executable size.
Hand optimization would probably have been the only way to make it run with thumb2 as well where appropriate without bloating it too heavily.
Although that doesn't excuse the crappy assembly though :p.
 
If we can get this radio I can work on getting it packed into an update, I wonder if the radio lock will alow this, isnt there a nand security lock that will still need to be beat, this is what is keeping us from flashing other roms too, if you can get me a radio id love to start helping out!
 
I'm not greatly addept with the newer qualcomm chips but I did a lot with the 7xxx chips(G1 and magic mostly), but after I get used to the 8x50 stuff and reverse it a bit more I will be good to fine tune the radio a bit better, I especially want to remove some of the loops and suspend threads instead, as at the moment it is prob chewing up a chunk of battery when it need not.

Sent from my S7 using Android Tablet Forum App
 
Um yea; sorry i might have confused a bit; i was talking about the chip, not the arch.
All the literature i can find seems to say its running an ARM11 baseband proc. QDevNet - Chips - QSD8x50 Chipset Family | Qualcomm Developer Network (first section details the 3 procs).
ARM7 == v3-5 arch
ARM9 == v5 arch
ARM10 == v5 arch
ARM11 == v6 arch
Cortex == v7 arch

Qualcomm Scorpion (used in QSD8x50) is ARMv7 according:
ARM Information Center
Qualcomm News and Events - Press Releases - Qualcomm Introduces the World's Most Advanced Mobile Microprocessor
Qualcomm Reveals Details on Scorpion Core | www.bdti.com
Qualcomm Snapdragon QSD8250 - CPUlist | PDAdb.net - Comprehensive Database of Smartphone, PDA, PDA Phone, PNA, netbook & Mobile Device Specifications
Snapdragon (System on Chip) - Wikipedia, the free encyclopedia
 
QSD8250 has an Cortex A8 ARMv7 applications processor

ARM11 usually means ARM1176: ARM1176 Processor - ARM

CPUInfo shows ARMv7, neon. I think it's just a small mixup


Sorry, i need to be more full in my explanations.

There is both a Cortex and an Arm 11 in the QSD8250.

Technically 3 Processing units.

Cortex for the android side.
ARM 11 for the baseband (the mobile radio).
Adreno 200 (Graphics processor).

When the unit boots up;
It boots from the ARM11, (the radio firmware).
And then chain loads the bootloader and runs android on the Cortex.
The UMTS/GSM is always running on the ARM11.
Where as your applications/OS are running on the Cortex.

Android as far as its concerned doesn't even know there is an ARM11 in there.

In almost all hardware; you will find multiple processors that aren't really seen by the OS.

i.e. When you see the 802.11 Wireless card; all the OS will see, is an interface to the card.
But the Wireless card has its own processor (not a huge hunking powerful thing, just a very tiny lightweight processor to run the Wireless cards firmware).

Same goes for the UMTS/GSM radio.

The only reason it makes a difference, is that with Mobile platforms; the radio firmware is what boots first, and thus to hack it; you need to know how to hack the ARM11 ;).

Hopefully this will clear up confusion.

:)
 
Also, as another update I suppose.

My 105 is S-OFF, i'm thinking its very likely every one elses is also S-OFF, unless the Telstra 105 is odd :p.(Could possibly be something i did as i have been playing with my radio firmware), but although i did alter some of the nand security stuff; i don't think i disabled it. but test it out for yourselves and see if you can get into fast boot.

So flashing updates is not an issue; i am working on a new recovery image, and possibly expanding to writing a new Android Mod.
They may used key based crap like usual for the updates on radio; but if we put our S7's into fastboot; or flash it via the DIAG, this again won't be an issue.
 
Simple, in fastboot I was able to reflash, pretty easy way to tell when you can reflash unsigned radio lulz

Sent from my S7
 
Back
Top