So the next thing could be an Chip-8 emulator runinng on a medium sized Atmega.
CHIP-8 is an interpreted programming language, developed by the late Joseph Weisbecker. It was initially used on the COSMAC VIP and Telmac 1800 8-bit microcomputers in the mid-1970s. CHIP-8 programs are run on a CHIP-8 virtual machine. It was made to allow video games to be more easily programmed for said computers.
CHIP-8’s memory addresses range from 200h to FFFh, making for 3,584 bytes. The reason for the memory starting at 200h is that on the Cosmac VIP and Telmac 1800, the first 512 bytes are reserved for the interpreter. On those machines, the uppermost 256 bytes (F00h-FFFh on a 4K machine) were reserved for display refresh, and the 96 bytes below that (EA0h-EFFh) were reserved for the call stack, internal use, and the variables.
CHIP-8 has 16 8-bit data registers named from V0 to VF. The VF register doubles as a carry flag.
The address register, which is named I, is 16 bits wide and is used with several opcodes that involve memory operations.
The stack is only used to store return addresses when subroutines are called. The original 1802 version allocated 48 bytes for up to 12 levels of nesting; modern implementations normally have at least 16 levels.
CHIP-8 has two timers. They both count down at 60 hertz, until they reach 0.
There are two version of the platform, the Chip-8 and schip (Super Chip). The biggest difference is the display size.
Super Chip 128×64
But most import it has some decent games:
I found some ugly c code code here, cleaned it up and made an SDL version on OS X.
Wrote a quick & dirty python wrapper for the bluez-utils bccmd command to set a the btaddr
of an bluetooth hci device. The native bccmd syntax is awkward, so that i found it handy to have a script which accepts normal formated btaddr as an argument and does some error checking and status infomation.
root@linux:~/devel/tech/bluetooth/# ./setbtaddr hci0 01:0E:07:75:B7:12
Exec './bccmd -d hci0 psset -r bdaddr 0x75 0x00 0x12 0xB7 0x07 0x00 0x0E 0x01'
hci0: Type: USB
BD Address: 01:0E:07:75:B7:12 ACL MTU: 192:8 SCO MTU: 64:8
RX bytes:86 acl:0 sco:0 events:9 errors:0
TX bytes:33 acl:0 sco:0 commands:9 errors:0
Since the 23c3 every interested researcher knew that is easy to compromise bluetooth sessions using the BTcrack tool.Thierry Zoller showed how it’s possible to retrieve link keys, The only problem was to get hands on a bluetooth sniffer device to get the raw bluetooth packets. Such devices are not available at consumer prices. But somehow Max Moser found a way to tranform a vanilla usb bt dongle into a bluetooth sniffer device. Don’t believe the hype…Now bluetooth security is dead.
#Backup old firmware
dfutool -d hci0 archiv backup.dfu
# Backup config
bccmd -d hci0 pslist -s 0x000F >> backup_cfg
# Check Vendor ID ( has to be 0x0a12)
bccmd -d hci0 psget -s 0x000f 0x02be
# Write new Product ID
bccmd -d hci0 psset -s 0x0002 0x02bf 0x0002
A new Kbtsco release is available. Did some small tweaks.
- Added Channel Forcing via Configure Menu. Some people reported having problems with the channel
auto dedection, so that it’s now possible to asign the channel manually.
- Added Cancel Menu item to interrupt the connect process, in case somebody hits the Connect button
when no headset is available.
- Switched Build System from Autotools to bksys.
The Alsa-Bluetooth project project provides a way to use a bluetooth headset with Linux.They do this currently by making an alsa kernel driver which uses bluez to reach the headset.
I Wrote a KDE based user space daemon wich works as drop in replacement for the btsco daemon from the Alsa-Bluetooth package. The Programm is in early beta stage. Just start it from the Console and you will have a small kicker applet in your Systray. KBtsco has a function to discover the BAddr of your Headset. Once you did the pairing via e.g. KBluetoothd package, you can click the headset icon in the Systray to connect to the headset. All actions get visualized via On-Screen-Display in the right corner of your monitor. After connecting you can push your connect button on the headset wich actually opens the sco socket. I used this tool on daily basis with Skype. Sometimes sndbtsco seems to crash and eats all CPU time,it’s still beta i think.
I wrote an extension to the BlueMp3 firmware. Now you can use an loudness filter on the mp3-player. After reading the VS1001 specs, the BlueMp3 mp3-decoder, i noticed that it’s possbile to upload code to the dsp.This code can manipulate the current mp3 stream, so perfect for a loundness filter. I worked through the VS1001 application note and wrote some routines to upload that VS1001 code to the chip. Then i integrated that routines into the BlueMp3 firmware. There is patch available for the 1.8 firmware but also the binary 2.5 firmware includes the loundness filter code.
patch firmware 1.8
patch client 1.8
After reading the CT article about the BlueMp3 player, i knew i need this piece of hardware. It’s an bluetooth mp3 player based on the Atmel Mega128 cpu. The firmware source is available and the client is linux based. So what do i need more to play around? I ordered the pcb and parts at Segor. The Bluetooth module and the Atmega was pre-solderd, because it’s not easy to solder TQFP’s at home. The thing was build after a hour of soldering and worked perfect. But the bluetooth signal just worked over 5 meters. So i added an Lambda/4 antenna (thanks tobi) to the bluetooth module, which extented the coverage up to 20 meters. But what i really needed was a GUI to play my mp3s. Since iam KDE user i deciced to programm my own Gui called k2send. I setup a project page a berlios for it.