Messages

Having in mind that 5d4 developement will help other digic 6+ cams, I would gladly donate. Especially that I'm looking up to buy 5d4, though I don't really want it without ML.

I'm a software developer, but I write on high level languages like Python and Java. I have some experience in C, but no ASM and no reverse engineering. I couldn't spend much time debugging my 6d2 when I tried to find stubs, so sadly I failed to make any progress.

Thus, I'm willing to donate some of my money to get ML on my camera. Though, I'm not sure how you guys are going to do that. Some people will be donating for 5d4, some for 6d2, some for EOS R.

Can confirm 6D2 working. But the ROM0 hash differs from the previous dump I got with the original 6D2 dumper. The hashes in *.MD5 files are same as the ROMs' hashes.

So I was playing around with the 6D2 ROM1 dump and it seem to have failed the disassembly part.
I get a lot of lines like this in the ROM1 disassembly file:

Code Select Expand

ffffffff ; <UNDEFINED> instruction: 0xffffffff

Somewhere on the forum I read that it might be because the wrong firmware start address that I use with disassemble.pl script. Although I used exactly the same address that was given me by the Firmware Dumper: 0xE0040000. What am I doing wrong?

Another stupid question how can I identify the stub (what it actually does so I put it in stubs.S)?

Note: my dump is of the 1.0.4 firmware version.

Thank you kindly for your response.

I tried the qemu branch, but it seem to have an issue with 7D. Now I'm trying out the digic6_dumper branch because anyway I'm going to play around with DIGIC7 and 6D2 and this branch seem to have some stuff related to DIGIC7 cameras.

Hi there!

As per this instruction I followed the steps to compile ML. I succeed and then proceed with CONFIG_QEMU=y, but failed on that.

I have successfully compiled ML for 550d and Qemu as the instruction said and then tried to compile ML again, but compilation aborted with the following reason:

Code Select Expand

[ AR       ]   dietlibc.a
[ AR       ]   newlib-libc.a
[ LD       ]   magiclantern
boot-hack.o: In function `my_init_task':
boot-hack.c:(.text+0x2dc): undefined reference to `ml_gui_main_task'
make[1]: *** [../../src/Makefile.src:197: magiclantern] Error 1
make[1]: Leaving directory '/home/morgan/magic-lantern/platform/50D.109'

I'm using Fedora 28 and gcc-arm-none-eabi-7-2018-q2-update.

Could anyone please give some hints on this error?

Thanks!

This sounds promising! Thanks for the links, I'll be checking this out.

For DIGIC 7 models, the next step is porting the 80D startup code (i.e. running user code alongside Canon firmware). I expect this step to be straightforward, so it's left as an exercise to the owners of these cameras. You can debug the startup code in the emulator; once you get it working, just ask me to enable the boot flag so you can test it on the camera.

Hmm, given that I have no experience in reverse engineering, this one is gonna be tough. I'll see if I can do anything, but the success for me in that task is gonna be almost impossible.
Although, I've read that DIGIC 7 are quite the same as DIGIC 6, just dual core, and this kinda makes me wonder why we can't run the DIGIC 6 code on a single DIGIC 7 core?

Looks very much like DIGIC 7. Dual core.

Volunteers willing to run untested code are welcome.

Hi there! I own a 6D2. Could you please tell me more about running the untested code? How dangerous is it?

If the code damages the camera, will you help to recover it if it's possible (with another code, for example)?

I'm kinda experienced Linux user and a Java (with a little C) programmer. Sadly, I'm not much into low-level programming.