Author Topic: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)  (Read 77466 times)

names_are_hard

  • New to the forum
  • *
  • Posts: 8
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #175 on: April 02, 2019, 10:28:58 PM »
This is a useful starting place:
https://bitbucket.org/hudson/magic-lantern/src/qemu/contrib/qemu/HACKING.rst?fileviewer=file-view-default#rst-header-adding-support-for-a-new-camera-model

The Finding Stubs tutorial is also handy:
https://www.magiclantern.fm/forum/index.php?topic=12177.0

IRC is a good place to ask "how do I find out about X?".

The stephen-e repo is mine, I am working on stub hunting currently.  There's about 80 stubs I haven't tried to locate yet, when I've taken a first pass through that I'll need to ask more questions.  If anyone with a 200D finds stubs further down in stubs.S them my "UNSURE or untested" section, let me know and I can add them.  Currently I have the hack hello world working, and the official CONFIG_HELLO_WORLD Magiclantern *building*, but it won't run; it will need some of the stubs that I haven't yet found.  I guess it might take 40 hours to try and find the 80 I know are currently wrong.  Then maybe another 40 to find the ones that are hard to find?  Then I don't know what is next; I guess maybe correcting the ML source code for assumptions it makes that aren't true for Digic 7.  I have noticed that some functions seem to have a changed number of parameters, perhaps that will become important.

If you can't afford IDA Pro + decompiler (about $4000), then I highly recommend Ghidra.  It's free, and has very similar features.  If you've not used something like that before I can get you started.  This lets you better compare a known good camera with a new camera, so you can find the equivalent functions in the new version.

You can stay logged into IRC permanently by using an IRC Proxy / Bouncer, then your IRC client connects to that.  ZNC looks alive, I've not tried it.

calle2010

  • New to the forum
  • *
  • Posts: 40
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #176 on: April 03, 2019, 07:22:48 AM »
That's a very good summary. I decided to give up on improving the emulation for now. This task is beyond my knowledge and I think I make no progress:
I tried to create 77D MPU spells but ailed because many important spells are not in the log from my camera and I don't know why.
I tried to analyze and debug the WaitPU1 issue but do not understand enough of DryOS semaphores, sequencers and other things to make any sense of it. I believe this blocks the firmware startup sequence
I have no clue how to fix QEMU for the new display GPU. I thought about having a breakpoint, dumping the VRAM every second to a file and convert and display outside of QEMU...  but as long as the emulation is stuck it doesn't make much sense.

So I think I will follow your path, trying to find the relevant stubs for ML Hello World. As the two models are very similar we should be able to benefit from each other.

I use Ghidra, too.  I wrote a small Getting Started for the 77D ROMs. It should be nearly identical for the other Digic 7 cameras: https://github.com/calle2010/magic-lantern-77d-vagrant/blob/master/ghidra.md
Im happy for feedback and tips since this is the first time I use a tool like this.

names_are_hard

  • New to the forum
  • *
  • Posts: 8
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #177 on: April 03, 2019, 11:25:41 PM »
It's a nice Ghidra guide, I like it!  I made some changes but git push gave me a 403, so I guess I can't submit a pull request?  I'm not very good with git, maybe it's something else.  I put my edits here: https://pastebin.com/vP5TNPt1

There are two things that I think will make your life much easier - I think you have the "language" wrong, and should be using ARM Cortex 32 little endian, not ARM v7. Second, you shouldn't load each ROM as a file in your Ghidra project (I made this mistake too).  This makes each file separate and disassembly can't see stuff in the other files, so you will get lots of broken refs.  Instead, load the main ROM, then use File -> Add To Program.  This puts all the files in the same address space and disassembly works much better.

Third...  I should really write a Ghidra script that reads stubs.S and disassembles and labels every code address.

calle2010

  • New to the forum
  • *
  • Posts: 40
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #178 on: April 04, 2019, 12:49:18 AM »
I made some changes but git push gave me a 403, so I guess I can't submit a pull request?

You could create a PR from your own fork. But you can't directly push to another repository if permissions haven't been setup.

Thank you very much for the edits. I took them over manually. What started as my personal notes for the 77D may turn into a ML Ghidra guide.  :)

Quote
I think you have the "language" wrong, and should be using ARM Cortex 32 little endian, not ARM v7.

I will check this. I though ARM v7 architecture is correct for the Cortex A9 processor? Actually I'm a bit confused by the choices in Ghidra...

Quote
Second, you shouldn't load each ROM as a file in your Ghidra project (I made this mistake too).  This makes each file separate and disassembly can't see stuff in the other files, so you will get lots of broken refs.  Instead, load the main ROM, then use File -> Add To Program.  This puts all the files in the same address space and disassembly works much better.

Actually this is what I do, but my language was not clear enough.

Quote
Third...  I should really write a Ghidra script that reads stubs.S and disassembles and labels every code address.

...and also for named_functions.idc :-)

Btw: I use F12 always instead of D since the thumb flag is not persisted. In the next session "D" may try to analyze ARM instead of Thumb again. Nearly all code of the 77D seems to be Thumb.

names_are_hard

  • New to the forum
  • *
  • Posts: 8
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #179 on: April 04, 2019, 03:33:31 AM »
You could create a PR from your own fork. But you can't directly push to another repository if permissions haven't been setup.
Okay, makes sense, thanks.

Quote
I will check this. I though ARM v7 architecture is correct for the Cortex A9 processor? Actually I'm a bit confused by the choices in Ghidra...
Earlier in this thread Alex says it's Cortex.  I may be wrong that it makes a difference, I thought that all Cortex were v7 but not all v7 were Cortex, but now I'm not sure.  I looked at the Ghidra definitions in Ghidra/Processors/ARM/data/languages and it seems they're treated very similarly.  I think Cortex might default to Thumb, where v7 doesn't.  Might explain why D works fine for me most of the time?

Quote
...and also for named_functions.idc :-)
Yes, similar thing, should be easy.  Although named_functions doesn't find much for me.  I guess because emulation is quite limited so far.

aprofiti

  • Member
  • ***
  • Posts: 162
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #180 on: April 04, 2019, 08:22:21 AM »
Found stubs for 800D 1.0.1 and 6D2 1.0.3 6D2 1.0.4; now they have possibility to join the party :)

You should be able to save a log from startup as the other d7 cameras (please test and report).
Next step will be to find bmp_vram_info for hello world code, then start to port ML.

Is there someone who has these cameras and is willing to try bootflag enabler?

edit: Updated 6D2 stubs list to 1.0.4

totalmichel

  • New to the forum
  • *
  • Posts: 5
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #181 on: April 04, 2019, 11:37:44 AM »
Found stubs for 800D 1.0.1 and 6D2 1.0.3; now they have possibility to join the party :)

You should be able to save a log from startup as the other d7 cameras (please test and report).
Next step will be to find bmp_vram_info for hello world code, then start to port ML.

Is there someone who has these cameras and is willing to try bootflag enabler?

i have an 6D2 but it has the latest firmware 1.0.4

aprofiti

  • Member
  • ***
  • Posts: 162
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #182 on: April 04, 2019, 01:30:57 PM »
You can try the FIR version of the rom dumper and ask a1ex for bootflag enabler (after that It is possibile to run custom binary on camera).

Then share the dump (send a PM) so we can work on an updated version (time consuming but it should be worth if there is collaboration) for 1.0.4.

totalmichel

  • New to the forum
  • *
  • Posts: 5
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #183 on: April 05, 2019, 06:18:38 PM »
a1ex can you send me the bootflag enabler for 6D2?

just finished sending the 1.0.4 dump to aprofiti

buro341

  • New to the forum
  • *
  • Posts: 5
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #184 on: April 11, 2019, 08:36:37 PM »
just a supporter here, how are things going guys?  :D

names_are_hard

  • New to the forum
  • *
  • Posts: 8
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #185 on: April 11, 2019, 08:45:16 PM »
There is the expected slow progress.  It will likely be several months minimum before anything major happens.

Nicolas Apud

  • New to the forum
  • *
  • Posts: 2
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #186 on: April 12, 2019, 12:54:38 AM »

Hi, I have a 6D2  and I would like to help
nicolasapud1@gmail.com

buro341

  • New to the forum
  • *
  • Posts: 5
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #187 on: April 15, 2019, 05:28:55 PM »
Thnx for the info. I really don't like ipb for the 77d  :'(

tekrevz

  • New to the forum
  • *
  • Posts: 2
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #188 on: April 16, 2019, 03:12:30 AM »
I know this is a naive question. But how quickly /easy would a change to bitrate of the 6dm2 video be. Could you theoretically go into the code and just change the number?

scrax

  • Developer
  • Hero Member
  • *****
  • Posts: 1518
  • Code monkey
Re: DIGIC 7 development (200D/SL2, 800D/T7i, 77D, 6D2)
« Reply #189 on: April 16, 2019, 01:02:39 PM »
I know this is a naive question. But how quickly /easy would a change to bitrate of the 6dm2 video be. Could you theoretically go into the code and just change the number?
ML don't changes any code in canon firmware, so for any function ML need to be ported for the cam at first, before doing anything
I'm using ML2.3 for photography with:
EOS 600DML | EOS 400Dplus - EF 100mm f/2.8 USM Macro  - EF-S 17-85mm f4-5.6 IS USM - EF 70-200mm f/4 L USM - 580EXII - OsX Lion, Photoshop & Lightroom -no video experience-