CHDK Wiki
Advertisement

Introduction[]

Cameras based on the Digic 6 and later processor differ significantly from previous generation cameras. CHDK support is for Digic 6 cameras is a generally functional as of 2019, and preliminary support for Digic 7 exists as of 2020. The page collects information relevant to creating CHDK ports for Digic 6 and later cameras.


Significant differences from prior Digic versions[]

  • The main CPU is now a Cortex R4 (armv7 architecture). Digic 7 uses a dual core Cortex A9.
  • The majority of Canon firmware code is in the Thumb2 instruction set. The varying size of instructions makes disassembly significantly more difficult, and prevents existing CHDK tools from working on these firmwares.
  • Several other CPUs exist, including an Xtensa core.
  • The display is (probably) driven by a TAKUMI GPU, somehow connected to the Xtensa core
  • Viewport and bitmap display frame buffer formats have changed significantly

Digic 6 Processors[]

As mentioned above, Digic 6 contains multiple different CPUs

Marius[]

The main ARM core where CHDK and the main Canon firmware runs.

For Digic 7, the processor the main firmware runs on has two cores, and is perhaps called Musa.

Zico[]

The Xtensa core responsible for the GPU. Strings like "mzrm" refer to Marius / Zico communication. See https://chdk.setepontos.com/index.php?topic=11316.msg128686#msg128686 and https://chdk.setepontos.com/index.php?topic=11316.msg129104#msg129104 and additional information on the Magic Lantern forum https://www.magiclantern.fm/forum/index.php?topic=26024.0

Omar[]

Another Cortex R4, running thumb2 code, initialized by Marius from Startup task. Runs its own copy of DryOS, with tasks including (depending on camera) ClockSave, OmarStop, FaceRecogTask, BA_Task and DetRecogT. Has its own connection to camera UART, which can be accessed using the "sw" command in dryshell. This only works with a physical UART, not redirection on the main core.

Code for this core is copied from the data area of the main ROM, which can confuse analysis since since valid ARM code appears at incorrect addresses. There are two chunks copied. The first is a small chunk including the reset and other exception vectors is copied to 0xdff00000, which appears to be mapped to 16 KB TCM at address 0 on the Omar core. The second chunk, comprising the main firmware code is copied main RAM at an address like 0x700000 or 0x600000 (depending on model). In the main firmware code, the uncached bit is set, like 0x4070000. The Omar code uses the address without the uncached bit.

See https://chdk.setepontos.com/index.php?topic=11316.msg119473#msg119473

Tools[]

Configuring CHDK capstone tools[]

capdis and Finsig thumb2 depend on the capstone disassembly engine, and must be enabled in the CHDK build configuration.

Capstone version 4.0.x is recommended. A windows build compatible with the CHDK compiler GUI and windows toolchain is available from https://app.box.com/s/qqooc6yuofo8c9rnwafnxiu0stism7ij

The official pre-built windows packages from the capstone download page can also used, but may require linking to the dll import library (-lcapstone_dll) rather than the static library. In this case, included capstone.dll must be on the path when capdis or finsig_thumb2 are run.

Capstone 3.x (3.0.4 or later) is deprecated and support will be removed from the CHDK source in the future. If used, a patch to avoid a serious bug related to blx instruction alignment is required. Using unpatched capstone 3.x versions will result in incorrect disassembly and incorrectly output from Finsig_thumb2. The patch & pre-built win32 capstone library are available here : capstone-mingw-chdk-3.0.4-patched-2016-01-11_1.zip

For Linux, install using your package manager if it provides capstone 4.0, or download capstone source from the capstone download link. 4.0.x can be built and used as is, while 3.0.x must be patched using one of the capstone-...blx-align.patch files found under tools/patches in the CHDK source.

Follow the instructions in the capstone COMPILE.TXT file to build the source (essentially ./make.sh and then sudo ./make.sh install ).

To build the CHDK capstone tools, the following should be set in your localbuildconf.inc. Replace /path/to/capstone with the location where the capstone library is installed.

# Define this to enable building of tools using the capstone library (http://www.capstone-engine.org/)
# Required to rebuild stubs for thumb2 / digic 6 firmware
OPT_CAPSTONE_TOOLS=1

# Set the following if capstone includes are not in the default search path
CAPSTONE_TOOLS_INC=-I/path/to/capstone/include

# Set the following to the options required to link to the capstone library.
# At a minimum, -lcapstone or similar is required. If the library is not
# on the default search path, -L/path/to/capstone is also required
CAPSTONE_TOOLS_LINK=-L/path/to/capstone -lcapstone


NOTES:

  1. To build capdis, you must use make extras or make capdis (capdis.exe on windows) in the CHDK build tree tools directory. It will be removed if you make clean, so you may wish to copy the executable elsewhere.
  1. The current CHDK build process will produce a warning message ( WARNING! Incorrect dissassembly is likely ) if the blx instruction alignment bug has not been correctly patched. It is very easy to not notice this warning as it will be buried deep the build output log.
  2. Some Linux distros may include pre-compiled capstone packages. If it's a 3.x version it will have the blx instruction alignment bug and must not be used. If 4.0.x is available, it should work.


ARM documentation[]

Ports[]

Known Digic 6 (and later) ports and porting attempts

Working ports[]

Ports with usable builds available

Partial ports[]

Other ports that were started but don't yet have published usable builds

Useful forum threads[]

General topics related to Digic 6 and later development

Advertisement