<Jamie[m]>
is it avc video? it'd make sense that there's a block of 9 fifos there starting at 401000c and you're writing to the one at [4], following the general pattern of 4 HEVC then 4 AVC then 1 longhorn, but it'd be odd then that there's a 10th one at 40100030
<Jamie[m]>
which the code around the pc implies there is
<Jamie[m]>
oh yeah nah that doesn't add up, all those 401000xx regs are accessed by isrs for all the different codcs
<dottedmag>
Is the right USB port on mbpro m1 max connected differently than the left USB ports? I see it regularly stops detecting newly connected devices under macos, while left ports continue to work properly. reboot "fixes" it
<Jamie[m]>
ah nice the copy of 236 words (0x3b0 bytes) from 0x00000724 lines up with the fact that i saw a repeating block every 0x3b4 bytes starting 0x00000724, once for each slice in the frame
<_jannau_>
dottedmag: based on the ADT all three ports are identical. usb is just cursed, especially on this platform. ask s v e n
<Jamie[m]>
hmm although data_40100030 is special actually, it's accessed from way more places
<Jamie[m]>
so maybe the ones before that ARE 9, one for each codec
<rqou_>
i am guessing (once again based on insufficient evidence) that coded "10" is the fairplay engine
<rqou_>
*codec
<Jamie[m]>
ah nice
nicolas17 has joined #asahi-re
hir0pro has joined #asahi-re
hir0pro has quit [Ping timeout: 480 seconds]
<Jamie[m]>
rqou_: think the word count in your understanding of piodma could be off by one? the things at 0x8b504 repeat every 11 words and are loaded into an array of 11-word structs, while your log says it's copying 10 words
<Jamie[m]>
(as with the copy of 236 words of per-slice stuff, when it repeats every 237)
<rqou_>
yeah, uh, i noticed that too
<rqou_>
but i have a hardware test of the piodma, so ???
<Jamie[m]>
in both cases the extra word is all zeros so no big deal either way i guess
<Jamie[m]>
(in my dumps at least)
nicolas17 has quit [Quit: Konversation terminated!]
chengsun_ has joined #asahi-re
chengsun has quit [Ping timeout: 480 seconds]
chengsun has joined #asahi-re
chengsun_ has quit [Ping timeout: 480 seconds]
chengsun has quit [Quit: Quit]
chengsun has joined #asahi-re
chengsun_ has joined #asahi-re
chengsun has quit [Ping timeout: 480 seconds]
SSJ_GZ has joined #asahi-re
<Jamie[m]>
hahahaha
<Jamie[m]>
rqou_: i recommend you m3_read(0xe0001000)
<Jamie[m]>
we have a watchpoint unit :3
<Jamie[m]>
("0x4F000000 if four comparators for watchpoints only are present")
<Jamie[m]>
so maybe no need for emulation if we want to trace firmware's peripheral access
<Jamie[m]>
a BPU too
<Jamie[m]>
ah dang
<Jamie[m]>
C_DEBUGEN "can only be set to 1 from the DAP, it cannot be set to 1 under software control"
<Jamie[m]>
and writes to it don't stick using m3_write, so i guess that counts as software control
<Jamie[m]>
(I am writing it alongside DBGKEY, don't think that's the issue)
<Jamie[m]>
however we should still be able to patch the firmware to add in a DebugMonitor exception handler
<Jamie[m]>
and handle things that way
goldsoultheory has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<Jamie[m]>
oh duh of course it counts as under software control, i misread how the function was implemented, thought you had found mem read/write functionality in cm3_ctrl lmao
chengsun_ has quit [Ping timeout: 480 seconds]
goldsoultheory has joined #asahi-re
<Jamie[m]>
alright i built a firmware patcher that tacks on an extra function that runs before start
<Jamie[m]>
currently it writes to the log buffer, it's working correctly under your emulator
<Jamie[m]>
but i'll make it write to demcr to enable monitor debugging
<Jamie[m]>
and add in a debug exception handler
<Jamie[m]>
to trace peripheral acces
<Jamie[m]>
s
<Jamie[m]>
could just append to the existing log ringbuffer, as long as macos doesn't choke seeing unexpected stuff there
<Jamie[m]>
and then i guess poll it from a second thread in m1n1, a la the i2c logic analyzer
<Jamie[m]>
guess i should test this one on real hardware before going further
goldsoultheory has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
goldsoultheory has joined #asahi-re
goldsoultheory has quit []
nsklaus has joined #asahi-re
goldsoultheory has joined #asahi-re
<Jamie[m]>
what's the process for reloading a tracer? i get the impression my current "hard shutdown the mac, pick an alternate boot option, re-chainload, reboot macos" workflow isn't quite optional haha
<Jamie[m]>
*optimal
nsklaus_ has quit [Ping timeout: 480 seconds]
<dottedmag>
I use reboot.sh to reboot. You can select the default boot disk, I've done that from macOS's System Preferences -> Startup Disk
<Jamie[m]>
oh if i get rid of all the newlines i can paste it into the hypervisor repl haha
<Jamie[m]>
dottedmag: nice
<Jamie[m]>
i'm pretty sure there's tracer-reloading functionality though, i can see all sorts of plumbing to make it work
<Jamie[m]>
but idk what the entrypoint to trigger it is
<Jamie[m]>
might be generic python knowledge i'm lacking
<Jamie[m]>
(i.e. a generic python module/class-reloading feature)
<Jamie[m]>
ah, i think there might be a timeout on firmware loading
chengsun has joined #asahi-re
<Jamie[m]>
oh it took like 10 tries to do it it but it worked eventually
chengsun has quit [Ping timeout: 480 seconds]
<Jamie[m]>
noo my usb has stopped working
<Jamie[m]>
proxy keeps dying with repeated usb-dwc3@b02280000: Host cleared EP 0x82 stall :(
<Jamie[m]>
i think there's something cursed about usb signal integrity on my desktop
<chadmed[m]>
are you using an apple usb-c charge cable
<Jamie[m]>
nah
<chadmed[m]>
mine was super flaky (that is moments before my dev machine died altogether so maybe that had more to do with it)
<Jamie[m]>
would that be good or bad? don't have one in any case since this mac came with magsafe
<chadmed[m]>
it was actually pretty reliable via one and only one usb-c port on my dev machine, and refused to work via any others or via my tb3 dock
<chadmed[m]>
theyre just cheap usb 2.0 cables
<Jamie[m]>
man
<Jamie[m]>
i haven't changed anything
<Jamie[m]>
except maybe the mac battery got more full
<Jamie[m]>
and the room got more cold
<chadmed[m]>
usb truly is the greatest thing ever
<Jamie[m]>
it's not normally this bad i swear
<Jamie[m]>
oh good now i'm getting errors from dmesg as well
<Jamie[m]>
nooo it happened again
<Jamie[m]>
ugh i don't now how to continue working lol
<Jamie[m]>
what could i have possibly changed to break this
<Jamie[m]>
the cable i just switched to is thunderbolt rated
<Jamie[m]>
which hopefully rules out cable issues
<Jamie[m]>
yeah i think the host is just cursed
<Jamie[m]>
real solution here is for the shop to ship my AM5 motherboard
<chadmed[m]>
do any of those have thunderbolt on board yet
<Jamie[m]>
anyway right before this issue i'm 99% sure i successfully booted my patched firmware
<Jamie[m]>
and decoded a video
<chadmed[m]>
\o/
<Jamie[m]>
noo host reboot didnt fix it
amarioguy has joined #asahi-re
<Jamie[m]>
ayy got it unbroken somehow
<Jamie[m]>
(i changed nothing)
<Jamie[m]>
ok it's definitely booting the custom firmware and running the pre-init code
<Jamie[m]>
oo i was just about to say "but it isn't decoding video properly"
<Jamie[m]>
but then it started decoding video properly!
<Jamie[m]>
must be running up against a timeout of some sort then
<Jamie[m]>
(it's slow because i'm hooking the firmware writes, so it takes like 5-10 seconds to write the firmware)
amarioguy has quit [Remote host closed the connection]
chengsun has joined #asahi-re
chengsun_ has joined #asahi-re
chengsun has quit [Remote host closed the connection]
MajorBiscuit has quit [Quit: WeeChat 3.5]
fmstrat has quit [Ping timeout: 480 seconds]
goldsoultheory has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
fmstrat has joined #asahi-re
amarioguy has joined #asahi-re
<amarioguy>
btw going to start collecting logs from using the sep tracer?
<amarioguy>
what os version should i be tracing sep accesses from?
<amarioguy>
(macOS version that is)
goldsoultheory has joined #asahi-re
SSJ_GZ has quit [Ping timeout: 480 seconds]
goldsoultheory has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]