Canon EOS R / RP

Started by SpenceM, September 05, 2018, 03:09:27 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

kitor

QuoteCan ML currently allow this on the EOS R?

Is ML for R mentioned anywhere?

I need to upgrade (and dump) 1.3 and 1.4 and hopefully update stubs for 1.4. Yup, I'm still on 1.2.
Too many Canon cameras.
If you have a dead R or RP mainboard (e.g. after camera repair) and want to donate for experiments, I'll cover shipping costs.

vlasena

Quote from: 71m363nd3r on August 07, 2019, 12:00:07 AM
How much bucks would you donate for ML contribution for EOS R?
100 bucks

kotik

Quote from: gtemp on October 01, 2019, 08:56:12 PM
Hi, I really only need one single feature from ML for the EOS R, and that's the ability to auto-restart video when it reaches the file size/time limit (30 mins, as I understand it.) Can ML currently allow this on the EOS R? My 5DMkII can do this with ML, and I'd love to upgrade but I need continuous video without having to return to the camera. Multiple files is A-OK. Any insight appreciated!

With an external recorder like the Atoms Ninja V, you can do 10-bit continues recording through the HDMI output port.
My first Canon: FTb QL (Quick Loading), my first digital Canon: 20D 2.0.3
The current one: Canon EOS R

Ireversible

Quote from: a1ex on October 16, 2018, 08:48:32 PM
Tried to run some initial tests on the EOS R; unfortunately, this is all we've got:



The error screen looks just like on previous models, which is encouraging. The camera recognized there was a FIR file on the card, for the correct model, otherwise it would have printed "Update file cannot be found". The error message means it could not verify the checksum; Canon might have changed the FIR file format, or maybe also the encryption.




Edit: progress - apparently it doesn't like tiny FIR files, but otherwise it accepts them:



Edit (February 2019): turns out it was just the decryption code locking up with some FIR files.
Encryption changed - we can no longer create FIR files for this camera.

Hi
I just bought a Canon R and I hope in the future to install a magic lantern firmware on it, but what wrote A1ex is not very encouraging...Is there still hope or will we never see ML on canon r?
Thanks


Mariiiik

Is it possible to create another way of donations besides bitcoin? It may be to make a separate account for the team that is working on EOS R, it seems to me that this will greatly accelerate the collection of donations. Sorry for my english

DoctorJones

I know it's a faux pas asking annoying questions about ML release features, so firstly; thank you so much to all ML developers. If I ever get the pleasure of using ML on one of my cameras I will certainly donate anything I can.

Does anyone know if ML for EOS R is expected to enable 10bit recording in 1080p over HDMI? I love the look of 10bit in C-log, but I don't have the hardware for 4K.

kitor

Quote from: DoctorJones on December 08, 2019, 11:00:08 AM
Does anyone know if ML for EOS R is expected to enable 10bit recording in 1080p over HDMI? I love the look of 10bit in C-log, but I don't have the hardware for 4K.

ML for R (or anything Digic 7+) is not expected to exist any time soon, and you're asking about specific features...

So far we have only proven that it's possible to run custom code.
I guess @a1ex that  "Magic lantern rescue" is misleading and should be replaced with another name for early development ports. Just a string swap may keep people a little less excited.
Too many Canon cameras.
If you have a dead R or RP mainboard (e.g. after camera repair) and want to donate for experiments, I'll cover shipping costs.

IDA_ML

Quote from: DoctorJones on December 08, 2019, 11:00:08 AM
If I ever get the pleasure of using ML on one of my cameras ...

Indeed, ML is a lot of pleasure and fun to use.  If you don't have a camera that supports it, please don't wait forever.  Just consider spending 100-200 US$ for a used EOS-M or 100D body.  Both cameras are ML capable and work miracles with the entire lens arsenal of Canon and with almost any lens that you can imagine using cheap adapters.  Soon you will realize that these are the best 100-200 $ that you have spent in your life.  Good luck!     

Lbs26

Hi to all,i am new in this forum...i wanted to ask a question about Canon Eos R - banding stripes problems.
I have Eos R with the latest 1.6 firmware update,the banding is fixed in the faster shutter speeds at 100%,but in the longer shutter speeds it is till a big issue....
it occurs from 2-3 sec above in the darkest underexposed shadows,where in the shoter shutter speed even if i bring the exposure in post to +5 stops there is no banding.

jo.meatloaf

Такая же проблема и на моем m6 mk ii. Похоже что жто проблема прошивки

kitor

https://www.canonrumors.com/canon-announces-100-firmware-update-for-stop-motion-photography/

Wow, $100 for increase in LV resolution. With no HDMI output, and no focus peaking in many scenarios, so camera is basically useless for other things than stop-motion.
Too many Canon cameras.
If you have a dead R or RP mainboard (e.g. after camera repair) and want to donate for experiments, I'll cover shipping costs.

coon

Hi,
I just got an EOS RP as my first camera recently. After watching some youtube videos about photography I've found out about magic lantern as a way to hack canon cameras. I have some experience with embedded software development (Arduino / AVR and STM32F4 / ARM) and I've also some knowledge about reverse engineering (x86/x64 on Windows). I've good knowledge in C / C++.

With the help of names_are_hard on discord I am already able to compile ML and qemu for the 50D, which meight help me getting familiar with ML development. Luckily a friend of mine has a 50D laying around which I can use for playing around, since he has a newer camera and doesn't need it right now.

Is there a way I can help? Is it possible to dump the firmware of the RP so I can take a look with Ghidra on it?
EOS RP

Walter Schulz


a1ex

Actually, the portable ROM dumper (autoexec.bin version) worked on EOS R, but only after enabling the boot flag via UART.

kitor



Nothing to be excited about, just (finally) upgraded from 1.2.0 to 1.7.0 and checked that bootflag is still there, and dumper still works.
I have no plans for updating stubs in near future, as I tend to take to many projects at once.
Too many Canon cameras.
If you have a dead R or RP mainboard (e.g. after camera repair) and want to donate for experiments, I'll cover shipping costs.

kitor

Cross-post from R5/R6 thread:

Quote from: kitor on September 02, 2020, 10:16:34 AM
Canon basic dumper works on R! Not sure if without bootflag enabled too.

I created the files with Unix line endings (LF only). I made card by using EOScard, with only option "script" selected.
Both files (extend.m and script.req) you can download here: https://kitor.pl/eos_r/cbasic_dumper.zip

Of course credits for dumper goes to @srsa as I took his code directly from this post

After I put card into camera, I went into playback mode, pressed Q/Set button and red light turned on. A minute later it was done, ROM.txt was saved to card root!
Too many Canon cameras.
If you have a dead R or RP mainboard (e.g. after camera repair) and want to donate for experiments, I'll cover shipping costs.

coon

I can confirm that the Canon Basic dumper also works on the EOS RP.

ROM size is 32MB. Dumping takes about ~2 hours and 15 minutes so you better have your battery charged before dumping :).
You don't have to set the bootflag for that so this can be done without opening the case at all.
EOS RP

Walter Schulz

Coon, can you retry with the code supplied by srsa? And compare time required?
https://www.magiclantern.fm/forum/index.php?topic=25305.msg230434#msg230434

coon

Just tried that. It also worked out of the box and only took about 10 seconds.

Got two files: gang100.bin and gang200.bin which both have a size of 32MB.
This dump looks more reliable so this is the way to go I guess :)
EOS RP

Walter Schulz

Thanks! This is really fast!

coon

I can also confirm that enabling the bootflag via


private sub Initialize()
  EnableBootDisk()
end sub


does work aswell.

I've tried booting the portable ROM dumper (https://www.magiclantern.fm/forum/index.php?topic=16534.0) on the RP.
As soon as I close the battery lid, it loads in a glitchy way and crashes or aborts with an error message, since there is some text written in red.

https://www.youtube.com/watch?v=IZB5uWNAREI
EOS RP

coon

After I've done some little adjustments in the display source code of the portable dumper, I am now able to see a clear picture :).



LCD of EOS RP has a resolution of 736x480. Next step is finding the stubs in the firmware.
EOS RP

yourboylloyd

Quote from: coon on September 05, 2020, 01:35:25 PM
After I've done some little adjustments in the display source code of the portable dumper...

Can you create an image of the card? Or share the autoexec.bin file?

Nevermind. That won't do anything for me.
Join the ML discord! https://discord.gg/H7h6rfq

coon

I could upload my autoexec.bin but the code it is based on is a bit behind. Better wait until a1ex merges it into the official build.
It doesen't do anything useful anyways beside displaying the error message more nicely on the RP :).
EOS RP

coon

names_are_hard and I did some first research on the RP. With his help I am now able to run its firmware in QEMU partially.

I've added the RP into models_list.c file of qemu by just copying 200D definitions and renaming to EOSRP. I've also added a EOSRP rom folder and renamed gang100.bin -> ROM0.BIN, gang200.bin -> ROM1.BIN.
Then started emulation with:

./run_canon_fw.sh EOSRP,firmware="boot=0" -d romcpy

It runs but locks up early.

QEMU log:


00000000 - 1FFFFFFF: eos.ram
40000000 - 5FFFFFFF: eos.ram_uncached
DF000000 - DFFFFFFF: eos.ram_extra
E0000000 - E1FFFFFF: eos.rom0
E2000000 - E3FFFFFF: eos.rom0_mirror
E4000000 - E5FFFFFF: eos.rom0_mirror
E6000000 - E7FFFFFF: eos.rom0_mirror
E8000000 - E9FFFFFF: eos.rom0_mirror
EA000000 - EBFFFFFF: eos.rom0_mirror
EC000000 - EDFFFFFF: eos.rom0_mirror
EE000000 - EFFFFFFF: eos.rom0_mirror
F0000000 - F0FFFFFF: eos.rom1
F1000000 - F1FFFFFF: eos.rom1_mirror
F2000000 - F2FFFFFF: eos.rom1_mirror
F3000000 - F3FFFFFF: eos.rom1_mirror
F4000000 - F4FFFFFF: eos.rom1_mirror
F5000000 - F5FFFFFF: eos.rom1_mirror
F6000000 - F6FFFFFF: eos.rom1_mirror
F7000000 - F7FFFFFF: eos.rom1_mirror
F8000000 - F8FFFFFF: eos.rom1_mirror
F9000000 - F9FFFFFF: eos.rom1_mirror
FA000000 - FAFFFFFF: eos.rom1_mirror
FB000000 - FBFFFFFF: eos.rom1_mirror
FC000000 - FCFFFFFF: eos.rom1_mirror
FD000000 - FDFFFFFF: eos.rom1_mirror
FE000000 - FEFFFFFF: eos.rom1_mirror
FF000000 - FFFFFFFF: eos.rom1_mirror
BFE00000 - DEFFFFFF: eos.mmio
[EOS] enabling memory access logging (RW).
[EOS] loading './EOSRP/ROM0.BIN' to 0xE0000000-0xE1FFFFFF
[EOS] loading './EOSRP/ROM1.BIN' (expected size 0x01000000, got 0x02000000) to 0xF0000000-0xF0FFFFFF
[MPU] FIXME: using generic MPU spells for EOSRP.
[MPU] FIXME: no MPU button codes for EOSRP.
Start address: 0xE0000000
Setting BOOTDISK flag to FFFFFFFF
[CPU0] E0008450: MRC p15,0,Rd,cr0,cr0,5:      MPIDR -> 0x80000000
[CPU0] E0008460: MCR p15,0,Rd,cr12,cr0,0:       VBAR <- 0xE000001D
[CPU0] E000848C: MRC p15,0,Rd,cr1,cr0,0:      SCTLR -> 0x8C50078
[CPU0] E0008482: MCR p15, ...          : CACHEMAINT x1 (omitted)
[CPU0] E000848C: MCR p15,0,Rd,cr1,cr0,0:      SCTLR <- 0x48C50878
[CPU0] E0004B62: MRC p15,0,Rd,cr1,cr0,0:      SCTLR -> 0x48C50878
[CPU0] E0004B62: MCR p15, ...          : CACHEMAINT x2 (omitted)
[CPU0] E0004B62: MCR p15,0,Rd,cr1,cr0,0:      SCTLR <- 0x48C51878
[ROMCPY] 0xE0008634 -> 0xDF001000 size 0x600      at 0xE000699C
Logging ROM-copied blocks to EOSRP/romcpy.sh.

[CPU0] E00084D8: MRC p15,0,Rd,cr0,cr0,5:      MPIDR -> 0x80000000
[CPU0] E0004B86: MRC p15,0,Rd,cr1,cr0,0:      SCTLR -> 0x48C51878
[CPU0] E0004C50: MCR p15, ...          : CACHEMAINT x512 (omitted)
[CPU0] E0004B86: MCR p15,0,Rd,cr1,cr0,0:      SCTLR <- 0x48C50878
[CPU0] E0004B96: MCR p15, ...          : CACHEMAINT x1 (omitted)
[CPU0] E0004AE2: MCR p15,0,Rd,cr3,cr0,0:       DACR <- 0x55555555
[CPU0] E0004AEA: MCR p15,0,Rd,cr2,cr0,0:  TTBR0_EL1 <- 0xE0004800
[CPU0] E0004AEE: MCR p15,0,Rd,cr2,cr0,1:  TTBR1_EL1 <- 0xE0000080
[CPU0] E0004AF2: MCR p15,0,Rd,cr13,cr0,1: CONTEXTIDR(S) <- 0x0       
[CPU0] E0004AF6: MCR p15,0,Rd,cr2,cr0,2:      TTBCR <- 0x7       
[CPU0] E0004AFE: MCR p15,0,Rd,cr8,cr7,0:    TLBIALL <- 0x0       
[CPU0] E0004B06: MRC p15,0,Rd,cr1,cr0,0:      SCTLR -> 0x48C50878
[CPU0] E0004B06: MCR p15,0,Rd,cr1,cr0,0:      SCTLR <- 0x48C50879
[CPU0] E0008546: MRC p15,0,Rd,cr1,cr0,0:      SCTLR -> 0x48C50879
[CPU0] E0008546: MCR p15, ...          : CACHEMAINT x1 (omitted)
[CPU0] E0008546: MCR p15,0,Rd,cr1,cr0,0:      SCTLR <- 0x48C51879
[CPU0] E000855E: MRC p15,0,Rd,cr1,cr0,0:      SCTLR -> 0x48C51879
[CPU0] E000855E: MCR p15,0,Rd,cr1,cr0,0:      SCTLR <- 0x48C5187D
[CPU0] E000856A: MRC p15,0,Rd,cr1,cr0,1:  ACTLR_EL1 -> 0x45
[CPU0] E000856A: MCR p15,0,Rd,cr1,cr0,1:  ACTLR_EL1 <- 0x45     
[CPU0] E000856A: MRC p15,0,Rd,cr15,cr0,0:  A9_PWRCTL -> 0x0
[CPU0] E000856A: MCR p15,0,Rd,cr15,cr0,0:  A9_PWRCTL <- 0x1       
[CPU0] E000858A: MRC p15,0,Rd,cr15,cr0,1:    A9_DIAG -> 0x0
[CPU0] E000858A: MCR p15,0,Rd,cr15,cr0,1:    A9_DIAG <- 0x400000 
[CPU0] E0004900: MRC p15,0,Rd,cr0,cr0,5:      MPIDR -> 0x80000000
[CPU0] E00049A6: MCR p15,0,Rd,cr12,cr0,0:       VBAR <- 0xDF000000
[ROMCPY] 0xE0008C34 -> 0xDF000000 size 0x100      at 0xE0004966
BootL[ROMCPY] 0xE0008D50 -> 0x40100000 size 0x116D4    at 0xE0007F4C
[ROMCPY] 0xE0000000 -> 0x40700000 size 0x4900     at 0x10F46C 


romcpy.sh contains:


dd if=ROM0.BIN of=EOSRP.0xDF001000.bin bs=1 skip=$((0x8634)) count=$((0x600))
dd if=ROM0.BIN of=EOSRP.0xDF000000.bin bs=1 skip=$((0x8C34)) count=$((0x100))
dd if=ROM0.BIN of=EOSRP.0x40100000.bin bs=1 skip=$((0x8D50)) count=$((0x116D4))
dd if=ROM0.BIN of=EOSRP.0x40700000.bin bs=1 skip=$((0x0)) count=$((0x4900))


But it seems to be incomplete. Boot process seems to lock up here.
When running QEMU like this:

./run_canon_fw.sh EOSRP,firmware="boot=1"

I will get the following message in red color before it locks up:


BootLoadCard Read Error!!!
e

EOS RP