This source file includes following definitions.
- spytask
- CreateTask_spytask
- boot
- CreateTask_my
- sub_fc04f194_my
- sub_fc04f324_my
- sub_fc04f72a_my
- sub_fc060338_my
- sub_fc04f6c4_my
- sub_fc06021a_my
- init_file_modules_task
- kbd_p2_f_my
- sub_fc060900_my
- tricinittask
- update_url
- agps_downloader_task
1
2 #include "lolevel.h"
3 #include "platform.h"
4 #include "core.h"
5 #include "dryos31.h"
6
7 #define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
8
9 const char * const new_sa = &_end;
10
11
12 extern volatile int jogdial_stopped;
13 void JogDial_task_my(void);
14
15 extern void task_CaptSeq();
16 extern void task_InitFileModules();
17 extern void task_RotaryEncoder();
18 extern void task_MovieRecord();
19 extern void task_ExpDrv();
20 extern void task_AGPSDownloader();
21
22
23
24
25 void spytask(long ua, long ub, long uc, long ud, long ue, long uf)
26 {
27 (void)ua; (void)ub; (void)uc; (void)ud; (void)ue; (void)uf;
28 core_spytask();
29 }
30
31
32
33
34 void CreateTask_spytask()
35 {
36 _CreateTask("SpyTask", 0x19, 0x2000, spytask, 0);
37 }
38
39
40
41
42
43
44
45
46
47
48
49
50
51 void __attribute__((naked,noinline)) boot() {
52 asm volatile (
53 " ldr.w sp, =0x80010000\n"
54 " BL sub_fc020064\n"
55 " ldr r2, =0xc0242010\n"
56 " ldr r1, [r2, #0]\n"
57 " orr.w r1, r1, #1\n"
58 " str r1, [r2, #0]\n"
59 " ldr r0, =0xfc9538d4\n"
60 " ldr r1, =0x010c1000\n"
61 " ldr r3, =0x010e03c4\n"
62 " loc_fc020024:\n"
63 " cmp r1, r3\n"
64 " itt cc\n"
65 " ldrcc.w r2, [r0], #4\n"
66 " strcc.w r2, [r1], #4\n"
67 " bcc.n loc_fc020024\n"
68
69
70 "adr r0, patch_CreateTask\n"
71 "ldr r1, =hook_CreateTask\n"
72 "add r2, r0, #8\n"
73 "task_hook_loop:\n"
74 "ldrh r3, [r0],#2\n"
75 "strh r3, [r1],#2\n"
76 "cmp r0,r2\n"
77 "blo task_hook_loop\n"
78
79 " ldr r0, =0x010c1000\n"
80 " ldr r1, =0x0001f3c4\n"
81 " BL sub_fc12dd3a\n"
82 " ldr r0, =0xfc932474\n"
83 " ldr r1, =0x00008000\n"
84 " ldr r3, =0x00029460\n"
85 " loc_fc020040:\n"
86 " cmp r1, r3\n"
87 " itt cc\n"
88 " ldrcc.w r2, [r0], #4\n"
89 " strcc.w r2, [r1], #4\n"
90 " bcc.n loc_fc020040\n"
91 " ldr r3, =0x00029460\n"
92 " ldr r1, =0x002bd558\n"
93 " mov.w r2, #0\n"
94 " loc_fc020056:\n"
95 " cmp r3, r1\n"
96 " it cc\n"
97 " strcc.w r2, [r3], #4\n"
98 " bcc.n loc_fc020056\n"
99 " b.w sub_fc04f194_my\n"
100
101 "patch_CreateTask:\n"
102 "ldr.w pc, [pc,#0]\n"
103 ".long CreateTask_my + 1\n"
104 );
105 }
106
107
108 void __attribute__((naked,noinline)) CreateTask_my() {
109 asm volatile (
110 " push {r0}\n"
111
112 " ldr r0, =task_CaptSeq\n"
113 " cmp r0, r3\n"
114 " itt eq\n"
115 " ldreq r3, =capt_seq_task\n"
116 " orreq r3, #1\n"
117 " beq exitHook\n"
118
119 " LDR R0, =task_ExpDrv\n"
120 " CMP R0, R3\n"
121 " itt eq\n"
122 " LDREQ R3, =exp_drv_task\n"
123 " orreq r3, #1\n"
124 " BEQ exitHook\n"
125
126 " LDR R0, =task_DvlpSeqTask\n"
127 " CMP R0, R3\n"
128 " itt eq\n"
129 " LDREQ R3, =developseq_task\n"
130 " orreq r3, #1\n"
131 " BEQ exitHook\n"
132
133 " LDR R0, =task_TricInitTask\n"
134 " CMP R0, R3\n"
135 " itt eq\n"
136 " LDREQ R3, =tricinittask\n"
137 " orreq r3, #1\n"
138 " BEQ exitHook\n"
139
140 " LDR R0, =task_FileWrite\n"
141 " CMP R0, R3\n"
142 " itt eq\n"
143 " LDREQ R3, =filewritetask\n"
144 " orreq r3, #1\n"
145 " BEQ exitHook\n"
146
147 #if PLATFORMID == 12895
148 " LDR R0, =task_AGPSDownloader\n"
149 " CMP R0, R3\n"
150 " itt eq\n"
151 " LDREQ R3, =agps_downloader_task\n"
152 " orreq r3, #1\n"
153 " BEQ exitHook\n"
154 #endif
155
156
157 " LDR R0, =task_MovieRecord\n"
158 " CMP R0, R3\n"
159 " itt eq\n"
160 " LDREQ R3, =movie_record_task\n"
161 " orreq r3, #1\n"
162 " BEQ exitHook\n"
163
164
165 " ldr r0, =task_InitFileModules\n"
166 " cmp r0, r3\n"
167 " itt eq\n"
168 " ldreq r3, =init_file_modules_task\n"
169 " orreq r3, #1\n"
170 "exitHook:\n"
171
172 " pop {r0}\n"
173
174 " stmdb sp!, {r1, r2, r3, r4, r5, r6, r7, r8, r9, lr}\n"
175 " mov r4, r0\n"
176 " ldr r0, =0x8154\n"
177 " ldr.w pc, =(hook_CreateTask + 8 + 1) \n"
178 ".ltorg\n"
179 );
180 }
181
182
183 void __attribute__((naked,noinline)) sub_fc04f194_my() {
184
185 if (*(int*)(0xd20b0000 + 0x10 * 4) & 0x10000) {
186
187
188 *(int*)(0x92a0+0x4) = 0x200000;
189 }
190 else {
191
192 *(int*)(0x92a0+0x4) = 0x100000;
193 }
194 asm volatile (
195 "push {r4, lr}\n"
196 #if defined(CHDK_NOT_IN_CANON_HEAP)
197 "ldr r4, =0x002bd558\n"
198 #else
199 "ldr r4, =new_sa\n"
200 "ldr r4, [r4]\n"
201 #endif
202 "sub sp, #0x78\n"
203 "ldr r0, =0x005ce000\n"
204 "ldr r1, =0x00071b34\n"
205 "subs r0, r0, r4\n"
206 "cmp r0, r1\n"
207 "bcs.n loc_fc04f1a6\n"
208 "loc_fc04f1a4:\n"
209 "b.n loc_fc04f1a4\n"
210 "loc_fc04f1a6:\n"
211 "ldr r1, =0x00008070\n"
212 "mov.w r0, #0x80000\n"
213 "str r0, [r1, #0]\n"
214 "ldr r1, =0x00008074\n"
215 "ldr r0, =0x42b21000\n"
216 "str r0, [r1, #0]\n"
217 "ldr r1, =0x00008078 \n"
218 "ldr r0, =0x42b23000\n"
219 "str r0, [r1, #0]\n"
220 "movs r1, #0x74\n"
221 "add r0, sp, #4\n"
222 "blx sub_fc251d44\n"
223 "add r2, sp, #4\n"
224 "ldr r0, =0x0054b000\n"
225 "mov.w r1, #0x83000\n"
226 "stmia r2!, {r0, r1, r4}\n"
227 "ldr r1, =0x005404cc\n"
228 "str r0, [sp, #24]\n"
229 "movs r0, #0x22\n"
230 "subs r2, r1, r4\n"
231 "str r0, [sp, #28]\n"
232 "movs r0, #0x98\n"
233 "str r0, [sp, #32]\n"
234 "strd r2, r1, [sp, #16]\n"
235 "movw r0, #0x1e8\n"
236 "str r0, [sp, #36]\n"
237 "movs r0, #0xf6\n"
238 "str r0, [sp, #40]\n"
239 "movs r0, #0xb6\n"
240 "str r0, [sp, #44]\n"
241 "movs r0, #0x85\n"
242 "str r0, [sp, #48]\n"
243 "movs r0, #0x40\n"
244 "str r0, [sp, #52]\n"
245 "movs r0, #4\n"
246 "str r0, [sp, #56]\n"
247 "movs r0, #0\n"
248 "str r0, [sp, #60]\n"
249 "movs r0, #16\n"
250 "str r0, [sp, #96]\n"
251 "ldr r1, =sub_fc04f324_my\n"
252 "movs r2, #0\n"
253 "lsls r0, r0, #7\n"
254 "str r0, [sp, #100]\n"
255 "asrs r0, r0, #3\n"
256 "str r0, [sp, #104]\n"
257 "lsls r0, r0, #5\n"
258 "str r0, [sp, #108]\n"
259 "add r0, sp, #4\n"
260 "blx sub_fc25138c\n"
261 "add sp, #0x78\n"
262 "pop {r4, pc}\n"
263 ".ltorg\n"
264 );
265 }
266
267
268 void __attribute__((naked,noinline)) sub_fc04f324_my() {
269 asm volatile (
270 "push {r4, lr}\n"
271 "ldr r4, =0xfc04f3d0\n"
272 "bl sub_fc050c14\n"
273 "ldr r0, =0x000080e8\n"
274 "ldr r1, [r0, #0]\n"
275 "ldr r0, =0x00008070\n"
276 "ldr r0, [r0, #0]\n"
277 "adds r0, #16\n"
278 "cmp r1, r0\n"
279 "bcs.n loc_fc04f340\n"
280 "ldr r0, =0xfc04f3e0\n"
281 "bl sub_fc04f3b8\n"
282 "loc_fc04f340:\n"
283 "bl sub_fc12de14\n"
284 "ldr r3, =0x80000800\n"
285 "mov.w r1, #0x80000000\n"
286 "mov.w r2, #0xeeeeeeee\n"
287 "loc_fc04f34e:\n"
288 "stmia r1!, {r2}\n"
289 "cmp r1, r3\n"
290 "bcc.n loc_fc04f34e\n"
291 "bl sub_fc12de26\n"
292 "bl sub_fc0b9f4c\n"
293 "cmp r0, #0\n"
294 "bge.n loc_fc04f366\n"
295 "ldr r0, =0xfc04f3fc\n"
296 "bl sub_fc04f3b8\n"
297 "loc_fc04f366:\n"
298 "bl sub_fc04fb90\n"
299 "cmp r0, #0\n"
300 "bge.n loc_fc04f374\n"
301 "ldr r0, =0xfc04f404\n"
302 "bl sub_fc04f3b8\n"
303 "loc_fc04f374:\n"
304 "mov r0, r4\n"
305 "bl sub_fc04fc24\n"
306 "cmp r0, #0\n"
307 "bge.n loc_fc04f384\n"
308 "ldr r0, =0xfc04f414\n"
309 "bl sub_fc04f3b8\n"
310 "loc_fc04f384:\n"
311 "mov r0, r4\n"
312 "bl sub_fc04f55c\n"
313 "cmp r0, #0\n"
314 "bge.n loc_fc04f394\n"
315 "ldr r0, =0xfc04f428\n"
316 "bl sub_fc04f3b8\n"
317 "loc_fc04f394:\n"
318 "bl sub_fc04f6a0\n"
319 "cmp r0, #0\n"
320 "bge.n loc_fc04f3a2\n"
321 "ldr r0, =0xfc04f434\n"
322 "bl sub_fc04f3b8\n"
323 "loc_fc04f3a2:\n"
324 "bl sub_fc053604\n"
325 "cmp r0, #0\n"
326 "bge.n loc_fc04f3b0\n"
327 "ldr r0, =0xfc04f440\n"
328 "bl sub_fc04f3b8\n"
329 "loc_fc04f3b0:\n"
330 "ldmia.w sp!, {r4, lr}\n"
331 "b.w sub_fc04f72a_my\n"
332 ".ltorg\n"
333 );
334 }
335
336 void __attribute__((naked,noinline)) sub_fc04f72a_my() {
337 asm volatile (
338 "push {r3, lr}\n"
339 "bl sub_fc04f82c\n"
340 "bl sub_fc095cbe\n"
341 "cbnz r0, loc_fc04f740\n"
342 "bl sub_fc07205c\n"
343 "cbz r0, loc_fc04f740\n"
344 "movs r0, #1\n"
345 "b.n loc_fc04f742\n"
346 "loc_fc04f740:\n"
347 "movs r0, #0\n"
348 "loc_fc04f742:\n"
349 "bl sub_fc060338_my\n"
350 "cbnz r0, loc_fc04f74e\n"
351 "bl sub_fc04f81a\n"
352 "loc_fc04f74c:\n"
353 "b.n loc_fc04f74c\n"
354 "loc_fc04f74e:\n"
355 "blx sub_fc2513ec\n"
356 "ldr r1, =0x005ce000\n"
357 "movs r0, #0\n"
358 "bl sub_fc2b7b78\n"
359 "blx sub_fc251b14\n"
360 "movs r3, #0\n"
361 "str r3, [sp, #0]\n"
362 "ldr r3, =sub_fc04f6c4_my\n"
363 "movs r2, #0\n"
364 "movs r1, #25\n"
365 "ldr r0, =0xfc04f77c\n"
366 "blx sub_fc251904\n"
367 "movs r0, #0\n"
368 "pop {r3, pc}\n"
369 ".ltorg\n"
370 );
371 }
372
373 void __attribute__((naked,noinline)) sub_fc060338_my() {
374 asm volatile (
375 "stmdb sp!, {r2, r3, r4, r5, r6, r7, r8, lr}\n"
376 "mov.w r8, #0\n"
377 "mov r7, r0\n"
378 "mov r6, r8\n"
379 "bl sub_fc060826\n"
380 "movs r0, #16\n"
381 "bl sub_fc05f5c2\n"
382 "movs r4, #1\n"
383 "bic.w r5, r4, r0\n"
384 "movs r0, #15\n"
385 "bl sub_fc05f5c2\n"
386 "bics r4, r0\n"
387 "cbz r7, loc_fc060364\n"
388 "orrs.w r0, r5, r4\n"
389
390 "loc_fc060364:\n"
391 "bl sub_fc095cbe\n"
392 "movs r3, #0\n"
393 "mov r2, r0\n"
394 "strd r8, r6, [sp]\n"
395 "mov r1, r4\n"
396 "mov r0, r5\n"
397
398
399 "movs r0, #1\n"
400 "loc_fc06037e:\n"
401 "ldmia.w sp!, {r2, r3, r4, r5, r6, r7, r8, pc}\n"
402 ".ltorg\n"
403 );
404 }
405
406
407
408 void __attribute__((naked,noinline)) sub_fc04f6c4_my() {
409 asm volatile (
410 "push {r4, lr}\n"
411 "bl sub_fc0ba768\n"
412 "bl sub_fc04f7f8\n"
413 "bl sub_fc04f96c\n"
414 "bl sub_fc095d10\n"
415
416 "bl sub_fc07aff2\n"
417 "bl sub_fc0ba800\n"
418 "bl sub_fc04fad0\n"
419 "bl sub_fc04f908\n"
420 "bl sub_fc095d4e\n"
421 "bl sub_fc095998\n"
422 "bl sub_fc0ba806\n"
423 "BL CreateTask_spytask\n"
424 "bl sub_fc06021a_my\n"
425 "bl sub_fc20d304\n"
426 "bl sub_fc0ba81c\n"
427 "bl sub_fc095750\n"
428
429 #if defined(OPT_RUN_WITH_BATT_COVER_OPEN)
430 " mov r0, #0x100000 \n"
431 "batt_loop1: \n"
432 " nop\n"
433 " SUBS R0,R0,#1 \n"
434 " BNE batt_loop1 \n"
435 #endif
436
437 "bl sub_fc12ed44\n"
438 "bl sub_fc095b24\n"
439 "bl sub_fc09594a\n"
440 "bl sub_fc12ed04\n"
441 "bl sub_fc04fad4\n"
442 "bl sub_fc2a3bba\n"
443 "bl sub_fc12ecde\n"
444 "ldmia.w sp!, {r4, lr}\n"
445
446 "ldr pc, =0xfc0ba73f\n"
447 ".ltorg\n"
448 );
449 }
450
451
452 void __attribute__((naked,noinline)) sub_fc06021a_my() {
453 asm volatile (
454 "push {r3, r4, r5, lr}\n"
455 "ldr r4, =0x8328\n"
456 "ldr r0, [r4, #4]\n"
457 "cbnz r0, loc_fc060236\n"
458 "movs r3, #0\n"
459 "str r3, [sp, #0]\n"
460 "ldr r3, =mykbd_task\n"
461 "movs r1, #23\n"
462 "ldr r0, =0xfc06027c\n"
463 "movw r2, #0x2000\n"
464 "blx sub_fc251c0c\n"
465 "str r0, [r4, #4]\n"
466 "loc_fc060236:\n"
467 "bl sub_fc061aac\n"
468 "bl sub_fc071fe6\n"
469 "cmp r0, #0\n"
470 "bne.n loc_fc06024e\n"
471 "ldr r1, =0x2ae94\n"
472 "ldmia.w sp!, {r3, r4, r5, lr}\n"
473 "subs r1, #24\n"
474
475 "ldr pc, =0xfc061a55\n"
476 "loc_fc06024e:\n"
477 "pop {r3, r4, r5, pc}\n"
478 ".ltorg\n"
479 );
480 }
481
482 void __attribute__((naked,noinline)) init_file_modules_task() {
483 asm volatile (
484 " push {r4, r5, r6, lr}\n"
485 " bl sub_fc09ad60\n"
486 " movs r4, r0\n"
487 " movw r5, #0x5006\n"
488 " beq.n loc_fc088236\n"
489 " movs r1, #0\n"
490 " mov r0, r5\n"
491 " bl sub_fc2a610c\n"
492 "loc_fc088236:\n"
493 " bl sub_fc09ad96\n"
494 " BL core_spytask_can_start\n"
495 " cmp r4, #0\n"
496 " bne.n loc_fc08824a\n"
497 " mov r0, r5\n"
498 " ldmia.w sp!, {r4, r5, r6, lr}\n"
499 " movs r1, #0\n"
500 " b.w sub_fc2a610c\n"
501 "loc_fc08824a:\n"
502 " pop {r4, r5, r6, pc}\n"
503 );
504 }
505
506 void __attribute__((naked,noinline)) kbd_p2_f_my() {
507 asm volatile(
508 " stmdb sp!, {r4, r5, r6, r7, r8, lr}\n"
509 " ldr r6, =0x2ae94\n"
510 " sub sp, #0x18\n"
511 " add r7, sp, #8\n"
512 " subs r6, #0xc\n"
513 " b.n loc_fc060002\n"
514 "loc_fc05ffce:\n"
515 " ldr r1, =0x2ae94\n"
516 " add r3, sp, #8\n"
517 " ldrb.w r0, [sp, #4]\n"
518 " add r2, sp, #0x14\n"
519 " subs r1, #0x18\n"
520 " bl sub_fc060ca4\n"
521 " cbnz r0, loc_fc05ffe8\n"
522 " ldr r1, [sp, #0x14]\n"
523 " movs r0, #0\n"
524 " bl sub_fc05ff32\n"
525 "loc_fc05ffe8:\n"
526 " movs r0, #2\n"
527 "loc_fc05ffea:\n"
528 " ldr.w r1, [r7, r0, lsl #2]\n"
529 " cbz r1, loc_fc05fffa\n"
530 " ldr.w r2, [r6, r0, lsl #2]\n"
531 " bics r2, r1\n"
532 " str.w r2, [r6, r0, lsl #2]\n"
533 "loc_fc05fffa:\n"
534 " subs r0, r0, #1\n"
535 " sxtb r0, r0\n"
536 " cmp r0, #0\n"
537 " bge.n loc_fc05ffea\n"
538 "loc_fc060002:\n"
539 " ldr r0, =0x2ae94\n"
540 " add r1, sp, #4\n"
541 " subs r0, #0xc\n"
542 " bl sub_fc0609d6\n"
543 " cmp r0, #0\n"
544 " bne.n loc_fc05ffce\n"
545 " ldr r8, =0x2ae94\n"
546 " movs r4, #0\n"
547 "loc_fc060016:\n"
548 " movs r5, #0\n"
549 " ldr.w r0, [r6, r4, lsl #2]\n"
550 " ldr.w r1, [r8, r4, lsl #2]\n"
551 " ands r0, r1\n"
552 " str.w r0, [r6, r4, lsl #2]\n"
553 " b.n loc_fc06006e\n"
554 "loc_fc060028:\n"
555 " lsrs r0, r5\n"
556 " lsls r0, r0, #0x1f\n"
557 " beq.n loc_fc060066\n"
558 " ldr r1, =0x2ae94\n"
559 " add.w r0, r5, r4, lsl #5\n"
560 " add r3, sp, #8\n"
561 " subs r1, #0x18\n"
562 " add r2, sp, #0x14\n"
563 " uxtb r0, r0\n"
564 " bl sub_fc060ca4\n"
565 " cbnz r0, loc_fc06004a\n"
566 " ldr r1, [sp, #0x14]\n"
567 " movs r0, #1\n"
568 " bl sub_fc05ff32\n"
569 "loc_fc06004a:\n"
570 " mov r0, r4\n"
571 " b.n loc_fc060062\n"
572 "loc_fc06004e:\n"
573 " ldr.w r1, [r7, r0, lsl #2]\n"
574 " cbz r1, loc_fc06005e\n"
575 " ldr.w r2, [r6, r0, lsl #2]\n"
576 " bics r2, r1\n"
577 " str.w r2, [r6, r0, lsl #2]\n"
578 "loc_fc06005e:\n"
579 " adds r0, r0, #1\n"
580 " sxtb r0, r0\n"
581 "loc_fc060062:\n"
582 " cmp r0, #3\n"
583 " blt.n loc_fc06004e\n"
584 "loc_fc060066:\n"
585 " ldr.w r0, [r6, r4, lsl #2]\n"
586 " adds r5, r5, #1\n"
587 " uxtb r5, r5\n"
588 "loc_fc06006e:\n"
589 " cmp r0, #0\n"
590 " bne.n loc_fc060028\n"
591 " adds r4, r4, #1\n"
592 " sxtb r4, r4\n"
593 " cmp r4, #3\n"
594 " blt.n loc_fc060016\n"
595 " bl sub_fc060900_my\n"
596 " add sp, #0x18\n"
597 " ldmia.w sp!, {r4, r5, r6, r7, r8, pc}\n"
598 ".ltorg\n"
599 );
600 }
601
602 void __attribute__((naked,noinline)) sub_fc060900_my() {
603 asm volatile(
604 " push {r4, lr}\n"
605 " ldr r4, =0x92a0\n"
606 " ldr r0, [r4, #8]\n"
607 " bl sub_fc0629f4\n"
608 " bl sub_fc0a0fa0\n"
609 " ldr r0, [r4, #12]\n"
610 " bl sub_fc062910\n"
611
612
613 " bl handle_jogdial\n"
614 " cmp r0, #0\n"
615 " beq no_scroll\n"
616 " bl sub_fc05cbf6\n"
617 "no_scroll:\n"
618 " pop {r4, pc}\n"
619 );
620 }
621
622
623
624 void __attribute__((naked,noinline)) tricinittask() {
625 asm volatile(
626
627
628 " push.w {r1, r2, r3, r4, r5, r6, r7, r8, sb, sl, fp, lr}\n"
629 " blx sub_fc251a4c\n"
630 " movs r0, #8\n"
631 " ldr r1, =0xfc373f80\n"
632 " bl sub_fc28b766\n"
633 " ldr.w fp, =0x0001bf74\n"
634 " movw sl, #0x1000\n"
635 " ldr r4, =0x0001bf70\n"
636 " movs r2, #0\n"
637 " ldr r1, =0x0003830f\n"
638 " ldr r0, [r4]\n"
639 " blx sub_fc251cc4\n"
640 " lsls r0, r0, #0x1f\n"
641 " beq loc_fc373d6a\n"
642 " movs r0, #8\n"
643 " ldr r1, =0xfc373f98\n"
644 " bl sub_fc28b7c2\n"
645 " ldr r1, =0x0001bf5c\n"
646 " movs r0, #0\n"
647 " str r0, [r1]\n"
648 " pop.w {r1, r2, r3, r4, r5, r6, r7, r8, sb, sl, fp, pc}\n"
649 "loc_fc373d6a:\n"
650 " ldr r4, =0x0001bf70\n"
651 " add r1, sp, #8\n"
652 " ldr r0, [r4]\n"
653 " blx sub_fc251b64\n"
654 " ldr r1, [sp, #8]\n"
655 " ldr r0, [r4]\n"
656 " blx sub_fc251b94\n"
657 " ldr r6, [sp, #8]\n"
658 " lsls r0, r6, #0x1e\n"
659 " beq sub_fc373e42\n"
660 " lsls r0, r6, #0x1f\n"
661 " beq sub_fc373d8c\n"
662
663 " ldr r0, =0xd2020074\n"
664 " ldr r0, [r0]\n"
665 " subs r0, #0\n"
666 " beq tric1\n"
667 " ldr r0, [r4]\n"
668 " mov r1, #0x80\n"
669 " bl _SetEventFlag\n"
670 "tric1:\n"
671
672 " bl sub_fc3740d0\n"
673
674 " ldr pc, =0xfc373dcf\n"
675 );
676 }
677
678 #if PLATFORMID == 12895
679
680
681 void update_url() {
682 strcpy(*(char**)(0xd1bc+0x1c),"http://epodownload.mediatek.com/EPO.DAT");
683 }
684
685 void __attribute__((naked,noinline)) agps_downloader_task() {
686 asm volatile(
687
688
689 " push {r3, r4, r5, r6, r7, lr}\n"
690 " movs r4, #0\n"
691 " ldr r7, =0x0000d1bc\n"
692 " subs r6, r4, #1\n"
693 " b loc_fc07bad6\n"
694 "loc_fc07ba70:\n"
695 " ldr r0, [r7]\n"
696 " movs r2, #0\n"
697 " mov r1, sp\n"
698 " blx sub_fc251bfc\n"
699 " mov r4, r0\n"
700 " lsls r0, r0, #0x1f\n"
701 " beq loc_fc07ba8a\n"
702 " movs r2, #0xf2\n"
703 " movs r0, #0\n"
704 " ldr r1, =0xfc07bc48\n"
705 " blx sub_fc251d14\n"
706 "loc_fc07ba8a:\n"
707 " ldr r0, [r7, #0x14]\n"
708 " adds r0, r0, #1\n"
709 " bne loc_fc07ba94\n"
710 " mov r5, r6\n"
711 " b loc_fc07ba98\n"
712 "loc_fc07ba94:\n"
713 " ldr r0, [sp]\n"
714 " ldr r5, [r0]\n"
715 "loc_fc07ba98:\n"
716 " ldr r0, [sp]\n"
717 " bl sub_fc2b7b80\n"
718 " cmp r5, #7\n"
719 " bhs loc_fc07bad6\n"
720 " tbb [pc, r5]\n"
721 "branchtable_fc07baa6:\n"
722 " .byte((loc_fc07baae - branchtable_fc07baa6) / 2)\n"
723 " .byte((loc_fc07bab4 - branchtable_fc07baa6) / 2)\n"
724 " .byte((loc_fc07baba - branchtable_fc07baa6) / 2)\n"
725 " .byte((loc_fc07bac0 - branchtable_fc07baa6) / 2)\n"
726 " .byte((loc_fc07bac6 - branchtable_fc07baa6) / 2)\n"
727 " .byte((loc_fc07bacc - branchtable_fc07baa6) / 2)\n"
728 " .byte((loc_fc07bad2 - branchtable_fc07baa6) / 2)\n"
729 ".align 1\n"
730 "loc_fc07baae:\n"
731 " bl sub_fc07b9bc\n"
732 " bl update_url\n"
733 " b loc_fc07bad6\n"
734 "loc_fc07bab4:\n"
735 " bl sub_fc07b918\n"
736 " b loc_fc07bad6\n"
737 "loc_fc07baba:\n"
738 " bl sub_fc07b848\n"
739 " b loc_fc07bad6\n"
740 "loc_fc07bac0:\n"
741 " bl sub_fc07b70e\n"
742 " b loc_fc07bad6\n"
743 "loc_fc07bac6:\n"
744 " bl sub_fc07b5b8\n"
745 " b loc_fc07bad6\n"
746 "loc_fc07bacc:\n"
747 " bl sub_fc07bb5c\n"
748 " b loc_fc07bad6\n"
749 "loc_fc07bad2:\n"
750 " bl sub_fc07b4d0\n"
751 "loc_fc07bad6:\n"
752 " lsls r0, r4, #0x1f\n"
753 " beq loc_fc07ba70\n"
754 " pop {r3, r4, r5, r6, r7, pc}\n"
755 );
756 }
757 #endif