root/platform/ixus1000_sd4500/sub/100f/boot.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. blink
  2. taskHook
  3. CreateTask_spytask
  4. boot
  5. sub_FF810354_my
  6. sub_FF811198_my
  7. sub_FF815EE0_my
  8. taskcreate_Startup_my
  9. task_Startup_my
  10. JogDial_task_my
  11. init_file_modules_task
  12. sub_FF8966B4_my
  13. sub_FF87538C_my
  14. sub_FF874FB4_my
  15. sub_FF874CD4_my

   1 #include "lolevel.h"
   2 #include "platform.h"
   3 #include "core.h"
   4 #include "dryos31.h"
   5 //#include "stdlib.h"
   6 
   7 
   8 extern void task_FileWrite();
   9 
  10 //IXUS 1000 100F
  11 
  12 #define LED_PR 0xC0220138   // -> ASM1989 08.24.2010 found at  FF91E080  in sx200 was FF8E73D0
  13     void __attribute__((naked,noinline)) blink()
  14 {
  15         volatile long *p=(void*)LED_PR;
  16         int i;
  17     int cnt =100;
  18         for(;cnt>0;cnt--){
  19                 p[0]=0x46;
  20 
  21                 for(i=0;i<0x200000;i++){
  22                         asm ("nop\n");
  23                         asm ("nop\n");
  24                 }
  25                 p[0]=0x44;
  26                 for(i=0;i<0x200000;i++){
  27                         asm ("nop\n");
  28                         asm ("nop\n");
  29                 }
  30         }
  31         shutdown();
  32 }
  33 
  34 #define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
  35 
  36 void JogDial_task_my(void);
  37 
  38 const char * const new_sa = &_end;
  39 
  40 void taskHook(context_t **context) {
  41 
  42 task_t *tcb=(task_t*)((char*)context-offsetof(task_t, context));
  43 
  44 if(!_strcmp(tcb->name, "PhySw"))           tcb->entry = (void*)mykbd_task;  //JHARP - Verified name - Sept 5, 2010
  45 if(!_strcmp(tcb->name, "CaptSeqTask"))     tcb->entry = (void*)capt_seq_task; //JHARP - Verified name - Sept 5, 2010
  46 if(!_strcmp(tcb->name, "InitFileModules")) tcb->entry = (void*)init_file_modules_task; //JHARP - Verified name - Sept 5, 2010
  47 if(!_strcmp(tcb->name, "MovieRecord"))     tcb->entry = (void*)movie_record_task; //JHARP - Verified name - Sept 5, 2010
  48 if(!_strcmp(tcb->name, "ExpDrvTask"))      tcb->entry = (void*)exp_drv_task; //JHARP - Verified name - Sept 5, 2010
  49 if(!_strcmp(tcb->name, "RotarySw"))        tcb->entry = (void*)JogDial_task_my; //JHARP - Must verify the code in use - Sept 5, 2010
  50     if(tcb->entry == (void*)task_FileWrite)         tcb->entry = (void*)filewritetask;
  51 
  52 }
  53 
  54 void CreateTask_spytask() {
  55         _CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
  56 };
  57 
  58 
  59 void __attribute__((naked,noinline)) boot() {
  60     asm volatile (
  61                                  //"B             sub_FF81000C\n" // work
  62                  "LDR R1, =0xC0410000\n"
  63                                   "MOV R0, #0\n"
  64                                   "STR R0, [R1]\n"
  65                                   "MOV R1, #0x78\n"
  66                                   "MCR p15, 0, R1,c1,c0\n"                      // control reg
  67                                   "MOV R1, #0\n"
  68                                   "MCR p15, 0, R1,c7,c10, 4\n"          // drain write buffer
  69                                   "MCR p15, 0, R1,c7,c5\n"                      // flush instruction cache
  70                                   "MCR p15, 0, R1,c7,c6\n"                      // flush data cache
  71                                   "MOV R0, #0x3D\n"                                     // size 2GB base 0x00000000
  72                                   "MCR p15, 0, R0,c6,c0\n"
  73                                   "MOV R0, #0xC000002F\n"                       // size 16M base 0xc0000000
  74                                   "MCR p15, 0, R0,c6,c1\n"
  75                                   "MOV R0, #0x35\n"                                  // size 128M base 0x00000000 (s90 is 64M)
  76                                   "MCR p15, 0, R0,c6,c2\n"
  77                                   "MOV R0, #0x40000035\n"                       // size 128M base 0x40000000 (s90 is 64M)
  78                                   "MCR p15, 0, R0,c6,c3\n"
  79                                   "MOV R0, #0x80000017\n"                       // size  4k base 0x80000000
  80                                   "MCR p15, 0, R0,c6,c4\n"
  81                                   "LDR R0, =0xFF80002D\n"                       // size  8M base 0xff800000
  82                                   "MCR p15, 0, R0,c6,c5\n"
  83                                   "MOV R0, #0x34\n"
  84                                   "MCR p15, 0, R0,c2,c0\n"
  85                                   "MOV R0, #0x34\n"
  86                                   "MCR p15, 0, R0,c2,c0, 1\n"
  87                                   "MOV R0, #0x34\n"
  88                                   "MCR p15, 0, R0,c3,c0\n"
  89                                   "LDR R0, =0x3333330\n"
  90                                   "MCR p15, 0, R0,c5,c0, 2\n"
  91                                   "LDR R0, =0x3333330\n"
  92                                   "MCR p15, 0, R0,c5,c0, 3\n"
  93                                   "MRC p15, 0, R0,c1,c0\n"
  94                                   "ORR R0, R0, #0x1000\n"
  95                                   "ORR R0, R0, #4\n"
  96                                   "ORR R0, R0, #1\n"
  97                                   "MCR p15, 0, R0,c1,c0\n"
  98                                   "MOV R1, #0x80000006\n"
  99                                   "MCR p15, 0, R1,c9,c1\n"
 100                                   "MOV R1, #6\n"
 101                                   "MCR p15, 0, R1,c9,c1, 1\n"
 102                                   "MRC p15, 0, R1,c1,c0\n"
 103                                   "ORR R1, R1, #0x50000\n"
 104                                   "MCR p15, 0, R1,c1,c0\n"
 105                                   "LDR R2, =0xC0200000\n"
 106                                   "MOV R1, #1\n"
 107                                   "STR R1, [R2,#0x10C]\n"
 108                                   "MOV R1, #0xFF\n"
 109                                   "STR R1, [R2,#0xC]\n"
 110                                   "STR R1, [R2,#0x1C]\n"
 111                                   "STR R1, [R2,#0x2C]\n"
 112                                   "STR R1, [R2,#0x3C]\n"
 113                                   "STR R1, [R2,#0x4C]\n"
 114                                   "STR R1, [R2,#0x5C]\n"
 115                                   "STR R1, [R2,#0x6C]\n"
 116                                   "STR R1, [R2,#0x7C]\n"
 117                                   "STR R1, [R2,#0x8C]\n"
 118                                   "STR R1, [R2,#0x9C]\n"
 119                                   "STR R1, [R2,#0xAC]\n"
 120                                   "STR R1, [R2,#0xBC]\n"
 121                                   "STR R1, [R2,#0xCC]\n"
 122                                   "STR R1, [R2,#0xDC]\n"
 123                                   "STR R1, [R2,#0xEC]\n"
 124                                   "STR R1, [R2,#0xFC]\n"
 125                                   "LDR R1, =0xC0400008\n"
 126                                   "LDR R2, =0x430005\n"
 127                                   "STR R2, [R1]\n"
 128                                   "MOV R1, #1\n"
 129                                   "LDR R2, =0xC0243100\n"
 130                                   "STR R2, [R1]\n"
 131                                   "LDR R2, =0xC0242010\n"
 132                                   "LDR R1, [R2]\n"
 133                                   "ORR R1, R1, #1\n"
 134                                   "STR R1, [R2]\n"
 135                                   "LDR R0, =0xFFC56CD0\n"  // changed from 100 was  FFC56CC8
 136                                   "LDR R1, =0x1900\n"
 137                                   "LDR R3, =0x10728\n"  //changed from 100D
 138 "loc_FF81013C:\n"
 139 
 140                                   "CMP R1, R3\n"
 141                                   "LDRCC R2, [R0],#4\n"
 142                                   "STRCC R2, [R1],#4\n"
 143                                   "BCC loc_FF81013C\n"
 144                                   "LDR R1, =0x172BF8\n"
 145                                   "MOV R2, #0\n"
 146 "loc_FF810154:\n"
 147                                   "CMP R3, R1\n"
 148                                   "STRCC R2, [R3],#4\n"
 149                                   "BCC loc_FF810154\n"
 150                                   "B sub_FF810354_my\n"
 151                             //---------->
 152       );
 153 }
 154 
 155 
 156 void __attribute__((naked,noinline)) sub_FF810354_my() { // ASM1989 -> In sx200 was:  sub_FF8101A0_my
 157 
 158 
 159 
 160    *(int*)0x1938=(int)taskHook;   //was 1934 in sx200 if 1938 hangs
 161    *(int*)0x193C=(int)taskHook;
 162 
 163 
 164         if ((*(int*) 0xC022010C) & 1)                                   // look at play switch
 165                 *(int*)(0x254C) = 0x400000;                                     // start in play mode
 166         else
 167                 *(int*)(0x254C) = 0x200000;                                     // start in rec mode
 168 
 169    asm volatile (
 170              "LDR R0, =0xFF8103CC\n"
 171                  "MOV R1, #0\n"
 172                  "LDR R3, =0xFF810404\n"
 173 "loc_FF810360:\n"
 174                  "CMP R0, R3\n"
 175                  "LDRCC R2, [R0],#4\n"
 176                  "STRCC R2, [R1],#4\n"
 177                  "BCC loc_FF810360\n"
 178                  "LDR R0, =0xFF810404\n"
 179                  "MOV R1, #0x4B0\n"
 180                  "LDR R3, =0xFF810618\n"
 181 "loc_FF81037C:\n"
 182                  "CMP R0, R3\n"
 183                  "LDRCC R2, [R0],#4\n"
 184                  "STRCC R2, [R1],#4\n"
 185                  "BCC loc_FF81037C\n"
 186                  "MOV R0, #0xD2\n"
 187                  "MSR CPSR_cxsf, R0\n"
 188                  "MOV SP, #0x1000\n"
 189                  "MOV R0, #0xD3\n"
 190                  "MSR CPSR_cxsf, R0\n"
 191                  "MOV SP, #0x1000\n"
 192                  "LDR R0, =0x6C4\n"
 193                  "LDR R2, =0xEEEEEEEE\n"
 194                  "MOV R3, #0x1000\n"
 195 "loc_FF8103B0:\n"
 196                  "CMP R0, R3\n"
 197                  "STRCC R2, [R0],#4\n"
 198                  "BCC loc_FF8103B0\n"
 199                  "BL sub_FF811198_my\n"
 200                                                         //------------>
 201 
 202 //this is not disasmbled in 100F asuming is like 100D
 203 
 204 "loc_FF8103C0:\n"
 205                  "ANDEQ R0, R0, R4,ASR#13\n"
 206 "loc_FF8103C4:\n"
 207                 "ANDEQ R0, R0, R0,ROR R6\n"
 208 "loc_FF8103C8:\n"
 209                 "ANDEQ R0, R0, R4,ROR R6\n"
 210 "loc_FF8103CC:\n"
 211          "NOP\n"
 212          "LDR PC, =0xFF810618\n"
 213      );
 214 }
 215 
 216 void __attribute__((naked,noinline)) sub_FF811198_my() {
 217      asm volatile (
 218                  "STR     LR, [SP,#-4]!\n"
 219                  "SUB     SP, SP, #0x74\n"
 220                  "MOV     R0, SP\n"
 221                  "MOV     R1, #0x74\n"
 222                  "BL      sub_FFB87550\n" // sub_FFB8754C 100D
 223                  //v4 stuff all copied from s95 its the same in principle
 224 /*
 225                  "              MOV     R0, #0x53000 \n"
 226                                  "              STR     R0, [SP,#4] \n"
 227 
 228                                  //"            LDR     R0, =0x172BF8 \n"           // old code
 229                                  "              LDR     R0, =new_sa \n"                                 // chdk patched
 230                                  "              LDR R0, [R0] \n"                    // chdk patched
 231 
 232                                  "              LDR     R1, =0x379C00 \n"
 233                                  "              STR     R0, [SP,#8] \n"
 234                                  "              RSB     R0, R0, #0x1F80 \n"
 235                                  "              ADD     R0, R0, #0x370000 \n"
 236                                  "              STR     R0, [SP,#0x0c] \n"
 237                                  "              LDR     R0, =0x371F80 \n"
 238                                  "              STR     R1, [SP,#0] \n"
 239                                  "              STRD    R0, [SP,#0x10] \n"
 240                                  "              MOV     R0, #0x22 \n"
 241                                  "              STR     R0, [SP,#0x18] \n"
 242                                  "              MOV     R0, #0x68 \n"
 243                                  "              STR     R0, [SP,#0x1c] \n"
 244                                  "              LDR     R0, =0x19B \n"
 245 
 246 */
 247 
 248 
 249 
 250                  //v3 stuff
 251 
 252                  "MOV     R0, #0x53000\n"
 253                  "STR     R0, [SP,#4]\n"
 254 #if defined(CHDK_NOT_IN_CANON_HEAP) // use original heap offset if CHDK is loaded in high memory
 255 "    LDR     R0, =0x172BF8 \n"
 256 #else
 257 "    LDR     R0, =new_sa\n"   // otherwise use patched value
 258 "    LDR     R0, [R0]\n"      // 
 259 #endif
 260                  //"LDR     R0, =0x172BF8\n"
 261                  "LDR     R1, =0x379C00\n"
 262                  "STR     R0, [SP,#8]\n"
 263                  //"SUB     R0, R1, R0\n"
 264                  "RSB     R0, R0, #0x1F80\n"   // new in this cam
 265                  "ADD     R0, R0, #0x370000\n" // new in this cam
 266                  "STR     R0, [SP,#0x0c]\n"  //changed
 267                  "LDR     R0, =0x371F80\n"// new in this cam
 268                                 //copied from s95
 269                                 "STR    R1, [SP,#0] \n"
 270                                 "STRD   R0, [SP,#0x10] \n"
 271                                 "MOV    R0, #0x22 \n"
 272                                 "STR    R0, [SP,#0x18] \n"
 273                                 "MOV    R0, #0x68 \n"
 274                                 "STR    R0, [SP,#0x1c] \n"
 275                                 "LDR    R0, =0x19B \n"
 276 
 277 
 278 
 279 
 280                 "LDR     R1, =sub_FF815EE0_my\n"  // chdk patched
 281 
 282                           //"LDR     R1, =0xFF815EE0\n"    // old code
 283 
 284 
 285                                                                                         //------------>
 286 
 287 
 288 
 289                  "STR     R0, [SP,#0x20]\n"
 290                  "MOV     R0, #0x96\n"
 291                  "STR     R0, [SP,#0x24]\n"
 292                  //"MOV     R0, #0x78\n"      // looks like its not in 100F
 293                  "STR     R0, [SP,#0x28]\n"
 294                  "MOV     R0, #0x64\n"
 295                  "STR     R0, [SP,#0x2C]\n"
 296                  "MOV     R0, #0\n"
 297                  "STR     R0, [SP,#0x30]\n"
 298                  "STR     R0, [SP,#0x34]\n"
 299                  "MOV     R0, #0x10\n"
 300                  "STR     R0, [SP,#0x5C]\n"
 301                  "MOV     R0, #0x800\n"
 302                  "STR     R0, [SP,#0x60]\n"
 303                  "MOV     R0, #0xA0\n"
 304                  "STR     R0, [SP,#0x64]\n"
 305                  "MOV     R0, #0x280\n"
 306                  "STR     R0, [SP,#0x68]\n"
 307                  "MOV     R0, SP\n"
 308                  "MOV     R2, #0\n"
 309 
 310 
 311 /*
 312 //copied from s95 // not work
 313 "               MOV     R0, #0x96 \n"
 314 "               STR     R0, [SP,#0x24] \n"
 315 "               STR     R0, [SP,#0x28] \n"
 316 "               MOV     R0, #0x64 \n"
 317 "               STR     R0, [SP,#0x2c] \n"
 318 "               MOV     R0, #0 \n"
 319 "               STR     R0, [SP,#0x30] \n"
 320 "               STR     R0, [SP,#0x34] \n"
 321 "               MOV     R0, #0x10 \n"
 322 "               STR     R0, [SP,#0x5c] \n"
 323 "               MOV     R0, #0x800 \n"
 324 "               STR     R0, [SP,#0x60] \n"
 325 "               MOV     R0, #0xA0 \n"
 326 "               STR     R0, [SP,#0x64] \n"
 327 "               MOV     R0, #0x280 \n"
 328 "               STR     R0, [SP,#0x68] \n"
 329 "               MOV     R0, SP \n"
 330 "               MOV     R2, #0 \n"
 331 */
 332                  "BL      sub_FF8134B8\n"
 333 
 334                  "ADD     SP, SP, #0x74\n"
 335                  "LDR     PC, [SP],#4\n"
 336      );
 337 }
 338 
 339 //Almost till here maybe checked
 340 
 341 void __attribute__((naked,noinline)) sub_FF815EE0_my() {
 342 
 343      //v4 testing full s95 code
 344 /*
 345         asm volatile (
 346          "              STMFD   SP!, {R4,LR} \n"
 347          "              BL      sub_FF810B20 \n"
 348          "              BL      sub_FF81A33C \n"                                // dmSetup
 349          "              CMP     R0, #0 \n"
 350 
 351          //"            ADRLT   R0, aDmsetup \n"                        // "dmSetup"
 352          "              LDRLT   r0, =0xFF815FF4 \n"
 353 
 354          "              BLLT    sub_FF815FD4 \n"                        // err_init_task
 355 
 356          "              BL      sub_FF815B1C \n"
 357          "              CMP     R0, #0 \n"
 358 
 359          //"            ADRLT   R0, aTermdriverinit \n"         // "termDriverInit"
 360          "              LDRLT   R0, =0xFF815FFC \n"
 361 
 362          "              BLLT    sub_FF815FD4 \n"                        // err_init_task
 363 
 364          //"            ADR     R0, a_term \n"                                  // "/_term"
 365          "              LDR     R0, =0xFF81600C \n"
 366 
 367          "              BL      sub_FF815C04 \n"                                // termDeviceCreate
 368          "              CMP     R0, #0 \n"
 369 
 370          //"            ADRLT   R0, aTermdevicecrea \n"         // "termDeviceCreate"
 371          "              LDRLT   R0, =0xFF816014 \n"
 372 
 373          "              BLLT    sub_FF815FD4 \n"                        // err_init_task
 374 
 375          //"            ADR     R0, a_term \n"                                  // "/_term"
 376          "              LDR     R0, =0xFF81600C \n"
 377 
 378          "              BL      sub_FF813CA4 \n"
 379          "              CMP     R0, #0 \n"
 380 
 381          //"            ADRLT   R0, aStdiosetup \n"                     // "stdioSetup"
 382          "              LDRLT   R0, =0xFF816028 \n"
 383 
 384          "              BLLT    sub_FF815FD4 \n"                        // err_init_task
 385          "              BL      sub_FF819CC4 \n"
 386          "              CMP     R0, #0 \n"
 387 
 388          //"            ADRLT   R0, aStdlibsetup \n"            // "stdlibSetup"
 389          "              LDRLT   R0, =0xFF816034 \n"
 390 
 391          "              BLLT    sub_FF815FD4 \n"                        // err_init_task
 392          "              BL      sub_FF81167C \n"
 393          "              CMP     R0, #0 \n"
 394 
 395          //"            ADRLT   R0, aArmlib_setup \n"           // "armlib_setup"
 396          "              LDRLT   R0, =0xFF816040 \n"
 397 
 398          "              BLLT    sub_FF815FD4 \n"                        // err_init_task
 399 
 400          "              LDMFD   SP!, {R4,LR} \n"
 401 
 402          //"            B       sub_FF81FB54 \n"                                // taskcreate_Startup
 403          "              B       taskcreate_Startup_my \n"               // patched
 404 
 405          "              MOV     R0, #0 \n"
 406          "              LDMFD   SP!, {R3-R5,PC} \n"
 407         );
 408 */
 409 
 410      //v3
 411 
 412      asm volatile (
 413                  "STMFD   SP!, {R4,LR}\n"
 414                  "BL      sub_FF810B20\n"
 415                  "BL      sub_FF81A33C\n"       // BL      dmSetup
 416                  "CMP     R0, #0\n"
 417                  "LDRLT   R0, =0xFF815FF4\n"    //Mising ; "dmSetup"
 418                  "BLLT    sub_FF815FD4\n"                //Mising err_init_task
 419                  "BL      sub_FF815B1C\n"
 420                  "CMP     R0, #0\n"
 421                  "LDRLT   R0, =0xFF815FFC\n"    // "termDriverInit"
 422                  "BLLT    sub_FF815FD4\n"          // err_init_task
 423                  "LDR     R0, =0xFF81600C\n"   //  "/_term"
 424                  "BL      sub_FF815C04\n"          // termDeviceCreate
 425                  "CMP     R0, #0\n"
 426                  "LDRLT   R0, =0xFF816014\n"   //  "termDeviceCreate"
 427                  "BLLT    sub_FF815FD4\n"       // err_init_task
 428                  "LDR     R0, =0xFF81600C\n"   //  "/_term"
 429                  "BL      sub_FF813CA4\n"
 430                  "CMP     R0, #0\n"
 431                  "LDRLT   R0, =0xFF816028\n"    // "stdioSetup"
 432                  "BLLT    sub_FF815FD4\n"       // err_init_task
 433                  "BL      sub_FF819CC4\n"
 434                  "CMP     R0, #0\n"
 435                  "LDRLT   R0, =0xFF816034\n"    //"stdlibSetup"
 436                  "BLLT    sub_FF815FD4\n"       // err_init_task
 437                  "BL      sub_FF81167C\n"
 438                  "CMP     R0, #0\n"
 439                  "LDRLT   R0, =0xFF816040\n"    // "armlib_setup"
 440                  "BLLT    sub_FF815FD4\n"       // err_init_task
 441                  "LDMFD   SP!, {R4,LR}\n"
 442                  "B       taskcreate_Startup_my\n" // ASM1989 -> at FF81FBA8
 443                                                                         //---------->
 444 //copied from s95
 445 "               MOV     R0, #0 \n"
 446 "               LDMFD   SP!, {R3-R5,PC} \n"
 447 
 448         );
 449 };
 450 
 451 
 452 // ASM1989 -> Here starts the diferences with SX200
 453 
 454 void __attribute__((naked,noinline)) taskcreate_Startup_my() {
 455      asm volatile (
 456 
 457                  "STMFD   SP!, {R3-R5,LR}\n"
 458                  "BL      sub_FF8348CC\n"   //j_nullsub_267
 459                  "BL      sub_FF83D1D4\n"
 460                  "CMP     R0, #0\n"
 461 
 462                 "BNE     loc_FF81FBFC\n"
 463 
 464 
 465                  "BL      sub_FF8370E8\n"
 466                  "CMP     R0, #0\n"
 467                 "BEQ     loc_FF81FBFC\n"
 468 
 469 
 470                  "LDR     R4, =0xC0220000\n"
 471 
 472 
 473 
 474                  "LDR     R0, [R4,#0x120]\n"
 475                  "TST     R0, #1\n"
 476                                  "MOVEQ   R0, #0x12C\n"
 477 
 478 
 479 
 480 
 481                                 "BLEQ    sub_FF83B574\n"   //ASM1989 ->  eventproc_export_SleepTask
 482 
 483 
 484 
 485                                 "BL      sub_FF8348C8\n"
 486                                 "CMP     R0, #0\n"
 487                                 "BNE     loc_FF81FBFC\n"
 488                                 "BL      sub_FF833F34\n"
 489                                 "MOV     R0, #0x44\n"
 490                                 "STR     R0, [R4,#0x1C]\n"
 491                                 "BL      sub_FF834120\n"
 492 "loc_FF81FBF8:\n"
 493                                 "B       loc_FF81FBF8\n"
 494 
 495 
 496 "loc_FF81FBFC:\n"
 497                                 //"BL      sub_FF8348D4\n" // ASM1989 -> -- replaced for power button startup
 498 
 499                                 "BL      sub_FF8348D0\n"//ASM1989 ->  j_nullsub_268
 500                                 "BL      sub_FF83B3EC\n"
 501 
 502                                 "LDR     R1, =0x3CE000\n"
 503                                 "MOV     R0, #0\n"
 504 
 505                                 "BL      sub_FF83B834\n"
 506                                 "BL      sub_FF83B5E0\n"
 507                                 "MOV     R3, #0\n"
 508 
 509                                 "STR     R3, [SP]\n"
 510 
 511                                 "LDR     R3, =task_Startup_my\n" //  ASM1989 -> original is FF81FAF0  task_Startup   // LDR instead of ADR
 512                 //---------------->
 513 //ASM_SAFE("BL blink\n")
 514                                 "MOV     R2, #0\n"
 515                                 "MOV     R1, #0x19\n"
 516                                 "LDR     R0, =0xFF81FC60\n"  //aStartup  // LDR instead of ADR
 517 
 518 
 519                                 "BL      sub_FF81E8A0\n"  //eventproc_export_CreateTask
 520                                 "MOV     R0, #0\n"
 521                                 "LDMFD   SP!, {R3-R5,PC}\n"
 522 
 523 
 524 
 525 
 526      );
 527 }
 528 
 529 // TESTING S95 Code style
 530 
 531 
 532 void __attribute__((naked,noinline)) task_Startup_my() {
 533      asm volatile (
 534 
 535                  "STMFD SP!, {R4,LR}\n"
 536 
 537                                  "BL sub_FF816594\n"  // taskcreate_ClockSave
 538                                  "BL sub_FF835A30\n"
 539                                  "BL sub_FF833B3C\n"
 540                                  "BL sub_FF83D218\n"    //j_nullsub_271
 541                                  "BL sub_FF83D404\n"
 542 //                               "BL sub_FF83D2AC\n" // start diskboot.bin
 543                                  "BL sub_FF83D5AC\n"
 544                                  "BL sub_FF81648C\n"
 545                                  "BL sub_FF836754\n"
 546                                  "LDR R1, =0x7C007C00\n"
 547                                  "LDR R0, =0xC0F1800C\n"
 548                                  "BL sub_FF835A3C\n"
 549                                  "LDR R0, =0xC0F18010\n"
 550                                  "MOV R1, #0\n"
 551 //OK
 552                                  "BL sub_FF835A3C\n"
 553                                  "LDR R0, =0xC0F18018\n"
 554                                  "MOV R1, #0\n"
 555                                  "BL sub_FF835A3C\n"
 556                                  "LDR R0, =0xC0F1801C\n"
 557                                  "MOV R1, #0x1000\n"
 558                                  "BL sub_FF835A3C\n"
 559                                  "LDR R0, =0xC0F18020\n"
 560                                  "MOV R1, #8\n"
 561                                  "BL sub_FF835A3C\n"
 562 //OK
 563 
 564 
 565                                  "LDR R0, =0xC022D06C\n"
 566                                  "MOV R1, #0xE000000\n"
 567                                  "BL sub_FF835A3C\n"
 568                                  "BL sub_FF8164CC\n"
 569 //OK
 570 
 571                                  "BL sub_FF8324F4\n"
 572 
 573 
 574 //FAILS
 575 //ASM_SAFE("BL blink\n")
 576                                  "BL sub_FF83D434\n"
 577 
 578 
 579 
 580 
 581 
 582                                  "BL sub_FF83AB90\n"
 583                                  "BL sub_FF83D5B0\n"
 584 
 585               "BL      CreateTask_spytask\n"    // +
 586                                                                 //---------------->
 587                  "BL sub_FF834788\n"    //taskcreate_PhySw
 588 );
 589 
 590 //                      CreateTask_PhySw();                                     // our keyboard task
 591 
 592 //                      CreateTask_spytask();                           // chdk initialization
 593 
 594 
 595         //                       "BL      CreateTask_spytask\n"    // +
 596                                                                     //---------------->
 597 
 598 
 599    asm volatile (
 600 
 601 
 602                                  "BL sub_FF838CF0\n"
 603                                  "BL sub_FF83D5C8\n"
 604                                  "BL sub_FF8318F8\n"  //nullsub_2
 605                                  "BL sub_FF8334A0\n"
 606                                  "BL sub_FF83CF9C\n"  //taskcreate_Bye
 607                                  "BL sub_FF833AF0\n"
 608                                  "BL sub_FF83343C\n"    //taskcreate_BatteryTask
 609                                  "BL sub_FF832528\n"
 610                                  "BL sub_FF83E1D0\n"
 611                                  "BL sub_FF8333F8\n"
 612                                  "LDMFD SP!, {R4,LR}\n"
 613                                  "B sub_FF8166B4\n"
 614      );
 615 }
 616 
 617 
 618 /*void __attribute__((naked,noinline)) CreateTask_PhySw() {
 619     asm volatile (
 620 "               STMFD   SP!, {R3-R5,LR} \n"
 621 "               LDR     R4, =0x1C34 \n"
 622 "               LDR     R0, [R4,#0x10] \n"
 623 "               CMP     R0, #0 \n"
 624 "               BNE     loc_FF8347BC \n"
 625 "               MOV     R3, #0 \n"
 626 "               STR     R3, [SP] \n"
 627 
 628 //"             ADR     R3, task_PhySw \n"
 629 //"             LDR R3, =sub_FF834754 \n"
 630 //"             MOV     R2, #0x800 \n"
 631 
 632 "               LDR     R3, =mykbd_task \n"                             // PhySw Task patch
 633 "               MOV     R2, #0x2000 \n"                                 // larger stack
 634 
 635 "               MOV     R1, #0x17 \n"
 636 
 637 //"             ADR     R0, aPhysw \n"
 638 "               LDR     R0, =0xFF8349DC \n"                             // "PhySw"
 639 
 640 "               BL      sub_FF83B634 \n"                                // KernelCreateTask
 641 "               STR     R0, [R4,#0x10] \n"
 642 "loc_FF8347BC: \n"
 643 "               BL      sub_FF863968 \n"                        //taskcreate_RotaryEncoder
 644 "               BL      sub_FF8941DC \n"
 645 "               BL      sub_FF837060 \n"                        //IsFactoryMode
 646 "               CMP     R0, #0 \n"
 647 "               LDREQ   R1, =0x34414 \n"
 648 "               LDMEQFD SP!, {R3-R5,LR} \n"
 649 "               BEQ     sub_FF894164 \n"                                // eventproc_export_OpLog.Start
 650 "               LDMFD   SP!, {R3-R5,PC} \n"
 651         );
 652 }
 653 
 654 */
 655 
 656 /*----------------------------------------------------------------------
 657         JogDial_task_my()
 658 
 659         Patched jog dial task  at FF86363C
 660 -----------------------------------------------------------------------*/
 661 void __attribute__((naked,noinline)) JogDial_task_my() {
 662         asm volatile (
 663 "               STMFD   SP!, {R4-R11,LR} \n"
 664 "               SUB     SP, SP, #0x1C \n"
 665 "               BL      sub_FF863A68 \n"
 666 "               LDR     R1, =0x2560 \n"
 667 "               LDR     R6, =0xFFB8D5F4 \n"  //100D --- FFB8D5F0
 668 "               MOV     R0, #0 \n"
 669 "               ADD     R3, SP, #0x10 \n"
 670 "               ADD     R12, SP, #0x14 \n"
 671 "               ADD     R10, SP, #0x08 \n"
 672 "               MOV     R2, #0 \n"
 673 "               ADD     R9, SP, #0xC \n"
 674 
 675 "loc_FF863668: \n"
 676 "               ADD     R12, SP, #0x14 \n"
 677 "               ADD     LR, R12, R0,LSL#1 \n"
 678 "               MOV     R2, #0 \n"
 679 "               ADD     R3, SP, #0x10 \n"
 680 "               STRH    R2, [LR] \n"
 681 "               ADD     LR, R3, R0,LSL#1 \n"
 682 "               STRH    R2, [LR] \n"
 683 "               STR     R2, [R9,R0,LSL#2] \n"
 684 "               STR     R2, [R10,R0,LSL#2] \n"
 685 "               ADD     R0, R0, #1 \n"
 686 "               CMP     R0, #2 \n"
 687 "               BLT     loc_FF863668 \n"
 688 
 689 "loc_FF863698: \n"
 690 "               LDR     R0, =0x2560 \n"
 691 "               MOV     R2, #0 \n"
 692 "               LDR     R0, [R0,#0xC] \n"
 693 "               MOV     R1, SP \n"
 694 "               BL      sub_FF83AE20 \n"
 695 "               CMP     R0, #0 \n"
 696 "               LDRNE   R1, =0x262 \n"
 697 
 698 //"             ADRNE   R0, 0xFF8638F8 \n"                      // "RotaryEncoder.c"
 699 "               LDRNE   R0, =0xFF8638F8 \n"                     // "RotaryEncoder.c"
 700 
 701 "               BLNE    sub_FF81EB78 \n"                        // DebugAssert
 702 
 703 //------------------  begin added code ---------------
 704 "labelA:\n"
 705                 "LDR     R0, =jogdial_stopped\n"
 706                 "LDR     R0, [R0]\n"
 707                 "CMP     R0, #1\n"
 708                 "BNE     labelB\n"                                      // continue on if jogdial_stopped = 0
 709                 "MOV     R0, #40\n"
 710                 "BL      _SleepTask\n"                          // jogdial_stopped=1 -- give time back to OS and suspend jogdial task
 711                 "B       labelA\n"
 712 "labelB:\n"
 713 //------------------  end added code -----------------
 714 
 715 "               LDR     R0, [SP] \n"
 716 "               AND     R4, R0, #0xFF \n"
 717 "               AND     R0, R0, #0xFF00 \n"
 718 "               CMP     R0, #0x100 \n"
 719 "               BEQ     loc_FF863708 \n"
 720 "               CMP     R0, #0x200 \n"
 721 "               BEQ     loc_FF863740 \n"
 722 "               CMP     R0, #0x300 \n"
 723 "               BEQ     loc_FF863938 \n"
 724 "               CMP     R0, #0x400 \n"
 725 "               BNE     loc_FF863698 \n"
 726 "               CMP     R4, #0 \n"
 727 "               LDRNE   R1, =0x2ED \n"
 728 
 729 //"             ADRNE   R0, 0xFF8638F8 \n"                      // "RotaryEncoder.c"
 730 "               LDRNE   R0, =0xFF8638F8 \n"                     // "RotaryEncoder.c"
 731 
 732 "               BLNE    sub_FF81EB78 \n"                        // DebugAssert
 733 "               RSB     R0, R4, R4,LSL#3 \n"
 734 "               LDR     R0, [R6,R0,LSL#2] \n"
 735 
 736 "loc_FF863700: \n"
 737 "               BL      sub_FF863A40 \n"
 738 "               B       loc_FF863698 \n"
 739 
 740 "loc_FF863708: \n"
 741 "               LDR     R7, =0x2570 \n"
 742 "               LDR     R0, [R7,R4,LSL#2] \n"
 743 "               BL      sub_FF83BDB8 \n"
 744 
 745 //"             ADR     R2, 0xFF863588 \n"
 746 "               LDR     R2, =0xFF863588 \n"
 747 
 748 "               ADD     R1, R2, #0 \n"
 749 "               ORR     R3, R4, #0x200 \n"
 750 "               MOV     R0, #0x28 \n"
 751 "               BL      sub_FF83BCD4 \n"
 752 "               TST     R0, #1 \n"
 753 "               CMPNE   R0, #0x15 \n"
 754 "               STR     R0, [R10,R4,LSL#2] \n"
 755 "               BEQ     loc_FF863698 \n"
 756 "               MOV     R1, #0x274 \n"
 757 "               B       loc_FF8638E4 \n"
 758 
 759 "loc_FF863740: \n"
 760 "               RSB     R5, R4, R4,LSL#3 \n"
 761 "               LDR     R0, [R6,R5,LSL#2] \n"
 762 "               LDR     R1, =0xC0240104 \n"
 763 "               LDR     R0, [R1,R0,LSL#8] \n"
 764 "               MOV     R2, R0,ASR#16 \n"
 765 "               ADD     R0, SP, #0x14 \n"
 766 "               ADD     R0, R0, R4,LSL#1 \n"
 767 "               STR     R0, [SP,#0x18] \n"
 768 "               STRH    R2, [R0] \n"
 769 "               ADD     R0, SP, #0x10 \n"
 770 "               ADD     R11, R0, R4,LSL#1 \n"
 771 "               LDRSH   R3, [R11] \n"
 772 "               SUB     R0, R2, R3 \n"
 773 "               CMP     R0, #0 \n"
 774 "               BNE     loc_FF8637C0 \n"
 775 "               LDR     R0, [R9,R4,LSL#2] \n"
 776 "               CMP     R0, #0 \n"
 777 "               BEQ     loc_FF8638A0 \n"
 778 "               LDR     R7, =0x2570 \n"
 779 "               LDR     R0, [R7,R4,LSL#2] \n"
 780 "               BL      sub_FF83BDB8 \n"
 781 
 782 //"             ADR     R2, 0xFF863594 \n"
 783 "               LDR     R2, =0xFF863594 \n"
 784 
 785 "               ADD     R1, R2, #0 \n"
 786 "               ORR     R3, R4, #0x300 \n"
 787 "               MOV     R0, #0x1F4 \n"
 788 "               BL      sub_FF83BCD4 \n"
 789 "               TST     R0, #1 \n"
 790 "               CMPNE   R0, #0x15 \n"
 791 "               STR     R0, [R7,R4,LSL#2] \n"
 792 "               BEQ     loc_FF8638A0 \n"
 793 "               LDR     R1, =0x28D \n"
 794 "               B       loc_FF863898 \n"
 795 
 796 "loc_FF8637C0: \n"
 797 "               MOV     R1, R0 \n"
 798 "               RSBLT   R0, R0, #0 \n"
 799 "               MOVLE   R7, #0 \n"
 800 "               MOVGT   R7, #1 \n"
 801 "               CMP     R0, #0xFF \n"
 802 "               BLS     loc_FF863800 \n"
 803 "               CMP     R1, #0 \n"
 804 "               RSBLE   R0, R3, #0xFF \n"
 805 "               ADDLE   R0, R0, #0x7F00 \n"
 806 "               ADDLE   R0, R0, R2 \n"
 807 "               RSBGT   R0, R2, #0xFF \n"
 808 "               ADDGT   R0, R0, #0x7F00 \n"
 809 "               ADDGT   R0, R0, R3 \n"
 810 "               ADD     R0, R0, #0x8000 \n"
 811 "               ADD     R0, R0, #1 \n"
 812 "               EOR     R7, R7, #1 \n"
 813 
 814 "loc_FF863800: \n"
 815 "               STR     R0, [SP,#0x04] \n"
 816 "               LDR     R0, [R9,R4,LSL#2] \n"
 817 "               CMP     R0, #0 \n"
 818 "               ADDEQ   R0, R6, R5,LSL#2 \n"
 819 "               LDREQ   R0, [R0,#8] \n"
 820 "               BEQ     loc_FF863838 \n"
 821 "               ADD     R8, R6, R5,LSL#2 \n"
 822 "               ADD     R1, R8, R7,LSL#2 \n"
 823 "               LDR     R1, [R1,#0x10] \n"
 824 "               CMP     R1, R0 \n"
 825 "               BEQ     loc_FF86383C \n"
 826 "               LDR     R0, [R8,#0xC] \n"
 827 "               BL      sub_FF89C2E4 \n"
 828 "               LDR     R0, [R8,#8] \n"
 829 
 830 "loc_FF863838: \n"
 831 "               BL      sub_FF89C2E4 \n"
 832 
 833 "loc_FF86383C: \n"
 834 "               ADD     R0, R6, R5,LSL#2 \n"
 835 "               ADD     R7, R0, R7,LSL#2 \n"
 836 "               LDR     R0, [R7,#0x10] \n"
 837 "               LDR     R1, [SP,#0x04] \n"
 838 "               BL      sub_FF89C20C \n"
 839 "               LDR     R0, [R7,#0x10] \n"
 840 "               LDR     R7, =0x2570 \n"
 841 "               STR     R0, [R9,R4,LSL#2] \n"
 842 "               LDR     R0, [SP,#0x18] \n"
 843 "               LDRH    R0, [R0] \n"
 844 "               STRH    R0, [R11] \n"
 845 "               LDR     R0, [R7,R4,LSL#2] \n"
 846 "               BL      sub_FF83BDB8 \n"
 847 
 848 //"             ADR     R2, 0xFF863594 \n"
 849 "               LDR     R2, =0xFF863594 \n"
 850 
 851 "               ADD     R1, R2, #0 \n"
 852 "               ORR     R3, R4, #0x300 \n"
 853 "               MOV     R0, #0x1F4 \n"
 854 "               BL      sub_FF83BCD4 \n"
 855 "               TST     R0, #1 \n"
 856 "               CMPNE   R0, #0x15 \n"
 857 "               STR     R0, [R7,R4,LSL#2] \n"
 858 "               BEQ     loc_FF8638A0 \n"
 859 "               LDR     R1, =0x2CF \n"
 860 
 861 "loc_FF863898: \n"
 862 //"             ADR     R0, 0xFF8638F8 \n"                      // "RotaryEncoder.c"
 863 "               LDR     R0, =0xFF8638F8 \n"                     // "RotaryEncoder.c"
 864 
 865 "               BL      sub_FF81EB78 \n"                        // DebugAssert
 866 
 867 "loc_FF8638A0: \n"
 868 "               ADD     R0, R6, R5,LSL#2 \n"
 869 "               LDR     R0, [R0,#0x18] \n"
 870 "               CMP     R0, #1 \n"
 871 "               BNE     loc_FF863930 \n"
 872 "               LDR     R0, =0x2560 \n"
 873 "               LDR     R0, [R0,#0x14] \n"
 874 "               CMP     R0, #0 \n"
 875 "               BEQ     loc_FF863930 \n"
 876 
 877 //"             ADR     R2, 0xFF863588 \n"
 878 "               LDR     R2, =0xFF863588 \n"
 879 
 880 "               ADD     R1, R2, #0 \n"
 881 "               ORR     R3, R4, #0x400 \n"
 882 "               BL      sub_FF83BCD4 \n"
 883 "               TST     R0, #1 \n"
 884 "               CMPNE   R0, #0x15 \n"
 885 "               STR     R0, [R10,R4,LSL#2] \n"
 886 "               BEQ     loc_FF863698 \n"
 887 "               LDR     R1, =0x2D6 \n"
 888 
 889 "loc_FF8638E4: \n"
 890 //"             ADR     R0, 0xFF8638F8 \n"                      // "RotaryEncoder.c"
 891 "               LDR     R0, =0xFF8638F8 \n"                     // "RotaryEncoder.c"
 892 
 893 "               BL      sub_FF81EB78 \n"                        // DebugAssert
 894 "               B       loc_FF863698 \n"
 895 
 896                 "NOP \n"
 897 
 898 
 899 "loc_FF863930: \n"
 900 "               LDR     R0, [R6,R5,LSL#2] \n"
 901 "               B       loc_FF863700 \n"
 902 
 903 "loc_FF863938: \n"
 904 "               LDR     R0, [R9,R4,LSL#2] \n"
 905 "               CMP     R0, #0 \n"
 906 "               MOVEQ   R1, #0x2E0 \n"
 907 
 908 //"             ADREQ   R0, 0xFF8638F8 \n"                      // "RotaryEncoder.c"
 909 "               LDREQ   R0, =0xFF8638F8 \n"                     // "RotaryEncoder.c"
 910 
 911 "               BLEQ    sub_FF81EB78 \n"                        // DebugAssert
 912 "               RSB     R0, R4, R4,LSL#3 \n"
 913 "               ADD     R0, R6, R0,LSL#2 \n"
 914 "               LDR     R0, [R0,#0xC] \n"
 915 "               BL      sub_FF89C2E4 \n"
 916 "               MOV     R2, #0 \n"
 917 "               STR     R2, [R9,R4,LSL#2] \n"
 918 "               B       loc_FF863698 \n"
 919  );
 920 };
 921 
 922 
 923 //FILE INIT STUFF
 924 void __attribute__((naked,noinline)) init_file_modules_task() {
 925  asm volatile(
 926          "STMFD   SP!, {R4-R6,LR}\n"
 927          "BL      sub_FF896688\n"
 928          "LDR     R5, =0x5006\n"
 929          "MOVS    R4, R0\n"
 930          "MOVNE   R1, #0\n"
 931          "MOVNE   R0, R5\n"
 932          "BLNE    sub_FF89A464\n"  //PostLogicalEventToUI
 933 //       "BL      sub_FF8966B4\n"
 934          "BL      sub_FF8966B4_my\n"
 935          //----------------------->
 936     "BL      core_spytask_can_start\n" // + safe to start spytask   S95 new stuff to speed up chdk load
 937 
 938          "CMP     R4, #0\n"
 939          "MOVEQ   R0, R5\n"
 940          "LDMEQFD SP!, {R4-R6,LR}\n"
 941          "MOVEQ   R1, #0\n"
 942          "BEQ    sub_FF89A464\n"  //PostLogicalEventToUI
 943          "LDMFD   SP!, {R4-R6,PC}\n"
 944          );
 945 };
 946 
 947 void __attribute__((naked,noinline)) sub_FF8966B4_my() {
 948  asm volatile(
 949          "STMFD   SP!, {R4,LR}\n"
 950          "MOV     R0, #3\n"
 951 //       "BL      sub_FF87538C\n"         //__Mounter.c__0
 952          "BL      sub_FF87538C_my\n"      //__Mounter.c__0
 953 
 954          "B       sub_FF8966C0\n" // continue in firmware
 955          );
 956 };
 957 
 958 void __attribute__((naked,noinline)) sub_FF87538C_my() {
 959  asm volatile(
 960                  "STMFD   SP!, {R4-R8,LR}\n"
 961                  "MOV     R8, R0\n"
 962                  "BL      sub_FF87530C\n" //__Mounter.c__0
 963                  "LDR     R1, =0x3A068\n"
 964                  "MOV     R6, R0\n"
 965                  "ADD     R4, R1, R0,LSL#7\n"
 966                  "LDR     R0, [R4,#0x6C]\n"
 967                  "CMP     R0, #4\n"
 968                  "LDREQ   R1, =0x83F\n"
 969                  "LDREQ   R0, =0xFF874E4C\n" //aMounter_c
 970                  "BLEQ    sub_FF81EB78\n"  //DebugAssert
 971                  "MOV     R1, R8\n"
 972                  "MOV     R0, R6\n"
 973                  "BL      sub_FF874BC0\n"
 974                  "LDR     R0, [R4,#0x38]\n"
 975                  "BL      sub_FF875A30\n"
 976                  "CMP     R0, #0\n"
 977                  "STREQ   R0, [R4,#0x6C]\n"
 978                  "MOV     R0, R6\n"
 979                  "BL      sub_FF874C50\n"
 980                  "MOV     R0, R6\n"
 981 //               "BL      sub_FF874FB4\n"
 982                  "BL      sub_FF874FB4_my\n"
 983                  //------------------->
 984                  "B       sub_FF8753E4 \n" //continue in firmware
 985                  );
 986 
 987          };
 988 void __attribute__((naked,noinline)) sub_FF874FB4_my() {
 989  asm volatile(
 990                          "STMFD   SP!, {R4-R6,LR}\n"
 991                          "MOV     R5, R0\n"
 992                          "LDR     R0, =0x3A068\n"
 993                          "ADD     R4, R0, R5,LSL#7\n"
 994                          "LDR     R0, [R4,#0x6C]\n"
 995                          "TST     R0, #2\n"
 996                          "MOVNE   R0, #1\n"
 997                          "LDMNEFD SP!, {R4-R6,PC}\n"
 998                          "LDR     R0, [R4,#0x38]\n"
 999                          "MOV     R1, R5\n"
1000 //                       "BL      sub_FF874CD4\n"
1001                          "BL      sub_FF874CD4_my\n"
1002                                     //------------------->
1003 
1004              "B      sub_FF874FE0\n"  //continue in firmware
1005 
1006                          );
1007 
1008          };
1009 
1010 void __attribute__((naked,noinline)) sub_FF874CD4_my() {
1011  asm volatile(
1012          "              STMFD   SP!, {R4-R10,LR}\n"
1013          "              MOV     R9, R0\n"
1014          "              LDR     R0, =0x3A068\n"
1015          "              MOV     R8, #0\n"
1016          "              ADD     R5, R0, R1,LSL#7\n"
1017          "              LDR     R0, [R5,#0x3C]\n"
1018          "              MOV     R7, #0\n"
1019          "              CMP     R0, #7\n"
1020          "              MOV     R6, #0\n"
1021          "              ADDLS   PC, PC, R0,LSL#2\n"
1022          "              B       loc_FF874E2C\n"
1023          "loc_FF874D00:\n"
1024          "              B       loc_FF874D38\n"
1025          "loc_FF874D04:\n"
1026          "              B       loc_FF874D20\n"
1027          "loc_FF874D08:\n"
1028          "              B       loc_FF874D20\n"
1029          "loc_FF874D0C:\n"
1030          "              B       loc_FF874D20\n"
1031          "loc_FF874D10:\n"
1032          "              B       loc_FF874D20\n"
1033          "loc_FF874D14:\n"
1034          "              B       loc_FF874E24\n"
1035          "loc_FF874D18:\n"
1036          "              B       loc_FF874D20\n"
1037          "loc_FF874D1C:\n"
1038          "              B       loc_FF874D20\n"
1039 "loc_FF874D20:\n"
1040          "              MOV     R2, #0\n"
1041          "              MOV     R1, #0x200\n"
1042          "              MOV     R0, #2\n"
1043          "              BL      sub_FF890738\n"
1044          "              MOVS    R4, R0\n"
1045          "              BNE     loc_FF874D40\n"
1046 "loc_FF874D38:\n"
1047          "              MOV     R0, #0\n"
1048          "              LDMFD   SP!, {R4-R10,PC}\n"
1049 "loc_FF874D40:\n"
1050          "              LDR     R12, [R5,#0x50]\n"
1051          "              MOV     R3, R4\n"
1052          "              MOV     R2, #1\n"
1053          "              MOV     R1, #0\n"
1054          "              MOV     R0, R9\n"
1055          "              BLX     R12\n"
1056          "              CMP     R0, #1\n"
1057          "              BNE     loc_FF874D6C\n"
1058          "              MOV     R0, #2\n"
1059          "              BL      sub_FF890888\n" //__ExMemMan.c__0 ; LOCATION: ExMemMan.c:0
1060          "              B       loc_FF874D38\n"
1061 "loc_FF874D6C:\n"
1062          "              LDR     R1, [R5,#0x64]\n"
1063          "              MOV     R0, R9\n"
1064          "              BLX     R1\n"
1065 //Allready inserted code
1066 
1067                  "MOV   R1, R4\n"           //  pointer to MBR in R1
1068                  "BL    mbr_read_dryos\n"   //  total sectors count in R0 before and after call
1069 
1070         // Start of DataGhost's FAT32 autodetection code
1071           // Policy: If there is a partition which has type W95 FAT32, use the first one of those for image storage
1072           // According to the code below, we can use R1, R2, R3 and R12.
1073           // LR wasn't really used anywhere but for storing a part of the partition signature. This is the only thing
1074           // that won't work with an offset, but since we can load from LR+offset into LR, we can use this to do that :)
1075           "MOV     R12, R4\n"                    // Copy the MBR start address so we have something to work with
1076           "MOV     LR, R4\n"                     // Save old offset for MBR signature
1077           "MOV     R1, #1\n"                     // Note the current partition number
1078           "B       dg_sd_fat32_enter\n"          // We actually need to check the first partition as well, no increments yet!
1079      "dg_sd_fat32:\n"
1080           "CMP     R1, #4\n"                     // Did we already see the 4th partition?
1081           "BEQ     dg_sd_fat32_end\n"            // Yes, break. We didn't find anything, so don't change anything.
1082           "ADD     R12, R12, #0x10\n"            // Second partition
1083           "ADD     R1, R1, #1\n"                 // Second partition for the loop
1084      "dg_sd_fat32_enter:\n"
1085           "LDRB    R2, [R12, #0x1BE]\n"          // Partition status
1086           "LDRB    R3, [R12, #0x1C2]\n"          // Partition type (FAT32 = 0xB)
1087           "CMP     R3, #0xB\n"                   // Is this a FAT32 partition?
1088           "CMPNE   R3, #0xC\n"                   // Not 0xB, is it 0xC (FAT32 LBA) then?
1089           "BNE     dg_sd_fat32\n"                // No, it isn't. Loop again.
1090           "CMP     R2, #0x00\n"                  // It is, check the validity of the partition type
1091           "CMPNE   R2, #0x80\n"
1092           "BNE     dg_sd_fat32\n"                // Invalid, go to next partition
1093                                                  // This partition is valid, it's the first one, bingo!
1094           "MOV     R4, R12\n"                    // Move the new MBR offset for the partition detection.
1095 
1096      "dg_sd_fat32_end:\n"
1097           // End of DataGhost's FAT32 autodetection code
1098 
1099 
1100 
1101 
1102 
1103          "              LDRB    R1, [R4,#0x1C9]\n"
1104          "              LDRB    R3, [R4,#0x1C8]\n"
1105          "              LDRB    R12, [R4,#0x1CC]\n"
1106          "              MOV     R1, R1,LSL#24\n"
1107          "              ORR     R1, R1, R3,LSL#16\n"
1108          "              LDRB    R3, [R4,#0x1C7]\n"
1109          "              LDRB    R2, [R4,#0x1BE]\n"
1110          //"            LDRB    LR, [R4,#0x1FF]\n"     //remains commented as in sx200
1111          "              ORR     R1, R1, R3,LSL#8\n"
1112          "              LDRB    R3, [R4,#0x1C6]\n"
1113          "              CMP     R2, #0\n"
1114          "              CMPNE   R2, #0x80\n"
1115          "              ORR     R1, R1, R3\n"
1116          "              LDRB    R3, [R4,#0x1CD]\n"
1117          "              MOV     R3, R3,LSL#24\n"
1118          "              ORR     R3, R3, R12,LSL#16\n"
1119          "              LDRB    R12, [R4,#0x1CB]\n"
1120          "              ORR     R3, R3, R12,LSL#8\n"
1121          "              LDRB    R12, [R4,#0x1CA]\n"
1122          "              ORR     R3, R3, R12\n"
1123          //"            LDRB    R12, [R4,#0x1FE]\n"    //remains commented as in sx200
1124      // Left as in sx200
1125              "LDRB    R12, [LR,#0x1FE]\n"           // + First MBR signature byte (0x55), LR is original offset.
1126              "LDRB    LR, [LR,#0x1FF]\n"            // + Last MBR signature byte (0xAA), LR is original offset.
1127 
1128 
1129          "              BNE     loc_FF874DF8\n"
1130          "              CMP     R0, R1\n"
1131          "              BCC     loc_FF874DF8\n"
1132          "              ADD     R2, R1, R3\n"
1133          "              CMP     R2, R0\n"
1134          "              CMPLS   R12, #0x55\n"
1135          "              CMPEQ   LR, #0xAA\n"
1136          "              MOVEQ   R7, R1\n"
1137          "              MOVEQ   R6, R3\n"
1138          "              MOVEQ   R4, #1\n"
1139          "              BEQ     loc_FF874DFC\n"
1140 "loc_FF874DF8:\n"
1141          "              MOV     R4, R8\n"
1142 "loc_FF874DFC:\n"
1143          "              MOV     R0, #2\n"
1144          "              BL      sub_FF890888\n" //__ExMemMan.c__0 ; LOCATION: ExMemMan.c:0
1145          "              CMP     R4, #0\n"
1146          "              BNE     loc_FF874E38\n"
1147          "              LDR     R1, [R5,#0x64]\n"
1148          "              MOV     R7, #0\n"
1149          "              MOV     R0, R9\n"
1150          "              BLX     R1\n"
1151          "              MOV     R6, R0\n"
1152          "              B       loc_FF874E38\n"
1153 "loc_FF874E24:\n"
1154          "              MOV     R6, #0x40\n"
1155          "              B       loc_FF874E38\n"
1156 "loc_FF874E2C:\n"
1157          "              LDR     R1, =0x597\n"
1158          "              LDR     R0, =0xFF874E4C\n" //aMounter_c ; Mounter.c
1159          "              BL      sub_FF81EB78\n" //DebugAssert
1160 
1161 "loc_FF874E38:\n"
1162          "              STR     R7, [R5,#0x44]!\n"
1163          "              STMIB   R5, {R6,R8}\n"
1164          "              MOV     R0, #1\n"
1165 "               LDMFD   SP!, {R4-R10,PC}\n"
1166 
1167                   );
1168 
1169                  };

/* [<][>][^][v][top][bottom][index][help] */