This source file includes following definitions.
- spytask
- CreateTask_spytask
- boot
- CreateTask_my
- sub_fc064300_my
- sub_fc064490_my
- sub_fc064896_my
- task_Startup_my
- sub_fc0780e6_my
- init_file_modules_task
- init_required_fw_features
- kbd_p2_f_my
- sub_fc075c6e_my
1 #include "lolevel.h"
2 #include "platform.h"
3 #include "core.h"
4
5 const char * const new_sa = &_end;
6
7
8
9 extern void task_CaptSeq();
10 extern void task_InitFileModules();
11 extern void task_RotaryEncoder();
12 extern void task_MovieRecord();
13 extern void task_ExpDrv();
14
15 extern void handle_jogdial();
16
17
18
19
20 void spytask(long ua, long ub, long uc, long ud, long ue, long uf)
21 {
22 (void)ua; (void)ub; (void)uc; (void)ud; (void)ue; (void)uf;
23 core_spytask();
24 }
25
26
27
28
29 void CreateTask_spytask()
30 {
31 _CreateTask("SpyTask", 0x19, 0x2000, spytask, 0);
32 }
33
34
35
36
37
38
39
40
41
42
43 void __attribute__((naked,noinline)) boot() {
44 asm volatile (
45 " movw r0, #0x4000\n"
46 " movt r0, #0\n"
47 " mov sp, r0\n"
48 " bl sub_fc02006a\n"
49 " ldr r2, =0xc0242010\n"
50 " ldr r1, [r2]\n"
51 " orr r1, r1, #1\n"
52 " str r1, [r2]\n"
53 " ldr r0, =0xfcd67020\n"
54 " ldr r1, =0x010e1000\n"
55 " ldr r3, =0x0110dc1c\n"
56 "loc_fc02002a:\n"
57 " cmp r1, r3\n"
58 " itt lo\n"
59 " ldrlo r2, [r0], #4\n"
60 " strlo r2, [r1], #4\n"
61 " blo loc_fc02002a\n"
62
63
64 "adr r0, patch_CreateTask\n"
65 "ldr r1, =hook_CreateTask\n"
66 "add r2, r0, #8\n"
67 "task_hook_loop:\n"
68 "ldrh r3, [r0],#2\n"
69 "strh r3, [r1],#2\n"
70 "cmp r0,r2\n"
71 "blo task_hook_loop\n"
72 " ldr r0, =0x010e1000\n"
73 " ldr r1, =0x0002cc1c\n"
74 " bl sub_fc133dae\n"
75 " ldr r0, =0xfcd39d68\n"
76 " ldr r1, =0x00008000\n"
77 " ldr r3, =0x000352b8\n"
78 "loc_fc020046:\n"
79 " cmp r1, r3\n"
80 " itt lo\n"
81 " ldrlo r2, [r0], #4\n"
82 " strlo r2, [r1], #4\n"
83 " blo loc_fc020046\n"
84 " ldr r3, =0x000352b8\n"
85 " ldr r1, =0x0036a354\n"
86 " mov.w r2, #0\n"
87 "loc_fc02005c:\n"
88 " cmp r3, r1\n"
89 " it lo\n"
90 " strlo r2, [r3], #4\n"
91 " blo loc_fc02005c\n"
92 " b.w sub_fc064300_my\n"
93
94 "patch_CreateTask:\n"
95 "ldr.w pc, [pc,#0]\n"
96 ".long CreateTask_my + 1\n"
97 );
98 }
99
100
101 void __attribute__((naked,noinline)) CreateTask_my() {
102 asm volatile (
103 " push {r0}\n"
104
105 " ldr r0, =task_CaptSeq\n"
106 " cmp r0, r3\n"
107 " itt eq\n"
108 " ldreq r3, =capt_seq_task\n"
109 " orreq r3, #1\n"
110 " beq exitHook\n"
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128 " ldr r0, =task_FileWrite\n"
129 " cmp r0, r3\n"
130 " itt eq\n"
131 " ldreq r3, =filewritetask\n"
132 " orreq r3, #1\n"
133 " beq exitHook\n"
134
135
136
137
138
139
140
141
142 " ldr r0, =task_InitFileModules\n"
143 " cmp r0, r3\n"
144 " itt eq\n"
145 " ldreq r3, =init_file_modules_task\n"
146 " orreq r3, #1\n"
147 "exitHook:\n"
148
149 " pop {r0}\n"
150
151
152
153 " stmdb sp!, {r1, r2, r3, r4, r5, r6, r7, r8, r9, lr}\n"
154 " mov r4, r0\n"
155 " ldr r0, =0x8160\n"
156 " ldr.w pc, =(hook_CreateTask + 8 + 1) \n"
157 ".ltorg\n"
158 );
159 }
160
161 void __attribute__((naked,noinline)) sub_fc064300_my() {
162
163
164 asm volatile (
165 " push {r4, lr}\n"
166 #if defined(CHDK_NOT_IN_CANON_HEAP)
167 " ldr r4, =0x0036a354\n"
168 #else
169 "ldr r4, =new_sa\n"
170 "ldr r4, [r4]\n"
171 #endif
172 " sub sp, #0x78\n"
173 " ldr r0, =0x006ce000\n"
174 " ldr r1, =0x0008fd8c\n"
175 " subs r0, r0, r4\n"
176 " cmp r0, r1\n"
177 " bhs loc_fc064312\n"
178 "loc_fc064310:\n"
179 " b loc_fc064310\n"
180 "loc_fc064312:\n"
181 " ldr r1, =0x00008074\n"
182 " mov.w r0, #0x80000\n"
183 " str r0, [r1]\n"
184 " ldr r1, =0x00008078\n"
185 " ldr r0, =0x42a41000\n"
186 " str r0, [r1]\n"
187 " ldr r1, =0x0000807c\n"
188 " ldr r0, =0x42a43000\n"
189 " str r0, [r1]\n"
190 " movs r1, #0x78\n"
191 " mov r0, sp\n"
192 " blx sub_fc2efa30\n"
193 " ldr r0, =0x0062e000\n"
194 " mov.w r1, #0xa0000\n"
195 " stm.w sp, {r0, r1, r4}\n"
196 " ldr r1, =0x00622274\n"
197 " subs r2, r1, r4\n"
198 " strd r2, r1, [sp, #0xc]\n"
199 " str r0, [sp, #0x14]\n"
200 " movs r0, #0x22\n"
201 " str r0, [sp, #0x18]\n"
202 " movs r0, #0x98\n"
203 " str r0, [sp, #0x1c]\n"
204 " movw r0, #0x24c\n"
205 " str r0, [sp, #0x20]\n"
206 " movs r0, #0xfa\n"
207 " str r0, [sp, #0x24]\n"
208 " movs r0, #0xe8\n"
209 " str r0, [sp, #0x28]\n"
210 " movs r0, #0x85\n"
211 " str r0, [sp, #0x2c]\n"
212 " movs r0, #0x40\n"
213 " str r0, [sp, #0x30]\n"
214 " movs r0, #4\n"
215 " str r0, [sp, #0x34]\n"
216 " movs r0, #0\n"
217 " str r0, [sp, #0x38]\n"
218 " movs r0, #0x10\n"
219 " str r0, [sp, #0x5c]\n"
220 " movs r2, #0\n"
221 " lsls r0, r0, #8\n"
222 " str r0, [sp, #0x60]\n"
223
224 " ldr r1, =sub_fc064490_my\n"
225 " asrs r0, r0, #4\n"
226 " str r0, [sp, #0x64]\n"
227 " lsls r0, r0, #5\n"
228 " str r0, [sp, #0x68]\n"
229 " mov r0, sp\n"
230 " blx sub_fc2eef88\n"
231 " add sp, #0x78\n"
232 " pop {r4, pc}\n"
233 ".ltorg\n"
234 );
235 }
236
237 void __attribute__((naked,noinline)) sub_fc064490_my() {
238
239 asm volatile (
240 " push {r4, lr}\n"
241 " ldr r4, =0xfc06453c\n"
242 " bl sub_fc065764\n"
243 " ldr r0, =0x000080ec\n"
244 " ldr r1, [r0]\n"
245 " ldr r0, =0x00008074\n"
246 " ldr r0, [r0]\n"
247 " adds r0, #0x10\n"
248 " cmp r1, r0\n"
249 " bhs loc_fc0644ac\n"
250 " ldr r0, =0xfc06454c\n"
251 " bl sub_fc064524\n"
252 "loc_fc0644ac:\n"
253 " bl sub_fc133e88\n"
254 " ldr r3, =0x80000800\n"
255
256
257
258 " mov.w r1, #0x80000000\n"
259 " mov.w r2, #0xeeeeeeee\n"
260 "loc_fc0644ba:\n"
261 " stm r1!, {r2}\n"
262 " cmp r1, r3\n"
263 " blo loc_fc0644ba\n"
264 " bl sub_fc133e9a\n"
265 " bl sub_fc133f18\n"
266 " cmp r0, #0\n"
267 " bge loc_fc0644d2\n"
268 " ldr r0, =0xfc064568\n"
269 " bl sub_fc064524\n"
270 "loc_fc0644d2:\n"
271 " bl sub_fc064d18\n"
272 " cmp r0, #0\n"
273 " bge loc_fc0644e0\n"
274 " ldr r0, =0xfc064570\n"
275 " bl sub_fc064524\n"
276 "loc_fc0644e0:\n"
277 " mov r0, r4\n"
278 " bl sub_fc064da6\n"
279 " cmp r0, #0\n"
280 " bge loc_fc0644f0\n"
281 " ldr r0, =0xfc064580\n"
282 " bl sub_fc064524\n"
283 "loc_fc0644f0:\n"
284 " mov r0, r4\n"
285 " bl sub_fc0646c8\n"
286 " cmp r0, #0\n"
287 " bge loc_fc064500\n"
288 " ldr r0, =0xfc064594\n"
289 " bl sub_fc064524\n"
290 "loc_fc064500:\n"
291 " bl sub_fc06480c\n"
292 " cmp r0, #0\n"
293 " bge loc_fc06450e\n"
294 " ldr r0, =0xfc0645a0\n"
295 " bl sub_fc064524\n"
296 "loc_fc06450e:\n"
297 " bl sub_fc0678ec\n"
298 " cmp r0, #0\n"
299 " bge loc_fc06451c\n"
300 " ldr r0, =0xfc0645ac\n"
301 " bl sub_fc064524\n"
302 "loc_fc06451c:\n"
303 " pop.w {r4, lr}\n"
304 " b.w sub_fc064896_my\n"
305 ".ltorg\n"
306 );
307 }
308 void __attribute__((naked,noinline)) sub_fc064896_my() {
309 asm volatile (
310
311 " push {r3, lr}\n"
312 " bl sub_fc0649b0\n"
313 " bl sub_fc0bda32\n"
314 " cbnz r0, loc_fc0648ac\n"
315 " bl sub_fc079012\n"
316 " cbz r0, loc_fc0648ac\n"
317 " movs r0, #1\n"
318 " b loc_fc0648ae\n"
319 "loc_fc0648ac:\n"
320 " movs r0, #0\n"
321 "loc_fc0648ae:\n"
322 " bl sub_fc0781f4\n"
323 " cbnz r0, loc_fc0648ba\n"
324 " bl sub_fc06499e\n"
325 "loc_fc0648b8:\n"
326 " b loc_fc0648b8\n"
327 "loc_fc0648ba:\n"
328 " blx sub_fc2eefe0\n"
329 " ldr r1, =0x006ce000\n"
330 " movs r0, #0\n"
331 " bl sub_fc36025c\n"
332 " blx sub_fc2ef548\n"
333 " movs r3, #0\n"
334 " str r3, [sp]\n"
335
336 " ldr r3, =task_Startup_my\n"
337 " movs r2, #0\n"
338 " movs r1, #0x19\n"
339 " ldr r0, =0xfc0648e8\n"
340 " bl _CreateTask\n"
341
342 " movs r0, #0\n"
343 " pop {r3, pc}\n"
344 ".ltorg\n"
345 );
346 }
347
348 void __attribute__((naked,noinline)) task_Startup_my() {
349 asm volatile (
350
351
352 " push {r4, lr}\n"
353 " bl sub_fc13515c\n"
354 " bl sub_fc06497c\n"
355
356 " bl sub_fc0db5c4\n"
357
358 "bl sub_010e638b\n"
359
360 " bl sub_fc091b6e\n"
361 " bl sub_fc0db718\n"
362 " bl sub_fc064c58\n"
363 " bl sub_fc064a90\n"
364 " bl sub_fc0db602\n"
365 " bl sub_fc0bd780\n"
366 " bl sub_fc0db71e\n"
367 " bl sub_fc0780e6_my\n"
368 " bl CreateTask_spytask\n"
369 " bl init_required_fw_features\n"
370 " bl sub_fc282ac8\n"
371 " bl sub_fc0db734\n"
372 " bl sub_fc0bd718\n"
373 " bl sub_fc134f16\n"
374 " bl sub_fc0bd8de\n"
375 " bl sub_fc0db576\n"
376 " bl sub_fc134ed2\n"
377 " bl sub_fc064c5c\n"
378 " bl sub_fc356c6e\n"
379 " bl sub_fc134ea6\n"
380 " pop.w {r4, lr}\n"
381 " b.w sub_fc135132\n"
382 ".ltorg\n"
383 );
384 }
385
386
387
388 void __attribute__((naked,noinline)) sub_fc0780e6_my() {
389 asm volatile (
390 " push {r3, r4, r5, lr}\n"
391 " bl sub_fc076fb8\n"
392 " bl sub_fc078f90\n"
393 " cbnz r0, loc_fc0780f6\n"
394 " bl sub_fc076f5c\n"
395 "loc_fc0780f6:\n"
396 " ldr r4, =0x000082c8\n"
397 " ldr r0, [r4, #4]\n"
398 " cmp r0, #0\n"
399 " bne loc_fc078112\n"
400 " movs r3, #0\n"
401 " str r3, [sp]\n"
402
403 " ldr r3, =mykbd_task\n"
404 " movs r1, #0x17\n"
405 " ldr r0, =0xfc078140\n"
406 " movw r2, #0x2000\n"
407 " blx sub_fc2ef908\n"
408 " str r0, [r4, #4]\n"
409 "loc_fc078112:\n"
410 " pop {r3, r4, r5, pc}\n"
411 ".ltorg\n"
412 );
413 }
414
415
416 void __attribute__((naked,noinline)) init_file_modules_task() {
417 asm volatile (
418
419 " push {r4, r5, r6, lr}\n"
420 " bl sub_fc0c361c\n"
421 " movs r4, r0\n"
422 " movw r5, #0x5006\n"
423 " beq loc_fc0c22e6\n"
424 " movs r1, #0\n"
425 " mov r0, r5\n"
426 " bl _PostLogicalEventToUI\n"
427 "loc_fc0c22e6:\n"
428 " bl sub_fc0c3646\n"
429 " BL core_spytask_can_start\n"
430 " cmp r4, #0\n"
431 " bne loc_fc0c22fa\n"
432 " mov r0, r5\n"
433 " pop.w {r4, r5, r6, lr}\n"
434 " movs r1, #0\n"
435 " b.w _PostLogicalEventToUI\n"
436 "loc_fc0c22fa:\n"
437 " pop {r4, r5, r6, pc}\n"
438 ".ltorg\n"
439 );
440 }
441
442
443
444
445
446
447 void init_required_fw_features(void) {
448 extern void _init_focus_eventflag();
449 extern void _init_nd_eventflag();
450
451
452
453 _init_focus_eventflag();
454 _init_nd_eventflag();
455
456 extern int av_override_semaphore;
457 extern int _CreateBinarySemaphoreStrictly(int x, int y);
458 av_override_semaphore = _CreateBinarySemaphoreStrictly(0,0);
459
460 }
461
462
463
464
465 void __attribute__((naked,noinline)) kbd_p2_f_my() {
466 asm volatile(
467 " push.w {r4, r5, r6, r7, r8, lr}\n"
468 " ldr r6, =0x00036c34\n"
469 " sub sp, #0x18\n"
470 " add r7, sp, #8\n"
471 " subs r6, #0xc\n"
472 " b loc_fc077ece\n"
473 "loc_fc077e9a:\n"
474 " ldr r1, =0x00036c34\n"
475 " add r3, sp, #8\n"
476 " ldrb.w r0, [sp, #4]\n"
477 " add r2, sp, #0x14\n"
478 " subs r1, #0x18\n"
479 " bl sub_fc0760c4\n"
480 " cbnz r0, loc_fc077eb4\n"
481 " ldr r1, [sp, #0x14]\n"
482 " movs r0, #0\n"
483 " bl sub_fc077dfe\n"
484 "loc_fc077eb4:\n"
485 " movs r0, #2\n"
486 "loc_fc077eb6:\n"
487 " ldr.w r1, [r7, r0, lsl #2]\n"
488 " cbz r1, loc_fc077ec6\n"
489 " ldr.w r2, [r6, r0, lsl #2]\n"
490 " bics r2, r1\n"
491 " str.w r2, [r6, r0, lsl #2]\n"
492 "loc_fc077ec6:\n"
493 " subs r0, r0, #1\n"
494 " sxtb r0, r0\n"
495 " cmp r0, #0\n"
496 " bge loc_fc077eb6\n"
497 "loc_fc077ece:\n"
498 " ldr r0, =0x00036c34\n"
499 " add r1, sp, #4\n"
500 " subs r0, #0xc\n"
501 " bl sub_fc075dc4\n"
502 " cmp r0, #0\n"
503 " bne loc_fc077e9a\n"
504 " ldr.w r8, =0x00036c34\n"
505 " movs r4, #0\n"
506 "loc_fc077ee2:\n"
507 " movs r5, #0\n"
508 " ldr.w r0, [r6, r4, lsl #2]\n"
509 " ldr.w r1, [r8, r4, lsl #2]\n"
510 " ands r0, r1\n"
511 " str.w r0, [r6, r4, lsl #2]\n"
512 " b loc_fc077f3a\n"
513 "loc_fc077ef4:\n"
514 " lsrs r0, r5\n"
515 " lsls r0, r0, #0x1f\n"
516 " beq loc_fc077f32\n"
517 " ldr r1, =0x00036c34\n"
518 " add.w r0, r5, r4, lsl #5\n"
519 " add r3, sp, #8\n"
520 " subs r1, #0x18\n"
521 " add r2, sp, #0x14\n"
522 " uxtb r0, r0\n"
523 " bl sub_fc0760c4\n"
524 " cbnz r0, loc_fc077f16\n"
525 " ldr r1, [sp, #0x14]\n"
526 " movs r0, #1\n"
527 " bl sub_fc077dfe\n"
528 "loc_fc077f16:\n"
529 " mov r0, r4\n"
530 " b loc_fc077f2e\n"
531 "loc_fc077f1a:\n"
532 " ldr.w r1, [r7, r0, lsl #2]\n"
533 " cbz r1, loc_fc077f2a\n"
534 " ldr.w r2, [r6, r0, lsl #2]\n"
535 " bics r2, r1\n"
536 " str.w r2, [r6, r0, lsl #2]\n"
537 "loc_fc077f2a:\n"
538 " adds r0, r0, #1\n"
539 " sxtb r0, r0\n"
540 "loc_fc077f2e:\n"
541 " cmp r0, #3\n"
542 " blt loc_fc077f1a\n"
543 "loc_fc077f32:\n"
544 " ldr.w r0, [r6, r4, lsl #2]\n"
545 " adds r5, r5, #1\n"
546 " uxtb r5, r5\n"
547 "loc_fc077f3a:\n"
548 " cmp r0, #0\n"
549 " bne loc_fc077ef4\n"
550 " adds r4, r4, #1\n"
551 " sxtb r4, r4\n"
552 " cmp r4, #3\n"
553 " blt loc_fc077ee2\n"
554 " bl sub_fc075c6e_my\n"
555 " add sp, #0x18\n"
556 " pop.w {r4, r5, r6, r7, r8, pc}\n"
557 ".ltorg\n"
558 );
559 }
560
561
562 void __attribute__((naked,noinline)) sub_fc075c6e_my() {
563 asm volatile(
564 " push {r4, lr}\n"
565 " ldr r4, =0x00009800\n"
566 " ldr r0, [r4, #0xc]\n"
567 " bl sub_fc0771f0\n"
568 " ldr r0, [r4, #0x10]\n"
569 " bl sub_fc07727a\n"
570 " bl sub_fc0f8224\n"
571 " ldr r0, [r4, #0x14]\n"
572 " bl sub_fc07710c\n"
573 " ldr r0, [r4, #0x18]\n"
574 " bl sub_fc07710c\n"
575
576
577
578 " bl handle_jogdial\n"
579 " cmp r0, #0\n"
580 " beq no_scroll\n"
581 " bl sub_fc0774e4\n"
582 "no_scroll:\n"
583 " pop {r4, pc}\n"
584 ".ltorg\n"
585 );
586 }