This source file includes following definitions.
- spytask
- CreateTask_spytask
- boot
- CreateTask_my
- sub_fc064300_my
- sub_fc064490_my
- sub_fc064896_my
- task_Startup_my
- sub_fc0780e6_my
- init_file_modules_task
- init_required_fw_features
- kbd_p2_f_my
- sub_fc075c6e_my
1 #include "lolevel.h"
2 #include "platform.h"
3 #include "core.h"
4
5 const char * const new_sa = &_end;
6
7
8
9 extern void task_CaptSeq();
10 extern void task_InitFileModules();
11 extern void task_RotaryEncoder();
12 extern void task_MovieRecord();
13 extern void task_ExpDrv();
14
15 extern void handle_jogdial();
16
17
18
19
20 void spytask(long ua, long ub, long uc, long ud, long ue, long uf)
21 {
22 (void)ua; (void)ub; (void)uc; (void)ud; (void)ue; (void)uf;
23 core_spytask();
24 }
25
26
27
28
29 void CreateTask_spytask()
30 {
31 _CreateTask("SpyTask", 0x19, 0x2000, spytask, 0);
32 }
33
34
35
36
37
38
39
40
41
42 void __attribute__((naked,noinline)) boot() {
43 asm volatile (
44 " movw r0, #0x4000\n"
45 " movt r0, #0\n"
46 " mov sp, r0\n"
47 " bl sub_fc02006a\n"
48 " ldr r2, =0xc0242010\n"
49 " ldr r1, [r2]\n"
50 " orr r1, r1, #1\n"
51 " str r1, [r2]\n"
52 " ldr r0, =0xfcd67030\n"
53 " ldr r1, =0x010e1000\n"
54 " ldr r3, =0x0110dc1c\n"
55 "loc_fc02002a:\n"
56 " cmp r1, r3\n"
57 " itt lo\n"
58 " ldrlo r2, [r0], #4\n"
59 " strlo r2, [r1], #4\n"
60 " blo loc_fc02002a\n"
61
62
63 "adr r0, patch_CreateTask\n"
64 "ldr r1, =hook_CreateTask\n"
65 "add r2, r0, #8\n"
66 "task_hook_loop:\n"
67 "ldrh r3, [r0],#2\n"
68 "strh r3, [r1],#2\n"
69 "cmp r0,r2\n"
70 "blo task_hook_loop\n"
71 " ldr r0, =0x010e1000\n"
72 " ldr r1, =0x0002cc1c\n"
73 " bl sub_fc133dae\n"
74 " ldr r0, =0xfcd39d78\n"
75 " ldr r1, =0x00008000\n"
76 " ldr r3, =0x000352b8\n"
77 "loc_fc020046:\n"
78 " cmp r1, r3\n"
79 " itt lo\n"
80 " ldrlo r2, [r0], #4\n"
81 " strlo r2, [r1], #4\n"
82 " blo loc_fc020046\n"
83 " ldr r3, =0x000352b8\n"
84 " ldr r1, =0x0036a354\n"
85 " mov.w r2, #0\n"
86 "loc_fc02005c:\n"
87 " cmp r3, r1\n"
88 " it lo\n"
89 " strlo r2, [r3], #4\n"
90 " blo loc_fc02005c\n"
91 " b.w sub_fc064300_my\n"
92
93 "patch_CreateTask:\n"
94 "ldr.w pc, [pc,#0]\n"
95 ".long CreateTask_my + 1\n"
96 );
97 }
98
99
100 void __attribute__((naked,noinline)) CreateTask_my() {
101 asm volatile (
102 " push {r0}\n"
103
104 " ldr r0, =task_CaptSeq\n"
105 " cmp r0, r3\n"
106 " itt eq\n"
107 " ldreq r3, =capt_seq_task\n"
108 " orreq r3, #1\n"
109 " beq exitHook\n"
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127 " ldr r0, =task_FileWrite\n"
128 " cmp r0, r3\n"
129 " itt eq\n"
130 " ldreq r3, =filewritetask\n"
131 " orreq r3, #1\n"
132 " beq exitHook\n"
133
134
135
136
137
138
139
140
141 " ldr r0, =task_InitFileModules\n"
142 " cmp r0, r3\n"
143 " itt eq\n"
144 " ldreq r3, =init_file_modules_task\n"
145 " orreq r3, #1\n"
146 "exitHook:\n"
147
148 " pop {r0}\n"
149
150
151
152 " stmdb sp!, {r1, r2, r3, r4, r5, r6, r7, r8, r9, lr}\n"
153 " mov r4, r0\n"
154 " ldr r0, =0x8160\n"
155 " ldr.w pc, =(hook_CreateTask + 8 + 1) \n"
156 ".ltorg\n"
157 );
158 }
159
160 void __attribute__((naked,noinline)) sub_fc064300_my() {
161
162 asm volatile (
163 " push {r4, lr}\n"
164 #if defined(CHDK_NOT_IN_CANON_HEAP)
165 " ldr r4, =0x0036a354\n"
166 #else
167 "ldr r4, =new_sa\n"
168 "ldr r4, [r4]\n"
169 #endif
170 " sub sp, #0x78\n"
171 " ldr r0, =0x006ce000\n"
172 " ldr r1, =0x0008fd8c\n"
173 " subs r0, r0, r4\n"
174 " cmp r0, r1\n"
175 " bhs loc_fc064312\n"
176 "loc_fc064310:\n"
177 " b loc_fc064310\n"
178 "loc_fc064312:\n"
179 " ldr r1, =0x00008074\n"
180 " mov.w r0, #0x80000\n"
181 " str r0, [r1]\n"
182 " ldr r1, =0x00008078\n"
183 " ldr r0, =0x42a41000\n"
184 " str r0, [r1]\n"
185 " ldr r1, =0x0000807c\n"
186 " ldr r0, =0x42a43000\n"
187 " str r0, [r1]\n"
188 " movs r1, #0x78\n"
189 " mov r0, sp\n"
190 " blx sub_fc2efa24\n"
191 " ldr r0, =0x0062e000\n"
192 " mov.w r1, #0xa0000\n"
193 " stm.w sp, {r0, r1, r4}\n"
194 " ldr r1, =0x00622274\n"
195 " subs r2, r1, r4\n"
196 " strd r2, r1, [sp, #0xc]\n"
197 " str r0, [sp, #0x14]\n"
198 " movs r0, #0x22\n"
199 " str r0, [sp, #0x18]\n"
200 " movs r0, #0x98\n"
201 " str r0, [sp, #0x1c]\n"
202 " movw r0, #0x24c\n"
203 " str r0, [sp, #0x20]\n"
204 " movs r0, #0xfa\n"
205 " str r0, [sp, #0x24]\n"
206 " movs r0, #0xe8\n"
207 " str r0, [sp, #0x28]\n"
208 " movs r0, #0x85\n"
209 " str r0, [sp, #0x2c]\n"
210 " movs r0, #0x40\n"
211 " str r0, [sp, #0x30]\n"
212 " movs r0, #4\n"
213 " str r0, [sp, #0x34]\n"
214 " movs r0, #0\n"
215 " str r0, [sp, #0x38]\n"
216 " movs r0, #0x10\n"
217 " str r0, [sp, #0x5c]\n"
218 " movs r2, #0\n"
219 " lsls r0, r0, #8\n"
220 " str r0, [sp, #0x60]\n"
221
222 " ldr r1, =sub_fc064490_my\n"
223 " asrs r0, r0, #4\n"
224 " str r0, [sp, #0x64]\n"
225 " lsls r0, r0, #5\n"
226 " str r0, [sp, #0x68]\n"
227 " mov r0, sp\n"
228 " blx sub_fc2eef7c\n"
229 " add sp, #0x78\n"
230 " pop {r4, pc}\n"
231 ".ltorg\n"
232 );
233 }
234
235 void __attribute__((naked,noinline)) sub_fc064490_my() {
236 asm volatile (
237 " push {r4, lr}\n"
238 " ldr r4, =0xfc06453c\n"
239 " bl sub_fc065764\n"
240 " ldr r0, =0x000080ec\n"
241 " ldr r1, [r0]\n"
242 " ldr r0, =0x00008074\n"
243 " ldr r0, [r0]\n"
244 " adds r0, #0x10\n"
245 " cmp r1, r0\n"
246 " bhs loc_fc0644ac\n"
247 " ldr r0, =0xfc06454c\n"
248 " bl sub_fc064524\n"
249 "loc_fc0644ac:\n"
250 " bl sub_fc133e88\n"
251 " ldr r3, =0x80000800\n"
252
253
254
255 " mov.w r1, #0x80000000\n"
256 " mov.w r2, #0xeeeeeeee\n"
257 "loc_fc0644ba:\n"
258 " stm r1!, {r2}\n"
259 " cmp r1, r3\n"
260 " blo loc_fc0644ba\n"
261 " bl sub_fc133e9a\n"
262 " bl sub_fc133f18\n"
263 " cmp r0, #0\n"
264 " bge loc_fc0644d2\n"
265 " ldr r0, =0xfc064568\n"
266 " bl sub_fc064524\n"
267 "loc_fc0644d2:\n"
268 " bl sub_fc064d18\n"
269 " cmp r0, #0\n"
270 " bge loc_fc0644e0\n"
271 " ldr r0, =0xfc064570\n"
272 " bl sub_fc064524\n"
273 "loc_fc0644e0:\n"
274 " mov r0, r4\n"
275 " bl sub_fc064da6\n"
276 " cmp r0, #0\n"
277 " bge loc_fc0644f0\n"
278 " ldr r0, =0xfc064580\n"
279 " bl sub_fc064524\n"
280 "loc_fc0644f0:\n"
281 " mov r0, r4\n"
282 " bl sub_fc0646c8\n"
283 " cmp r0, #0\n"
284 " bge loc_fc064500\n"
285 " ldr r0, =0xfc064594\n"
286 " bl sub_fc064524\n"
287 "loc_fc064500:\n"
288 " bl sub_fc06480c\n"
289 " cmp r0, #0\n"
290 " bge loc_fc06450e\n"
291 " ldr r0, =0xfc0645a0\n"
292 " bl sub_fc064524\n"
293 "loc_fc06450e:\n"
294 " bl sub_fc0678ec\n"
295 " cmp r0, #0\n"
296 " bge loc_fc06451c\n"
297 " ldr r0, =0xfc0645ac\n"
298 " bl sub_fc064524\n"
299 "loc_fc06451c:\n"
300 " pop.w {r4, lr}\n"
301
302 " b.w sub_fc064896_my\n"
303 ".ltorg\n"
304 );
305 }
306 void __attribute__((naked,noinline)) sub_fc064896_my() {
307 asm volatile (
308 " push {r3, lr}\n"
309 " bl sub_fc0649b0\n"
310 " bl sub_fc0bda32\n"
311 " cbnz r0, loc_fc0648ac\n"
312 " bl sub_fc079012\n"
313 " cbz r0, loc_fc0648ac\n"
314 " movs r0, #1\n"
315 " b loc_fc0648ae\n"
316 "loc_fc0648ac:\n"
317 " movs r0, #0\n"
318 "loc_fc0648ae:\n"
319 " bl sub_fc0781f4\n"
320 " cbnz r0, loc_fc0648ba\n"
321 " bl sub_fc06499e\n"
322 "loc_fc0648b8:\n"
323 " b loc_fc0648b8\n"
324 "loc_fc0648ba:\n"
325 " blx sub_fc2eefd4\n"
326 " ldr r1, =0x006ce000\n"
327 " movs r0, #0\n"
328 " bl sub_fc360250\n"
329 " blx sub_fc2ef53c\n"
330 " movs r3, #0\n"
331 " str r3, [sp]\n"
332
333 " ldr r3, =task_Startup_my\n"
334 " movs r2, #0\n"
335 " movs r1, #0x19\n"
336 " ldr r0, =0xfc0648e8\n"
337 " bl _CreateTask\n"
338
339 " movs r0, #0\n"
340 " pop {r3, pc}\n"
341 ".ltorg\n"
342 );
343 }
344
345 void __attribute__((naked,noinline)) task_Startup_my() {
346 asm volatile (
347 " push {r4, lr}\n"
348 " bl sub_fc13515c\n"
349 " bl sub_fc06497c\n"
350
351 " bl sub_fc0db5c4\n"
352
353 "bl sub_010e638b\n"
354
355 " bl sub_fc091b6e\n"
356 " bl sub_fc0db718\n"
357 " bl sub_fc064c58\n"
358 " bl sub_fc064a90\n"
359 " bl sub_fc0db602\n"
360 " bl sub_fc0bd780\n"
361 " bl sub_fc0db71e\n"
362 " bl sub_fc0780e6_my\n"
363 " bl CreateTask_spytask\n"
364 " bl init_required_fw_features\n"
365 " bl sub_fc282abc\n"
366 " bl sub_fc0db734\n"
367 " bl sub_fc0bd718\n"
368 " bl sub_fc134f16\n"
369 " bl sub_fc0bd8de\n"
370 " bl sub_fc0db576\n"
371 " bl sub_fc134ed2\n"
372 " bl sub_fc064c5c\n"
373 " bl sub_fc356c62\n"
374 " bl sub_fc134ea6\n"
375 " pop.w {r4, lr}\n"
376 " b.w sub_fc135132\n"
377 ".ltorg\n"
378 );
379 }
380
381
382
383 void __attribute__((naked,noinline)) sub_fc0780e6_my() {
384 asm volatile (
385 " push {r3, r4, r5, lr}\n"
386 " bl sub_fc076fb8\n"
387 " bl sub_fc078f90\n"
388 " cbnz r0, loc_fc0780f6\n"
389 " bl sub_fc076f5c\n"
390 "loc_fc0780f6:\n"
391 " ldr r4, =0x000082c8\n"
392 " ldr r0, [r4, #4]\n"
393 " cmp r0, #0\n"
394 " bne loc_fc078112\n"
395 " movs r3, #0\n"
396 " str r3, [sp]\n"
397
398 " ldr r3, =mykbd_task\n"
399 " movs r1, #0x17\n"
400 " ldr r0, =0xfc078140\n"
401 " movw r2, #0x2000\n"
402 " blx sub_fc2ef8fc\n"
403 " str r0, [r4, #4]\n"
404 "loc_fc078112:\n"
405 " pop {r3, r4, r5, pc}\n"
406 ".ltorg\n"
407 );
408 }
409
410
411 void __attribute__((naked,noinline)) init_file_modules_task() {
412 asm volatile (
413
414 " push {r4, r5, r6, lr}\n"
415 " bl sub_fc0c361c\n"
416 " movs r4, r0\n"
417 " movw r5, #0x5006\n"
418 " beq loc_fc0c22e6\n"
419 " movs r1, #0\n"
420 " mov r0, r5\n"
421 " bl _PostLogicalEventToUI\n"
422 "loc_fc0c22e6:\n"
423 " bl sub_fc0c3646\n"
424 " BL core_spytask_can_start\n"
425 " cmp r4, #0\n"
426 " bne loc_fc0c22fa\n"
427 " mov r0, r5\n"
428 " pop.w {r4, r5, r6, lr}\n"
429 " movs r1, #0\n"
430 " b.w _PostLogicalEventToUI\n"
431 "loc_fc0c22fa:\n"
432 " pop {r4, r5, r6, pc}\n"
433 ".ltorg\n"
434 );
435 }
436
437
438
439
440
441
442 void init_required_fw_features(void) {
443 extern void _init_focus_eventflag();
444 extern void _init_nd_eventflag();
445
446
447
448 _init_focus_eventflag();
449 _init_nd_eventflag();
450
451 extern int av_override_semaphore;
452 extern int _CreateBinarySemaphoreStrictly(int x, int y);
453 av_override_semaphore = _CreateBinarySemaphoreStrictly(0,0);
454
455 }
456
457
458
459
460 void __attribute__((naked,noinline)) kbd_p2_f_my() {
461 asm volatile(
462 " push.w {r4, r5, r6, r7, r8, lr}\n"
463 " ldr r6, =0x00036c34\n"
464 " sub sp, #0x18\n"
465 " add r7, sp, #8\n"
466 " subs r6, #0xc\n"
467 " b loc_fc077ece\n"
468 "loc_fc077e9a:\n"
469 " ldr r1, =0x00036c34\n"
470 " add r3, sp, #8\n"
471 " ldrb.w r0, [sp, #4]\n"
472 " add r2, sp, #0x14\n"
473 " subs r1, #0x18\n"
474 " bl sub_fc0760c4\n"
475 " cbnz r0, loc_fc077eb4\n"
476 " ldr r1, [sp, #0x14]\n"
477 " movs r0, #0\n"
478 " bl sub_fc077dfe\n"
479 "loc_fc077eb4:\n"
480 " movs r0, #2\n"
481 "loc_fc077eb6:\n"
482 " ldr.w r1, [r7, r0, lsl #2]\n"
483 " cbz r1, loc_fc077ec6\n"
484 " ldr.w r2, [r6, r0, lsl #2]\n"
485 " bics r2, r1\n"
486 " str.w r2, [r6, r0, lsl #2]\n"
487 "loc_fc077ec6:\n"
488 " subs r0, r0, #1\n"
489 " sxtb r0, r0\n"
490 " cmp r0, #0\n"
491 " bge loc_fc077eb6\n"
492 "loc_fc077ece:\n"
493 " ldr r0, =0x00036c34\n"
494 " add r1, sp, #4\n"
495 " subs r0, #0xc\n"
496 " bl sub_fc075dc4\n"
497 " cmp r0, #0\n"
498 " bne loc_fc077e9a\n"
499 " ldr.w r8, =0x00036c34\n"
500 " movs r4, #0\n"
501 "loc_fc077ee2:\n"
502 " movs r5, #0\n"
503 " ldr.w r0, [r6, r4, lsl #2]\n"
504 " ldr.w r1, [r8, r4, lsl #2]\n"
505 " ands r0, r1\n"
506 " str.w r0, [r6, r4, lsl #2]\n"
507 " b loc_fc077f3a\n"
508 "loc_fc077ef4:\n"
509 " lsrs r0, r5\n"
510 " lsls r0, r0, #0x1f\n"
511 " beq loc_fc077f32\n"
512 " ldr r1, =0x00036c34\n"
513 " add.w r0, r5, r4, lsl #5\n"
514 " add r3, sp, #8\n"
515 " subs r1, #0x18\n"
516 " add r2, sp, #0x14\n"
517 " uxtb r0, r0\n"
518 " bl sub_fc0760c4\n"
519 " cbnz r0, loc_fc077f16\n"
520 " ldr r1, [sp, #0x14]\n"
521 " movs r0, #1\n"
522 " bl sub_fc077dfe\n"
523 "loc_fc077f16:\n"
524 " mov r0, r4\n"
525 " b loc_fc077f2e\n"
526 "loc_fc077f1a:\n"
527 " ldr.w r1, [r7, r0, lsl #2]\n"
528 " cbz r1, loc_fc077f2a\n"
529 " ldr.w r2, [r6, r0, lsl #2]\n"
530 " bics r2, r1\n"
531 " str.w r2, [r6, r0, lsl #2]\n"
532 "loc_fc077f2a:\n"
533 " adds r0, r0, #1\n"
534 " sxtb r0, r0\n"
535 "loc_fc077f2e:\n"
536 " cmp r0, #3\n"
537 " blt loc_fc077f1a\n"
538 "loc_fc077f32:\n"
539 " ldr.w r0, [r6, r4, lsl #2]\n"
540 " adds r5, r5, #1\n"
541 " uxtb r5, r5\n"
542 "loc_fc077f3a:\n"
543 " cmp r0, #0\n"
544 " bne loc_fc077ef4\n"
545 " adds r4, r4, #1\n"
546 " sxtb r4, r4\n"
547 " cmp r4, #3\n"
548 " blt loc_fc077ee2\n"
549 " bl sub_fc075c6e_my\n"
550 " add sp, #0x18\n"
551 " pop.w {r4, r5, r6, r7, r8, pc}\n"
552 ".ltorg\n"
553 );
554 }
555
556
557 void __attribute__((naked,noinline)) sub_fc075c6e_my() {
558 asm volatile(
559 " push {r4, lr}\n"
560 " ldr r4, =0x00009800\n"
561 " ldr r0, [r4, #0xc]\n"
562 " bl sub_fc0771f0\n"
563 " ldr r0, [r4, #0x10]\n"
564 " bl sub_fc07727a\n"
565 " bl sub_fc0f8224\n"
566 " ldr r0, [r4, #0x14]\n"
567 " bl sub_fc07710c\n"
568 " ldr r0, [r4, #0x18]\n"
569 " bl sub_fc07710c\n"
570
571
572
573 " bl handle_jogdial\n"
574 " cmp r0, #0\n"
575 " beq no_scroll\n"
576 " bl sub_fc0774e4\n"
577 "no_scroll:\n"
578 " pop {r4, pc}\n"
579 ".ltorg\n"
580 );
581 }