1 #include "lolevel.h"
2 #include "platform.h"
3 #include "core.h"
4 #include "dryos31.h"
5
6
7 extern void task_FileWrite();
8
9 //IXUS 1000 100D
10
11 int fsionotify_compfail = 0; // count of number of times the file handle was already in the array
12 int fsionotify_success = 0; // count of number of times the code succeeded
13
14 int __attribute__((naked,noinline)) _Open(const char *name, int flags, int mode) {
15 (void)name; (void)flags, (void)mode;
16 asm volatile (
17 "STMFD SP!, {R4-R8,LR} \n"
18 "MOV R6, R0 \n"
19 "LDRB R0, [R0] \n"
20 "MOV R7, R2 \n"
21 "MOV R4, R1 \n"
22 "BL sub_FF874504 \n"
23 "MOV R8, R0 \n"
24 "MOV R0, #1 \n"
25 "BIC R5, R0, R4,LSR#12 \n"
26 "BIC R4, R4, #0x9000 \n"
27 "MOV R0, R8 \n"
28 "MOV R1, #1 \n"
29 "BL sub_FF875894 \n"
30 "MOV R2, R7 \n"
31 "MOV R1, R4 \n"
32 "MOV R0, R6 \n"
33 "BL _open \n"
34 "CMP R5, #0 \n"
35 "MOV R7, R0 \n"
36 "MOVNE R0, R7 \n"
37 "MOVNE R2, R4 \n"
38 "MOVNE R1, R6 \n"
39 "BLNE sub_FF872470_my \n"
40 "MOV R0, R8 \n"
41 "BL sub_FF87590C \n"
42 "MOV R0, R7 \n"
43 "LDMFD SP!, {R4-R8,PC} \n"
44 );
45
46 return 0; // stop compiler warning
47 }
48
49 void __attribute__((naked,noinline)) sub_FF872470_my() {
50
51 asm volatile (
52 "STMFD SP!, {R4-R8,LR} \n"
53 "MOV R5, R0 \n"
54 "LDR R0, =0x31B8 \n"
55 "MOV R7, R1 \n"
56 "LDR R0, [R0,#4] \n"
57 "MOV R6, R2 \n"
58 "CMP R0, #0 \n"
59 "LDMEQFD SP!, {R4-R8,PC} \n"
60 "CMP R5, #0 \n"
61 "LDMLTFD SP!, {R4-R8,PC} \n"
62 "MOV R4, #0 \n"
63 "LDR R2, =0x38EA8 \n"
64 "MOV R0, #0 \n"
65 "loc_FF8724A4: \n"
66 "ADD R1, R0, R0,LSL#1 \n"
67 "LDR R1, [R2,R1,LSL#5] \n"
68 "CMN R1, #1 \n"
69 "ADDEQ R0, R0, R0,LSL#1 \n"
70 "ADDEQ R4, R2, R0,LSL#5 \n"
71 "BEQ loc_FF8724CC\n"
72 "CMP R1, R5 \n"
73
74 "BEQ loc_2 \n" // + // branch if found entry matching new file handle
75
76 "ADDNE R0, R0, #1 \n"
77 "CMPNE R0, #0xA \n"
78 "BLT loc_FF8724A4 \n"
79
80 "loc_FF8724CC: \n"
81 "CMP R4, #0 \n"
82 "LDREQ R1, =0x1C9 \n"
83 "LDREQ R0, =0xFF8723B8 \n" //aFsionotify_c
84 "BLEQ sub_FF81EB78 \n" //_DebugAssert
85
86 "LDR R1, =fsionotify_success \n" // + // increment counter
87 "LDR R0, [R1] \n" // + // of successful calls
88 "ADD R0, R0, #1 \n" // +
89 "STR R0, [R1] \n" // +
90
91 "MOV R0, #0 \n" // original code - save handle in array
92 "STR R0, [R4,#0x58] \n"
93 "STR R5, [R4] \n"
94 "MOV R0, R4 \n"
95 "MOV R1, R7 \n"
96 "STR R6, [R4,#0x24] \n"
97 "BL sub_FF872238 \n"
98 "ADD R1, R4, #0x28 \n"
99 "MOV R0, R7 \n"
100 "LDMFD SP!, {R4-R8,LR} \n"
101 "B sub_FF8381C4 \n"
102
103 "loc_2: \n" // + // Handle case when new file handle returned from _open is already in array
104 "LDR R1, =fsionotify_compfail \n" // + // increment counter then return rather than throw exception
105 "LDR R0, [R1] \n" // + // equivalent to calling _open rather than _Open
106 "ADD R0, R0, #1 \n" // +
107 "STR R0, [R1] \n" // +
108 "LDMFD SP!, {R4-R8,PC} \n" // +
109 );
110 }
111
112 #define LED_PR 0xC0220138 // -> ASM1989 08.24.2010 found at FF91E080 in sx200 was FF8E73D0
113 void __attribute__((naked,noinline)) blink()
114 {
115 volatile long *p=(void*)LED_PR;
116 int i;
117 int cnt =10;
118 for(;cnt>0;cnt--){
119 p[0]=0x46;
120
121 for(i=0;i<0x200000;i++){
122 asm ("nop\n");
123 asm ("nop\n");
124 }
125 p[0]=0x44;
126 for(i=0;i<0x200000;i++){
127 asm ("nop\n");
128 asm ("nop\n");
129 }
130 }
131 shutdown();
132 }
133
134
135 #define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
136
137 void JogDial_task_my(void);
138
139 const char * const new_sa = &_end;
140
141 void taskHook(context_t **context) {
142
143 task_t *tcb=(task_t*)((char*)context-offsetof(task_t, context));
144
145 if(!_strcmp(tcb->name, "PhySw")) tcb->entry = (void*)mykbd_task; //JHARP - Verified name - Sept 5, 2010
146 if(!_strcmp(tcb->name, "CaptSeqTask")) tcb->entry = (void*)capt_seq_task; //JHARP - Verified name - Sept 5, 2010
147 if(!_strcmp(tcb->name, "InitFileModules")) tcb->entry = (void*)init_file_modules_task; //JHARP - Verified name - Sept 5, 2010
148 //if(!_strcmp(tcb->name, "MovieRecord")) tcb->entry = (void*)movie_record_task; //JHARP - Verified name - Sept 5, 2010
149 if(!_strcmp(tcb->name, "ExpDrvTask")) tcb->entry = (void*)exp_drv_task; //JHARP - Verified name - Sept 5, 2010
150 if(!_strcmp(tcb->name, "RotarySw")) tcb->entry = (void*)JogDial_task_my; //JHARP - Must verify the code in use - Sept 5, 2010
151 if(tcb->entry == (void*)task_FileWrite) tcb->entry = (void*)filewritetask;
152
153 }
154
155 void CreateTask_spytask() {
156 _CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
157 };
158
159
160 void __attribute__((naked,noinline)) boot() {
161
162 asm volatile (
163 //"B sub_FF81000C\n" // work
164 "LDR R1, =0xC0410000\n"
165 "MOV R0, #0\n"
166 "STR R0, [R1]\n"
167 "MOV R1, #0x78\n"
168 "MCR p15, 0, R1,c1,c0\n" // control reg
169 "MOV R1, #0\n"
170 "MCR p15, 0, R1,c7,c10, 4\n" // drain write buffer
171 "MCR p15, 0, R1,c7,c5\n" // flush instruction cache
172 "MCR p15, 0, R1,c7,c6\n" // flush data cache
173 "MOV R0, #0x3D\n" // size 2GB base 0x00000000
174 "MCR p15, 0, R0,c6,c0\n"
175 "MOV R0, #0xC000002F\n" // size 16M base 0xc0000000
176 "MCR p15, 0, R0,c6,c1\n"
177 "MOV R0, #0x35\n" // size 128M base 0x00000000 (s90 is 64M)
178 "MCR p15, 0, R0,c6,c2\n"
179 "MOV R0, #0x40000035\n" // size 128M base 0x40000000 (s90 is 64M)
180 "MCR p15, 0, R0,c6,c3\n"
181 "MOV R0, #0x80000017\n" // size 4k base 0x80000000
182 "MCR p15, 0, R0,c6,c4\n"
183 "LDR R0, =0xFF80002D\n" // size 8M base 0xff800000
184 "MCR p15, 0, R0,c6,c5\n"
185 "MOV R0, #0x34\n"
186 "MCR p15, 0, R0,c2,c0\n"
187 "MOV R0, #0x34\n"
188 "MCR p15, 0, R0,c2,c0, 1\n"
189 "MOV R0, #0x34\n"
190 "MCR p15, 0, R0,c3,c0\n"
191 "LDR R0, =0x3333330\n"
192 "MCR p15, 0, R0,c5,c0, 2\n"
193 "LDR R0, =0x3333330\n"
194 "MCR p15, 0, R0,c5,c0, 3\n"
195 "MRC p15, 0, R0,c1,c0\n"
196 "ORR R0, R0, #0x1000\n"
197 "ORR R0, R0, #4\n"
198 "ORR R0, R0, #1\n"
199 "MCR p15, 0, R0,c1,c0\n"
200 "MOV R1, #0x80000006\n"
201 "MCR p15, 0, R1,c9,c1\n"
202 "MOV R1, #6\n"
203 "MCR p15, 0, R1,c9,c1, 1\n"
204 "MRC p15, 0, R1,c1,c0\n"
205 "ORR R1, R1, #0x50000\n"
206 "MCR p15, 0, R1,c1,c0\n"
207 "LDR R2, =0xC0200000\n"
208 "MOV R1, #1\n"
209 "STR R1, [R2,#0x10C]\n"
210 "MOV R1, #0xFF\n"
211 "STR R1, [R2,#0xC]\n"
212 "STR R1, [R2,#0x1C]\n"
213 "STR R1, [R2,#0x2C]\n"
214 "STR R1, [R2,#0x3C]\n"
215 "STR R1, [R2,#0x4C]\n"
216 "STR R1, [R2,#0x5C]\n"
217 "STR R1, [R2,#0x6C]\n"
218 "STR R1, [R2,#0x7C]\n"
219 "STR R1, [R2,#0x8C]\n"
220 "STR R1, [R2,#0x9C]\n"
221 "STR R1, [R2,#0xAC]\n"
222 "STR R1, [R2,#0xBC]\n"
223 "STR R1, [R2,#0xCC]\n"
224 "STR R1, [R2,#0xDC]\n"
225 "STR R1, [R2,#0xEC]\n"
226 "STR R1, [R2,#0xFC]\n"
227 "LDR R1, =0xC0400008\n"
228 "LDR R2, =0x430005\n"
229 "STR R2, [R1]\n"
230 "MOV R1, #1\n"
231 "LDR R2, =0xC0243100\n"
232 "STR R2, [R1]\n"
233 "LDR R2, =0xC0242010\n"
234 "LDR R1, [R2]\n"
235 "ORR R1, R1, #1\n"
236 "STR R1, [R2]\n"
237 "LDR R0, =0xFFC56CC8\n"
238 "LDR R1, =0x1900\n"
239 "LDR R3, =0x10720\n"
240 "loc_FF81013C:\n"
241
242 "CMP R1, R3\n"
243 "LDRCC R2, [R0],#4\n"
244 "STRCC R2, [R1],#4\n"
245 "BCC loc_FF81013C\n"
246 "LDR R1, =0x172BF8\n"
247 "MOV R2, #0\n"
248 "loc_FF810154:\n"
249 "CMP R3, R1\n"
250 "STRCC R2, [R3],#4\n"
251 "BCC loc_FF810154\n"
252 "B sub_FF810354_my\n"
253 //---------->
254 );
255 }
256
257
258 void __attribute__((naked,noinline)) sub_FF810354_my() { // ASM1989 -> In sx200 was: sub_FF8101A0_my
259
260 *(int*)0x1938=(int)taskHook; //was 1934 in sx200 if 1938 hangs
261 *(int*)0x193C=(int)taskHook;
262
263
264 if ((*(int*) 0xC022010C) & 1) // look at play switch
265 *(int*)(0x254C) = 0x400000; // start in play mode
266 else
267 *(int*)(0x254C) = 0x200000; // start in rec mode
268
269 asm volatile (
270 "LDR R0, =0xFF8103CC\n"
271 "MOV R1, #0\n"
272 "LDR R3, =0xFF810404\n"
273 "loc_FF810360:\n"
274 "CMP R0, R3\n"
275 "LDRCC R2, [R0],#4\n"
276 "STRCC R2, [R1],#4\n"
277 "BCC loc_FF810360\n"
278 "LDR R0, =0xFF810404\n"
279 "MOV R1, #0x4B0\n"
280 "LDR R3, =0xFF810618\n"
281 "loc_FF81037C:\n"
282 "CMP R0, R3\n"
283 "LDRCC R2, [R0],#4\n"
284 "STRCC R2, [R1],#4\n"
285 "BCC loc_FF81037C\n"
286 "MOV R0, #0xD2\n"
287 "MSR CPSR_cxsf, R0\n"
288 "MOV SP, #0x1000\n"
289 "MOV R0, #0xD3\n"
290 "MSR CPSR_cxsf, R0\n"
291 "MOV SP, #0x1000\n"
292 "LDR R0, =0x6C4\n"
293 "LDR R2, =0xEEEEEEEE\n"
294 "MOV R3, #0x1000\n"
295 "loc_FF8103B0:\n"
296 "CMP R0, R3\n"
297 "STRCC R2, [R0],#4\n"
298 "BCC loc_FF8103B0\n"
299 "BL sub_FF811198_my\n"
300 //------------>
301
302
303
304 "loc_FF8103C0:\n"
305 "ANDEQ R0, R0, R4,ASR#13\n"
306 "loc_FF8103C4:\n"
307 "ANDEQ R0, R0, R0,ROR R6\n"
308 "loc_FF8103C8:\n"
309 "ANDEQ R0, R0, R4,ROR R6\n"
310 "loc_FF8103CC:\n"
311 "NOP\n"
312 "LDR PC, =0xFF810618\n"
313 );
314 }
315
316 void __attribute__((naked,noinline)) sub_FF811198_my() {
317 asm volatile (
318 "STR LR, [SP,#-4]!\n"
319 "SUB SP, SP, #0x74\n"
320 "MOV R0, SP\n"
321 "MOV R1, #0x74\n"
322 "BL sub_FFB8754C\n"
323 //v4 stuff all copied from s95 its the same in principle
324 /*
325 " MOV R0, #0x53000 \n"
326 " STR R0, [SP,#4] \n"
327
328 //" LDR R0, =0x172BF8 \n" // old code
329 " LDR R0, =new_sa \n" // chdk patched
330 " LDR R0, [R0] \n" // chdk patched
331
332 " LDR R1, =0x379C00 \n"
333 " STR R0, [SP,#8] \n"
334 " RSB R0, R0, #0x1F80 \n"
335 " ADD R0, R0, #0x370000 \n"
336 " STR R0, [SP,#0x0c] \n"
337 " LDR R0, =0x371F80 \n"
338 " STR R1, [SP,#0] \n"
339 " STRD R0, [SP,#0x10] \n"
340 " MOV R0, #0x22 \n"
341 " STR R0, [SP,#0x18] \n"
342 " MOV R0, #0x68 \n"
343 " STR R0, [SP,#0x1c] \n"
344 " LDR R0, =0x19B \n"
345
346 */
347
348
349
350 //v3 stuff
351
352 "MOV R0, #0x53000\n"
353 "STR R0, [SP,#4]\n"
354 #if defined(CHDK_NOT_IN_CANON_HEAP) // use original heap offset if CHDK is loaded in high memory
355 " LDR R0, =0x172BF8 \n"
356 #else
357 " LDR R0, =new_sa\n" // otherwise use patched value
358 " LDR R0, [R0]\n" //
359 #endif
360 //"LDR R0, =0x172BF8\n"
361 "LDR R1, =0x379C00\n"
362 "STR R0, [SP,#8]\n"
363 //"SUB R0, R1, R0\n"
364 "RSB R0, R0, #0x1F80\n" // new in this cam
365 "ADD R0, R0, #0x370000\n" // new in this cam
366 "STR R0, [SP,#0x0c]\n" //changed
367 "LDR R0, =0x371F80\n"// new in this cam
368 //copied from s95
369 "STR R1, [SP,#0] \n"
370 "STRD R0, [SP,#0x10] \n"
371 "MOV R0, #0x22 \n"
372 "STR R0, [SP,#0x18] \n"
373 "MOV R0, #0x68 \n"
374 "STR R0, [SP,#0x1c] \n"
375 "LDR R0, =0x19B \n"
376
377
378
379
380 "LDR R1, =sub_FF815EE0_my\n" // chdk patched
381
382 //"LDR R1, =0xFF815EE0\n" // old code
383
384
385 //------------>
386
387
388
389 "STR R0, [SP,#0x20]\n"
390 "MOV R0, #0x96\n"
391 "STR R0, [SP,#0x24]\n"
392 "MOV R0, #0x78\n"
393 "STR R0, [SP,#0x28]\n"
394 "MOV R0, #0x64\n"
395 "STR R0, [SP,#0x2C]\n"
396 "MOV R0, #0\n"
397 "STR R0, [SP,#0x30]\n"
398 "STR R0, [SP,#0x34]\n"
399 "MOV R0, #0x10\n"
400 "STR R0, [SP,#0x5C]\n"
401 "MOV R0, #0x800\n"
402 "STR R0, [SP,#0x60]\n"
403 "MOV R0, #0xA0\n"
404 "STR R0, [SP,#0x64]\n"
405 "MOV R0, #0x280\n"
406 "STR R0, [SP,#0x68]\n"
407 "MOV R0, SP\n"
408 "MOV R2, #0\n"
409 /*
410 //copied from s95 // not work
411 " MOV R0, #0x96 \n"
412 " STR R0, [SP,#0x24] \n"
413 " STR R0, [SP,#0x28] \n"
414 " MOV R0, #0x64 \n"
415 " STR R0, [SP,#0x2c] \n"
416 " MOV R0, #0 \n"
417 " STR R0, [SP,#0x30] \n"
418 " STR R0, [SP,#0x34] \n"
419 " MOV R0, #0x10 \n"
420 " STR R0, [SP,#0x5c] \n"
421 " MOV R0, #0x800 \n"
422 " STR R0, [SP,#0x60] \n"
423 " MOV R0, #0xA0 \n"
424 " STR R0, [SP,#0x64] \n"
425 " MOV R0, #0x280 \n"
426 " STR R0, [SP,#0x68] \n"
427 " MOV R0, SP \n"
428 " MOV R2, #0 \n"
429 */
430 "BL sub_FF8134B8\n"
431 "ADD SP, SP, #0x74\n"
432 "LDR PC, [SP],#4\n"
433 );
434 }
435
436 //Almost till here maybe checked
437
438 void __attribute__((naked,noinline)) sub_FF815EE0_my() {
439
440 //v4 testing full s95 code
441 /*
442 asm volatile (
443 " STMFD SP!, {R4,LR} \n"
444 " BL sub_FF810B20 \n"
445 " BL sub_FF81A33C \n" // dmSetup
446 " CMP R0, #0 \n"
447
448 //" ADRLT R0, aDmsetup \n" // "dmSetup"
449 " LDRLT r0, =0xFF815FF4 \n"
450
451 " BLLT sub_FF815FD4 \n" // err_init_task
452
453 " BL sub_FF815B1C \n"
454 " CMP R0, #0 \n"
455
456 //" ADRLT R0, aTermdriverinit \n" // "termDriverInit"
457 " LDRLT R0, =0xFF815FFC \n"
458
459 " BLLT sub_FF815FD4 \n" // err_init_task
460
461 //" ADR R0, a_term \n" // "/_term"
462 " LDR R0, =0xFF81600C \n"
463
464 " BL sub_FF815C04 \n" // termDeviceCreate
465 " CMP R0, #0 \n"
466
467 //" ADRLT R0, aTermdevicecrea \n" // "termDeviceCreate"
468 " LDRLT R0, =0xFF816014 \n"
469
470 " BLLT sub_FF815FD4 \n" // err_init_task
471
472 //" ADR R0, a_term \n" // "/_term"
473 " LDR R0, =0xFF81600C \n"
474
475 " BL sub_FF813CA4 \n"
476 " CMP R0, #0 \n"
477
478 //" ADRLT R0, aStdiosetup \n" // "stdioSetup"
479 " LDRLT R0, =0xFF816028 \n"
480
481 " BLLT sub_FF815FD4 \n" // err_init_task
482 " BL sub_FF819CC4 \n"
483 " CMP R0, #0 \n"
484
485 //" ADRLT R0, aStdlibsetup \n" // "stdlibSetup"
486 " LDRLT R0, =0xFF816034 \n"
487
488 " BLLT sub_FF815FD4 \n" // err_init_task
489 " BL sub_FF81167C \n"
490 " CMP R0, #0 \n"
491
492 //" ADRLT R0, aArmlib_setup \n" // "armlib_setup"
493 " LDRLT R0, =0xFF816040 \n"
494
495 " BLLT sub_FF815FD4 \n" // err_init_task
496
497 " LDMFD SP!, {R4,LR} \n"
498
499 //" B sub_FF81FB54 \n" // taskcreate_Startup
500 " B taskcreate_Startup_my \n" // patched
501
502 " MOV R0, #0 \n"
503 " LDMFD SP!, {R3-R5,PC} \n"
504 );
505 */
506
507 //v3
508
509 asm volatile (
510 "STMFD SP!, {R4,LR}\n"
511 "BL sub_FF810B20\n"
512 "BL sub_FF81A33C\n" // BL dmSetup
513 "CMP R0, #0\n"
514 "LDRLT R0, =0xFF815FF4\n" //Mising ; "dmSetup"
515 "BLLT sub_FF815FD4\n" //Mising err_init_task
516 "BL sub_FF815B1C\n"
517 "CMP R0, #0\n"
518 "LDRLT R0, =0xFF815FFC\n" // "termDriverInit"
519 "BLLT sub_FF815FD4\n" // err_init_task
520 "LDR R0, =0xFF81600C\n" // "/_term"
521 "BL sub_FF815C04\n" // termDeviceCreate
522 "CMP R0, #0\n"
523 "LDRLT R0, =0xFF816014\n" // "termDeviceCreate"
524 "BLLT sub_FF815FD4\n" // err_init_task
525 "LDR R0, =0xFF81600C\n" // "/_term"
526 "BL sub_FF813CA4\n"
527 "CMP R0, #0\n"
528 "LDRLT R0, =0xFF816028\n" // "stdioSetup"
529 "BLLT sub_FF815FD4\n" // err_init_task
530 "BL sub_FF819CC4\n"
531 "CMP R0, #0\n"
532 "LDRLT R0, =0xFF816034\n" //"stdlibSetup"
533 "BLLT sub_FF815FD4\n" // err_init_task
534 "BL sub_FF81167C\n"
535 "CMP R0, #0\n"
536 "LDRLT R0, =0xFF816040\n" // "armlib_setup"
537 "BLLT sub_FF815FD4\n" // err_init_task
538 "LDMFD SP!, {R4,LR}\n"
539 "B taskcreate_Startup_my\n" // ASM1989 -> at FF81FBA8
540 //---------->
541 //copied from s95
542 " MOV R0, #0 \n"
543 " LDMFD SP!, {R3-R5,PC} \n"
544
545 );
546 };
547
548
549 // ASM1989 -> Here starts the diferences with SX200
550
551 void __attribute__((naked,noinline)) taskcreate_Startup_my() {
552 asm volatile (
553
554 "STMFD SP!, {R3-R5,LR}\n"
555 "BL sub_FF8348CC\n" //j_nullsub_267
556 "BL sub_FF83D1D4\n"
557 "CMP R0, #0\n"
558
559 "BNE loc_FF81FBFC\n"
560
561
562 "BL sub_FF8370E8\n"
563 "CMP R0, #0\n"
564 "BEQ loc_FF81FBFC\n"
565
566
567 "LDR R4, =0xC0220000\n"
568
569
570
571 "LDR R0, [R4,#0x120]\n"
572 "TST R0, #1\n"
573 "MOVEQ R0, #0x12C\n"
574
575
576
577
578 "BLEQ sub_FF83B574\n" //ASM1989 -> eventproc_export_SleepTask
579
580
581
582 "BL sub_FF8348C8\n"
583 "CMP R0, #0\n"
584 "BNE loc_FF81FBFC\n"
585 "BL sub_FF833F34\n"
586 "MOV R0, #0x44\n"
587 "STR R0, [R4,#0x1C]\n"
588 "BL sub_FF834120\n"
589 "loc_FF81FBF8:\n"
590 "B loc_FF81FBF8\n"
591
592
593 "loc_FF81FBFC:\n"
594 //"BL sub_FF8348D4\n" // ASM1989 -> -- replaced for power button startup
595
596 "BL sub_FF8348D0\n"//ASM1989 -> j_nullsub_268
597 "BL sub_FF83B3EC\n"
598
599 "LDR R1, =0x3CE000\n"
600 "MOV R0, #0\n"
601
602 "BL sub_FF83B834\n"
603 "BL sub_FF83B5E0\n"
604 "MOV R3, #0\n"
605
606 "STR R3, [SP]\n"
607 "LDR R3, =task_Startup_my\n" // ASM1989 -> original is FF81FAF0 task_Startup // LDR instead of ADR
608 //---------------->
609
610 "MOV R2, #0\n"
611 "MOV R1, #0x19\n"
612 "LDR R0, =0xFF81FC60\n" //aStartup // LDR instead of ADR
613
614
615 "BL sub_FF81E8A0\n" //eventproc_export_CreateTask
616 "MOV R0, #0\n"
617 "LDMFD SP!, {R3-R5,PC}\n"
618
619
620
621
622 );
623 }
624
625 // TESTING S95 Code style
626
627
628 void __attribute__((naked,noinline)) task_Startup_my() {
629 asm volatile (
630
631 "STMFD SP!, {R4,LR}\n"
632 "BL sub_FF816594\n" // taskcreate_ClockSave
633 "BL sub_FF835A30\n"
634 "BL sub_FF833B3C\n"
635 "BL sub_FF83D218\n" //j_nullsub_271
636 "BL sub_FF83D404\n"
637 // "BL sub_FF83D2AC\n" // start diskboot.bin
638 "BL sub_FF83D5AC\n"
639 "BL sub_FF81648C\n"
640 "BL sub_FF836754\n"
641 "LDR R1, =0x7C007C00\n"
642 "LDR R0, =0xC0F1800C\n"
643 "BL sub_FF835A3C\n"
644 "LDR R0, =0xC0F18010\n"
645 "MOV R1, #0\n"
646 "BL sub_FF835A3C\n"
647 "LDR R0, =0xC0F18018\n"
648 "MOV R1, #0\n"
649 "BL sub_FF835A3C\n"
650 "LDR R0, =0xC0F1801C\n"
651 "MOV R1, #0x1000\n"
652 "BL sub_FF835A3C\n"
653 "LDR R0, =0xC0F18020\n"
654 "MOV R1, #8\n"
655 "BL sub_FF835A3C\n"
656 "LDR R0, =0xC022D06C\n"
657 "MOV R1, #0xE000000\n"
658 "BL sub_FF835A3C\n"
659 "BL sub_FF8164CC\n"
660 "BL sub_FF8324F4\n"
661 "BL sub_FF83D434\n"
662 "BL sub_FF83AB90\n"
663 "BL sub_FF83D5B0\n"
664
665 "BL CreateTask_spytask\n" // +
666 //---------------->
667 "BL sub_FF834788\n" //taskcreate_PhySw
668 );
669
670 // CreateTask_PhySw(); // our keyboard task
671
672 // CreateTask_spytask(); // chdk initialization
673
674
675 // "BL CreateTask_spytask\n" // +
676 //---------------->
677
678
679 asm volatile (
680 "BL sub_FF838CF0\n"
681 "BL sub_FF83D5C8\n"
682 "BL sub_FF8318F8\n" //nullsub_2
683 "BL sub_FF8334A0\n"
684 "BL sub_FF83CF9C\n" //taskcreate_Bye
685 "BL sub_FF833AF0\n"
686 "BL sub_FF83343C\n"
687 "BL sub_FF832528\n"
688 "BL sub_FF83E1D0\n"
689 "BL sub_FF8333F8\n"
690 "LDMFD SP!, {R4,LR}\n"
691 // "BL blink\n"
692 "B sub_FF8166B4\n"
693 );
694 }
695
696
697 /*
698 void __attribute__((naked,noinline)) CreateTask_PhySw() {
699 asm volatile (
700 " STMFD SP!, {R3-R5,LR} \n"
701 " LDR R4, =0x1C34 \n"
702 " LDR R0, [R4,#0x10] \n"
703 " CMP R0, #0 \n"
704 " BNE loc_FF8347BC \n"
705 " MOV R3, #0 \n"
706 " STR R3, [SP] \n"
707
708 //" ADR R3, task_PhySw \n"
709 //" LDR R3, =sub_FF834754 \n"
710 //" MOV R2, #0x800 \n"
711
712 " LDR R3, =mykbd_task \n" // PhySw Task patch
713 " MOV R2, #0x2000 \n" // larger stack
714
715 " MOV R1, #0x17 \n"
716
717 //" ADR R0, aPhysw \n"
718 " LDR R0, =0xFF8349DC \n" // "PhySw"
719
720 " BL sub_FF83B634 \n" // KernelCreateTask
721 " STR R0, [R4,#0x10] \n"
722 "loc_FF8347BC: \n"
723 " BL sub_FF863968 \n"
724 " BL sub_FF8941DC \n"
725 " BL sub_FF837060 \n" //IsFactoryMode
726 " CMP R0, #0 \n"
727 " LDREQ R1, =0x34414 \n"
728 " LDMEQFD SP!, {R3-R5,LR} \n"
729 " BEQ sub_FF894164 \n" // eventproc_export_OpLog.Start
730 " LDMFD SP!, {R3-R5,PC} \n"
731 );
732 }
733 */
734
735
736 /*----------------------------------------------------------------------
737 JogDial_task_my()
738
739 Patched jog dial task at FF86363C
740 -----------------------------------------------------------------------*/
741 void __attribute__((naked,noinline)) JogDial_task_my() {
742 asm volatile (
743 " STMFD SP!, {R4-R11,LR} \n"
744 " SUB SP, SP, #0x1C \n"
745 " BL sub_FF863A68 \n"
746 " LDR R1, =0x2560 \n"
747 " LDR R6, =0xFFB8D5F0 \n"
748 " MOV R0, #0 \n"
749 " ADD R3, SP, #0x10 \n"
750 " ADD R12, SP, #0x14 \n"
751 " ADD R10, SP, #0x08 \n"
752 " MOV R2, #0 \n"
753 " ADD R9, SP, #0xC \n"
754
755 "loc_FF863668: \n"
756 " ADD R12, SP, #0x14 \n"
757 " ADD LR, R12, R0,LSL#1 \n"
758 " MOV R2, #0 \n"
759 " ADD R3, SP, #0x10 \n"
760 " STRH R2, [LR] \n"
761 " ADD LR, R3, R0,LSL#1 \n"
762 " STRH R2, [LR] \n"
763 " STR R2, [R9,R0,LSL#2] \n"
764 " STR R2, [R10,R0,LSL#2] \n"
765 " ADD R0, R0, #1 \n"
766 " CMP R0, #2 \n"
767 " BLT loc_FF863668 \n"
768
769 "loc_FF863698: \n"
770 " LDR R0, =0x2560 \n"
771 " MOV R2, #0 \n"
772 " LDR R0, [R0,#0xC] \n"
773 " MOV R1, SP \n"
774 " BL sub_FF83AE20 \n"
775 " CMP R0, #0 \n"
776 " LDRNE R1, =0x262 \n"
777
778 //" ADRNE R0, 0xFF8638F8 \n" // "RotaryEncoder.c"
779 " LDRNE R0, =0xFF8638F8 \n" // "RotaryEncoder.c"
780
781 " BLNE sub_FF81EB78 \n" // DebugAssert
782
783 //------------------ begin added code ---------------
784 "labelA:\n"
785 "LDR R0, =jogdial_stopped\n"
786 "LDR R0, [R0]\n"
787 "CMP R0, #1\n"
788 "BNE labelB\n" // continue on if jogdial_stopped = 0
789 "MOV R0, #40\n"
790 "BL _SleepTask\n" // jogdial_stopped=1 -- give time back to OS and suspend jogdial task
791 "B labelA\n"
792 "labelB:\n"
793 //------------------ end added code -----------------
794
795 " LDR R0, [SP] \n"
796 " AND R4, R0, #0xFF \n"
797 " AND R0, R0, #0xFF00 \n"
798 " CMP R0, #0x100 \n"
799 " BEQ loc_FF863708 \n"
800 " CMP R0, #0x200 \n"
801 " BEQ loc_FF863740 \n"
802 " CMP R0, #0x300 \n"
803 " BEQ loc_FF863938 \n"
804 " CMP R0, #0x400 \n"
805 " BNE loc_FF863698 \n"
806 " CMP R4, #0 \n"
807 " LDRNE R1, =0x2ED \n"
808
809 //" ADRNE R0, 0xFF8638F8 \n" // "RotaryEncoder.c"
810 " LDRNE R0, =0xFF8638F8 \n" // "RotaryEncoder.c"
811
812 " BLNE sub_FF81EB78 \n" // DebugAssert
813 " RSB R0, R4, R4,LSL#3 \n"
814 " LDR R0, [R6,R0,LSL#2] \n"
815
816 "loc_FF863700: \n"
817 " BL sub_FF863A40 \n"
818 " B loc_FF863698 \n"
819
820 "loc_FF863708: \n"
821 " LDR R7, =0x2570 \n"
822 " LDR R0, [R7,R4,LSL#2] \n"
823 " BL sub_FF83BDB8 \n"
824
825 //" ADR R2, 0xFF863588 \n"
826 " LDR R2, =0xFF863588 \n"
827
828 " ADD R1, R2, #0 \n"
829 " ORR R3, R4, #0x200 \n"
830 " MOV R0, #0x28 \n"
831 " BL sub_FF83BCD4 \n"
832 " TST R0, #1 \n"
833 " CMPNE R0, #0x15 \n"
834 " STR R0, [R10,R4,LSL#2] \n"
835 " BEQ loc_FF863698 \n"
836 " MOV R1, #0x274 \n"
837 " B loc_FF8638E4 \n"
838
839 "loc_FF863740: \n"
840 " RSB R5, R4, R4,LSL#3 \n"
841 " LDR R0, [R6,R5,LSL#2] \n"
842 " LDR R1, =0xC0240104 \n"
843 " LDR R0, [R1,R0,LSL#8] \n"
844 " MOV R2, R0,ASR#16 \n"
845 " ADD R0, SP, #0x14 \n"
846 " ADD R0, R0, R4,LSL#1 \n"
847 " STR R0, [SP,#0x18] \n"
848 " STRH R2, [R0] \n"
849 " ADD R0, SP, #0x10 \n"
850 " ADD R11, R0, R4,LSL#1 \n"
851 " LDRSH R3, [R11] \n"
852 " SUB R0, R2, R3 \n"
853 " CMP R0, #0 \n"
854 " BNE loc_FF8637C0 \n"
855 " LDR R0, [R9,R4,LSL#2] \n"
856 " CMP R0, #0 \n"
857 " BEQ loc_FF8638A0 \n"
858 " LDR R7, =0x2570 \n"
859 " LDR R0, [R7,R4,LSL#2] \n"
860 " BL sub_FF83BDB8 \n"
861
862 //" ADR R2, 0xFF863594 \n"
863 " LDR R2, =0xFF863594 \n"
864
865 " ADD R1, R2, #0 \n"
866 " ORR R3, R4, #0x300 \n"
867 " MOV R0, #0x1F4 \n"
868 " BL sub_FF83BCD4 \n"
869 " TST R0, #1 \n"
870 " CMPNE R0, #0x15 \n"
871 " STR R0, [R7,R4,LSL#2] \n"
872 " BEQ loc_FF8638A0 \n"
873 " LDR R1, =0x28D \n"
874 " B loc_FF863898 \n"
875
876 "loc_FF8637C0: \n"
877 " MOV R1, R0 \n"
878 " RSBLT R0, R0, #0 \n"
879 " MOVLE R7, #0 \n"
880 " MOVGT R7, #1 \n"
881 " CMP R0, #0xFF \n"
882 " BLS loc_FF863800 \n"
883 " CMP R1, #0 \n"
884 " RSBLE R0, R3, #0xFF \n"
885 " ADDLE R0, R0, #0x7F00 \n"
886 " ADDLE R0, R0, R2 \n"
887 " RSBGT R0, R2, #0xFF \n"
888 " ADDGT R0, R0, #0x7F00 \n"
889 " ADDGT R0, R0, R3 \n"
890 " ADD R0, R0, #0x8000 \n"
891 " ADD R0, R0, #1 \n"
892 " EOR R7, R7, #1 \n"
893
894 "loc_FF863800: \n"
895 " STR R0, [SP,#0x04] \n"
896 " LDR R0, [R9,R4,LSL#2] \n"
897 " CMP R0, #0 \n"
898 " ADDEQ R0, R6, R5,LSL#2 \n"
899 " LDREQ R0, [R0,#8] \n"
900 " BEQ loc_FF863838 \n"
901 " ADD R8, R6, R5,LSL#2 \n"
902 " ADD R1, R8, R7,LSL#2 \n"
903 " LDR R1, [R1,#0x10] \n"
904 " CMP R1, R0 \n"
905 " BEQ loc_FF86383C \n"
906 " LDR R0, [R8,#0xC] \n"
907 " BL sub_FF89C2E4 \n"
908 " LDR R0, [R8,#8] \n"
909
910 "loc_FF863838: \n"
911 " BL sub_FF89C2E4 \n"
912
913 "loc_FF86383C: \n"
914 " ADD R0, R6, R5,LSL#2 \n"
915 " ADD R7, R0, R7,LSL#2 \n"
916 " LDR R0, [R7,#0x10] \n"
917 " LDR R1, [SP,#0x04] \n"
918 " BL sub_FF89C20C \n"
919 " LDR R0, [R7,#0x10] \n"
920 " LDR R7, =0x2570 \n"
921 " STR R0, [R9,R4,LSL#2] \n"
922 " LDR R0, [SP,#0x18] \n"
923 " LDRH R0, [R0] \n"
924 " STRH R0, [R11] \n"
925 " LDR R0, [R7,R4,LSL#2] \n"
926 " BL sub_FF83BDB8 \n"
927
928 //" ADR R2, 0xFF863594 \n"
929 " LDR R2, =0xFF863594 \n"
930
931 " ADD R1, R2, #0 \n"
932 " ORR R3, R4, #0x300 \n"
933 " MOV R0, #0x1F4 \n"
934 " BL sub_FF83BCD4 \n"
935 " TST R0, #1 \n"
936 " CMPNE R0, #0x15 \n"
937 " STR R0, [R7,R4,LSL#2] \n"
938 " BEQ loc_FF8638A0 \n"
939 " LDR R1, =0x2CF \n"
940
941 "loc_FF863898: \n"
942 //" ADR R0, 0xFF8638F8 \n" // "RotaryEncoder.c"
943 " LDR R0, =0xFF8638F8 \n" // "RotaryEncoder.c"
944
945 " BL sub_FF81EB78 \n" // DebugAssert
946
947 "loc_FF8638A0: \n"
948 " ADD R0, R6, R5,LSL#2 \n"
949 " LDR R0, [R0,#0x18] \n"
950 " CMP R0, #1 \n"
951 " BNE loc_FF863930 \n"
952 " LDR R0, =0x2560 \n"
953 " LDR R0, [R0,#0x14] \n"
954 " CMP R0, #0 \n"
955 " BEQ loc_FF863930 \n"
956
957 //" ADR R2, 0xFF863588 \n"
958 " LDR R2, =0xFF863588 \n"
959
960 " ADD R1, R2, #0 \n"
961 " ORR R3, R4, #0x400 \n"
962 " BL sub_FF83BCD4 \n"
963 " TST R0, #1 \n"
964 " CMPNE R0, #0x15 \n"
965 " STR R0, [R10,R4,LSL#2] \n"
966 " BEQ loc_FF863698 \n"
967 " LDR R1, =0x2D6 \n"
968
969 "loc_FF8638E4: \n"
970 //" ADR R0, 0xFF8638F8 \n" // "RotaryEncoder.c"
971 " LDR R0, =0xFF8638F8 \n" // "RotaryEncoder.c"
972
973 " BL sub_FF81EB78 \n" // DebugAssert
974 " B loc_FF863698 \n"
975
976 "NOP \n"
977
978
979 "loc_FF863930: \n"
980 " LDR R0, [R6,R5,LSL#2] \n"
981 " B loc_FF863700 \n"
982
983 "loc_FF863938: \n"
984 " LDR R0, [R9,R4,LSL#2] \n"
985 " CMP R0, #0 \n"
986 " MOVEQ R1, #0x2E0 \n"
987
988 //" ADREQ R0, 0xFF8638F8 \n" // "RotaryEncoder.c"
989 " LDREQ R0, =0xFF8638F8 \n" // "RotaryEncoder.c"
990
991 " BLEQ sub_FF81EB78 \n" // DebugAssert
992 " RSB R0, R4, R4,LSL#3 \n"
993 " ADD R0, R6, R0,LSL#2 \n"
994 " LDR R0, [R0,#0xC] \n"
995 " BL sub_FF89C2E4 \n"
996 " MOV R2, #0 \n"
997 " STR R2, [R9,R4,LSL#2] \n"
998 " B loc_FF863698 \n"
999 );
1000 };
1001
1002
1003 //FILE INIT STUFF
1004 void __attribute__((naked,noinline)) init_file_modules_task() {
1005 asm volatile(
1006 "STMFD SP!, {R4-R6,LR}\n"
1007 "BL sub_FF896688\n"
1008 "LDR R5, =0x5006\n"
1009 "MOVS R4, R0\n"
1010 "MOVNE R1, #0\n"
1011 "MOVNE R0, R5\n"
1012 "BLNE sub_FF89A464\n" //PostLogicalEventToUI
1013 // "BL sub_FF8966B4\n"
1014 "BL sub_FF8966B4_my\n"
1015 //----------------------->
1016 "BL core_spytask_can_start\n" // + safe to start spytask
1017 "CMP R4, #0\n"
1018 "MOVEQ R0, R5\n"
1019 "LDMEQFD SP!, {R4-R6,LR}\n"
1020 "MOVEQ R1, #0\n"
1021 "BEQ sub_FF89A464\n" //PostLogicalEventToUI
1022 "LDMFD SP!, {R4-R6,PC}\n"
1023 );
1024 };
1025
1026 void __attribute__((naked,noinline)) sub_FF8966B4_my() {
1027 asm volatile(
1028 "STMFD SP!, {R4,LR}\n"
1029 "MOV R0, #3\n"
1030 // "BL sub_FF87538C\n" //__Mounter.c__0
1031 "BL sub_FF87538C_my\n" //__Mounter.c__0
1032
1033 "B sub_FF8966C0\n" // continue in firmware
1034 );
1035 };
1036
1037 void __attribute__((naked,noinline)) sub_FF87538C_my() {
1038 asm volatile(
1039 "STMFD SP!, {R4-R8,LR}\n"
1040 "MOV R8, R0\n"
1041 "BL sub_FF87530C\n" //__Mounter.c__0
1042 "LDR R1, =0x3A068\n"
1043 "MOV R6, R0\n"
1044 "ADD R4, R1, R0,LSL#7\n"
1045 "LDR R0, [R4,#0x6C]\n"
1046 "CMP R0, #4\n"
1047 "LDREQ R1, =0x83F\n"
1048 "LDREQ R0, =0xFF874E4C\n" //aMounter_c
1049 "BLEQ sub_FF81EB78\n" //DebugAssert
1050 "MOV R1, R8\n"
1051 "MOV R0, R6\n"
1052 "BL sub_FF874BC0\n"
1053 "LDR R0, [R4,#0x38]\n"
1054 "BL sub_FF875A30\n"
1055 "CMP R0, #0\n"
1056 "STREQ R0, [R4,#0x6C]\n"
1057 "MOV R0, R6\n"
1058 "BL sub_FF874C50\n"
1059 "MOV R0, R6\n"
1060 // "BL sub_FF874FB4\n"
1061 "BL sub_FF874FB4_my\n"
1062 //------------------->
1063 "B sub_FF8753E4 \n" //continue in firmware
1064 );
1065
1066 };
1067 void __attribute__((naked,noinline)) sub_FF874FB4_my() {
1068 asm volatile(
1069 "STMFD SP!, {R4-R6,LR}\n"
1070 "MOV R5, R0\n"
1071 "LDR R0, =0x3A068\n"
1072 "ADD R4, R0, R5,LSL#7\n"
1073 "LDR R0, [R4,#0x6C]\n"
1074 "TST R0, #2\n"
1075 "MOVNE R0, #1\n"
1076 "LDMNEFD SP!, {R4-R6,PC}\n"
1077 "LDR R0, [R4,#0x38]\n"
1078 "MOV R1, R5\n"
1079 // "BL sub_FF874CD4\n"
1080 "BL sub_FF874CD4_my\n"
1081 //------------------->
1082
1083 "B sub_FF874FE0\n" //continue in firmware
1084
1085 );
1086
1087 };
1088
1089 void __attribute__((naked,noinline)) sub_FF874CD4_my() {
1090 asm volatile(
1091 " STMFD SP!, {R4-R10,LR}\n"
1092 " MOV R9, R0\n"
1093 " LDR R0, =0x3A068\n"
1094 " MOV R8, #0\n"
1095 " ADD R5, R0, R1,LSL#7\n"
1096 " LDR R0, [R5,#0x3C]\n"
1097 " MOV R7, #0\n"
1098 " CMP R0, #7\n"
1099 " MOV R6, #0\n"
1100 " ADDLS PC, PC, R0,LSL#2\n"
1101 " B loc_FF874E2C\n"
1102 "loc_FF874D00:\n"
1103 " B loc_FF874D38\n"
1104 "loc_FF874D04:\n"
1105 " B loc_FF874D20\n"
1106 "loc_FF874D08:\n"
1107 " B loc_FF874D20\n"
1108 "loc_FF874D0C:\n"
1109 " B loc_FF874D20\n"
1110 "loc_FF874D10:\n"
1111 " B loc_FF874D20\n"
1112 "loc_FF874D14:\n"
1113 " B loc_FF874E24\n"
1114 "loc_FF874D18:\n"
1115 " B loc_FF874D20\n"
1116 "loc_FF874D1C:\n"
1117 " B loc_FF874D20\n"
1118 "loc_FF874D20:\n"
1119 " MOV R2, #0\n"
1120 " MOV R1, #0x200\n"
1121 " MOV R0, #2\n"
1122 " BL sub_FF890738\n"
1123 " MOVS R4, R0\n"
1124 " BNE loc_FF874D40\n"
1125 "loc_FF874D38:\n"
1126 " MOV R0, #0\n"
1127 " LDMFD SP!, {R4-R10,PC}\n"
1128 "loc_FF874D40:\n"
1129 " LDR R12, [R5,#0x50]\n"
1130 " MOV R3, R4\n"
1131 " MOV R2, #1\n"
1132 " MOV R1, #0\n"
1133 " MOV R0, R9\n"
1134 " BLX R12\n"
1135 " CMP R0, #1\n"
1136 " BNE loc_FF874D6C\n"
1137 " MOV R0, #2\n"
1138 " BL sub_FF890888\n" //__ExMemMan.c__0 ; LOCATION: ExMemMan.c:0
1139 " B loc_FF874D38\n"
1140 "loc_FF874D6C:\n"
1141 " LDR R1, [R5,#0x64]\n"
1142 " MOV R0, R9\n"
1143 " BLX R1\n"
1144 //Allready inserted code
1145
1146 "MOV R1, R4\n" // pointer to MBR in R1
1147 "BL mbr_read_dryos\n" // total sectors count in R0 before and after call
1148
1149 // Start of DataGhost's FAT32 autodetection code
1150 // Policy: If there is a partition which has type W95 FAT32, use the first one of those for image storage
1151 // According to the code below, we can use R1, R2, R3 and R12.
1152 // LR wasn't really used anywhere but for storing a part of the partition signature. This is the only thing
1153 // that won't work with an offset, but since we can load from LR+offset into LR, we can use this to do that :)
1154 "MOV R12, R4\n" // Copy the MBR start address so we have something to work with
1155 "MOV LR, R4\n" // Save old offset for MBR signature
1156 "MOV R1, #1\n" // Note the current partition number
1157 "B dg_sd_fat32_enter\n" // We actually need to check the first partition as well, no increments yet!
1158 "dg_sd_fat32:\n"
1159 "CMP R1, #4\n" // Did we already see the 4th partition?
1160 "BEQ dg_sd_fat32_end\n" // Yes, break. We didn't find anything, so don't change anything.
1161 "ADD R12, R12, #0x10\n" // Second partition
1162 "ADD R1, R1, #1\n" // Second partition for the loop
1163 "dg_sd_fat32_enter:\n"
1164 "LDRB R2, [R12, #0x1BE]\n" // Partition status
1165 "LDRB R3, [R12, #0x1C2]\n" // Partition type (FAT32 = 0xB)
1166 "CMP R3, #0xB\n" // Is this a FAT32 partition?
1167 "CMPNE R3, #0xC\n" // Not 0xB, is it 0xC (FAT32 LBA) then?
1168 "BNE dg_sd_fat32\n" // No, it isn't. Loop again.
1169 "CMP R2, #0x00\n" // It is, check the validity of the partition type
1170 "CMPNE R2, #0x80\n"
1171 "BNE dg_sd_fat32\n" // Invalid, go to next partition
1172 // This partition is valid, it's the first one, bingo!
1173 "MOV R4, R12\n" // Move the new MBR offset for the partition detection.
1174
1175 "dg_sd_fat32_end:\n"
1176 // End of DataGhost's FAT32 autodetection code
1177
1178
1179
1180
1181
1182 " LDRB R1, [R4,#0x1C9]\n"
1183 " LDRB R3, [R4,#0x1C8]\n"
1184 " LDRB R12, [R4,#0x1CC]\n"
1185 " MOV R1, R1,LSL#24\n"
1186 " ORR R1, R1, R3,LSL#16\n"
1187 " LDRB R3, [R4,#0x1C7]\n"
1188 " LDRB R2, [R4,#0x1BE]\n"
1189 //" LDRB LR, [R4,#0x1FF]\n" //remains commented as in sx200
1190 " ORR R1, R1, R3,LSL#8\n"
1191 " LDRB R3, [R4,#0x1C6]\n"
1192 " CMP R2, #0\n"
1193 " CMPNE R2, #0x80\n"
1194 " ORR R1, R1, R3\n"
1195 " LDRB R3, [R4,#0x1CD]\n"
1196 " MOV R3, R3,LSL#24\n"
1197 " ORR R3, R3, R12,LSL#16\n"
1198 " LDRB R12, [R4,#0x1CB]\n"
1199 " ORR R3, R3, R12,LSL#8\n"
1200 " LDRB R12, [R4,#0x1CA]\n"
1201 " ORR R3, R3, R12\n"
1202 //" LDRB R12, [R4,#0x1FE]\n" //remains commented as in sx200
1203 // Left as in sx200
1204 "LDRB R12, [LR,#0x1FE]\n" // + First MBR signature byte (0x55), LR is original offset.
1205 "LDRB LR, [LR,#0x1FF]\n" // + Last MBR signature byte (0xAA), LR is original offset.
1206
1207
1208 " BNE loc_FF874DF8\n"
1209 " CMP R0, R1\n"
1210 " BCC loc_FF874DF8\n"
1211 " ADD R2, R1, R3\n"
1212 " CMP R2, R0\n"
1213 " CMPLS R12, #0x55\n"
1214 " CMPEQ LR, #0xAA\n"
1215 " MOVEQ R7, R1\n"
1216 " MOVEQ R6, R3\n"
1217 " MOVEQ R4, #1\n"
1218 " BEQ loc_FF874DFC\n"
1219 "loc_FF874DF8:\n"
1220 " MOV R4, R8\n"
1221 "loc_FF874DFC:\n"
1222 " MOV R0, #2\n"
1223 " BL sub_FF890888\n" //__ExMemMan.c__0 ; LOCATION: ExMemMan.c:0
1224 " CMP R4, #0\n"
1225 " BNE loc_FF874E38\n"
1226 " LDR R1, [R5,#0x64]\n"
1227 " MOV R7, #0\n"
1228 " MOV R0, R9\n"
1229 " BLX R1\n"
1230 " MOV R6, R0\n"
1231 " B loc_FF874E38\n"
1232 "loc_FF874E24:\n"
1233 " MOV R6, #0x40\n"
1234 " B loc_FF874E38\n"
1235 "loc_FF874E2C:\n"
1236 " LDR R1, =0x597\n"
1237 " LDR R0, =0xFF874E4C\n" //aMounter_c ; Mounter.c
1238 " BL sub_FF81EB78\n" //DebugAssert
1239
1240 "loc_FF874E38:\n"
1241 " STR R7, [R5,#0x44]!\n"
1242 " STMIB R5, {R6,R8}\n"
1243 " MOV R0, #1\n"
1244 " LDMFD SP!, {R4-R10,PC}\n"
1245
1246 );
1247
1248 };