root/platform/sx710hs/sub/100a/boot.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. spytask
  2. CreateTask_spytask
  3. boot
  4. CreateTask_my
  5. sub_fc055894_my
  6. sub_fc055a24_my
  7. sub_fc055e2e_my
  8. sub_fc0cf0ee_my
  9. task_Startup_my
  10. sub_fc0cf014_my
  11. init_file_modules_task
  12. init_required_fw_features
  13. TricInitTask_my
  14. kbd_p2_f_my
  15. sub_fc086af2_my

   1 #include "lolevel.h"
   2 #include "platform.h"
   3 #include "core.h"
   4 
   5 const char * const new_sa = &_end;
   6 
   7 // Forward declarations
   8 
   9 extern void task_CaptSeq();
  10 extern void task_InitFileModules();
  11 extern void task_RotaryEncoder();
  12 extern void task_MovieRecord();
  13 extern void task_ExpDrv();
  14 extern void task_TricInitTask();
  15 
  16 extern void handle_jogdial();
  17 
  18 /*----------------------------------------------------------------------
  19     spytask
  20 -----------------------------------------------------------------------*/
  21 void spytask(long ua, long ub, long uc, long ud, long ue, long uf)
  22 {
  23     (void)ua; (void)ub; (void)uc; (void)ud; (void)ue; (void)uf;
  24     core_spytask();
  25 }
  26 
  27 /*----------------------------------------------------------------------
  28     CreateTask_spytask
  29 -----------------------------------------------------------------------*/
  30 void CreateTask_spytask()
  31 {
  32     _CreateTask("SpyTask", 0x19, 0x2000, spytask, 0);
  33 }
  34 
  35 //unsigned rbval=0;
  36 /*
  37 void task_blinker()
  38 {
  39 #if 0
  40     unsigned v=*(volatile unsigned *)(0x9808);
  41     unsigned pat=0;
  42     if(v & 0x80000){
  43         pat |=1;
  44     }
  45     if(v & 0x100000){
  46         pat |=2;
  47     }
  48     if(v & 0x200000){
  49         pat |=4;
  50     }
  51     if(v & 0x400000){
  52         pat |=8;
  53     }
  54     if(v & 0x800000){
  55         pat |=0x10;
  56     }
  57     while(1) {
  58         int i;
  59         for(i=0;i<5;i++) {
  60             *(volatile int*)0xd20b0994 = 0x4d0002;
  61             if((pat >> i) & 1) {
  62                 msleep(1000);
  63             } else {
  64                 msleep(250);
  65             }
  66             *(volatile int*)0xd20b0994 = 0x4c0003;
  67             msleep(500);
  68         }
  69         msleep(5000);
  70     }
  71 #endif
  72 #if 0
  73     int delay=1000;
  74     if(rbval == 0x12345678) {
  75         delay=100;
  76     }
  77     while(1) {
  78         *(volatile int*)0xd20b0994 = 0x4d0002;
  79         msleep(delay);
  80         *(volatile int*)0xd20b0994 = 0x4c0003;
  81         msleep(delay);
  82     }
  83 #endif
  84     while(1) {
  85         *(volatile int*)0xd20b0994 = 0x4d0002;
  86         msleep(250);
  87         *(volatile int*)0xd20b0994 = 0x4c0003;
  88         msleep(250);
  89     }
  90 }
  91 
  92 void CreateTask_blinker()
  93 {
  94     _CreateTask("blinker", 0x19, 0x200, task_blinker, 0);
  95 }
  96 */
  97 
  98 /*----------------------------------------------------------------------
  99     boot()
 100 
 101     Main entry point for the CHDK code
 102 -----------------------------------------------------------------------*/
 103 
 104 /*************************************************************/
 105 //  -f=chdk -s=0xfc02000d -c=43
 106 void __attribute__((naked,noinline)) boot() {
 107     asm volatile ( // 0xfc02000c
 108 "    movw    r0, #0x4000\n"
 109 "    movt    r0, #0\n"
 110 "    mov     sp, r0\n"
 111 "    bl      sub_fc02007e\n"
 112 "    ldr     r2, =0xc0242010\n"
 113 "    ldr     r1, [r2]\n"
 114 "    orr     r1, r1, #1\n"
 115 "    str     r1, [r2]\n"
 116 "    ldr     r0, =0xfcd4740c\n" // code copied from ROM
 117 "    ldr     r1, =0x010e1000\n" // to RAM
 118 "    ldr     r3, =0x01107bd0\n"
 119 "loc_fc02002a:\n"
 120 "    cmp     r1, r3\n"
 121 "    itt     lo\n"
 122 "    ldrlo   r2, [r0], #4\n"
 123 "    strlo   r2, [r1], #4\n"
 124 "    blo     loc_fc02002a\n"
 125 "    ldr     r0, =0x010e1000\n"
 126 "    ldr     r1, =0x00026bd0\n"
 127 "    bl      sub_fc11f606\n"    // cache stuff for RAM code
 128 "    ldr     r0, =0xfcd6dfdc\n" // code copied from ROM
 129 "    ldr     r1, =0xbfe10800\n" // to TCM
 130 "    ldr     r3, =0xbfe17419\n"
 131 "loc_fc020046:\n"
 132 "    cmp     r1, r3\n"
 133 "    itt     lo\n"
 134 "    ldrlo   r2, [r0], #4\n"
 135 "    strlo   r2, [r1], #4\n"
 136 "    blo     loc_fc020046\n"
 137 // Install CreateTask patch
 138 // use half words in case source or destination not word aligned
 139         "adr     r0, patch_CreateTask\n"    // src: Patch data
 140         "ldr     r1, =hook_CreateTask\n"    // dest: Address to patch (hook_ has thumb bit off)
 141         "add     r2, r0, #8\n" // two words
 142 "task_hook_loop:\n"
 143         "ldrh   r3, [r0],#2\n"
 144         "strh   r3, [r1],#2\n"
 145         "cmp    r0,r2\n"
 146         "blo    task_hook_loop\n"
 147 "    ldr     r0, =0xfcd1e5b4\n"
 148 "    ldr     r1, =0x00008000\n" // DATA copied
 149 "    ldr     r3, =0x00030e58\n" // to RAM
 150 "loc_fc02005a:\n"
 151 "    cmp     r1, r3\n"
 152 "    itt     lo\n"
 153 "    ldrlo   r2, [r0], #4\n"
 154 "    strlo   r2, [r1], #4\n"
 155 "    blo     loc_fc02005a\n"
 156 "    ldr     r3, =0x00030e58\n" // BSS
 157 "    ldr     r1, =0x003c3998\n"
 158 "    mov.w   r2, #0\n"
 159 "loc_fc020070:\n"
 160 "    cmp     r3, r1\n"
 161 "    it      lo\n"
 162 "    strlo   r2, [r3], #4\n"
 163 "    blo     loc_fc020070\n"
 164 "    b.w     sub_fc055894_my\n"
 165 
 166         "patch_CreateTask:\n"
 167         "ldr.w   pc, [pc,#0]\n"             // Do jump to absolute address CreateTask_my
 168         ".long   CreateTask_my + 1\n"           // has to be a thumb address
 169 );
 170 }
 171 
 172 /*************************************************************/
 173 void __attribute__((naked,noinline)) CreateTask_my() {
 174 asm volatile (
 175 "    push   {r0}\n"
 176 //R3 = Pointer to task function to create
 177 "    ldr     r0, =task_CaptSeq\n"       // DryOS original code function ptr.
 178 "    cmp     r0, r3\n"                  // is the given taskptr equal to our searched function?
 179 "    itt     eq\n"                      // EQ block
 180 "    ldreq   r3, =capt_seq_task\n"      // if so replace with our task function base ptr.
 181 "    orreq   r3, #1\n"                  // make sure it's a thumb address (may not be needed?)
 182 "    beq     exitHook\n"                // below compares not necessary if this check has found something.
 183 
 184 // exp_drv not needed for extended exposure, probably works up to 1024s, but required for < 1/3200
 185 "    LDR     R0, =task_ExpDrv\n"
 186 "    CMP     R0, R3\n"
 187 "    itt     eq\n"
 188 "    LDREQ   R3, =exp_drv_task\n"
 189 "    orreq   r3, #1\n"
 190 "    BEQ     exitHook\n"
 191 
 192 // not needed in sx710
 193 /*
 194 "    LDR     R0, =task_DvlpSeqTask\n"
 195 "    CMP     R0, R3\n"
 196 "    itt     eq\n"
 197 "    LDREQ   R3, =developseq_task\n"
 198 "    orreq   r3, #1\n"
 199 "    BEQ     exitHook\n"
 200 */
 201 
 202 "    ldr     r0, =task_FileWrite\n"
 203 "    cmp     r0, r3\n"
 204 "    itt     eq\n"
 205 "    ldreq   r3, =filewritetask\n"
 206 "    orreq   r3, #1\n"
 207 "    beq     exitHook\n"
 208 
 209 // not implemented
 210 /*
 211 "    LDR     R0, =task_MovieRecord\n"
 212 "    CMP     R0, R3\n"
 213 "    LDREQ   R3, =movie_record_task\n"
 214 "    BEQ     exitHook\n"
 215 */
 216 
 217 "    ldr     r0, =task_TricInitTask\n"
 218 "    cmp     r0, r3\n"
 219 "    itt     eq\n"
 220 "    ldreq   r3, =TricInitTask_my\n"
 221 "    orreq   r3, #1\n"
 222 "    beq     exitHook\n"
 223 
 224 "    ldr     r0, =task_InitFileModules\n"
 225 "    cmp     r0, r3\n"
 226 "    itt     eq\n"
 227 "    ldreq   r3, =init_file_modules_task\n"
 228 "    orreq   r3, #1\n"
 229 "exitHook:\n" 
 230 // restore overwritten register(s)
 231 "    pop    {r0}\n"
 232 // Execute overwritten instructions from original code, then jump to firmware
 233 // NOTE number of instructions duplicated here depends on size of original ROM code
 234 // instructions. Must replace 8 bytes!
 235 "    stmdb   sp!, {r1, r2, r3, r4, r5, r6, r7, r8, r9, lr}\n"
 236 "    mov     r4, r0\n"
 237 "    ldr     r0, =0x8160\n"
 238 "    ldr.w   pc, =(hook_CreateTask + 8 + 1) \n"  // Continue in firmware (thumb bit set)
 239 ".ltorg\n"
 240 );
 241 }
 242 
 243 // -f=chdk -s=0xfc055895 -c=60
 244 void __attribute__((naked,noinline)) sub_fc055894_my() {
 245 // startup key checks handled in sub_fc0cf0ee_my
 246     asm volatile (
 247 "    push    {r4, lr}\n"
 248 #if defined(CHDK_NOT_IN_CANON_HEAP)
 249 "    ldr     r4, =0x003c3998\n"
 250 #else
 251     "ldr     r4, =new_sa\n"             // +
 252     "ldr     r4, [r4]\n"                // +
 253 #endif
 254 "    sub     sp, #0x78\n"
 255 "    ldr     r0, =0x006ce000\n"
 256 "    ldr     r1, =0x000b1fec\n"
 257 "    subs    r0, r0, r4\n"
 258 "    cmp     r0, r1\n"
 259 "    bhs     loc_fc0558a6\n"
 260 "loc_fc0558a4:\n"
 261 "    b       loc_fc0558a4\n"
 262 "loc_fc0558a6:\n"
 263 "    ldr     r1, =0x00008074\n"
 264 "    mov.w   r0, #0x80000\n"
 265 "    str     r0, [r1]\n"
 266 "    ldr     r1, =0x00008078\n"
 267 "    ldr     r0, =0x421bcb00\n"
 268 "    str     r0, [r1]\n"
 269 "    ldr     r1, =0x0000807c\n"
 270 "    ldr     r0, =0x421beb00\n"
 271 "    str     r0, [r1]\n"
 272 "    movs    r1, #0x78\n"
 273 "    mov     r0, sp\n"
 274 "    blx     sub_fc2c7d98\n" // j_bzero
 275 "    ldr     r0, =0x0060e000\n"
 276 "    mov.w   r1, #0xc0000\n"
 277 "    stm.w   sp, {r0, r1, r4}\n"
 278 "    ldr     r1, =0x00600014\n"
 279 "    subs    r2, r1, r4\n"
 280 "    strd    r2, r1, [sp, #0xc]\n"
 281 "    str     r0, [sp, #0x14]\n"
 282 "    movs    r0, #0x22\n"
 283 "    str     r0, [sp, #0x18]\n"
 284 "    movs    r0, #0xca\n"
 285 "    str     r0, [sp, #0x1c]\n"
 286 "    movw    r0, #0x2b0\n"
 287 "    str     r0, [sp, #0x20]\n"
 288 "    movs    r0, #0xfa\n"
 289 "    str     r0, [sp, #0x24]\n"
 290 "    movw    r0, #0x11a\n"
 291 "    str     r0, [sp, #0x28]\n"
 292 "    movs    r0, #0x85\n"
 293 "    str     r0, [sp, #0x2c]\n"
 294 "    movs    r0, #0x40\n"
 295 "    str     r0, [sp, #0x30]\n"
 296 "    movs    r0, #4\n"
 297 "    str     r0, [sp, #0x34]\n"
 298 "    movs    r0, #0\n"
 299 "    str     r0, [sp, #0x38]\n"
 300 "    movs    r0, #0x10\n"
 301 "    str     r0, [sp, #0x5c]\n"
 302 "    movs    r2, #0\n"
 303 "    lsls    r0, r0, #8\n"
 304 "    str     r0, [sp, #0x60]\n"
 305 //"    ldr     r1, =0xfc055a25\n"
 306 "    ldr     r1, =sub_fc055a24_my\n"
 307 "    asrs    r0, r0, #4\n"
 308 "    str     r0, [sp, #0x64]\n"
 309 "    lsls    r0, r0, #5\n"
 310 "    str     r0, [sp, #0x68]\n"
 311 "    mov     r0, sp\n"
 312 "    blx     sub_fc2c755c\n"
 313 "    add     sp, #0x78\n"
 314 "    pop     {r4, pc}\n"
 315 ".ltorg\n"
 316     );
 317 }
 318 
 319 //  -f=chdk -s=0xfc055a25 -c=62
 320 void __attribute__((naked,noinline)) sub_fc055a24_my() {
 321     asm volatile (
 322 "    push    {r4, lr}\n"
 323 "    ldr     r4, =0xfc055acc\n" //  *"/_term"
 324 "    bl      sub_fc056cc8\n"
 325 "    ldr     r0, =0x000080ec\n"
 326 "    ldr     r1, [r0]\n"
 327 "    ldr     r0, =0x00008074\n"
 328 "    ldr     r0, [r0]\n"
 329 "    adds    r0, #0x10\n"
 330 "    cmp     r1, r0\n"
 331 "    bhs     loc_fc055a40\n"
 332 "    ldr     r0, =0xfc055adc\n" //  *"USER_MEM size checking"
 333 "    bl      sub_fc055ab6\n"
 334 "loc_fc055a40:\n"
 335 "    bl      sub_fc11f6e0\n"
 336 "    ldr     r1, =0xbfe10000\n"
 337 // note capdis bad output
 338 //"    mov.w   r2, #-0x11111112\n"
 339 "    mov.w   r2, #0xeeeeeeee\n"
 340 "    ldr     r3, =0xbfe10800\n"
 341 "loc_fc055a4c:\n"
 342 "    stm     r1!, {r2}\n"
 343 "    cmp     r1, r3\n"
 344 "    blo     loc_fc055a4c\n"
 345 "    bl      sub_fc11f6f2\n"
 346 "    bl      sub_fc38d1bc\n"
 347 "    cmp     r0, #0\n"
 348 "    bge     loc_fc055a64\n"
 349 "    ldr     r0, =0xfc055afc\n" //  *"dmSetup"
 350 "    bl      sub_fc055ab6\n"
 351 "loc_fc055a64:\n"
 352 "    bl      sub_fc056268\n"
 353 "    cmp     r0, #0\n"
 354 "    bge     loc_fc055a72\n"
 355 "    ldr     r0, =0xfc055b04\n" //  *"termDriverInit"
 356 "    bl      sub_fc055ab6\n"
 357 "loc_fc055a72:\n"
 358 "    mov     r0, r4\n"
 359 "    bl      sub_fc0562f6\n"
 360 "    cmp     r0, #0\n"
 361 "    bge     loc_fc055a82\n"
 362 "    ldr     r0, =0xfc055b14\n" //  *"termDeviceCreate"
 363 "    bl      sub_fc055ab6\n"
 364 "loc_fc055a82:\n"
 365 "    mov     r0, r4\n"
 366 "    bl      sub_fc055c60\n"
 367 "    cmp     r0, #0\n"
 368 "    bge     loc_fc055a92\n"
 369 "    ldr     r0, =0xfc055b28\n" //  *"stdioSetup"
 370 "    bl      sub_fc055ab6\n"
 371 "loc_fc055a92:\n"
 372 "    bl      sub_fc055da4\n"
 373 "    cmp     r0, #0\n"
 374 "    bge     loc_fc055aa0\n"
 375 "    ldr     r0, =0xfc055b34\n" //  *"stdlibSetup"
 376 "    bl      sub_fc055ab6\n"
 377 "loc_fc055aa0:\n"
 378 "    bl      sub_fc058e3c\n"
 379 "    cmp     r0, #0\n"
 380 "    bge     loc_fc055aae\n"
 381 "    ldr     r0, =0xfc055b40\n" //  *"extlib_setup"
 382 "    bl      sub_fc055ab6\n"
 383 "loc_fc055aae:\n"
 384 "    pop.w   {r4, lr}\n"
 385 //"    b.w     loc_fc055e2e\n"
 386 "    b.w     sub_fc055e2e_my\n" // +
 387     ".ltorg\n"
 388     );
 389 }
 390 
 391 //  -f=chdk -s=0xfc055e2f -c=20
 392 void __attribute__((naked,noinline)) sub_fc055e2e_my() {
 393     asm volatile (
 394 "    push    {r3, lr}\n"
 395 "    bl      sub_fc055f34\n"
 396 "    bl      sub_fc078bfc\n" // IsNormalCameraMode_FW
 397 "    bl      sub_fc0cf0ee_my\n" // startup checks equivalent of g7x fc0781f4, but doesn't seem affected by *(0x4ffc)=0x12345678
 398 "    cbnz    r0, loc_fc055e44\n"
 399 "    bl      sub_fc055f22\n"
 400 "loc_fc055e42:\n"
 401 "    b       loc_fc055e42\n"
 402 "loc_fc055e44:\n"
 403 "    blx     sub_fc2c75b4\n"
 404 "    ldr     r1, =0x006ce000\n"
 405 "    movs    r0, #0\n"
 406 "    bl      sub_fc329100\n"
 407 "    movs    r3, #0\n"
 408 "    str     r3, [sp]\n"
 409 //"    ldr     r3, =0xfc055dc9\n" //  task_Startup
 410 "    ldr     r3, =task_Startup_my\n" //  ->
 411 "    movs    r2, #0\n"
 412 "    movs    r1, #0x19\n"
 413 "    ldr     r0, =0xfc055e6c\n" //  *"Startup"
 414 "    bl      _CreateTask\n"
 415 //"    blx     sub_fc2c79a8\n" // j_CreateTask
 416 "    movs    r0, #0\n"
 417 "    pop     {r3, pc}\n"
 418     ".ltorg\n"
 419     );
 420 }
 421 // -f=chdk -s=0xfc0cf0ef -c=40
 422 void __attribute__((naked,noinline)) sub_fc0cf0ee_my() {
 423     asm volatile (
 424 "    push.w  {r3, r4, r5, r6, r7, r8, sb, sl, fp, lr}\n"
 425 "    movs    r4, #0\n"
 426 "    mov     sl, r0\n"
 427 "    mov     r5, r4\n"
 428 "    mov     sb, r4\n"
 429 //"    bl      sub_fc086a00\n" // nullsub
 430 "    movs    r0, #0x10\n"
 431 "    bl      sub_fc0847ea\n"
 432 "    movs    r6, #1\n"
 433 "    bic.w   r8, r6, r0\n"
 434 "    movs    r0, #0xf\n"
 435 "    bl      sub_fc0847ea\n"
 436 "    bic.w   r7, r6, r0\n"
 437 "    movs    r0, #0\n"
 438 "    bl      sub_fc0869fc\n"
 439 "    cbz     r0, loc_fc0cf126\n"
 440 "    movs    r0, #0x17\n"
 441 "    bl      sub_fc0847ea\n"
 442 "    bic.w   r5, r6, r0\n"
 443 "loc_fc0cf126:\n"
 444 "    movs    r0, #1\n"
 445 "    bl      sub_fc0869fc\n"
 446 "    cbz     r0, loc_fc0cf13a\n"
 447 "    movw    r0, #0x1d8\n"
 448 "    bl      sub_fc0847ea\n"
 449 "    bic.w   r4, r6, r0\n"
 450 "loc_fc0cf13a:\n"
 451 "    cmp.w   sl, #0\n"
 452 "    beq     loc_fc0cf14a\n" // skips checks if not IsNormalCameraMode
 453 "    orr.w   r0, r8, r7\n"
 454 "    orrs    r0, r5\n"
 455 "    orrs    r0, r4\n" // check all hardware related bits checked above
 456 //"    beq     loc_fc0cf15e\n" // old behavior, skip to return if none set
 457 "    bne     loc_fc0cf14a\n" // new behavior, go to final code if any set
 458 // otherwise, act as if play was held
 459     "mov  r7, #1\n"
 460 "loc_fc0cf14a:\n"
 461 "    mov     r3, sb\n"
 462 "    mov     r2, r5\n"
 463 "    mov     r1, r7\n"
 464 "    mov     r0, r8\n"
 465 "    str     r4, [sp]\n"
 466 "    bl      sub_fc086a04\n"
 467 //"    bl      sub_fc086a02\n" // nullsub
 468 "    movs    r0, #1\n"
 469 //"loc_fc0cf15e:\n"
 470 "    pop.w   {r3, r4, r5, r6, r7, r8, sb, sl, fp, pc}\n"
 471     ".ltorg\n"
 472     );
 473 }
 474 
 475 // -f=chdk -s=task_Startup -c=26
 476 void __attribute__((naked,noinline)) task_Startup_my() {
 477     asm volatile (
 478 // task_Startup 0xfc055dc9
 479 "    push    {r4, lr}\n"
 480 "    bl      sub_fc0cf4d8\n" // CreateTask ClockSave
 481 "    bl      sub_fc055f00\n" // ??
 482 //"    bl      sub_fc056060\n" // ->nullsub
 483 "    bl      sub_fc38d970\n"
 484 // added for SD card UHS detection https://chdk.setepontos.com/index.php?topic=13089.msg132583#msg132583
 485 "bl sub_010e173f\n" // ref in sub_010e182c following SD1stInit create
 486 //"    bl      sub_fc0560b6\n" StartDiskboot
 487 //"    bl      CreateTask_blinker\n"
 488 "    bl      sub_fc0b337a\n"
 489 "    bl      sub_fc0cf7dc\n"
 490 "    bl      sub_fc0561a8\n"
 491 "    bl      sub_fc055ff0\n"
 492 "    bl      sub_fc38d9ae\n"
 493 "    bl      sub_fc0917c4\n"
 494 "    bl      sub_fc0cf7e2\n"
 495 "    bl      sub_fc0cf014_my\n" // CreateTask PhySw
 496 "    bl      CreateTask_spytask\n" 
 497 "    bl      init_required_fw_features\n" // added
 498 "    bl      sub_fc267314\n"
 499 "    bl      sub_fc0cf7f8\n"
 500 "    bl      sub_fc11fac8\n"
 501 "    bl      sub_fc0b2fb0\n"
 502 "    bl      sub_fc0cf636\n"
 503 "    bl      sub_fc0b332a\n"
 504 "    bl      sub_fc0b2f6c\n"
 505 "    bl      sub_fc0561ac\n"
 506 "    bl      sub_fc2d3370\n"
 507 "    bl      sub_fc0b2f40\n"
 508 "    pop.w   {r4, lr}\n"
 509 //"    b.w     loc_fc0cf4ae\n"
 510 "    ldr     pc,=0xfc0cf4af\n"
 511     ".ltorg\n"
 512     );
 513 }
 514 
 515 // -f=chdk -s=0xfc0cf015 -c=18
 516 //taskcreate_physw
 517 void __attribute__((naked,noinline)) sub_fc0cf014_my() {
 518     asm volatile (
 519 "    push    {r3, r4, r5, lr}\n"
 520 "    bl      sub_fc087d58\n"
 521 "    bl      sub_fc078b7a\n" // IsFactoryMode_FW
 522 "    cbnz    r0, loc_fc0cf024\n"
 523 "    bl      sub_fc087cfc\n" // OpLog.Start_FW
 524 "loc_fc0cf024:\n"
 525 "    ldr     r4, =0x000082c8\n" //  physw_run
 526 "    ldr     r0, [r4, #4]\n"
 527 "    cmp     r0, #0\n"
 528 "    bne     loc_fc0cf040\n"
 529 "    movs    r3, #0\n"
 530 "    str     r3, [sp]\n"
 531 //"    ldr     r3, =0xfc0cefc7\n" //  task_PhySw
 532 "    ldr     r3, =mykbd_task\n"
 533 "    movs    r1, #0x17\n"
 534 "    ldr     r0, =0xfc0cf36c\n" //  *"PhySw"
 535 //"    movw    r2, #0x800\n"
 536 "    movw    r2, #0x2000\n" // adjusted 0x800 -> 0x2000
 537 "    blx     sub_fc2c7cc0\n" // j_CreateTaskStrictly
 538 "    str     r0, [r4, #4]\n"
 539 "loc_fc0cf040:\n"
 540 "    pop     {r3, r4, r5, pc}\n"
 541     ".ltorg\n"
 542     );
 543 }
 544  
 545 // -f=chdk -s=task_InitFileModules -c=16
 546 void __attribute__((naked,noinline)) init_file_modules_task() {
 547     asm volatile (
 548 // task_InitFileModules 0xfc0d4309
 549 "    push    {r4, r5, r6, lr}\n"
 550 "    bl      sub_fc0d985c\n"
 551 "    movs    r4, r0\n"
 552 "    movw    r5, #0x5006\n"
 553 "    beq     loc_fc0d431e\n"
 554 "    movs    r1, #0\n"
 555 "    mov     r0, r5\n"
 556 "    bl      _PostLogicalEventToUI\n"
 557 "loc_fc0d431e:\n"
 558 "    bl      sub_fc0d9886\n"
 559 "    BL      core_spytask_can_start\n" // + CHDK: Set "it's-safe-to-start" flag for spytask
 560 "    cmp     r4, #0\n"
 561 "    bne     loc_fc0d4332\n"
 562 "    mov     r0, r5\n"
 563 "    pop.w   {r4, r5, r6, lr}\n"
 564 "    movs    r1, #0\n"
 565 "    b.w     _PostLogicalEventToUI\n"
 566 "loc_fc0d4332:\n"
 567 "    pop     {r4, r5, r6, pc}\n"
 568     ".ltorg\n"
 569     );
 570 }
 571 /*
 572     *** workaround ***
 573     Init stuff to avoid asserts on cameras running DryOS r54+
 574     https://chdk.setepontos.com/index.php?topic=12516.0
 575     Execute this only once
 576  */
 577 void init_required_fw_features(void) {
 578     extern void _init_focus_eventflag();
 579 
 580     _init_focus_eventflag();
 581     // for MoveIrisWithAv, based on fc540574 from Mecha.Create (but without registering eventprocs)
 582     extern int av_override_semaphore;
 583     extern int _CreateBinarySemaphoreStrictly(int x, int y);
 584     av_override_semaphore = _CreateBinarySemaphoreStrictly(0,0);
 585 }
 586 
 587 // fix for FI2 boot, see https://chdk.setepontos.com/index.php?topic=11316.msg136622#msg136622
 588 // -f=chdk -s=task_TricInitTask -c=36
 589 void __attribute__((naked,noinline)) TricInitTask_my()
 590 {
 591     asm volatile(
 592    // task_TricInitTask 0xfc4417a1
 593 "    push.w  {r0, r1, r2, r3, r4, r5, r6, r7, r8, sb, sl, fp, ip, lr}\n"
 594 "    blx     sub_fc2c7d30\n"
 595 "    movs    r0, #8\n"
 596 "    ldr     r1, =0xfc4419d0\n" //  *"InitTskStart"
 597 "    bl      sub_fc315ec6\n"
 598 "    ldr.w   sl, =0x00020bb0\n"
 599 "    movw    fp, #0x1000\n"
 600 "    ldr     r4, =0x00020bac\n"
 601 "    movs    r2, #0\n"
 602 "    ldr     r1, =0x0703870f\n"
 603 "    ldr     r0, [r4]\n"
 604 "    blx     sub_fc2c7dd0\n" // j_WaitForAnyEventFlag
 605 "    lsls    r0, r0, #0x1f\n"
 606 "    beq     loc_fc4417da\n"
 607 "    movs    r0, #8\n"
 608 "    ldr     r1, =0xfc4419e8\n" //  *"ER IniTskWait"
 609 "    bl      sub_fc315f26\n"
 610 "    ldr     r1, =0x00020b98\n"
 611 "    movs    r0, #0\n"
 612 "    str     r0, [r1]\n"
 613 "    pop.w   {r0, r1, r2, r3, r4, r5, r6, r7, r8, sb, sl, fp, ip, pc}\n"
 614 "loc_fc4417da:\n"
 615 "    ldr     r4, =0x00020bac\n"
 616 "    add     r1, sp, #0xc\n"
 617 "    ldr     r0, [r4]\n"
 618 "    blx     sub_fc2c7ba0\n" // j_GetEventFlagValue
 619 "    ldr     r1, [sp, #0xc]\n"
 620 "    ldr     r0, [r4]\n"
 621 "    blx     sub_fc2c7dc8\n" // j_ClearEventFlag
 622 "    ldr     r0, =0x02000003\n"
 623 "    ldr     r7, [sp, #0xc]\n"
 624 "    tst     r7, r0\n"
 625 "    beq     sub_fc4418de\n" // loc -> sub
 626 "    lsls    r0, r7, #0x1f\n"
 627 "    beq     sub_fc4417fe\n" // loc -> sub
 628 
 629 "    ldr     r0, =0xd2020074\n" // + MMIO ref'd from code jumped to at end of fc441c82
 630 "    ldr     r0, [r0]\n"        // + nonzero when core already running
 631 "    subs    r0, #0\n"          // +
 632 "    beq     tric1\n"           // +
 633 "    ldr     r0, [r4]\n"        // +
 634 "    mov     r1, #0x80\n"       // +
 635 "    bl      _SetEventFlag\n"   // + core already initialized, set the SmacIdleCmp eventflag here
 636 "tric1:\n"                      // +
 637 
 638 "    bl      sub_fc441c82\n"
 639 //"    b       loc_fc44186a\n"
 640 "    ldr     pc, =0xfc44186b\n" // b to ldr pc, continue in fw
 641 ".ltorg\n"
 642     );
 643 }
 644 
 645 #ifdef CAM_HAS_JOGDIAL
 646 // jogdial override code called from kbd task
 647 // -f=chdk -s=kbd_p2_f -c=77
 648 // kbd_p2_f 0xfc0ced65
 649 void __attribute__((naked,noinline)) kbd_p2_f_my() {
 650     asm volatile(
 651 "    push.w  {r4, r5, r6, r7, r8, lr}\n"
 652 "    ldr     r6, =0x00032734\n"
 653 "    sub     sp, #0x18\n"
 654 "    add     r7, sp, #8\n"
 655 "    subs    r6, #0xc\n"
 656 "    b       loc_fc0ceda6\n"
 657 "loc_fc0ced72:\n"
 658 "    ldr     r1, =0x00032734\n"
 659 "    add     r3, sp, #8\n"
 660 "    ldrb.w  r0, [sp, #4]\n"
 661 "    add     r2, sp, #0x14\n"
 662 "    subs    r1, #0x18\n"
 663 "    bl      sub_fc086f30\n"
 664 "    cbnz    r0, loc_fc0ced8c\n"
 665 "    ldr     r1, [sp, #0x14]\n"
 666 "    movs    r0, #0\n"
 667 "    bl      sub_fc0cecd6\n"
 668 "loc_fc0ced8c:\n"
 669 "    movs    r0, #2\n"
 670 "loc_fc0ced8e:\n"
 671 "    ldr.w   r1, [r7, r0, lsl #2]\n"
 672 "    cbz     r1, loc_fc0ced9e\n"
 673 "    ldr.w   r2, [r6, r0, lsl #2]\n"
 674 "    bics    r2, r1\n"
 675 "    str.w   r2, [r6, r0, lsl #2]\n"
 676 "loc_fc0ced9e:\n"
 677 "    subs    r0, r0, #1\n"
 678 "    sxtb    r0, r0\n"
 679 "    cmp     r0, #0\n"
 680 "    bge     loc_fc0ced8e\n"
 681 "loc_fc0ceda6:\n"
 682 "    ldr     r0, =0x00032734\n"
 683 "    add     r1, sp, #4\n"
 684 "    subs    r0, #0xc\n"
 685 "    bl      sub_fc086c7c\n"
 686 "    cmp     r0, #0\n"
 687 "    bne     loc_fc0ced72\n"
 688 "    ldr.w   r8, =0x00032734\n"
 689 "    movs    r4, #0\n"
 690 "loc_fc0cedba:\n"
 691 "    movs    r5, #0\n"
 692 "    ldr.w   r0, [r6, r4, lsl #2]\n"
 693 "    ldr.w   r1, [r8, r4, lsl #2]\n"
 694 "    ands    r0, r1\n"
 695 "    str.w   r0, [r6, r4, lsl #2]\n"
 696 "    b       loc_fc0cee12\n"
 697 "loc_fc0cedcc:\n"
 698 "    lsrs    r0, r5\n"
 699 "    lsls    r0, r0, #0x1f\n"
 700 "    beq     loc_fc0cee0a\n"
 701 "    ldr     r1, =0x00032734\n"
 702 "    add.w   r0, r5, r4, lsl #5\n"
 703 "    add     r3, sp, #8\n"
 704 "    subs    r1, #0x18\n"
 705 "    add     r2, sp, #0x14\n"
 706 "    uxtb    r0, r0\n"
 707 "    bl      sub_fc086f30\n"
 708 "    cbnz    r0, loc_fc0cedee\n"
 709 "    ldr     r1, [sp, #0x14]\n"
 710 "    movs    r0, #1\n"
 711 "    bl      sub_fc0cecd6\n"
 712 "loc_fc0cedee:\n"
 713 "    mov     r0, r4\n"
 714 "    b       loc_fc0cee06\n"
 715 "loc_fc0cedf2:\n"
 716 "    ldr.w   r1, [r7, r0, lsl #2]\n"
 717 "    cbz     r1, loc_fc0cee02\n"
 718 "    ldr.w   r2, [r6, r0, lsl #2]\n"
 719 "    bics    r2, r1\n"
 720 "    str.w   r2, [r6, r0, lsl #2]\n"
 721 "loc_fc0cee02:\n"
 722 "    adds    r0, r0, #1\n"
 723 "    sxtb    r0, r0\n"
 724 "loc_fc0cee06:\n"
 725 "    cmp     r0, #3\n"
 726 "    blt     loc_fc0cedf2\n"
 727 "loc_fc0cee0a:\n"
 728 "    ldr.w   r0, [r6, r4, lsl #2]\n"
 729 "    adds    r5, r5, #1\n"
 730 "    uxtb    r5, r5\n"
 731 "loc_fc0cee12:\n"
 732 "    cmp     r0, #0\n"
 733 "    bne     loc_fc0cedcc\n"
 734 "    adds    r4, r4, #1\n"
 735 "    sxtb    r4, r4\n"
 736 "    cmp     r4, #3\n"
 737 "    blt     loc_fc0cedba\n"
 738 //"    bl      sub_fc086af2\n"
 739 "    bl      sub_fc086af2_my\n"
 740 "    add     sp, #0x18\n"
 741 "    pop.w   {r4, r5, r6, r7, r8, pc}\n"
 742 ".ltorg\n"
 743     );
 744 }
 745 
 746 // -f=chdk -s=0xfc086af3 -c=10
 747 void __attribute__((naked,noinline)) sub_fc086af2_my() {
 748     asm volatile(
 749 "    push    {r4, lr}\n"
 750 "    ldr     r4, =0x0000960c\n"
 751 "    subs    r4, #0x10\n"
 752 "    ldr     r0, [r4, #8]\n"
 753 "    bl      sub_fc08b410\n"
 754 "    bl      sub_fc0f232c\n"
 755 "    ldr     r0, [r4, #0xc]\n"
 756 "    bl      sub_fc08b340\n"
 757 // re-ordered
 758 //"    pop.w   {r4, lr}\n"
 759 //"    b.w     loc_fc08b6f6\n"
 760 "    bl      handle_jogdial\n"  // +
 761 "    cmp     r0, #0\n"          // +
 762 "    beq     no_scroll\n"       // +
 763 "    bl      sub_fc08b6f6\n"    // handles scrollwheel(s), void function, no args
 764 "no_scroll:\n"                  // +
 765 "    pop     {r4, pc}\n"        // +
 766 ".ltorg\n"
 767     );
 768 }
 769 #endif

/* [<][>][^][v][top][bottom][index][help] */