This source file includes following definitions.
- log_capt_seq
- log_capt_seq2
- log_capt_seq_override
- captseq_raw_addr_init_my
- clear_current_raw_addr
- capt_seq_task
- sub_fc07b6ba_my
- sub_fc07b4ee_my
- log_nr_call
- log_remote_hook
- log_rh
- sub_fc083ab0_my
- exp_drv_task
- sub_fc28361e_my
- sub_fc3a0c30_my
1 #include "lolevel.h"
2 #include "platform.h"
3 #include "core.h"
4
5
6
7 extern void _LogCameraEvent(int id,const char *fmt,...);
8
9 #define USE_STUBS_NRFLAG 1
10 #define NR_AUTO (-1)
11
12 #ifdef CAPTSEQ_DEBUG_LOG
13
14
15 extern char *hook_raw_image_addr(void);
16
17 void log_capt_seq(int m)
18 {
19 _LogCameraEvent(0x60,"cs m:%d rb:0x%08x i:%04d",
20 m,
21 hook_raw_image_addr(),
22 get_exposure_counter());
23 }
24 void log_capt_seq2(int m)
25 {
26 _LogCameraEvent(0x60,"cs end m:%d rb:0x%08x i:%04d",
27 m,
28 hook_raw_image_addr(),
29 get_exposure_counter());
30 }
31 void log_capt_seq_override(void)
32 {
33 _LogCameraEvent(0x60,"cs override rb:0x%08x i:%04d",
34 hook_raw_image_addr(),
35 get_exposure_counter());
36 }
37 #endif
38
39 #include "../../../generic/capt_seq.c"
40
41
42
43 extern int _captseq_raw_addr_init(int raw_index, char **ptr);
44 char *current_raw_addr;
45
46 void captseq_raw_addr_init_my(int raw_index,char **ptr) {
47 _captseq_raw_addr_init(raw_index,ptr);
48 current_raw_addr=*(ptr + 0x5c/4);
49 #ifdef CAPTSEQ_DEBUG_LOG
50 _LogCameraEvent(0x60,"rawinit i:0x%x p:0x%x v:0x%x",raw_index,ptr,current_raw_addr);
51 #endif
52 }
53
54 void clear_current_raw_addr(void) {
55 current_raw_addr=NULL;
56 }
57
58
59
60 void __attribute__((naked,noinline)) capt_seq_task() {
61 asm volatile (
62 " push {r3, r4, r5, r6, r7, lr}\n"
63 " ldr r4, =0x00039e5c\n"
64 " movs r6, #0\n"
65 " ldr r5, =0x0000ba40\n"
66 "loc_fc0646ba:\n"
67 " movs r2, #0\n"
68 " mov r1, sp\n"
69 " ldr r0, [r5, #8]\n"
70 " blx sub_fc2c7ca0\n"
71 " lsls r0, r0, #0x1f\n"
72 " beq loc_fc0646dc\n"
73 " movw r2, #0x44e\n"
74 " ldr r1, =0xfc064364\n"
75 " movs r0, #0\n"
76 " blx sub_fc2c7de0\n"
77 " blx sub_fc2c7cf8\n"
78 " pop {r3, r4, r5, r6, r7, pc}\n"
79 "loc_fc0646dc:\n"
80 " ldr r0, [sp]\n"
81 " ldr r0, [r0]\n"
82 " cmp r0, #1\n"
83 " beq loc_fc0646f4\n"
84 " cmp r0, #0x29\n"
85 " beq loc_fc0646f4\n"
86 " cmp r0, #0x1e\n"
87 " beq loc_fc0646f4\n"
88 " cmp r0, #0x21\n"
89 " beq loc_fc0646f4\n"
90 " bl sub_fc080fbc\n"
91 "loc_fc0646f4:\n"
92 #ifdef CAPTSEQ_DEBUG_LOG
93
94 "ldr r0, [sp]\n"
95 "ldr r0, [r0]\n"
96 "bl log_capt_seq\n"
97 #endif
98 " ldr r0, [sp]\n"
99 " ldr r1, [r0]\n"
100 " cmp r1, #0x2b\n"
101 " bhs loc_fc0647b6\n"
102 " tbb [pc, r1]\n"
103 "branchtable_fc064700:\n"
104 " .byte((loc_fc06472c - branchtable_fc064700) / 2)\n"
105 " .byte((loc_fc064742 - branchtable_fc064700) / 2)\n"
106 " .byte((loc_fc06474a - branchtable_fc064700) / 2)\n"
107 " .byte((loc_fc064758 - branchtable_fc064700) / 2)\n"
108 " .byte((loc_fc064752 - branchtable_fc064700) / 2)\n"
109 " .byte((loc_fc064762 - branchtable_fc064700) / 2)\n"
110 " .byte((loc_fc064768 - branchtable_fc064700) / 2)\n"
111 " .byte((loc_fc06476e - branchtable_fc064700) / 2)\n"
112 " .byte((loc_fc064776 - branchtable_fc064700) / 2)\n"
113 " .byte((loc_fc0647a8 - branchtable_fc064700) / 2)\n"
114 " .byte((loc_fc064780 - branchtable_fc064700) / 2)\n"
115 " .byte((loc_fc064788 - branchtable_fc064700) / 2)\n"
116 " .byte((loc_fc06478e - branchtable_fc064700) / 2)\n"
117 " .byte((loc_fc064796 - branchtable_fc064700) / 2)\n"
118 " .byte((loc_fc06479c - branchtable_fc064700) / 2)\n"
119 " .byte((loc_fc0647a2 - branchtable_fc064700) / 2)\n"
120 " .byte((loc_fc0647b0 - branchtable_fc064700) / 2)\n"
121 " .byte((loc_fc0647c4 - branchtable_fc064700) / 2)\n"
122 " .byte((loc_fc0647ca - branchtable_fc064700) / 2)\n"
123 " .byte((loc_fc0647d0 - branchtable_fc064700) / 2)\n"
124 " .byte((loc_fc0647d6 - branchtable_fc064700) / 2)\n"
125 " .byte((loc_fc0647dc - branchtable_fc064700) / 2)\n"
126 " .byte((loc_fc0647e0 - branchtable_fc064700) / 2)\n"
127 " .byte((loc_fc0647e6 - branchtable_fc064700) / 2)\n"
128 " .byte((loc_fc0647ec - branchtable_fc064700) / 2)\n"
129 " .byte((loc_fc0647f2 - branchtable_fc064700) / 2)\n"
130 " .byte((loc_fc0647f8 - branchtable_fc064700) / 2)\n"
131 " .byte((loc_fc0647fe - branchtable_fc064700) / 2)\n"
132 " .byte((loc_fc064806 - branchtable_fc064700) / 2)\n"
133 " .byte((loc_fc06480c - branchtable_fc064700) / 2)\n"
134 " .byte((loc_fc064810 - branchtable_fc064700) / 2)\n"
135 " .byte((loc_fc064818 - branchtable_fc064700) / 2)\n"
136 " .byte((loc_fc06481e - branchtable_fc064700) / 2)\n"
137 " .byte((loc_fc064824 - branchtable_fc064700) / 2)\n"
138 " .byte((loc_fc06482a - branchtable_fc064700) / 2)\n"
139 " .byte((loc_fc064830 - branchtable_fc064700) / 2)\n"
140 " .byte((loc_fc064836 - branchtable_fc064700) / 2)\n"
141 " .byte((loc_fc06483c - branchtable_fc064700) / 2)\n"
142 " .byte((loc_fc064844 - branchtable_fc064700) / 2)\n"
143 " .byte((loc_fc06484a - branchtable_fc064700) / 2)\n"
144 " .byte((loc_fc06486e - branchtable_fc064700) / 2)\n"
145 " .byte((loc_fc064874 - branchtable_fc064700) / 2)\n"
146 " .byte((loc_fc06488e - branchtable_fc064700) / 2)\n"
147 ".align 1\n"
148 "loc_fc06472c:\n"
149 " ldr r0, [r0, #0xc]\n"
150 " bl sub_fc073cbc\n"
151 #ifdef CAPTSEQ_DEBUG_LOG
152 "bl log_capt_seq_override\n"
153 #endif
154 " BL clear_current_raw_addr\n"
155 " BL shooting_expo_param_override\n"
156 " bl sub_fc079112\n"
157 " ldr r0, [r4, #0x28]\n"
158 " cmp r0, #0\n"
159 " beq loc_fc064740\n"
160 " bl sub_fc07b6ba_my\n"
161 "loc_fc064740:\n"
162 " b loc_fc06488e\n"
163 "loc_fc064742:\n"
164 " ldr r0, [r0, #0x10]\n"
165 " bl sub_fc07b4ee_my\n"
166 " b loc_fc06488e\n"
167 "loc_fc06474a:\n"
168 " movs r0, #1\n"
169 " bl sub_fc073f74\n"
170 " b loc_fc06488e\n"
171 "loc_fc064752:\n"
172 " bl sub_fc073a32\n"
173 " b loc_fc06475e\n"
174 "loc_fc064758:\n"
175 " ldr r0, [r0, #0xc]\n"
176 " bl sub_fc073ca4\n"
177 "loc_fc06475e:\n"
178 " str r6, [r4, #0x28]\n"
179 " b loc_fc06488e\n"
180 "loc_fc064762:\n"
181 " bl sub_fc073caa\n"
182 " b loc_fc06488e\n"
183 "loc_fc064768:\n"
184 " bl sub_fc073e9a\n"
185 " b loc_fc06477a\n"
186 "loc_fc06476e:\n"
187 " ldr r0, [r0, #0x10]\n"
188 " bl sub_fc07b766\n"
189 " b loc_fc06488e\n"
190 "loc_fc064776:\n"
191 " bl sub_fc073efc\n"
192 "loc_fc06477a:\n"
193 " bl sub_fc079112\n"
194 " b loc_fc06488e\n"
195 "loc_fc064780:\n"
196 " ldr r0, [r4, #0x54]\n"
197 " bl sub_fc06f596\n"
198 " b loc_fc06488e\n"
199 "loc_fc064788:\n"
200 " bl sub_fc06f806\n"
201 " b loc_fc06488e\n"
202 "loc_fc06478e:\n"
203 " ldr r0, [r0, #0xc]\n"
204 " bl sub_fc06f852\n"
205 " b loc_fc06488e\n"
206 "loc_fc064796:\n"
207 " bl sub_fc06f986\n"
208 " b loc_fc06488e\n"
209 "loc_fc06479c:\n"
210 " bl sub_fc06fd52\n"
211 " b loc_fc06488e\n"
212 "loc_fc0647a2:\n"
213 " bl sub_fc06fde8\n"
214 " b loc_fc06488e\n"
215 "loc_fc0647a8:\n"
216 " ldr r0, [r0, #0xc]\n"
217 " bl sub_fc073ca4\n"
218 " b loc_fc06488e\n"
219 "loc_fc0647b0:\n"
220 " bl sub_fc071190\n"
221 " b loc_fc06488e\n"
222 "loc_fc0647b6:\n"
223 " b loc_fc064880\n"
224 ".ltorg\n"
225
226
227
228
229 "loc_fc0647c4:\n"
230 " bl sub_fc071338\n"
231 " b loc_fc06488e\n"
232 "loc_fc0647ca:\n"
233 " bl sub_fc0713b0\n"
234 " b loc_fc06488e\n"
235 "loc_fc0647d0:\n"
236 " bl sub_fc07144c\n"
237 " b loc_fc06488e\n"
238 "loc_fc0647d6:\n"
239 " bl sub_fc0714ee\n"
240 " b loc_fc06488e\n"
241 "loc_fc0647dc:\n"
242 " movs r0, #0\n"
243 " b loc_fc064800\n"
244 "loc_fc0647e0:\n"
245 " bl sub_fc071808\n"
246 " b loc_fc06488e\n"
247 "loc_fc0647e6:\n"
248 " bl sub_fc071868\n"
249 " b loc_fc06488e\n"
250 "loc_fc0647ec:\n"
251 " bl sub_fc07186c\n"
252 " b loc_fc06488e\n"
253 "loc_fc0647f2:\n"
254 " bl sub_fc07187c\n"
255 " b loc_fc06488e\n"
256 "loc_fc0647f8:\n"
257 " bl sub_fc0718f4\n"
258 " b loc_fc06488e\n"
259 "loc_fc0647fe:\n"
260 " movs r0, #1\n"
261 "loc_fc064800:\n"
262 " bl sub_fc0716e8\n"
263 " b loc_fc06488e\n"
264 "loc_fc064806:\n"
265 " bl sub_fc074056\n"
266 " b loc_fc06488e\n"
267 "loc_fc06480c:\n"
268 " movs r0, #0\n"
269 " b loc_fc064812\n"
270 "loc_fc064810:\n"
271 " ldr r0, [r0, #0xc]\n"
272 "loc_fc064812:\n"
273 " bl sub_fc0740b6\n"
274 " b loc_fc06488e\n"
275 "loc_fc064818:\n"
276 " bl sub_fc071614\n"
277 " b loc_fc06488e\n"
278 "loc_fc06481e:\n"
279 " bl sub_fc07167a\n"
280 " b loc_fc06488e\n"
281 "loc_fc064824:\n"
282 " bl sub_fc07bf10\n"
283 " b loc_fc06488e\n"
284 "loc_fc06482a:\n"
285 " bl sub_fc079a30\n"
286 " b loc_fc06488e\n"
287 "loc_fc064830:\n"
288 " bl sub_fc29d31e\n"
289 " b loc_fc06488e\n"
290 "loc_fc064836:\n"
291 " bl sub_fc29d3d8\n"
292 " b loc_fc06488e\n"
293 "loc_fc06483c:\n"
294 " ldr r0, [r0, #0xc]\n"
295 " bl sub_fc0719d0\n"
296 " b loc_fc06488e\n"
297 "loc_fc064844:\n"
298 " bl sub_fc071a38\n"
299 " b loc_fc06488e\n"
300 "loc_fc06484a:\n"
301 " bl sub_fc0748be\n"
302 " ldrh.w r0, [r4, #0x1a4]\n"
303 " cmp r0, #4\n"
304 " beq loc_fc064860\n"
305 " ldrh r0, [r4]\n"
306 " sub.w r1, r0, #0x4200\n"
307 " subs r1, #0x36\n"
308 " bne loc_fc06488e\n"
309 "loc_fc064860:\n"
310 " bl sub_fc29d3d8\n"
311 " bl sub_fc29d8ee\n"
312 " bl sub_fc29d736\n"
313 " b loc_fc06488e\n"
314 "loc_fc06486e:\n"
315 " movs r2, #0\n"
316 " movs r1, #0x11\n"
317 " b loc_fc064878\n"
318 "loc_fc064874:\n"
319 " movs r2, #0\n"
320 " movs r1, #0x10\n"
321 "loc_fc064878:\n"
322 " movs r0, #0\n"
323 " bl sub_fc079cf0\n"
324 " b loc_fc06488e\n"
325 "loc_fc064880:\n"
326 " movw r2, #0x57e\n"
327 " ldr r1, =0xfc064364\n"
328 " movs r0, #0\n"
329 " blx sub_fc2c7de0\n"
330 "loc_fc06488e:\n"
331
332 #ifdef CAPTSEQ_DEBUG_LOG
333 "ldr r0, [sp]\n"
334 "ldr r0, [r0]\n"
335 "bl log_capt_seq2\n"
336 #endif
337 " ldr r0, [sp]\n"
338 " ldr r1, [r0, #4]\n"
339 " ldr r0, [r5, #4]\n"
340 " blx sub_fc2c7cc8\n"
341 " ldr r7, [sp]\n"
342 " ldr r0, [r7, #8]\n"
343 " cbnz r0, loc_fc0648ac\n"
344 " movw r2, #0x12b\n"
345 " ldr r1, =0xfc064364\n"
346 " movs r0, #0\n"
347 " blx sub_fc2c7de0\n"
348 "loc_fc0648ac:\n"
349 " str r6, [r7, #8]\n"
350 " b loc_fc0646ba\n"
351 ".ltorg\n"
352 );
353 }
354
355
356 void __attribute__((naked,noinline)) sub_fc07b6ba_my() {
357 asm volatile (
358 " push {r3, r4, r5, r6, r7, lr}\n"
359 " bl sub_fc07fa84\n"
360 " mov r4, r0\n"
361 " movs r0, #0xc\n"
362 " bl sub_fc29dbf4\n"
363 " ldr r6, =0x00014684\n"
364 " lsls r0, r0, #0x1f\n"
365 " mov.w r5, #1\n"
366 " bne loc_fc07b758\n"
367 " movs r2, #2\n"
368 " mov r1, sp\n"
369 " movw r0, #0x110\n"
370 " bl _GetPropertyCase\n"
371 " lsls r0, r0, #0x1f\n"
372 " beq loc_fc07b6ee\n"
373 " movs r0, #0\n"
374 " movw r2, #0x17d\n"
375 " ldr r1, =0xfc07b838\n"
376 " blx sub_fc2c7de0\n"
377 "loc_fc07b6ee:\n"
378 " ldrsh.w r0, [sp]\n"
379 " bl sub_fc0b2f18\n"
380 " bl sub_fc0b2d2e\n"
381 " cmp r0, #1\n"
382 " bls loc_fc07b75c\n"
383 " movs r0, #0\n"
384 " bl sub_fc0b2de6\n"
385 " bl sub_fc0a8f60\n"
386 " bl sub_fc073cb0\n"
387 " bl sub_fc082184\n"
388 " mov r1, r4\n"
389
390 "bl captseq_raw_addr_init_my\n"
391 " movs r2, #4\n"
392 " movw r0, #0x116\n"
393 " add.w r1, r4, #0x58\n"
394 " bl _SetPropertyCase\n"
395 " movs r2, #4\n"
396 " movs r0, #0x30\n"
397 " add.w r1, r4, #0x5c\n"
398 " bl _SetPropertyCase\n"
399 " movs r2, #4\n"
400 " movs r0, #0x44\n"
401 " add.w r1, r4, #8\n"
402 " bl _SetPropertyCase\n"
403 " bl sub_fc080b66\n"
404 " mvn r1, #0x1000\n"
405 " blx sub_fc2c7dc8\n"
406 " mov r0, r4\n"
407 " bl sub_fc07b29a\n"
408 " mov r0, r4\n"
409
410 " bl sub_fc083ab0_my\n"
411 " lsls r0, r0, #0x1f\n"
412 " beq loc_fc07b75a\n"
413 "loc_fc07b758:\n"
414 " str r5, [r6]\n"
415 "loc_fc07b75a:\n"
416 " pop {r3, r4, r5, r6, r7, pc}\n"
417 "loc_fc07b75c:\n"
418 " bl sub_fc079a26\n"
419 " bl sub_fc29dc2c\n"
420 " pop {r3, r4, r5, r6, r7, pc}\n"
421 ".ltorg\n"
422 );
423 }
424
425
426 void __attribute__((naked,noinline)) sub_fc07b4ee_my() {
427 asm volatile (
428 " push {r2, r3, r4, r5, r6, lr}\n"
429 " ldr r6, =0x00039e5c\n"
430 " mov r4, r0\n"
431 " movs r5, #0\n"
432 " ldr r0, [r6, #0x28]\n"
433 " cbz r0, loc_fc07b516\n"
434 " ldr r0, =0x00014684\n"
435 " ldr r0, [r0]\n"
436 " cbz r0, loc_fc07b502\n"
437 " movs r5, #0x1d\n"
438 "loc_fc07b502:\n"
439 " mov r2, r4\n"
440 " movs r1, #2\n"
441 " mov r0, r5\n"
442 " bl sub_fc079cf0\n"
443 " mov r1, r5\n"
444 " mov r0, r4\n"
445 " bl sub_fc080e1a\n"
446 " b loc_fc07b6b4\n"
447 "loc_fc07b516:\n"
448 " bl sub_fc082184\n"
449 " mov r1, r4\n"
450
451 "bl captseq_raw_addr_init_my\n"
452 " movs r2, #4\n"
453 " movw r0, #0x116\n"
454 " add.w r1, r4, #0x58\n"
455 " bl _SetPropertyCase\n"
456 " movs r2, #4\n"
457 " movs r0, #0x30\n"
458 " add.w r1, r4, #0x5c\n"
459 " bl _SetPropertyCase\n"
460 " ldr.w r0, [r6, #0x10c]\n"
461 " cbnz r0, loc_fc07b550\n"
462 " ldrh.w r0, [r6, #0x1a2]\n"
463 " cmp r0, #3\n"
464 " beq loc_fc07b556\n"
465 " ldr r0, [r4, #8]\n"
466 " cmp r0, #1\n"
467 " bhi loc_fc07b566\n"
468 " b loc_fc07b556\n"
469 "loc_fc07b550:\n"
470 " ldr r0, [r4, #0xc]\n"
471 " cmp r0, #1\n"
472 " bne loc_fc07b566\n"
473 "loc_fc07b556:\n"
474 " movs r0, #0xc\n"
475 " bl sub_fc29dbf4\n"
476 " lsls r0, r0, #0x1f\n"
477 " beq loc_fc07b566\n"
478 " bl sub_fc079a26\n"
479 " movs r5, #1\n"
480 "loc_fc07b566:\n"
481 " lsls r0, r5, #0x1f\n"
482 " bne loc_fc07b668\n"
483 " ldr.w r0, [r6, #0xec]\n"
484 " cbz r0, loc_fc07b58a\n"
485 " ldrh.w r0, [r6, #0x1a2]\n"
486 " cmp r0, #3\n"
487 " beq loc_fc07b57e\n"
488 " ldr r0, [r4, #8]\n"
489 " cmp r0, #1\n"
490 " bhi loc_fc07b5ca\n"
491 "loc_fc07b57e:\n"
492 " ldr.w r0, [r6, #0x10c]\n"
493 " cbz r0, loc_fc07b58a\n"
494 " ldr r0, [r4, #0xc]\n"
495 " cmp r0, #1\n"
496 " bhi loc_fc07b5ca\n"
497 "loc_fc07b58a:\n"
498 " movs r2, #2\n"
499 " movw r0, #0x110\n"
500 " add r1, sp, #4\n"
501 " bl _GetPropertyCase\n"
502 " lsls r0, r0, #0x1f\n"
503 " beq loc_fc07b5a4\n"
504 " movs r2, #0xcd\n"
505 " movs r0, #0\n"
506 " ldr r1, =0xfc07b838\n"
507 " blx sub_fc2c7de0\n"
508 "loc_fc07b5a4:\n"
509 " ldrsh.w r0, [sp, #4]\n"
510 " bl sub_fc0b2f18\n"
511 " bl sub_fc0b2d2e\n"
512 " cmp r0, #1\n"
513 " bls loc_fc07b5bc\n"
514 " movs r0, #0\n"
515 " bl sub_fc0b2de6\n"
516 " b loc_fc07b5ca\n"
517 "loc_fc07b5bc:\n"
518 " bl sub_fc079a26\n"
519 " bl sub_fc29dc2c\n"
520 " movs r5, #1\n"
521 " lsls r0, r5, #0x1f\n"
522 " bne loc_fc07b6a2\n"
523 "loc_fc07b5ca:\n"
524 " mov r0, r4\n"
525 " bl sub_fc07bf5a\n"
526 " mov r5, r0\n"
527 " lsls r0, r0, #0x1f\n"
528 " bne loc_fc07b6a2\n"
529 " bl sub_fc080b66\n"
530 " mvn r1, #0x1000\n"
531 " blx sub_fc2c7dc8\n"
532 " mov r0, r4\n"
533 " bl sub_fc07d3c6\n"
534 " mov r5, r0\n"
535 " lsls r0, r0, #0x1f\n"
536 " bne loc_fc07b6a2\n"
537 " bl sub_fc0a8f60\n"
538 " bl sub_fc073cb0\n"
539 " mov r0, r4\n"
540 " bl sub_fc07b29a\n"
541 " ldr.w r0, [r6, #0x130]\n"
542 " cbnz r0, loc_fc07b610\n"
543 " ldrh.w r0, [r6, #0x1a2]\n"
544 " cmp r0, #3\n"
545 " beq loc_fc07b610\n"
546 " ldr r0, [r4, #8]\n"
547 " cmp r0, #1\n"
548 " bhi loc_fc07b616\n"
549 "loc_fc07b610:\n"
550 " movs r0, #2\n"
551 " bl sub_fc074942\n"
552 "loc_fc07b616:\n"
553 " ldr.w r0, [r6, #0xa8]\n"
554 " cmp r0, #0\n"
555 " beq loc_fc07b68c\n"
556 " ldrh.w r0, [r6, #0x1a2]\n"
557 " movw r5, #0x1000\n"
558 " cmp r0, #3\n"
559 " beq loc_fc07b646\n"
560 " ldr r0, [r4, #8]\n"
561 " cmp r0, #1\n"
562 " bls loc_fc07b646\n"
563 " bl sub_fc080b66\n"
564 " movw r3, #0x119\n"
565 " movw r2, #0x3a98\n"
566 " mov r1, r5\n"
567 " str r3, [sp]\n"
568 " ldr r3, =0xfc07b838\n"
569 " bl sub_fc29dda4\n"
570 "loc_fc07b646:\n"
571 " movs r2, #4\n"
572 " movw r0, #0x188\n"
573 " add r1, sp, #4\n"
574 " bl _GetPropertyCase\n"
575 " lsls r0, r0, #0x1f\n"
576 " beq loc_fc07b662\n"
577 " movs r0, #0\n"
578 " movw r2, #0x11d\n"
579 " ldr r1, =0xfc07b838\n"
580 " blx sub_fc2c7de0\n"
581 "loc_fc07b662:\n"
582 " ldr r0, [sp, #4]\n"
583 " cbnz r0, loc_fc07b676\n"
584 " b loc_fc07b66a\n"
585 "loc_fc07b668:\n"
586 " b loc_fc07b6a2\n"
587 "loc_fc07b66a:\n"
588 " bl sub_fc080b66\n"
589 " mov r1, r5\n"
590 " blx sub_fc2c7cc8\n"
591 " b loc_fc07b68c\n"
592 "loc_fc07b676:\n"
593 " bl sub_fc080b66\n"
594 " mov r1, r5\n"
595 " blx sub_fc2c7dc8\n"
596 " ldr r2, =0xfc07b4dd\n"
597 " mov r3, r5\n"
598 " ldr r0, [sp, #4]\n"
599 " mov r1, r2\n"
600 " bl sub_fc326ef8\n"
601 "loc_fc07b68c:\n"
602 " ldr.w r0, [r6, #0xb4]\n"
603 " cmp r0, #0\n"
604 " mov r0, r4\n"
605 " beq loc_fc07b69c\n"
606 " bl sub_fc083f42\n"
607 " b loc_fc07b6b4\n"
608 "loc_fc07b69c:\n"
609 " bl sub_fc083ab0_my\n"
610 " b loc_fc07b6b4\n"
611 "loc_fc07b6a2:\n"
612 " movs r1, #2\n"
613 " mov r2, r4\n"
614 " mov r0, r5\n"
615 " bl sub_fc079cf0\n"
616 " mov r1, r5\n"
617 " mov r0, r4\n"
618 " bl sub_fc080f50\n"
619 "loc_fc07b6b4:\n"
620 " movs r0, #0\n"
621 " str r0, [r6, #0x28]\n"
622 " pop {r2, r3, r4, r5, r6, pc}\n"
623 ".ltorg\n"
624 );
625 }
626
627 #ifdef CAPTSEQ_DEBUG_LOG
628 void log_nr_call(void) {
629 _LogCameraEvent(0x60,"nr hook %d",_nrflag);
630 }
631 void log_remote_hook(void) {
632 _LogCameraEvent(0x60,"remote hook");
633 }
634 void log_rh(void) {
635 _LogCameraEvent(0x60,"raw hook rb:0x%08x rbc:0x%08x",hook_raw_image_addr(),current_raw_addr);
636 }
637 #endif
638
639
640 void __attribute__((naked,noinline)) sub_fc083ab0_my() {
641 asm volatile (
642 " push.w {r1, r2, r3, r4, r5, r6, r7, r8, sb, lr}\n"
643 " ldr r7, =0x00039e5c\n"
644 " mov r4, r0\n"
645 " ldr.w r0, [r7, #0x16c]\n"
646 " cbz r0, loc_fc083acc\n"
647 " ldrh.w r0, [r7, #0x1a2]\n"
648 " cmp r0, #3\n"
649 " beq loc_fc083acc\n"
650 " ldr r0, [r4, #8]\n"
651 " cmp r0, #1\n"
652 " bhi loc_fc083ad6\n"
653 "loc_fc083acc:\n"
654 " mov r0, r4\n"
655 " bl sub_fc07b230\n"
656 " bl sub_fc07bc88\n"
657 "loc_fc083ad6:\n"
658 " ldr.w r0, [r7, #0xa4]\n"
659 " cbnz r0, loc_fc083af2\n"
660 " ldrh.w r0, [r7, #0x1a2]\n"
661 " cmp r0, #3\n"
662 " beq loc_fc083aea\n"
663 " ldr r0, [r4, #8]\n"
664 " cmp r0, #1\n"
665 " bhi loc_fc083af2\n"
666 "loc_fc083aea:\n"
667 " bl sub_fc0740a6\n"
668 " bl sub_fc07b86a\n"
669 "loc_fc083af2:\n"
670 " movs r2, #4\n"
671 " movw r0, #0x137\n"
672 " add r1, sp, #8\n"
673 " bl _GetPropertyCase\n"
674 " lsls r0, r0, #0x1f\n"
675 " beq loc_fc083b0e\n"
676 " movs r0, #0\n"
677 " movw r2, #0x150\n"
678 " ldr r1, =0xfc083e94\n"
679 " blx sub_fc2c7de0\n"
680 "loc_fc083b0e:\n"
681 " ldr r0, [sp, #8]\n"
682 " ubfx r0, r0, #8, #8\n"
683 " cmp r0, #6\n"
684 " bne loc_fc083b1e\n"
685 " ldr r0, =0xfc083a79\n"
686 " movs r1, #0\n"
687 " b loc_fc083b22\n"
688 "loc_fc083b1e:\n"
689 " ldr r0, =0xfc07ae63\n"
690 " mov r1, r4\n"
691 "loc_fc083b22:\n"
692 " bl sub_fc0b8fc8\n"
693 " movs r2, #2\n"
694 " movw r0, #0x112\n"
695 " add r1, sp, #4\n"
696 " bl _GetPropertyCase\n"
697 " lsls r0, r0, #0x1f\n"
698 " beq loc_fc083b42\n"
699 " movs r0, #0\n"
700 " movw r2, #0x159\n"
701 " ldr r1, =0xfc083e94\n"
702 " blx sub_fc2c7de0\n"
703 "loc_fc083b42:\n"
704 " ldr.w r0, [r7, #0x18c]\n"
705 " cbz r0, loc_fc083b4c\n"
706 " bl sub_fc07b168\n"
707 "loc_fc083b4c:\n"
708 " movs r0, #0\n"
709 " bl sub_fc0743b6\n"
710 "bl capt_seq_hook_set_nr\n"
711 #ifdef CAPTSEQ_DEBUG_LOG
712 "bl log_nr_call\n"
713 #endif
714 " mov r0, r4\n"
715 " bl sub_fc07b360\n"
716 " ldr r1, =0x000219e4\n"
717 " movs r2, #4\n"
718 " movs r0, #0x90\n"
719 " bl _GetPropertyCase\n"
720 " lsls r0, r0, #0x1f\n"
721 " beq loc_fc083b72\n"
722 " movs r0, #0\n"
723 " movw r2, #0x16e\n"
724 " ldr r1, =0xfc083e94\n"
725 " blx sub_fc2c7de0\n"
726 "loc_fc083b72:\n"
727 " bl sub_fc074470\n"
728 " bl sub_fc07b3f2\n"
729 " movs r1, #0\n"
730 " mov r0, r4\n"
731 " bl sub_fc083a7a\n"
732 " mov r6, r0\n"
733 " BL wait_until_remote_button_is_released\n"
734 #ifdef CAPTSEQ_DEBUG_LOG
735 "bl log_remote_hook\n"
736 #endif
737 " ldr r0, [sp, #8]\n"
738 " ubfx r0, r0, #8, #8\n"
739 " cmp r0, #6\n"
740 " bne loc_fc083b92\n"
741 " ldr r2, =0xfc07b137\n"
742 " b loc_fc083b94\n"
743 "loc_fc083b92:\n"
744 " ldr r2, =0xfc07b14d\n"
745 "loc_fc083b94:\n"
746 " ldrh r0, [r4, #0x18]\n"
747 " ldr r5, =0x000219e4\n"
748 " cbz r0, loc_fc083ba2\n"
749 " cmp r0, #1\n"
750 " beq loc_fc083bb8\n"
751 " cmp r0, #4\n"
752 " bne loc_fc083c1e\n"
753 "loc_fc083ba2:\n"
754 " str r6, [sp]\n"
755 " mov r3, r2\n"
756 " ldr r1, [r4, #0x5c]\n"
757 " mov r0, r4\n"
758 " ldr r2, [r5]\n"
759 " bl sub_fc07ac8e\n"
760 " mov r5, r0\n"
761 " bl sub_fc13400e\n"
762 " b loc_fc083c2c\n"
763 "loc_fc083bb8:\n"
764 " str r6, [sp]\n"
765 " mov r3, r2\n"
766 " ldr r1, [r4, #0x5c]\n"
767 " mov r8, r5\n"
768 " ldr r2, [r5]\n"
769 " mov r0, r4\n"
770 " bl sub_fc07acf8\n"
771 " movs r2, #1\n"
772 " mov r5, r0\n"
773 " movs r1, #0\n"
774 " movs r0, #0x45\n"
775 " bl sub_fc268ca4\n"
776 " lsls r0, r5, #0x1f\n"
777 " bne loc_fc083c2c\n"
778 " ldr.w r0, [r7, #0x100]\n"
779 " cbz r0, loc_fc083bee\n"
780 " ldr r1, [r4, #8]\n"
781 " ldr r2, =0x001d7f7c\n"
782 " ldr r0, [r4, #0x5c]\n"
783 " add.w r1, r2, r1, lsl #2\n"
784 " str r0, [r1, #-0x4]\n"
785 " b loc_fc083c18\n"
786 "loc_fc083bee:\n"
787 " ldr r0, =0xfc083a79\n"
788 " movs r1, #0\n"
789 " bl sub_fc0b8fc8\n"
790 " movs r1, #1\n"
791 " mov r0, r4\n"
792 " bl sub_fc083a7a\n"
793 " mov r6, r0\n"
794 " ldr.w r0, [r8]\n"
795 " mov r5, r8\n"
796 " bl sub_fc07b1d2\n"
797 " ldr r1, [r4, #0x5c]\n"
798 " mov r3, r6\n"
799 " ldr r2, [r5]\n"
800 " mov r0, r4\n"
801 " bl sub_fc07ad70\n"
802 " mov r5, r0\n"
803 "loc_fc083c18:\n"
804 " bl sub_fc07ac38\n"
805 " b loc_fc083c2c\n"
806 "loc_fc083c1e:\n"
807 " movs r0, #0\n"
808 " movw r2, #0x1a7\n"
809 " ldr r1, =0xfc083e94\n"
810 " blx sub_fc2c7de0\n"
811 " movs r5, #0x1d\n"
812 "loc_fc083c2c:\n"
813 " bl sub_fc07b3f6\n"
814 " ldr.w r8, =0xfc083a79\n"
815 " lsls r0, r5, #0x1f\n"
816 " bne loc_fc083c88\n"
817 " ldr.w r0, [r7, #0x108]\n"
818 " cbnz r0, loc_fc083c54\n"
819 " mov r0, r4\n"
820 " bl sub_fc08107a\n"
821 " lsls r0, r0, #0x1f\n"
822 " beq loc_fc083c54\n"
823 " movs r0, #0\n"
824 " movw r2, #0x1cd\n"
825 " ldr r1, =0xfc083e94\n"
826 " blx sub_fc2c7de0\n"
827 "loc_fc083c54:\n"
828 #ifdef CAPTSEQ_DEBUG_LOG
829 "bl log_rh\n"
830 #endif
831 " BL capt_seq_hook_raw_here\n"
832 " BL clear_current_raw_addr\n"
833 " mov r0, r4\n"
834 " bl sub_fc07b3e2\n"
835 " mov r0, r4\n"
836 " bl sub_fc07b3b6\n"
837 " cmp r6, r8\n"
838 " beq loc_fc083c88\n"
839 " bl sub_fc080b66\n"
840 " movs r1, #4\n"
841 " movw sb, #0x1da\n"
842 " ldr r3, =0xfc083e94\n"
843 " movw r2, #0x3a98\n"
844 " str.w sb, [sp]\n"
845 " bl sub_fc29dda4\n"
846 " cbz r0, loc_fc083c88\n"
847 " movs r0, #0\n"
848 " mov r2, sb\n"
849 " ldr r1, =0xfc083e94\n"
850 " blx sub_fc2c7de0\n"
851 "loc_fc083c88:\n"
852 " ldr.w r0, [r7, #0x18c]\n"
853 " cbz r0, loc_fc083c98\n"
854 " movs r2, #1\n"
855 " movs r1, #0\n"
856 " movs r0, #0x46\n"
857 " bl sub_fc268ca4\n"
858 "loc_fc083c98:\n"
859 " movs r1, #2\n"
860 " mov r2, r4\n"
861 " mov r0, r5\n"
862 " bl sub_fc079cf0\n"
863 " ldr r0, [r7, #0x28]\n"
864 " cmp r0, #0\n"
865 " mov r0, r8\n"
866 " beq loc_fc083cbe\n"
867 " cmp r6, r0\n"
868 " beq loc_fc083cb2\n"
869 " movs r1, #1\n"
870 " b loc_fc083cb4\n"
871 "loc_fc083cb2:\n"
872 " movs r1, #0\n"
873 "loc_fc083cb4:\n"
874 " mov r2, r5\n"
875 " mov r0, r4\n"
876 " bl sub_fc080dd8\n"
877 " b loc_fc083cd0\n"
878 "loc_fc083cbe:\n"
879 " cmp r6, r0\n"
880 " beq loc_fc083cc6\n"
881 " movs r1, #1\n"
882 " b loc_fc083cc8\n"
883 "loc_fc083cc6:\n"
884 " movs r1, #0\n"
885 "loc_fc083cc8:\n"
886 " mov r2, r5\n"
887 " mov r0, r4\n"
888 " bl sub_fc080d92\n"
889 "loc_fc083cd0:\n"
890 " mov r0, r5\n"
891 " pop.w {r1, r2, r3, r4, r5, r6, r7, r8, sb, pc}\n"
892 ".ltorg\n"
893 );
894 }
895
896
897
898
899
900 void __attribute__((naked,noinline)) exp_drv_task() {
901 asm volatile (
902 " push.w {r4, r5, r6, r7, r8, sb, sl, fp, lr}\n"
903 " sub sp, #0x2c\n"
904 " ldr.w sb, =0x0000d7a4\n"
905 " ldr.w sl, =0xfffff400\n"
906 " movs r0, #0\n"
907 " ldr r6, =0x0005c174\n"
908 " add.w r8, sp, #0x1c\n"
909 " movw fp, #0xbb8\n"
910 " str r0, [sp, #0xc]\n"
911 "loc_fc286556:\n"
912 " ldr.w r0, [sb, #0x20]\n"
913 " movs r2, #0\n"
914 " add r1, sp, #0x28\n"
915 " mov r4, sb\n"
916 " blx sub_fc2c7ca0\n"
917 " ldr r0, [sp, #0xc]\n"
918 " cmp r0, #1\n"
919 " bne loc_fc28658e\n"
920 " ldr r0, [sp, #0x28]\n"
921 " ldr r0, [r0]\n"
922 " cmp r0, #0x15\n"
923 "loc_fc286570:\n"
924 " beq loc_fc286670\n"
925 " cmp r0, #0x16\n"
926 " beq loc_fc286570\n"
927 " cmp r0, #0x17\n"
928 " beq loc_fc286570\n"
929 " cmp r0, #0x18\n"
930 " beq loc_fc286570\n"
931 " cmp r0, #0x19\n"
932 " beq loc_fc286680\n"
933 " cmp r0, #0x30\n"
934 " beq loc_fc28662a\n"
935 " movs r0, #0\n"
936 " add r1, sp, #0xc\n"
937 " bl sub_fc2864f6\n"
938 "loc_fc28658e:\n"
939 " ldr r0, [sp, #0x28]\n"
940 " ldr r1, [r0]\n"
941 " cmp r1, #0x38\n"
942 " bne loc_fc2865ac\n"
943 " bl sub_fc287448\n"
944 " ldr.w r0, [sb, #0x1c]\n"
945 " movs r1, #1\n"
946 " blx sub_fc2c7cc8\n"
947 " blx sub_fc2c7cf8\n"
948 " add sp, #0x2c\n"
949
950 " pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc}\n"
951 "loc_fc2865ac:\n"
952 " cmp r1, #0x37\n"
953 " bne loc_fc2865be\n"
954 " add.w r0, r0, #0xac\n"
955 " ldrd r2, r1, [r0]\n"
956 " mov r0, r1\n"
957 " blx r2\n"
958 " b loc_fc2869d2\n"
959 "loc_fc2865be:\n"
960 " cmp r1, #0x2e\n"
961 " bne loc_fc2865f4\n"
962 " ldr r0, [r4, #0x1c]\n"
963 " movs r1, #0x80\n"
964 " blx sub_fc2c7dc8\n"
965 " ldr r0, =0xfc28235d\n"
966 " movs r1, #0x80\n"
967 " bl sub_fc0d727a\n"
968 " ldr r0, [r4, #0x1c]\n"
969 " movs r1, #0x80\n"
970 " mov r2, fp\n"
971 " blx sub_fc2c7cd0\n"
972 " lsls r0, r0, #0x1f\n"
973 " beq loc_fc2865e6\n"
974 " movw r2, #0x199e\n"
975 " b loc_fc286676\n"
976 "loc_fc2865e6:\n"
977 " ldr r1, [sp, #0x28]\n"
978 " add.w r1, r1, #0xac\n"
979 " ldrd r1, r0, [r1]\n"
980 " blx r1\n"
981 " b loc_fc2869d2\n"
982 "loc_fc2865f4:\n"
983 " cmp r1, #0x2f\n"
984 " bne loc_fc286626\n"
985 " add r1, sp, #0xc\n"
986 " bl sub_fc2864f6\n"
987 " movw r5, #0x100\n"
988 " ldr r0, [r4, #0x1c]\n"
989 " mov r1, r5\n"
990 " blx sub_fc2c7dc8\n"
991 " ldr r0, =0xfc282367\n"
992 " mov r1, r5\n"
993 " bl sub_fc0d7c18\n"
994 " ldr r0, [r4, #0x1c]\n"
995 " mov r2, fp\n"
996 " mov r1, r5\n"
997 " blx sub_fc2c7cd0\n"
998 " lsls r0, r0, #0x1f\n"
999 " beq loc_fc2865e6\n"
1000 " movw r2, #0x19a8\n"
1001 " b loc_fc286676\n"
1002 "loc_fc286626:\n"
1003 " cmp r1, #0x30\n"
1004 " bne loc_fc286634\n"
1005 "loc_fc28662a:\n"
1006 " ldr r0, [sp, #0x28]\n"
1007 " add r1, sp, #0xc\n"
1008 " bl sub_fc2864f6\n"
1009 " b loc_fc2865e6\n"
1010 "loc_fc286634:\n"
1011 " cmp r1, #0x35\n"
1012 " bne loc_fc286646\n"
1013 " bl sub_fc3a0e74\n"
1014 " bl sub_fc130f3c\n"
1015 " bl sub_fc130c1e\n"
1016 " b loc_fc2865e6\n"
1017 "loc_fc286646:\n"
1018 " cmp r1, #0x36\n"
1019 " bne loc_fc286680\n"
1020 " ldr r0, [r4, #0x1c]\n"
1021 " movs r1, #4\n"
1022 " blx sub_fc2c7dc8\n"
1023 " ldr r1, =0xfc28237b\n"
1024 " movs r2, #4\n"
1025 " mov r0, sl\n"
1026 " bl sub_fc28749a\n"
1027 " bl sub_fc3a0bd6\n"
1028 " ldr r0, [r4, #0x1c]\n"
1029 " movs r1, #4\n"
1030 " mov r2, fp\n"
1031 " blx sub_fc2c7dd0\n"
1032 " lsls r0, r0, #0x1f\n"
1033 " beq loc_fc2865e6\n"
1034 " b loc_fc286672\n"
1035 "loc_fc286670:\n"
1036 " b loc_fc286680\n"
1037 "loc_fc286672:\n"
1038 " movw r2, #0x1a84\n"
1039 "loc_fc286676:\n"
1040 " ldr r1, =0xfc282b80\n"
1041 " movs r0, #0\n"
1042 " blx sub_fc2c7de0\n"
1043 " b loc_fc2865e6\n"
1044 "loc_fc286680:\n"
1045 " ldr r0, [sp, #0x28]\n"
1046 " movs r5, #1\n"
1047 " ldr r1, [r0]\n"
1048 " cmp r1, #0x13\n"
1049 " beq loc_fc28668e\n"
1050 " cmp r1, #0x14\n"
1051 " bne loc_fc2866cc\n"
1052 "loc_fc28668e:\n"
1053 " ldr.w r1, [r0, #0x94]\n"
1054 " mov r4, r8\n"
1055 " add.w r1, r1, r1, lsl #1\n"
1056 " add.w r1, r0, r1, lsl #2\n"
1057 " subs r1, #8\n"
1058 " ldm r1!, {r2, r3, r7}\n"
1059 " stm r4!, {r2, r3, r7}\n"
1060 " bl sub_fc284dfa\n"
1061 " ldr r0, [sp, #0x28]\n"
1062 " add.w r0, r0, #0x94\n"
1063 " ldrd r3, r2, [r0, #0x18]\n"
1064 " ldr r1, [r0]\n"
1065 " sub.w r0, r0, #0x90\n"
1066 " blx r3\n"
1067 " ldr r0, [sp, #0x28]\n"
1068 " bl sub_fc2876b2\n"
1069 " ldr r0, [sp, #0x28]\n"
1070 " add.w r0, r0, #0x94\n"
1071 " ldr r1, [r0]\n"
1072 " ldrd r3, r2, [r0, #0x20]\n"
1073 " b loc_fc2868f8\n"
1074 "loc_fc2866cc:\n"
1075 " cmp r1, #0x15\n"
1076 " beq loc_fc2866e0\n"
1077 " cmp r1, #0x16\n"
1078 " beq loc_fc2866e0\n"
1079 " cmp r1, #0x17\n"
1080 " beq loc_fc2866e0\n"
1081 " cmp r1, #0x18\n"
1082 " beq loc_fc2866e0\n"
1083 " cmp r1, #0x19\n"
1084 " bne loc_fc286752\n"
1085 "loc_fc2866e0:\n"
1086 " add r3, sp, #0xc\n"
1087 " mov r2, sp\n"
1088 " add r1, sp, #0x1c\n"
1089 " bl sub_fc284fca\n"
1090 " cmp r0, #1\n"
1091 " mov r4, r0\n"
1092 " beq loc_fc2866f4\n"
1093 " cmp r4, #5\n"
1094 " bne loc_fc28670a\n"
1095 "loc_fc2866f4:\n"
1096 " ldr r0, [sp, #0x28]\n"
1097 " mov r2, r4\n"
1098 " add.w r0, r0, #0x94\n"
1099 " ldrd r7, r3, [r0, #0x18]\n"
1100 " ldr r1, [r0]\n"
1101 " sub.w r0, r0, #0x90\n"
1102 " blx r7\n"
1103 " b loc_fc286730\n"
1104 "loc_fc28670a:\n"
1105 " cmp r4, #2\n"
1106 " beq loc_fc286712\n"
1107 " cmp r4, #6\n"
1108 " bne loc_fc28673c\n"
1109 "loc_fc286712:\n"
1110 " ldr r0, [sp, #0x28]\n"
1111 " mov r2, r4\n"
1112 " add.w r0, r0, #0x94\n"
1113 " ldrd r7, r3, [r0, #0x18]\n"
1114 " ldr r1, [r0]\n"
1115 " sub.w r0, r0, #0x90\n"
1116 " blx r7\n"
1117 " ldr r0, [sp, #0x28]\n"
1118 " add r1, sp, #0x1c\n"
1119 " mov r2, sp\n"
1120 " bl sub_fc286284\n"
1121 "loc_fc286730:\n"
1122 " ldr r2, [sp, #0xc]\n"
1123 " mov r1, r4\n"
1124 " ldr r0, [sp, #0x28]\n"
1125 " bl sub_fc2864a6\n"
1126 " b loc_fc2868fe\n"
1127 "loc_fc28673c:\n"
1128 " ldr r0, [sp, #0x28]\n"
1129 " mov r2, r4\n"
1130 " add.w r0, r0, #0x94\n"
1131 " ldrd r7, r3, [r0, #0x18]\n"
1132 " ldr r1, [r0]\n"
1133 " sub.w r0, r0, #0x90\n"
1134 " blx r7\n"
1135 " b loc_fc2868fe\n"
1136 "loc_fc286752:\n"
1137 " cmp r1, #0x2a\n"
1138 " beq loc_fc28675a\n"
1139 " cmp r1, #0x2b\n"
1140 " bne loc_fc28678c\n"
1141 "loc_fc28675a:\n"
1142 " ldr.w r1, [r0, #0x94]\n"
1143 " mov r4, r8\n"
1144 " add.w r1, r1, r1, lsl #1\n"
1145 " add.w r1, r0, r1, lsl #2\n"
1146 " subs r1, #8\n"
1147 " ldm r1!, {r2, r3, r7}\n"
1148 " stm r4!, {r2, r3, r7}\n"
1149 " bl sub_fc283f2e\n"
1150 " ldr r0, [sp, #0x28]\n"
1151 " add.w r0, r0, #0x94\n"
1152 " ldrd r3, r2, [r0, #0x18]\n"
1153 " ldr r1, [r0]\n"
1154 " sub.w r0, r0, #0x90\n"
1155 " blx r3\n"
1156 " ldr r0, [sp, #0x28]\n"
1157 " bl sub_fc284318\n"
1158 " b loc_fc2868fe\n"
1159 "loc_fc28678c:\n"
1160 " adds r1, r0, #4\n"
1161 " mov r4, r8\n"
1162 " ldm r1!, {r2, r3, r7}\n"
1163 " stm r4!, {r2, r3, r7}\n"
1164 " ldr r1, [r0]\n"
1165 " cmp r1, #0x2e\n"
1166 " bhs loc_fc2867d0\n"
1167 " tbb [pc, r1]\n"
1168 "branchtable_fc28679e:\n"
1169 " .byte((loc_fc2867cc - branchtable_fc28679e) / 2)\n"
1170 " .byte((loc_fc2867cc - branchtable_fc28679e) / 2)\n"
1171 " .byte((loc_fc2867d2 - branchtable_fc28679e) / 2)\n"
1172 " .byte((loc_fc2867d8 - branchtable_fc28679e) / 2)\n"
1173 " .byte((loc_fc2867d8 - branchtable_fc28679e) / 2)\n"
1174 " .byte((loc_fc2867d8 - branchtable_fc28679e) / 2)\n"
1175 " .byte((loc_fc2867cc - branchtable_fc28679e) / 2)\n"
1176 " .byte((loc_fc2867d2 - branchtable_fc28679e) / 2)\n"
1177 " .byte((loc_fc2867d8 - branchtable_fc28679e) / 2)\n"
1178 " .byte((loc_fc2867d8 - branchtable_fc28679e) / 2)\n"
1179 " .byte((loc_fc286814 - branchtable_fc28679e) / 2)\n"
1180 " .byte((loc_fc286814 - branchtable_fc28679e) / 2)\n"
1181 " .byte((loc_fc286814 - branchtable_fc28679e) / 2)\n"
1182 " .byte((loc_fc2868dc - branchtable_fc28679e) / 2)\n"
1183 " .byte((loc_fc2868e2 - branchtable_fc28679e) / 2)\n"
1184 " .byte((loc_fc2868e2 - branchtable_fc28679e) / 2)\n"
1185 " .byte((loc_fc2868e2 - branchtable_fc28679e) / 2)\n"
1186 " .byte((loc_fc2868e2 - branchtable_fc28679e) / 2)\n"
1187 " .byte((loc_fc2868e8 - branchtable_fc28679e) / 2)\n"
1188 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1189 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1190 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1191 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1192 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1193 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1194 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1195 " .byte((loc_fc2867de - branchtable_fc28679e) / 2)\n"
1196 " .byte((loc_fc2867e4 - branchtable_fc28679e) / 2)\n"
1197 " .byte((loc_fc2867e4 - branchtable_fc28679e) / 2)\n"
1198 " .byte((loc_fc2867e4 - branchtable_fc28679e) / 2)\n"
1199 " .byte((loc_fc28681c - branchtable_fc28679e) / 2)\n"
1200 " .byte((loc_fc28681c - branchtable_fc28679e) / 2)\n"
1201 " .byte((loc_fc28681c - branchtable_fc28679e) / 2)\n"
1202 " .byte((loc_fc28681c - branchtable_fc28679e) / 2)\n"
1203 " .byte((loc_fc286822 - branchtable_fc28679e) / 2)\n"
1204 " .byte((loc_fc28684c - branchtable_fc28679e) / 2)\n"
1205 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1206 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1207 " .byte((loc_fc286876 - branchtable_fc28679e) / 2)\n"
1208 " .byte((loc_fc2868a0 - branchtable_fc28679e) / 2)\n"
1209 " .byte((loc_fc2868ca - branchtable_fc28679e) / 2)\n"
1210 " .byte((loc_fc2868ca - branchtable_fc28679e) / 2)\n"
1211 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1212 " .byte((loc_fc2868ec - branchtable_fc28679e) / 2)\n"
1213 " .byte((loc_fc2868d0 - branchtable_fc28679e) / 2)\n"
1214 " .byte((loc_fc2868d6 - branchtable_fc28679e) / 2)\n"
1215 ".align 1\n"
1216 "loc_fc2867cc:\n"
1217 " bl sub_fc28291c\n"
1218 "loc_fc2867d0:\n"
1219 " b loc_fc2868ec\n"
1220 "loc_fc2867d2:\n"
1221 " bl sub_fc282ba6\n"
1222 " b loc_fc2868ec\n"
1223 "loc_fc2867d8:\n"
1224 " bl sub_fc282da0\n"
1225 " b loc_fc2868ec\n"
1226 "loc_fc2867de:\n"
1227 " bl sub_fc283040\n"
1228 " b loc_fc2868ec\n"
1229 "loc_fc2867e4:\n"
1230 " bl sub_fc2831f0\n"
1231 " b loc_fc2868ec\n"
1232
1233 ".ltorg\n"
1234 "loc_fc286814:\n"
1235 " bl sub_fc28361e_my\n"
1236 " movs r5, #0\n"
1237 " b loc_fc2868ec\n"
1238 "loc_fc28681c:\n"
1239 " bl sub_fc283718\n"
1240 " b loc_fc2868ec\n"
1241 "loc_fc286822:\n"
1242 " ldrh r1, [r0, #4]\n"
1243 " strh.w r1, [sp, #0x1c]\n"
1244 " ldrh r1, [r6, #2]\n"
1245 " strh.w r1, [sp, #0x1e]\n"
1246 " ldrh r1, [r6, #4]\n"
1247 " strh.w r1, [sp, #0x20]\n"
1248 " ldrh r1, [r6, #6]\n"
1249 " strh.w r1, [sp, #0x22]\n"
1250 " ldrh r1, [r0, #0xc]\n"
1251 " strh.w r1, [sp, #0x24]\n"
1252 " ldrh r1, [r6, #0xa]\n"
1253 " strh.w r1, [sp, #0x26]\n"
1254 " bl sub_fc283c7a\n"
1255 " b loc_fc2868ec\n"
1256 "loc_fc28684c:\n"
1257 " ldrh r1, [r0, #4]\n"
1258 " strh.w r1, [sp, #0x1c]\n"
1259 " ldrh r1, [r6, #2]\n"
1260 " strh.w r1, [sp, #0x1e]\n"
1261 " ldrh r1, [r6, #4]\n"
1262 " strh.w r1, [sp, #0x20]\n"
1263 " ldrh r1, [r6, #6]\n"
1264 " strh.w r1, [sp, #0x22]\n"
1265 " ldrh r1, [r6, #8]\n"
1266 " strh.w r1, [sp, #0x24]\n"
1267 " ldrh r1, [r6, #0xa]\n"
1268 " strh.w r1, [sp, #0x26]\n"
1269 " bl sub_fc287506\n"
1270 " b loc_fc2868ec\n"
1271 "loc_fc286876:\n"
1272 " ldrh r1, [r6]\n"
1273 " strh.w r1, [sp, #0x1c]\n"
1274 " ldrh r1, [r0, #6]\n"
1275 " strh.w r1, [sp, #0x1e]\n"
1276 " ldrh r1, [r6, #4]\n"
1277 " strh.w r1, [sp, #0x20]\n"
1278 " ldrh r1, [r6, #6]\n"
1279 " strh.w r1, [sp, #0x22]\n"
1280 " ldrh r1, [r6, #8]\n"
1281 " strh.w r1, [sp, #0x24]\n"
1282 " ldrh r1, [r6, #0xa]\n"
1283 " strh.w r1, [sp, #0x26]\n"
1284 " bl sub_fc28758c\n"
1285 " b loc_fc2868ec\n"
1286 "loc_fc2868a0:\n"
1287 " ldrh r1, [r6]\n"
1288 " strh.w r1, [sp, #0x1c]\n"
1289 " ldrh r1, [r6, #2]\n"
1290 " strh.w r1, [sp, #0x1e]\n"
1291 " ldrh r1, [r6, #4]\n"
1292 " strh.w r1, [sp, #0x20]\n"
1293 " ldrh r1, [r6, #6]\n"
1294 " strh.w r1, [sp, #0x22]\n"
1295 " ldrh r1, [r0, #0xc]\n"
1296 " strh.w r1, [sp, #0x24]\n"
1297 " ldrh r1, [r6, #0xa]\n"
1298 " strh.w r1, [sp, #0x26]\n"
1299 " bl sub_fc287644\n"
1300 " b loc_fc2868ec\n"
1301 "loc_fc2868ca:\n"
1302 " bl sub_fc283d58\n"
1303 " b loc_fc2868ec\n"
1304 "loc_fc2868d0:\n"
1305 " bl sub_fc2843e0\n"
1306 " b loc_fc2868ec\n"
1307 "loc_fc2868d6:\n"
1308 " bl sub_fc2847c0\n"
1309 " b loc_fc2868ec\n"
1310 "loc_fc2868dc:\n"
1311 " bl sub_fc2849d4\n"
1312 " b loc_fc2868ec\n"
1313 "loc_fc2868e2:\n"
1314 " bl sub_fc284b26\n"
1315 " b loc_fc2868ec\n"
1316 "loc_fc2868e8:\n"
1317 " bl sub_fc284c42\n"
1318 "loc_fc2868ec:\n"
1319 " ldr r0, [sp, #0x28]\n"
1320 " add.w r0, r0, #0x94\n"
1321 " ldrd r3, r2, [r0, #0x18]\n"
1322 " ldr r1, [r0]\n"
1323 "loc_fc2868f8:\n"
1324 " sub.w r0, r0, #0x90\n"
1325 " blx r3\n"
1326 "loc_fc2868fe:\n"
1327 " ldr r0, [sp, #0x28]\n"
1328 " ldr r0, [r0]\n"
1329 " cmp r0, #0x11\n"
1330 " beq loc_fc286922\n"
1331 " bgt loc_fc286916\n"
1332 " cmp r0, #1\n"
1333 " beq loc_fc286922\n"
1334 " cmp r0, #4\n"
1335 " beq loc_fc286922\n"
1336 " cmp r0, #0xf\n"
1337 " bne loc_fc286950\n"
1338 " b loc_fc286922\n"
1339 "loc_fc286916:\n"
1340 " cmp r0, #0x14\n"
1341 " beq loc_fc286922\n"
1342 " cmp r0, #0x19\n"
1343 " beq loc_fc286922\n"
1344 " cmp r0, #0x1c\n"
1345 " bne loc_fc286950\n"
1346 "loc_fc286922:\n"
1347 " ldrsh.w r1, [r6]\n"
1348 " mov r2, sl\n"
1349 " cmp r1, sl\n"
1350 " beq loc_fc286934\n"
1351 " ldrsh.w r0, [r6, #8]\n"
1352 " cmp r0, r2\n"
1353 " bne loc_fc286948\n"
1354 "loc_fc286934:\n"
1355 " add r0, sp, #0x10\n"
1356 " bl sub_fc3160ea\n"
1357 " ldrh.w r0, [sp, #0x10]\n"
1358 " strh.w r0, [sp, #0x1c]\n"
1359 " ldrh.w r0, [sp, #0x18]\n"
1360 " b loc_fc28694c\n"
1361 "loc_fc286948:\n"
1362 " strh.w r1, [sp, #0x1c]\n"
1363 "loc_fc28694c:\n"
1364 " strh.w r0, [sp, #0x24]\n"
1365 "loc_fc286950:\n"
1366 " cmp r5, #1\n"
1367 " ldr r0, [sp, #0x28]\n"
1368 " bne loc_fc286988\n"
1369 " movs r2, #0xc\n"
1370 " ldr.w r1, [r0, #0x94]\n"
1371 " add.w r1, r1, r1, lsl #1\n"
1372 " add.w r4, r0, r1, lsl #2\n"
1373 " ldr r0, =0x0005c174\n"
1374 " subs r4, #8\n"
1375 " add r1, sp, #0x1c\n"
1376 " blx sub_fc2c7d80\n"
1377 " ldr r0, =0x0005c174\n"
1378 " movs r2, #0xc\n"
1379 " add r1, sp, #0x1c\n"
1380 " adds r0, #0xc\n"
1381 " blx sub_fc2c7d80\n"
1382 " ldr r0, =0x0005c174\n"
1383 " movs r2, #0xc\n"
1384 " mov r1, r4\n"
1385 " adds r0, #0x18\n"
1386 " blx sub_fc2c7d80\n"
1387 " b loc_fc2869d2\n"
1388 "loc_fc286988:\n"
1389 " ldr r0, [r0]\n"
1390 " mov.w r3, #1\n"
1391 " cmp r0, #0xc\n"
1392 " bne loc_fc2869b2\n"
1393 " movs r2, #0\n"
1394 " mov r1, r3\n"
1395 " strd r2, r3, [sp]\n"
1396 " movs r0, #0\n"
1397 " mov r2, r3\n"
1398 " bl sub_fc282774\n"
1399 " movs r3, #1\n"
1400 " movs r2, #0\n"
1401 " mov r1, r3\n"
1402 " movs r0, #0\n"
1403 " strd r2, r3, [sp]\n"
1404 " mov r2, r3\n"
1405 " b loc_fc2869ce\n"
1406 "loc_fc2869b2:\n"
1407 " movs r2, #1\n"
1408 " strd r2, r3, [sp]\n"
1409 " mov r3, r2\n"
1410 " mov r1, r2\n"
1411 " mov r0, r2\n"
1412 " bl sub_fc282774\n"
1413 " movs r3, #1\n"
1414 " str r3, [sp]\n"
1415 " mov r2, r3\n"
1416 " mov r1, r3\n"
1417 " mov r0, r3\n"
1418 " str r3, [sp, #4]\n"
1419 "loc_fc2869ce:\n"
1420 " bl sub_fc28289a\n"
1421 "loc_fc2869d2:\n"
1422 " ldr r0, [sp, #0x28]\n"
1423 " bl sub_fc287448\n"
1424 " b loc_fc286556\n"
1425 ".ltorg\n"
1426 );
1427 }
1428
1429
1430 void __attribute__((naked,noinline)) sub_fc28361e_my() {
1431 asm volatile (
1432 " push.w {r4, r5, r6, r7, r8, lr}\n"
1433 " ldr r7, =0x0000d7a4\n"
1434 " movs r1, #0x3e\n"
1435 " mov r4, r0\n"
1436 " ldr r0, [r7, #0x1c]\n"
1437 " blx sub_fc2c7dc8\n"
1438 " movs r2, #0\n"
1439 " ldrsh.w r0, [r4, #4]\n"
1440 " movs r3, #1\n"
1441 " mov r1, r2\n"
1442 " bl sub_fc2823bc\n"
1443 " mov r6, r0\n"
1444 " ldrsh.w r0, [r4, #6]\n"
1445 " bl sub_fc28255a\n"
1446 " ldrsh.w r0, [r4, #8]\n"
1447 " bl sub_fc28259e\n"
1448 " ldrsh.w r0, [r4, #0xa]\n"
1449 " bl sub_fc2825e2\n"
1450 " ldrsh.w r0, [r4, #0xc]\n"
1451 " movs r1, #0\n"
1452 " bl sub_fc282626\n"
1453 " mov r5, r0\n"
1454 " ldr r0, [r4]\n"
1455 " ldr.w r8, =0x0005c18c\n"
1456 " cmp r0, #0xc\n"
1457 " bne loc_fc283672\n"
1458 " movs r6, #0\n"
1459 " mov r5, r6\n"
1460 " b loc_fc28368a\n"
1461 "loc_fc283672:\n"
1462 " cmp r6, #1\n"
1463 " bne loc_fc28368a\n"
1464 " ldrsh.w r0, [r4, #4]\n"
1465 " movs r2, #2\n"
1466 " ldr r1, =0xfc282353\n"
1467 " bl sub_fc0d748a\n"
1468 " strh r0, [r4, #4]\n"
1469 " movs r0, #0\n"
1470 " str r0, [r7, #0x28]\n"
1471 " b loc_fc283690\n"
1472 "loc_fc28368a:\n"
1473 " ldrh.w r0, [r8]\n"
1474 " strh r0, [r4, #4]\n"
1475 "loc_fc283690:\n"
1476 " cmp r5, #1\n"
1477 " bne loc_fc2836a2\n"
1478 " ldrsh.w r0, [r4, #0xc]\n"
1479 " movs r2, #0x20\n"
1480 " ldr r1, =0xfc2823a7\n"
1481 " bl sub_fc2874dc\n"
1482 " b loc_fc2836a6\n"
1483 "loc_fc2836a2:\n"
1484 " ldrh.w r0, [r8, #8]\n"
1485 "loc_fc2836a6:\n"
1486 " strh r0, [r4, #0xc]\n"
1487 " ldrsh.w r0, [r4, #6]\n"
1488 " bl sub_fc3a0c30_my\n"
1489 " ldr pc, =0xfc2836b1\n"
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529 ".ltorg\n"
1530 );
1531 }
1532
1533 void __attribute__((naked,noinline)) sub_fc3a0c30_my() {
1534 asm volatile (
1535 " push {r4, r5, r6, lr}\n"
1536 " ldr r5, =0x0000d218\n"
1537 " mov r4, r0\n"
1538 " ldr r0, [r5, #4]\n"
1539 " cmp r0, #1\n"
1540 " beq loc_fc3a0c48\n"
1541 " movs r0, #0\n"
1542 " movw r2, #0x16b\n"
1543 " ldr r1, =0xfc3a0c90\n"
1544 " blx sub_fc2c7de0\n"
1545 "loc_fc3a0c48:\n"
1546 " ldr r0, =0xfffff400\n"
1547 " cmp r4, r0\n"
1548 " bne loc_fc3a0c52\n"
1549 " ldrsh.w r4, [r5, #2]\n"
1550 "loc_fc3a0c52:\n"
1551 " strh r4, [r5, #2]\n"
1552 " cmp r4, r0\n"
1553 " bne loc_fc3a0c64\n"
1554 " movs r0, #0\n"
1555 " movw r2, #0x171\n"
1556 " ldr r1, =0xfc3a0c90\n"
1557 " blx sub_fc2c7de0\n"
1558 "loc_fc3a0c64:\n"
1559 " mov r0, r4\n"
1560
1561 " bl apex2us\n"
1562
1563
1564
1565 " bl sub_fc14a830\n"
1566 " lsls r0, r0, #0x1f\n"
1567 " beq loc_fc3a0c8a\n"
1568 " pop.w {r4, r5, r6, lr}\n"
1569 " movs r0, #0\n"
1570 " movw r2, #0x176\n"
1571 " ldr r1, =0xfc3a0c90\n"
1572
1573 " blx sub_fc2c7de0\n"
1574 "loc_fc3a0c8a:\n"
1575 " pop {r4, r5, r6, pc}\n"
1576 ".ltorg\n"
1577 );
1578 }