This source file includes following definitions.
- pause
- led_on
- led_off
- blink
- CreateTask_spytask
- boot
- CreateTask_my
- sub_FF00038C_my
- sub_FF00110C_my
- sub_FF00420C_my
- sub_FF00B24C_my
- sub_FF0320E8_my
- task_Startup_my
- taskcreatePhySw_my
- init_file_modules_task
- task_TouchPanel_my
- sub_FF096A18_my
1
2
3
4
5 #include "lolevel.h"
6 #include "platform.h"
7 #include "core.h"
8 #include "dryos31.h"
9
10 #define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
11
12 const char * const new_sa = &_end;
13
14 extern void task_CaptSeq();
15 extern void task_InitFileModules();
16 extern void task_MovieRecord();
17 extern void task_ExpDrv();
18 extern void task_FileWrite();
19 extern void task_TouchPanel();
20
21
22
23
24 void pause()
25 {
26 int i ;
27 for (i=0; i<1000000; i++) { asm volatile ("nop\n"); }
28 }
29
30 void led_on() { *(int*)0xc022c30c = ( (*(int*)0xc022c30c) & 0xffffffcf ) | 0x20; }
31
32 void led_off() { *(int*)0xc022c30c = (*(int*)0xc022c30c) & 0xffffffcf; }
33
34 void blink() {
35 int i ;
36 for (i=1 ; i < 6 ; i++)
37 {
38 led_on() ;
39 pause() ;
40 led_off() ;
41 pause() ;
42 }
43 }
44
45
46
47
48 void CreateTask_spytask()
49 {
50 _CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
51 }
52
53
54
55
56
57
58
59
60
61
62
63 void __attribute__((naked,noinline)) boot() {
64 asm volatile (
65 " LDR R1, =0xC0410000 \n"
66 " MOV R0, #0 \n"
67 " STR R0, [R1] \n"
68 " MOV R1, #0x78 \n"
69 " MCR p15, 0, R1, c1, c0 \n"
70 " MOV R1, #0 \n"
71 " MCR p15, 0, R1, c7, c10, 4 \n"
72 " MCR p15, 0, R1, c7, c5 \n"
73 " MCR p15, 0, R1, c7, c6 \n"
74 " MOV R0, #0x3D \n"
75 " MCR p15, 0, R0, c6, c0 \n"
76 " MOV R0, #0xC000002F \n"
77 " MCR p15, 0, R0, c6, c1 \n"
78 " MOV R0, #0x37 \n"
79 " MCR p15, 0, R0, c6, c2 \n"
80 " MOV R0, #0x40000037 \n"
81 " MCR p15, 0, R0, c6, c3 \n"
82 " MOV R0, #0x80000017 \n"
83 " MCR p15, 0, R0, c6, c4 \n"
84 " LDR R0, =0xFF00002F \n"
85 " MCR p15, 0, R0, c6, c5 \n"
86 " LDR R0, =0xD000002B \n"
87 " MCR p15, 0, R0, c6, c7 \n"
88 " MOV R0, #0x34 \n"
89 " MCR p15, 0, R0, c2, c0 \n"
90 " MOV R0, #0x34 \n"
91 " MCR p15, 0, R0, c2, c0, 1 \n"
92 " MOV R0, #0x34 \n"
93 " MCR p15, 0, R0, c3, c0 \n"
94 " LDR R0, =0x33333330 \n"
95 " MCR p15, 0, R0, c5, c0, 2 \n"
96 " LDR R0, =0x33333330 \n"
97 " MCR p15, 0, R0, c5, c0, 3 \n"
98 " MRC p15, 0, R0, c1, c0 \n"
99 " ORR R0, R0, #0x1000 \n"
100 " ORR R0, R0, #4 \n"
101 " ORR R0, R0, #1 \n"
102 " MCR p15, 0, R0, c1, c0 \n"
103 " MOV R1, #0x80000006 \n"
104 " MCR p15, 0, R1, c9, c1 \n"
105 " MOV R1, #6 \n"
106 " MCR p15, 0, R1, c9, c1, 1 \n"
107 " MRC p15, 0, R1, c1, c0 \n"
108 " ORR R1, R1, #0x50000 \n"
109 " MCR p15, 0, R1, c1, c0 \n"
110 " LDR R2, =0xC0200000 \n"
111 " MOV R1, #1 \n"
112 " STR R1, [R2, #0x10C] \n"
113 " MOV R1, #0xFF \n"
114 " STR R1, [R2, #0xC] \n"
115 " STR R1, [R2, #0x1C] \n"
116 " STR R1, [R2, #0x2C] \n"
117 " STR R1, [R2, #0x3C] \n"
118 " STR R1, [R2, #0x4C] \n"
119 " STR R1, [R2, #0x5C] \n"
120 " STR R1, [R2, #0x6C] \n"
121 " STR R1, [R2, #0x7C] \n"
122 " STR R1, [R2, #0x8C] \n"
123 " STR R1, [R2, #0x9C] \n"
124 " STR R1, [R2, #0xAC] \n"
125 " STR R1, [R2, #0xBC] \n"
126 " STR R1, [R2, #0xCC] \n"
127 " STR R1, [R2, #0xDC] \n"
128 " STR R1, [R2, #0xEC] \n"
129 " STR R1, [R2, #0xFC] \n"
130 " LDR R1, =0xC0400008 \n"
131 " LDR R2, =0x430005 \n"
132 " STR R2, [R1] \n"
133 " LDR R2, =0xC0242010 \n"
134 " LDR R1, [R2] \n"
135 " ORR R1, R1, #1 \n"
136 " STR R1, [R2] \n"
137 " LDR R0, =0xFF8E9E9C \n"
138 " LDR R1, =0x685000 \n"
139 " LDR R3, =0x6B081C \n"
140
141 "loc_FF000138:\n"
142 " CMP R1, R3 \n"
143 " LDRCC R2, [R0], #4 \n"
144 " STRCC R2, [R1], #4 \n"
145 " BCC loc_FF000138 \n"
146 " LDR R0, =0xFF8D0134 \n"
147 " LDR R1, =0x1900 \n"
148 " LDR R3, =0x1B668 \n"
149
150 "loc_FF000154:\n"
151 " CMP R1, R3 \n"
152 " LDRCC R2, [R0], #4 \n"
153 " STRCC R2, [R1], #4 \n"
154 " BCC loc_FF000154 \n"
155 " LDR R1, =0x2F8B2C \n"
156 " MOV R2, #0 \n"
157
158 "loc_FF00016C:\n"
159 " CMP R3, R1 \n"
160 " STRCC R2, [R3], #4 \n"
161 " BCC loc_FF00016C \n"
162 " BL blink \n"
163
164
165
166
167
168
169 " LDR R0, =patch_CreateTask\n"
170 " LDM R0, {R1,R2}\n"
171 " LDR R0, =hook_CreateTask\n"
172 " STM R0, {R1,R2}\n"
173
174 " B sub_FF00038C_my \n"
175
176 "patch_CreateTask:\n"
177 " LDR PC, [PC,#-0x4]\n"
178 " .long CreateTask_my\n"
179 );
180 }
181
182
183
184 void __attribute__((naked,noinline)) CreateTask_my() {
185 asm volatile (
186 " STMFD SP!, {R0}\n"
187
188
189 " LDR R0, =task_CaptSeq\n"
190 " CMP R0, R3\n"
191 " LDREQ R3, =capt_seq_task\n"
192 " BEQ exitHook\n"
193
194
195 " LDR R0, =task_ExpDrv\n"
196 " CMP R0, R3\n"
197 " LDREQ R3, =exp_drv_task\n"
198 " BEQ exitHook\n"
199
200
201 " LDR R0, =task_FileWrite\n"
202 " CMP R0, R3\n"
203 " LDREQ R3, =filewritetask\n"
204 " BEQ exitHook\n"
205
206
207
208
209
210
211
212
213 " LDR R0, =task_InitFileModules\n"
214 " CMP R0, R3\n"
215 " LDREQ R3, =init_file_modules_task\n"
216
217
218 " LDR R0, =task_TouchPanel\n"
219 " CMP R0, R3\n"
220 " LDREQ R3, =task_TouchPanel_my\n"
221
222 "exitHook:\n"
223 " LDMFD SP!, {R0}\n"
224 " STMFD SP!, {R1-R9,LR} \n"
225 " MOV R4, R0 \n"
226 " LDR PC, =0x0068AB94 \n"
227 );
228 }
229
230
231
232 void __attribute__((naked,noinline)) sub_FF00038C_my() {
233
234
235
236
237
238
239
240 if ((*(int*) 0xC022F488) & 1)
241 *(int*)(0x2FD4) = 0x01000000;
242 else
243 *(int*)(0x2FD4) = 0x00400000;
244
245 asm volatile (
246 " LDR R0, =0xFF000404 \n"
247 " MOV R1, #0 \n"
248 " LDR R3, =0xFF00043C \n"
249
250 "loc_FF000398:\n"
251 " CMP R0, R3 \n"
252 " LDRCC R2, [R0], #4 \n"
253 " STRCC R2, [R1], #4 \n"
254 " BCC loc_FF000398 \n"
255 " LDR R0, =0xFF00043C \n"
256 " MOV R1, #0x1B0 \n"
257 " LDR R3, =0xFF000624 \n"
258
259 "loc_FF0003B4:\n"
260 " CMP R0, R3 \n"
261 " LDRCC R2, [R0], #4 \n"
262 " STRCC R2, [R1], #4 \n"
263 " BCC loc_FF0003B4 \n"
264 " MOV R0, #0xD2 \n"
265 " MSR CPSR_cxsf, R0 \n"
266 " MOV SP, #0x1000 \n"
267 " MOV R0, #0xD3 \n"
268 " MSR CPSR_cxsf, R0 \n"
269 " MOV SP, #0x1000 \n"
270 " LDR R0, =0x398 \n"
271 " LDR R2, =0xEEEEEEEE \n"
272 " MOV R3, #0x1000 \n"
273
274 "loc_FF0003E8:\n"
275 " CMP R0, R3 \n"
276 " STRCC R2, [R0], #4 \n"
277 " BCC loc_FF0003E8 \n"
278 " BL sub_FF00110C_my \n"
279 );
280 }
281
282
283
284 void __attribute__((naked,noinline)) sub_FF00110C_my() {
285 asm volatile (
286 " STR LR, [SP, #-4]! \n"
287 " SUB SP, SP, #0x74 \n"
288 " MOV R1, #0x74 \n"
289 " MOV R0, SP \n"
290 " BL sub_006A93A4 \n"
291 " MOV R0, #0x83000 \n"
292 " STR R0, [SP, #4] \n"
293
294 #if defined(CHDK_NOT_IN_CANON_HEAP)
295 " LDR R0, =0x2F8B2C \n"
296 #else
297 " LDR R0, =new_sa\n"
298 " LDR R0, [R0]\n"
299 #endif
300
301 " LDR R2, =0x53F15C \n"
302 " STR R0, [SP, #8] \n"
303 " SUB R0, R2, R0 \n"
304 " STR R0, [SP, #0xC] \n"
305 " MOV R0, #0x22 \n"
306 " STR R0, [SP, #0x18] \n"
307 " MOV R0, #0x98 \n"
308 " STR R0, [SP, #0x1C] \n"
309 " LDR R0, =0x1E2 \n"
310 " LDR R1, =0x549C00 \n"
311 " STR R2, [SP, #0x10] \n"
312 " STR R0, [SP, #0x20] \n"
313 " MOV R0, #0xF6 \n"
314 " STR R1, [SP] \n"
315 " STR R1, [SP, #0x14] \n"
316 " STR R0, [SP, #0x24] \n"
317 " MOV R0, #0xB6 \n"
318 " STR R0, [SP, #0x28] \n"
319 " MOV R0, #0x85 \n"
320 " STR R0, [SP, #0x2C] \n"
321 " MOV R0, #0x40 \n"
322 " STR R0, [SP, #0x30] \n"
323 " MOV R0, #4 \n"
324 " STR R0, [SP, #0x34] \n"
325 " MOV R0, #0x10 \n"
326 " STR R0, [SP, #0x5C] \n"
327 " MOV R0, #0x800 \n"
328 " STR R0, [SP, #0x60] \n"
329 " MOV R0, #0xA0 \n"
330 " STR R0, [SP, #0x64] \n"
331 " MOV R0, #0x280 \n"
332 " STR R0, [SP, #0x68] \n"
333 " LDR R1, =sub_FF00420C_my \n"
334 " MOV R2, #0 \n"
335 " MOV R0, SP \n"
336 " BL sub_006867E8 \n"
337 " ADD SP, SP, #0x74 \n"
338 " LDR PC, [SP], #4 \n"
339 );
340 }
341
342
343
344 void __attribute__((naked,noinline)) sub_FF00420C_my() {
345 asm volatile (
346 " STMFD SP!, {R4,LR} \n"
347 " BL sub_FF000AE8 \n"
348 " BL sub_FF00539C \n"
349 " CMP R0, #0 \n"
350 " LDRLT R0, =0xFF00434C /*'dmSetup'*/ \n"
351 " BLLT _err_init_task \n"
352 " BL sub_FF003E44 \n"
353 " CMP R0, #0 \n"
354 " LDRLT R0, =0xFF004354 /*'termDriverInit'*/ \n"
355 " BLLT _err_init_task \n"
356 " LDR R0, =0xFF004364 /*'/_term'*/ \n"
357 " BL sub_FF003F2C \n"
358 " CMP R0, #0 \n"
359 " LDRLT R0, =0xFF00436C /*'termDeviceCreate'*/ \n"
360 " BLLT _err_init_task \n"
361 " LDR R0, =0xFF004364 /*'/_term'*/ \n"
362 " BL sub_FF00294C \n"
363 " CMP R0, #0 \n"
364 " LDRLT R0, =0xFF004380 /*'stdioSetup'*/ \n"
365 " BLLT _err_init_task \n"
366 " BL sub_FF004D38 \n"
367 " CMP R0, #0 \n"
368 " LDRLT R0, =0xFF00438C /*'stdlibSetup'*/ \n"
369 " BLLT _err_init_task \n"
370 " BL sub_FF001604 \n"
371 " CMP R0, #0 \n"
372 " LDRLT R0, =0xFF004398 /*'armlib_setup'*/ \n"
373 " BLLT _err_init_task \n"
374 " LDMFD SP!, {R4,LR} \n"
375 " B sub_FF00B24C_my \n"
376 );
377 }
378
379
380
381 void __attribute__((naked,noinline)) sub_FF00B24C_my() {
382 asm volatile (
383 " STMFD SP!, {R3,LR} \n"
384 " BL sub_FF038018 \n"
385 " BL sub_FF03961C \n"
386 " CMP R0, #0 \n"
387 " BNE loc_FF00B270 \n"
388 " BL sub_FF034274 /*_IsNormalCameraMode_FW*/ \n"
389 " CMP R0, #0 \n"
390 " MOVNE R0, #1 \n"
391 " BNE loc_FF00B274 \n"
392
393 "loc_FF00B270:\n"
394 " MOV R0, #0 \n"
395
396 "loc_FF00B274:\n"
397 " BL sub_FF0320E8_my \n"
398 " CMP R0, #0 \n"
399 " BNE loc_FF00B288 \n"
400 " BL sub_FF0318D4 \n"
401
402 "loc_FF00B284:\n"
403 " B loc_FF00B284 \n"
404
405 "loc_FF00B288:\n"
406 " BL sub_0068C318 \n"
407 " LDR R1, =0x5CE000 \n"
408 " MOV R0, #0 \n"
409 " BL sub_FF039B68 \n"
410 " BL sub_0068C530 /*_EnableDispatch*/ \n"
411 " MOV R3, #0 \n"
412 " STR R3, [SP] \n"
413 " LDR R3, =task_Startup_my \n"
414 " MOV R2, #0 \n"
415 " MOV R1, #0x19 \n"
416 " LDR R0, =0xFF00B2C8 /*'Startup'*/ \n"
417 " BL _CreateTask \n"
418 " MOV R0, #0 \n"
419 " LDMFD SP!, {R3,PC} \n"
420 );
421 }
422
423
424
425 void __attribute__((naked,noinline)) sub_FF0320E8_my() {
426 asm volatile (
427 " STMFD SP!, {R2-R8,LR} \n"
428 " MOV R8, R0 \n"
429
430 " MOV R0, #0x14 \n"
431 " BL sub_FF090770 \n"
432 " MOV R4, #1 \n"
433 " BIC R5, R4, R0 \n"
434 " MOV R0, #0x50 \n"
435 " BL sub_FF090770 \n"
436 " BIC R6, R4, R0 \n"
437 " MOV R0, #0x51 \n"
438 " BL sub_FF090770 \n"
439 " BIC R7, R4, R0 \n"
440 " MOV R0, #0x15 \n"
441 " BL sub_FF090770 \n"
442 " CMP R8, #0 \n"
443 " BIC R4, R4, R0 \n"
444 " BEQ loc_FF032140 \n"
445 " ORR R0, R5, R6 \n"
446 " ORR R0, R0, R7 \n"
447 " ORRS R0, R0, R4 \n"
448 " BEQ loc_FF032168 \n"
449
450 "loc_FF032140:\n"
451 " BL sub_FF03961C \n"
452 " MOV R2, R0 \n"
453 " MOV R3, #0 \n"
454 " MOV R1, R6 \n"
455 " MOV R0, R5 \n"
456 " STR R4, [SP, #4] \n"
457 " STR R7, [SP] \n"
458
459
460 " MOV R0, #1 \n"
461
462 "loc_FF032168:\n"
463 " LDMFD SP!, {R2-R8,PC} \n"
464 );
465 }
466
467
468
469 void __attribute__((naked,noinline)) task_Startup_my() {
470 asm volatile (
471 " STMFD SP!, {R4,LR} \n"
472 " BL sub_FF0048A4 \n"
473 " BL sub_FF033304 \n"
474 " BL sub_FF03185C \n"
475
476 " BL sub_FF03988C \n"
477
478 " BL sub_FF039A04 \n"
479 " BL sub_FF03A1DC \n"
480 " BL _SetZoomActuatorSpeedPercent \n"
481 " BL sub_FF0398C8 \n"
482 " BL sub_FF037F50 \n"
483 " BL sub_FF03A1E4 \n"
484 " BL CreateTask_spytask\n"
485 " BL taskcreatePhySw_my \n"
486 " BL sub_FF036108 \n"
487 " BL sub_FF0DFF70 \n"
488 " BL sub_FF02F374 \n"
489 " BL sub_FF0311BC \n"
490 " BL sub_FF039448 \n"
491 " BL sub_FF031810 \n"
492 " BL sub_FF031158 \n"
493
494 " BL sub_FF02FF50 \n"
495 " BL sub_FF03111C \n"
496 " LDMFD SP!, {R4,LR} \n"
497 " B sub_FF0049E0 \n"
498 );
499 }
500
501
502
503 void __attribute__((naked,noinline)) taskcreatePhySw_my() {
504 asm volatile (
505 " STMFD SP!, {R3-R5,LR} \n"
506 " LDR R4, =0x1E28 \n"
507 " LDR R0, [R4, #4] \n"
508 " CMP R0, #0 \n"
509 " BNE loc_FF031FC8 \n"
510 " MOV R3, #0 \n"
511 " STR R3, [SP] \n"
512 " LDR R3, =mykbd_task \n"
513 " MOV R2, #0x2000 \n"
514 " MOV R1, #0x17 \n"
515 " LDR R0, =0xFF032260 /*'PhySw'*/ \n"
516 " BL sub_0068AF04 /*_CreateTaskStrictly*/ \n"
517 " STR R0, [R4, #4] \n"
518
519 "loc_FF031FC8:\n"
520 " BL sub_FF0CA8F4 \n"
521 " BL sub_FF0341C4 /*_IsFactoryMode_FW*/ \n"
522 " CMP R0, #0 \n"
523 " BNE loc_FF031FE4 \n"
524 " LDR R1, =0x40B70 \n"
525 " MOV R0, #0 \n"
526 " BL sub_FF0CA860 /*_OpLog.Start_FW*/ \n"
527
528 "loc_FF031FE4:\n"
529 " LDMFD SP!, {R3-R5,PC} \n"
530 );
531 }
532
533
534
535 void __attribute__((naked,noinline)) init_file_modules_task() {
536 asm volatile (
537 " STMFD SP!, {R4-R6,LR} \n"
538 " BL sub_FF0CD1D8 \n"
539 " LDR R5, =0x5006 \n"
540 " MOVS R4, R0 \n"
541 " MOVNE R1, #0 \n"
542 " MOVNE R0, R5 \n"
543 " BLNE _PostLogicalEventToUI \n"
544 " BL sub_FF0CD20C \n"
545 " BL core_spytask_can_start\n"
546 " CMP R4, #0 \n"
547 " LDMNEFD SP!, {R4-R6,PC} \n"
548 " MOV R0, R5 \n"
549 " LDMFD SP!, {R4-R6,LR} \n"
550 " MOV R1, #0 \n"
551 " B _PostLogicalEventToUI \n"
552 );
553 }
554
555
556
557 void __attribute__((naked,noinline)) task_TouchPanel_my() {
558 asm volatile (
559 " STMFD SP!, {R3-R9,LR} \n"
560 " MOV R0, #0 \n"
561 " MOV R5, R0 \n"
562 " STR R0, [SP] \n"
563 " LDR R1, =0x93D800 \n"
564 " MOV R6, #1 \n"
565 " MOV R0, #0x20 \n"
566 " BL sub_FF0907B8 \n"
567 " LDR R0, =0x61A8 \n"
568 " BL sub_FF095FB0 \n"
569 " LDR R1, =0xC0221000 \n"
570 " MOV R0, #0x21 \n"
571 " STR R0, [R1, #0x314] \n"
572 " MOV R0, #0x1C \n"
573 " SUB R1, R1, #0x1E000 \n"
574 " STR R0, [R1, #0x40] \n"
575 " MOV R3, #0 \n"
576 " LDR R2, =0xFF0960F0 \n"
577 " MOV R1, #0x55 \n"
578 " MOV R0, R3 \n"
579 " BL sub_0068A848 /*_RegisterInterruptHandler*/ \n"
580 " LDR R8, =0xF3FCF5 \n"
581 " LDR R4, =0x31E4 \n"
582 " MOV R7, #7 \n"
583
584 "loc_FF097504:\n"
585 " LDR R0, [R4, #0x3C] \n"
586 " MOV R2, #0 \n"
587 " MOV R1, R8 \n"
588 " BL sub_0068B9B0 /*_WaitForAnyEventFlag*/ \n"
589 " CMP R0, #0 \n"
590 " LDRNE R1, =0xA01 \n"
591 " LDRNE R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
592 " BLNE _DebugAssert \n"
593 " LDR R0, [R4, #0x3C] \n"
594 " MOV R1, SP \n"
595 " BL sub_0068BBC0 /*_GetEventFlagValue*/ \n"
596 " CMP R0, #0 \n"
597 " LDRNE R1, =0xA15 \n"
598 " LDRNE R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
599 " BLNE _DebugAssert \n"
600 " BL sub_FF098108 \n"
601 " LDR R0, [R4, #0x10] \n"
602 " CMP R0, #7 \n"
603 " BEQ loc_FF097558 \n"
604 " BL _CancelHPTimer \n"
605 " STR R7, [R4, #0x10] \n"
606
607 "loc_FF097558:\n"
608 " LDR R0, [SP] \n"
609 " TST R0, #1 \n"
610 " BEQ loc_FF097584 \n"
611 " LDR R0, [R4, #0x3C] \n"
612 " MOV R1, #5 \n"
613 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
614 " STR R7, [R4, #0x14] \n"
615 " LDR R0, [R4, #0x3C] \n"
616 " MOV R1, #0x80000000 \n"
617 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
618 " BL _ExitTask \n"
619
620 "loc_FF097584:\n"
621 " LDR R0, [SP] \n"
622 " TST R0, #0x400 \n"
623 " BEQ loc_FF0975D8 \n"
624 " LDR R0, [R4, #0x3C] \n"
625 " MOV R1, #0x400 \n"
626 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
627 " LDR R0, =0xFF5BDE6C \n"
628 " LDR R0, [R0] \n"
629 " BL sub_FF0981D0 \n"
630 " BL sub_FF098108 \n"
631 " LDR R0, [R4, #0x3C] \n"
632 " MOV R1, #0x14 \n"
633 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
634 " BL sub_FF096944 \n"
635 " CMP R0, #0 \n"
636 " BLNE sub_FF098310 \n"
637 " BL sub_FF09666C \n"
638 " STR R0, [R4, #0x44] \n"
639 " LDR R0, [R4, #0x3C] \n"
640 " MOV R1, #0x40000000 \n"
641 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
642
643 "loc_FF0975D8:\n"
644 " LDR R0, [SP] \n"
645 " TST R0, #0x800 \n"
646 " BEQ loc_FF097604 \n"
647 " LDR R0, [R4, #0x3C] \n"
648 " MOV R1, #0x800 \n"
649 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
650 " BL sub_FF09666C \n"
651 " STR R0, [R4, #0x44] \n"
652 " LDR R0, [R4, #0x3C] \n"
653 " MOV R1, #0x40000000 \n"
654 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
655
656 "loc_FF097604:\n"
657 " LDR R0, [SP] \n"
658 " TST R0, #0x20 \n"
659 " BEQ loc_FF097634 \n"
660 " LDR R0, [R4, #0x3C] \n"
661 " MOV R1, #0x20 \n"
662 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
663 " LDR R1, [R4, #0x48] \n"
664 " MOV R0, #3 \n"
665 " BL sub_FF097414 \n"
666 " LDR R0, [R4, #0x3C] \n"
667 " MOV R1, #0x40000000 \n"
668 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
669
670 "loc_FF097634:\n"
671 " LDR R0, [SP] \n"
672 " TST R0, #0x40 \n"
673 " BEQ loc_FF097664 \n"
674 " LDR R0, [R4, #0x3C] \n"
675 " MOV R1, #0x40 \n"
676 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
677 " LDR R1, [R4, #0x48] \n"
678 " MOV R0, #5 \n"
679 " BL sub_FF097414 \n"
680 " LDR R0, [R4, #0x3C] \n"
681 " MOV R1, #0x40000000 \n"
682 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
683
684 "loc_FF097664:\n"
685 " LDR R0, [SP] \n"
686 " TST R0, #0x80 \n"
687 " BEQ loc_FF097694 \n"
688 " LDR R0, [R4, #0x3C] \n"
689 " MOV R1, #0x80 \n"
690 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
691 " LDR R1, [R4, #0x48] \n"
692 " MOV R0, #6 \n"
693 " BL sub_FF097414 \n"
694 " LDR R0, [R4, #0x3C] \n"
695 " MOV R1, #0x40000000 \n"
696 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
697
698 "loc_FF097694:\n"
699 " LDR R0, [SP] \n"
700 " TST R0, #0x100000 \n"
701 " BEQ loc_FF0976C4 \n"
702 " LDR R0, [R4, #0x3C] \n"
703 " MOV R1, #0x100000 \n"
704 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
705 " MOV R1, #0 \n"
706 " MOV R0, #7 \n"
707 " BL sub_FF097414 \n"
708 " LDR R0, [R4, #0x3C] \n"
709 " MOV R1, #0x40000000 \n"
710 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
711
712 "loc_FF0976C4:\n"
713 " LDR R0, [SP] \n"
714 " TST R0, #0x200000 \n"
715 " BEQ loc_FF0976F4 \n"
716 " LDR R0, [R4, #0x3C] \n"
717 " MOV R1, #0x200000 \n"
718 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
719 " MOV R1, #0 \n"
720 " MOV R0, #8 \n"
721 " BL sub_FF097414 \n"
722 " LDR R0, [R4, #0x3C] \n"
723 " MOV R1, #0x40000000 \n"
724 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
725
726 "loc_FF0976F4:\n"
727 " LDR R0, [SP] \n"
728 " TST R0, #0x400000 \n"
729 " BEQ loc_FF097774 \n"
730 " MOV R1, #0x400000 \n"
731 " B loc_FF097754 \n"
732
733
734
735
736 " .ltorg \n"
737
738 "loc_FF097754:\n"
739 " LDR R0, [R4, #0x3C] \n"
740 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
741 " MOV R1, #0 \n"
742 " MOV R0, #9 \n"
743 " BL sub_FF097414 \n"
744 " LDR R0, [R4, #0x3C] \n"
745 " MOV R1, #0x40000000 \n"
746 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
747
748 "loc_FF097774:\n"
749 " LDR R0, [SP] \n"
750 " TST R0, #0x800000 \n"
751 " BEQ loc_FF0977A4 \n"
752 " LDR R0, [R4, #0x3C] \n"
753 " MOV R1, #0x800000 \n"
754 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
755 " MOV R1, #0 \n"
756 " MOV R0, #0xA \n"
757 " BL sub_FF097414 \n"
758 " LDR R0, [R4, #0x3C] \n"
759 " MOV R1, #0x40000000 \n"
760 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
761
762 "loc_FF0977A4:\n"
763 " LDR R0, [SP] \n"
764 " TST R0, #0x14 \n"
765 " BEQ loc_FF097820 \n"
766 " LDR R0, [R4, #0x3C] \n"
767 " MOV R1, #0x14 \n"
768 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
769 " LDR R0, [R4, #0x1C] \n"
770 " CMP R0, #0 \n"
771 " BNE loc_FF0977D8 \n"
772 " BL sub_FF096944 \n"
773 " CMP R0, #0 \n"
774 " BLNE sub_FF098310 \n"
775 " B loc_FF097820 \n"
776
777 "loc_FF0977D8:\n"
778 " CMP R0, #1 \n"
779 " BNE loc_FF097814 \n"
780 " LDR R0, [SP] \n"
781 " LDRB R1, [R4] \n"
782 " AND R0, R0, #0x10 \n"
783 " ORRS R0, R0, R1 \n"
784 " BLNE sub_FF096A18_my \n"
785 " LDRB R0, [R4] \n"
786 " CMP R0, #0 \n"
787 " BNE loc_FF097820 \n"
788 " CMP R5, #0 \n"
789 " BEQ loc_FF097820 \n"
790 " BL sub_FF0968F0 \n"
791 " MOV R5, #0 \n"
792 " B loc_FF097820 \n"
793
794 "loc_FF097814:\n"
795 " LDR R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
796 " MOV R1, #0xA90 \n"
797 " BL _DebugAssert \n"
798
799 "loc_FF097820:\n"
800 " LDR R0, [SP] \n"
801 " TST R0, #0x1000 \n"
802 " BEQ loc_FF097854 \n"
803 " LDR R0, [R4, #0x3C] \n"
804 " MOV R1, #0x1000 \n"
805 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
806 " LDRB R0, [R4] \n"
807 " CMP R0, #0 \n"
808 " LDREQ R0, [R4, #0x1C] \n"
809 " CMPEQ R0, #1 \n"
810 " MOVNE R5, #1 \n"
811 " BNE loc_FF097854 \n"
812 " BL sub_FF0968F0 \n"
813
814 "loc_FF097854:\n"
815 " LDR R0, [SP] \n"
816 " TST R0, #0x2000 \n"
817 " BEQ loc_FF097874 \n"
818 " LDR R0, [R4, #0x3C] \n"
819 " MOV R1, #0x2000 \n"
820 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
821 " LDR R0, [R4, #0x30] \n"
822 " BL sub_FF1C3AE0 \n"
823
824 "loc_FF097874:\n"
825 " LDR R0, [SP] \n"
826 " TST R0, #0x4000 \n"
827 " BEQ loc_FF0978B8 \n"
828 " LDR R0, [R4, #0x3C] \n"
829 " MOV R1, #0x4000 \n"
830 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
831 " LDR R0, [R4, #0x1C] \n"
832 " CMP R0, #1 \n"
833 " LDRNE R1, =0xAA9 \n"
834 " LDRNE R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
835 " BLNE _DebugAssert \n"
836 " MOV R6, #1 \n"
837 " MOV R0, R6 \n"
838 " BL sub_FF09687C \n"
839 " LDR R0, [R4, #0x3C] \n"
840 " MOV R1, #0x40000000 \n"
841 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
842
843 "loc_FF0978B8:\n"
844 " LDR R0, [SP] \n"
845 " TST R0, #0x8000 \n"
846 " BEQ loc_FF0978FC \n"
847 " LDR R0, [R4, #0x3C] \n"
848 " MOV R1, #0x8000 \n"
849 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
850 " LDR R0, [R4, #0x1C] \n"
851 " CMP R0, #1 \n"
852 " LDRNE R1, =0xAB4 \n"
853 " LDRNE R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
854 " BLNE _DebugAssert \n"
855 " MOV R6, #0 \n"
856 " MOV R0, R6 \n"
857 " BL sub_FF09687C \n"
858 " LDR R0, [R4, #0x3C] \n"
859 " MOV R1, #0x40000000 \n"
860 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
861
862 "loc_FF0978FC:\n"
863 " LDR R0, [SP] \n"
864 " TST R0, #0x10000 \n"
865 " BEQ loc_FF09793C \n"
866 " LDR R0, [R4, #0x3C] \n"
867 " MOV R1, #0x10000 \n"
868 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
869 " LDR R0, [R4, #0x1C] \n"
870 " CMP R0, #1 \n"
871 " LDRNE R1, =0xABF \n"
872 " LDRNE R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
873 " BLNE _DebugAssert \n"
874 " MOV R0, #7 \n"
875 " BL sub_FF09820C \n"
876 " LDR R0, [R4, #0x3C] \n"
877 " MOV R1, #0x40000000 \n"
878 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
879
880 "loc_FF09793C:\n"
881 " LDR R0, [SP] \n"
882 " TST R0, #0x20000 \n"
883 " BEQ loc_FF09797C \n"
884 " LDR R0, [R4, #0x3C] \n"
885 " MOV R1, #0x20000 \n"
886 " BL sub_0068BB88 /*_ClearEventFlag*/ \n"
887 " LDR R0, [R4, #0x1C] \n"
888 " CMP R0, #1 \n"
889 " LDRNE R1, =0xAC7 \n"
890 " LDRNE R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
891 " BLNE _DebugAssert \n"
892 " MOV R0, #0 \n"
893 " BL sub_FF09820C \n"
894 " LDR R0, [R4, #0x3C] \n"
895 " MOV R1, #0x40000000 \n"
896 " BL sub_0068BB54 /*_SetEventFlag*/ \n"
897
898 "loc_FF09797C:\n"
899 " LDR R0, [R4, #0x1C] \n"
900 " CMP R0, #1 \n"
901 " BNE loc_FF0979D0 \n"
902 " LDRB R0, [R4] \n"
903 " CMP R0, #0 \n"
904 " BEQ loc_FF0979A0 \n"
905 " LDR R0, =0x4E20 \n"
906 " BL sub_FF098084 \n"
907 " B loc_FF097504 \n"
908
909 "loc_FF0979A0:\n"
910 " LDR R0, [R4, #0x24] \n"
911 " CMP R0, #0xF \n"
912 " BLE loc_FF0979BC \n"
913 " CMP R6, #0 \n"
914 " MOVNE R0, #1 \n"
915 " BLNE sub_FF09687C \n"
916 " B loc_FF0979D0 \n"
917
918 "loc_FF0979BC:\n"
919 " LDR R0, =0x7A120 \n"
920 " BL sub_FF098084 \n"
921 " LDR R0, [R4, #0x24] \n"
922 " ADD R0, R0, #1 \n"
923 " STR R0, [R4, #0x24] \n"
924
925 "loc_FF0979D0:\n"
926 " BL sub_FF0980F4 \n"
927 " B loc_FF097504 \n"
928 );
929 }
930
931
932
933 void __attribute__((naked,noinline)) sub_FF096A18_my() {
934 asm volatile (
935 " STMFD SP!, {R4-R11,LR} \n"
936 " LDR R7, =0xA0EF4 \n"
937 " SUB SP, SP, #0x34 \n"
938 " MOV R0, #0 \n"
939 " STRH R0, [R7] \n"
940 " STRH R0, [R7, #2] \n"
941 " ADD R1, SP, #0x10 \n"
942 " STRH R0, [R7, #4] \n"
943 " BL sub_FF09833C \n"
944 " TST R0, #1 \n"
945 " BNE loc_FF096D04 \n"
946 " LDRB R0, [SP, #0x13] \n"
947 " TST R0, #0x70 \n"
948 " LDRNE R1, =0x5D7 \n"
949 " LDRNE R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
950 " BLNE _DebugAssert \n"
951 " LDRB R0, [SP, #0x13] \n"
952 " TST R0, #4 \n"
953 " MOVNE R0, #0 \n"
954 " BLNE sub_FF09687C \n"
955 " LDRB R0, [SP, #0x12] \n"
956 " TST R0, #0x20 \n"
957 " BEQ loc_FF096A9C \n"
958 " ADD R1, SP, #0x10 \n"
959 " MOV R0, #0 \n"
960 " BL sub_FF09833C \n"
961 " TST R0, #1 \n"
962 " BNE loc_FF096D04 \n"
963 " LDRB R0, [SP, #0x13] \n"
964 " TST R0, #0x70 \n"
965 " LDRNE R1, =0x5EE \n"
966 " LDRNE R0, =0xFF096194 /*'TouchPanelDriver_TMA340.c'*/ \n"
967 " BLNE _DebugAssert \n"
968
969 "loc_FF096A9C:\n"
970 " LDRB R1, [SP, #0x12] \n"
971 " LDRB R0, [SP, #0x11] \n"
972 " AND R10, R1, #0xC0 \n"
973 " LDR R1, =0x31E4 \n"
974 " AND R5, R0, #0xF \n"
975 " LDR R1, [R1, #0x20] \n"
976 " CMP R1, R10 \n"
977 " BNE loc_FF096AD4 \n"
978 " CMP R5, #0 \n"
979 " BEQ loc_FF096ADC \n"
980 " LDR R1, =0x31E4 \n"
981 " LDR R1, [R1, #0x28] \n"
982 " CMP R1, #0 \n"
983 " BEQ loc_FF096D04 \n"
984
985 "loc_FF096AD4:\n"
986 " CMP R5, #0xF \n"
987 " BEQ loc_FF096D04 \n"
988
989 "loc_FF096ADC:\n"
990 " MOV R0, R0, LSL#25 \n"
991 " MOVS R0, R0, LSR#29 \n"
992 " BNE loc_FF096D04 \n"
993 " CMP R5, #0 \n"
994 " STRH R0, [R7] \n"
995 " BEQ loc_FF096CE4 \n"
996 " LDRB R0, [SP, #0x26] \n"
997 " LDRB R1, [SP, #0x1B] \n"
998 " LDR R9, =0x31E4 \n"
999 " MOV R4, #0 \n"
1000 " ORR R0, R0, R1, LSL#8 \n"
1001 " MOV R11, #1 \n"
1002 " STR R0, [SP, #0x30] \n"
1003
1004 "loc_FF096B10:\n"
1005 " CMP R4, R5 \n"
1006 " BGE loc_FF096BDC \n"
1007 " CMP R4, #0 \n"
1008 " LDREQB R0, [SP, #0x17] \n"
1009 " LDREQB R1, [SP, #0x10] \n"
1010 " ORREQ R8, R0, R1, LSL#8 \n"
1011 " LDREQB R0, [SP, #0x15] \n"
1012 " LDREQB R1, [SP, #0x16] \n"
1013 " BEQ loc_FF096B78 \n"
1014 " CMP R4, #1 \n"
1015 " LDREQB R0, [SP, #0x19] \n"
1016 " LDREQB R1, [SP, #0x1A] \n"
1017 " ORREQ R8, R0, R1, LSL#8 \n"
1018 " LDREQB R0, [SP, #0x1F] \n"
1019 " LDREQB R1, [SP, #0x18] \n"
1020 " BEQ loc_FF096B78 \n"
1021 " CMP R4, #2 \n"
1022 " LDRNEB R0, [SP, #0x24] \n"
1023 " LDRNEB R1, [SP, #0x25] \n"
1024 " LDREQB R0, [SP, #0x22] \n"
1025 " LDREQB R1, [SP, #0x23] \n"
1026 " ORR R8, R0, R1, LSL#8 \n"
1027 " LDRNEB R0, [SP, #0x29] \n"
1028 " LDRNEB R1, [SP, #0x2A] \n"
1029 " LDREQB R0, [SP, #0x20] \n"
1030 " LDREQB R1, [SP, #0x21] \n"
1031
1032 "loc_FF096B78:\n"
1033 " ORR R6, R0, R1, LSL#8 \n"
1034 " LDR R1, [SP, #0x30] \n"
1035 " MOV R0, R4 \n"
1036 " BL sub_FF09823C \n"
1037 " STR R0, [SP, #0x2C] \n"
1038 " MOV R0, R6, LSL#16 \n"
1039 " MOV R1, #0 \n"
1040 " MOV R0, R0, ASR#16 \n"
1041 " STMEA SP, {R0,R1,R8} \n"
1042 " MOV R3, R8, LSL#16 \n"
1043 " LDR R2, [SP, #0x2C] \n"
1044 " MOV R3, R3, ASR#16 \n"
1045 " MOV R0, R4 \n"
1046 " STR R6, [SP, #0xC] \n"
1047 " BL sub_FF096010 \n"
1048 " LDRH R0, [R7, #2] \n"
1049 " ADD R4, R4, #1 \n"
1050 " ADD R0, R0, #1 \n"
1051
1052
1053 " push {r1} \n"
1054 " ldr r1,=kbd_blocked \n"
1055 " ldr r1,[r1] \n"
1056 " cmp r1,#0 \n"
1057 " movne r0,#0 \n"
1058 " pop {R1} \n"
1059
1060 " STRH R0, [R7, #2] \n"
1061 " LDR R0, [SP, #0x2C] \n"
1062 " LDRH R1, [R9, #2] \n"
1063 " ORR R0, R1, R11, LSL R0 \n"
1064 " CMP R4, #2 \n"
1065 " STRH R0, [R9, #2] \n"
1066 " BLT loc_FF096B10 \n"
1067
1068 "loc_FF096BDC:\n"
1069 " LDR R0, =0x31E4 \n"
1070 " MOV R9, #0 \n"
1071 " LDRB R8, [R0] \n"
1072 " LDRH R0, [R0, #4] \n"
1073 " MOV R6, R9 \n"
1074 " STR R0, [SP, #0xC] \n"
1075
1076 "loc_FF096BF4:\n"
1077 " CMP R6, R8 \n"
1078 " BGE loc_FF096C50 \n"
1079 " LDR R1, [SP, #0xC] \n"
1080 " MOV R0, R6 \n"
1081 " BL sub_FF09823C \n"
1082 " MOV R11, R0 \n"
1083 " MOV R4, #0 \n"
1084
1085 "loc_FF096C10:\n"
1086 " CMP R4, R5 \n"
1087 " BGE loc_FF096C44 \n"
1088 " LDR R1, [SP, #0x30] \n"
1089 " MOV R0, R4 \n"
1090 " BL sub_FF09823C \n"
1091 " CMP R11, R0 \n"
1092 " MOVEQ R0, #1 \n"
1093 " ORREQ R0, R9, R0, LSL R6 \n"
1094 " ANDEQ R9, R0, #0xFF \n"
1095 " BEQ loc_FF096C44 \n"
1096 " ADD R4, R4, #1 \n"
1097 " CMP R4, #2 \n"
1098 " BLT loc_FF096C10 \n"
1099
1100 "loc_FF096C44:\n"
1101 " ADD R6, R6, #1 \n"
1102 " CMP R6, #2 \n"
1103 " BLT loc_FF096BF4 \n"
1104
1105 "loc_FF096C50:\n"
1106 " LDR R6, =0x31E4 \n"
1107 " MOV R4, #0 \n"
1108
1109 "loc_FF096C58:\n"
1110 " LDRB R0, [R6] \n"
1111 " CMP R4, R0 \n"
1112 " BGE loc_FF096CBC \n"
1113 " MOV R8, #1 \n"
1114 " TST R9, R8, LSL R4 \n"
1115 " BNE loc_FF096CBC \n"
1116 " LDRH R1, [R6, #4] \n"
1117 " MOV R0, R4 \n"
1118 " BL sub_FF09823C \n"
1119 " MOV R3, #0 \n"
1120 " MOV R11, R0 \n"
1121 " STR R3, [SP] \n"
1122 " STR R3, [SP, #4] \n"
1123 " STR R3, [SP, #8] \n"
1124 " STR R3, [SP, #0xC] \n"
1125 " LDRH R0, [R7, #4] \n"
1126 " MOV R2, R11 \n"
1127 " MOV R1, #1 \n"
1128 " BL sub_FF096010 \n"
1129 " LDRH R0, [R7, #4] \n"
1130 " ADD R0, R0, #1 \n"
1131 " STRH R0, [R7, #4] \n"
1132 " LDRH R1, [R6, #2] \n"
1133 " BIC R0, R1, R8, LSL R11 \n"
1134 " STRH R0, [R6, #2] \n"
1135
1136 "loc_FF096CBC:\n"
1137 " ADD R4, R4, #1 \n"
1138 " CMP R4, #2 \n"
1139 " BLT loc_FF096C58 \n"
1140 " LDR R0, [SP, #0x30] \n"
1141 " STRH R0, [R6, #4] \n"
1142 " STRB R5, [R6] \n"
1143 " MOV R0, #0 \n"
1144 " STR R10, [R6, #0x20]! \n"
1145 " STR R0, [R6, #4] \n"
1146 " B loc_FF096CE8 \n"
1147
1148 "loc_FF096CE4:\n"
1149 " BL sub_FF098278 \n"
1150
1151 "loc_FF096CE8:\n"
1152 " LDR R0, =0x31E4 \n"
1153 " LDR R0, [R0, #0x28] \n"
1154 " CMP R0, #0 \n"
1155 " LDRNE R0, =0xA0EF4 \n"
1156 " BLNE sub_FF1C28A4 \n"
1157 " LDR R0, =0xA0EF4 \n"
1158 " BL sub_FF1C3A90 \n"
1159
1160 "loc_FF096D04:\n"
1161 " ADD SP, SP, #0x34 \n"
1162 " LDMFD SP!, {R4-R11,PC} \n"
1163 );
1164 }