root/platform/d20/sub/100b/capt_seq.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. capt_seq_task
  2. sub_FF18301C_my
  3. exp_drv_task
  4. sub_FF0AE530_my
  5. sub_FF09D804_my

   1 #include "lolevel.h"
   2 #include "platform.h"
   3 #include "core.h"
   4 #include "conf.h"
   5 #include "stdlib.h"
   6 
   7 static long *nrflag = (long*)(0x9cf4+0x00);  // Found @ ff232ebc & ff232f1c
   8 #define NR_AUTO (0)                          // have to explictly reset value back to 0 to enable auto
   9 #define PAUSE_FOR_FILE_COUNTER 200          //Enable delay in capt_seq_hook_raw_here to ensure file counter is updated
  10 
  11 #include "../../../generic/capt_seq.c"
  12 
  13 //** capt_seq_task  @ 0xFF069298
  14 
  15 void __attribute__((naked,noinline)) capt_seq_task() {
  16 asm volatile (
  17       "STMFD   SP!, {R3-R9,LR}\n"
  18       "LDR     R4, =0x3979C\n"
  19       "LDR     R7, =0x2E9C\n"
  20       "MOV     R6, #0\n"
  21 "loc_FF0692A8:\n"
  22       "LDR     R0, [R7, #4]\n"
  23       "MOV     R2, #0\n"
  24       "MOV     R1, SP\n"
  25       "BL      sub_00477218\n"
  26       "TST     R0, #1\n"
  27       "BEQ     loc_FF0692D4\n"
  28       "LDR     R1, =0x493\n"
  29       "LDR     R0, =0xFF068D54\n"
  30       "BL      _DebugAssert\n"
  31       "BL      _ExitTask\n"
  32       "LDMFD   SP!, {R3-R9,PC}\n"
  33 "loc_FF0692D4:\n"
  34       "LDR     R0, [SP]\n"
  35       "LDR     R1, [R0]\n"
  36       "CMP     R1, #0x24\n"
  37       "ADDCC   PC, PC, R1, LSL #2\n"
  38       "B       loc_FF069580\n"
  39       "B       loc_FF069378\n"
  40       "B       loc_FF069390\n"
  41       "B       loc_FF069400\n"
  42       "B       loc_FF069414\n"
  43       "B       loc_FF06940C\n"
  44       "B       loc_FF069420\n"
  45       "B       loc_FF069428\n"
  46       "B       loc_FF069430\n"
  47       "B       loc_FF06944C\n"
  48       "B       loc_FF0694A0\n"
  49       "B       loc_FF069458\n"
  50       "B       loc_FF069464\n"
  51       "B       loc_FF06946C\n"
  52       "B       loc_FF069488\n"
  53       "B       loc_FF069490\n"
  54       "B       loc_FF069498\n"
  55       "B       loc_FF0694A8\n"
  56       "B       loc_FF0694B0\n"
  57       "B       loc_FF0694B8\n"
  58       "B       loc_FF0694C0\n"
  59       "B       loc_FF0694C8\n"
  60       "B       loc_FF0694D0\n"
  61       "B       loc_FF0694D8\n"
  62       "B       loc_FF0694E0\n"
  63       "B       loc_FF0694E8\n"
  64       "B       loc_FF0694F4\n"
  65       "B       loc_FF0694FC\n"
  66       "B       loc_FF069508\n"
  67       "B       loc_FF069510\n"
  68       "B       loc_FF069518\n"
  69       "B       loc_FF069520\n"
  70       "B       loc_FF069528\n"
  71       "B       loc_FF069534\n"
  72       "B       loc_FF06953C\n"
  73       "B       loc_FF069548\n"
  74       "B       loc_FF06958C\n"
  75 "loc_FF069378:\n"
  76       "BL      shooting_expo_iso_override\n"  //patch
  77       "BL      sub_FF069B54\n"
  78       "BL      shooting_expo_param_override\n" //patch
  79       "BL      sub_FF066DD8\n"
  80 //PATCH BEGIN
  81 //      "LDR     R0, [R4, #0x28]\n"
  82 //      "CMP     R0, #0\n"
  83 //      "BLNE    sub_FF1830C0\n"
  84       "MOV     R0, #0\n"
  85       "STR     R0, [R4,#0x28]\n"  //fixes overrides  behavior at short shutter press
  86 //PATCH END
  87       "B       loc_FF06958C\n"
  88 "loc_FF069390:\n"
  89       "LDR     R5, [R0, #0x10]\n"
  90       "LDR     R0, [R4, #0x28]\n"
  91       "CMP     R0, #0\n"
  92       "BNE     loc_FF0693D8\n"
  93       "LDR     R0, [R4, #0x94]\n"
  94       "TST     R0, #0x30\n"
  95       "BLNE    sub_FF06B524\n"
  96       "BL      sub_FF06B204\n"
  97       "MOV     R1, R5\n"
  98       "BL      sub_FF06B25C\n"
  99       "LDR     R0, =0x10F\n"
 100       "MOV     R2, #4\n"
 101       "ADD     R1, R5, #0x24\n"
 102       "BL      _SetPropertyCase\n"
 103       "MOV     R2, #4\n"
 104       "ADD     R1, R5, #0x28\n"
 105       "MOV     R0, #0x2C\n"
 106       "BL      _SetPropertyCase\n"
 107 "loc_FF0693D8:\n"
 108       "MOV     R0, R5\n"
 109 //PATCH BEGIN
 110 //      "BL      sub_FF18301C\n"  //original
 111       "BL      sub_FF18301C_my\n" //patched
 112       "BL     capt_seq_hook_raw_here\n"
 113 //PATCH END
 114       "MOV     R8, R0\n"
 115       "MOV     R2, R5\n"
 116       "MOV     R1, #1\n"
 117       "BL      sub_FF06736C\n"
 118       "TST     R8, #1\n"
 119       "MOVEQ   R0, R5\n"
 120       "BLEQ    sub_FF182960\n"
 121       "B       loc_FF06958C\n"
 122 "loc_FF069400:\n"
 123       "MOV     R0, #1\n"
 124       "BL      sub_FF069E50\n"
 125       "B       loc_FF06958C\n"
 126 "loc_FF06940C:\n"
 127       "BL      sub_FF069760\n"
 128       "B       loc_FF069418\n"
 129 "loc_FF069414:\n"
 130       "BL      sub_FF069B34\n"
 131 "loc_FF069418:\n"
 132       "STR     R6, [R4, #0x28]\n"
 133       "B       loc_FF06958C\n"
 134 "loc_FF069420:\n"
 135       "BL      sub_FF069B3C\n"
 136       "B       loc_FF06958C\n"
 137 "loc_FF069428:\n"
 138       "BL      sub_FF069D28\n"
 139       "B       loc_FF069450\n"
 140 "loc_FF069430:\n"
 141       "LDR     R5, [R0, #0x10]\n"
 142       "MOV     R0, R5\n"
 143       "BL      sub_FF18315C\n"
 144       "MOV     R2, R5\n"
 145       "MOV     R1, #9\n"
 146       "BL      sub_FF06736C\n"
 147       "B       loc_FF06958C\n"
 148 "loc_FF06944C:\n"
 149       "BL      sub_FF069DB8\n"
 150 "loc_FF069450:\n"
 151       "BL      sub_FF066DD8\n"
 152       "B       loc_FF06958C\n"
 153 "loc_FF069458:\n"
 154       "LDR     R0, [R4, #0x58]\n"
 155       "BL      sub_FF06A4CC\n"
 156       "B       loc_FF06958C\n"
 157 "loc_FF069464:\n"
 158       "BL      sub_FF06A7C0\n"
 159       "B       loc_FF06958C\n"
 160 "loc_FF06946C:\n"
 161       "LDRH    R0, [R4]\n"
 162       "SUB     R1, R0, #0x4200\n"
 163       "SUBS    R1, R1, #0x39\n"
 164       "MOVNE   R0, #0\n"
 165       "MOVEQ   R0, #1\n"
 166       "BL      sub_FF06A824\n"
 167       "B       loc_FF06958C\n"
 168 "loc_FF069488:\n"
 169       "BL      sub_FF06AA10\n"
 170       "B       loc_FF06958C\n"
 171 "loc_FF069490:\n"
 172       "BL      sub_FF06AE74\n"
 173       "B       loc_FF06958C\n"
 174 "loc_FF069498:\n"
 175       "BL      sub_FF06AF28\n"
 176       "B       loc_FF06958C\n"
 177 "loc_FF0694A0:\n"
 178       "BL      sub_FF069B34\n"
 179       "B       loc_FF06958C\n"
 180 "loc_FF0694A8:\n"
 181       "BL      sub_FF181C34\n"
 182       "B       loc_FF06958C\n"
 183 "loc_FF0694B0:\n"
 184       "BL      sub_FF181E9C\n"
 185       "B       loc_FF06958C\n"
 186 "loc_FF0694B8:\n"
 187       "BL      sub_FF181F54\n"
 188       "B       loc_FF06958C\n"
 189 "loc_FF0694C0:\n"
 190       "BL      sub_FF182028\n"
 191       "B       loc_FF06958C\n"
 192 "loc_FF0694C8:\n"
 193       "MOV     R0, #0\n"
 194       "B       loc_FF0694EC\n"
 195 "loc_FF0694D0:\n"
 196       "BL      sub_FF18244C\n"
 197       "B       loc_FF06958C\n"
 198 "loc_FF0694D8:\n"
 199       "BL      sub_FF1824E0\n"
 200       "B       loc_FF06958C\n"
 201 "loc_FF0694E0:\n"
 202       "BL      sub_FF182598\n"
 203       "B       loc_FF06958C\n"
 204 "loc_FF0694E8:\n"
 205       "MOV     R0, #1\n"
 206 "loc_FF0694EC:\n"
 207       "BL      sub_FF1822DC\n"
 208       "B       loc_FF06958C\n"
 209 "loc_FF0694F4:\n"
 210       "BL      sub_FF06A008\n"
 211       "B       loc_FF06958C\n"
 212 "loc_FF0694FC:\n"
 213       "BL      sub_FF06A09C\n"
 214       "BL      sub_FF021F04\n"
 215       "B       loc_FF06958C\n"
 216 "loc_FF069508:\n"
 217       "BL      sub_FF1820F8\n"
 218       "B       loc_FF06958C\n"
 219 "loc_FF069510:\n"
 220       "BL      sub_FF182160\n"
 221       "B       loc_FF06958C\n"
 222 "loc_FF069518:\n"
 223       "BL      sub_FF06C7E0\n"
 224       "B       loc_FF06958C\n"
 225 "loc_FF069520:\n"
 226       "BL      sub_FF06C868\n"
 227       "B       loc_FF06958C\n"
 228 "loc_FF069528:\n"
 229       "LDR     R0, [R0, #0xC]\n"
 230       "BL      sub_FF1826B0\n"
 231       "B       loc_FF06958C\n"
 232 "loc_FF069534:\n"
 233       "BL      sub_FF182720\n"
 234       "B       loc_FF06958C\n"
 235 "loc_FF06953C:\n"
 236       "BL      sub_FF06C8D0\n"
 237       "BL      sub_FF06C888\n"
 238       "B       loc_FF06958C\n"
 239 "loc_FF069548:\n"
 240       "MOV     R0, #1\n"
 241       "BL      sub_FF183874\n"
 242       "MOV     R0, #1\n"
 243       "BL      sub_FF1839A8\n"
 244       "LDRH    R0, [R4, #0xA4]\n"
 245       "CMP     R0, #4\n"
 246       "LDRNEH  R0, [R4]\n"
 247       "SUBNE   R1, R0, #0x4200\n"
 248       "SUBNES  R1, R1, #0x2E\n"
 249       "BNE     loc_FF06958C\n"
 250       "BL      sub_FF06C868\n"
 251       "BL      sub_FF06CEB8\n"
 252       "BL      sub_FF06CCF8\n"
 253       "B       loc_FF06958C\n"
 254 "loc_FF069580:\n"
 255       "LDR     R1, =0x5F4\n"
 256       "LDR     R0, =0xFF068D54\n"
 257       "BL      _DebugAssert\n"
 258 "loc_FF06958C:\n"
 259       "LDR     R0, [SP]\n"
 260       "LDR     R1, [R0, #4]\n"
 261       "LDR     R0, [R7]\n"
 262       "BL      sub_0047AC6C\n"
 263       "LDR     R5, [SP]\n"
 264       "LDR     R0, [R5, #8]\n"
 265       "CMP     R0, #0\n"
 266       "LDREQ   R1, =0x117\n"
 267       "LDREQ   R0, =0xFF068D54\n"
 268       "BLEQ    _DebugAssert\n"
 269       "STR     R6, [R5, #8]\n"
 270       "B       loc_FF0692A8\n"
 271         );
 272 }
 273 
 274 //** sub_FF18301C_my  @ 0xFF18301C
 275 //CHECK THIS!!!
 276 void __attribute__((naked,noinline)) sub_FF18301C_my(  ) {
 277 asm volatile (
 278       "STMFD   SP!, {R4-R6,LR}\n"
 279       "LDR     R5, =0x3979C\n"
 280       "MOV     R6, R0\n"
 281       "LDR     R0, [R5, #0x28]\n"
 282       "MOV     R4, #0\n"
 283       "CMP     R0, #0\n"
 284       "BNE     loc_FF18304C\n"
 285       "MOV     R0, #0xC\n"
 286       "BL      sub_FF06E680\n"
 287       "TST     R0, #1\n"
 288       "MOVNE   R0, #1\n"
 289       "LDMNEFD SP!, {R4-R6,PC}\n"
 290 "loc_FF18304C:\n"
 291       "BL      sub_FF069B44\n"
 292       "LDR     R0, [R5, #0x28]\n"
 293       "CMP     R0, #0\n"
 294       "BNE     loc_FF1830A8\n"
 295       "MOV     R0, R6\n"
 296       "BL      sub_FF18289C\n"
 297       "TST     R0, #1\n"
 298       "LDMNEFD SP!, {R4-R6,PC}\n"
 299       "MOV     R0, R6\n"
 300       "BL      sub_FF182C4C\n"
 301       "BL      sub_FF183640\n"
 302       "BL      sub_FF0671E8\n"
 303 
 304 //This was not tested:
 305 //begin patch
 306       "BL      wait_until_remote_button_is_released\n"  
 307       "BL      capt_seq_hook_set_nr\n"      
 308 //end patch
 309 
 310       "MOV     R0, #2\n"
 311       "BL      sub_FF06FE00\n"
 312       "LDR     R0, [R5, #0x94]\n"
 313       "TST     R0, #0x10\n"
 314       "MOV     R0, R6\n"
 315       "BEQ     loc_FF18309C\n"
 316       "BL      sub_FF2EAD40\n"
 317       "B       loc_FF1830A0\n"
 318 "loc_FF18309C:\n"
 319       "BL      sub_FF2EA910\n"
 320 "loc_FF1830A0:\n"
 321       "MOV     R4, R0\n"
 322       "B       loc_FF1830B8\n"
 323 "loc_FF1830A8:\n"
 324       "LDR     R0, =0x724C\n"
 325       "LDR     R0, [R0]\n"
 326       "CMP     R0, #0\n"
 327       "MOVNE   R4, #0x1D\n"
 328 "loc_FF1830B8:\n"
 329       "MOV     R0, R4\n"
 330       "LDMFD   SP!, {R4-R6,PC}\n"
 331         );
 332 }
 333 
 334 
 335 //** exp_drv_task  @ 0xFF0B20B4 
 336 
 337 void __attribute__((naked,noinline)) exp_drv_task() {
 338 asm volatile (
 339       "STMFD   SP!, {R4-R9,LR}\n"
 340       "SUB     SP, SP, #0x2C\n"
 341       "LDR     R6, =0x42E8\n"
 342       "LDR     R7, =0xBB8\n"
 343       "LDR     R4, =0x567A0\n"
 344       "MOV     R0, #0\n"
 345       "ADD     R5, SP, #0x1C\n"
 346       "STR     R0, [SP, #0xC]\n"
 347 "loc_FF0B20D4:\n"
 348       "LDR     R0, [R6, #0x20]\n"
 349       "MOV     R2, #0\n"
 350       "ADD     R1, SP, #0x28\n"
 351       "BL      sub_00477218\n"
 352       "LDR     R0, [SP, #0xC]\n"
 353       "CMP     R0, #1\n"
 354       "BNE     loc_FF0B2120\n"
 355       "LDR     R0, [SP, #0x28]\n"
 356       "LDR     R0, [R0]\n"
 357       "CMP     R0, #0x14\n"
 358       "CMPNE   R0, #0x15\n"
 359       "CMPNE   R0, #0x16\n"
 360       "CMPNE   R0, #0x17\n"
 361       "BEQ     loc_FF0B2280\n"
 362       "CMP     R0, #0x2A\n"
 363       "BEQ     loc_FF0B2208\n"
 364       "ADD     R1, SP, #0xC\n"
 365       "MOV     R0, #0\n"
 366       "BL      sub_FF0B2064\n"
 367 "loc_FF0B2120:\n"
 368       "LDR     R0, [SP, #0x28]\n"
 369       "LDR     R1, [R0]\n"
 370       "CMP     R1, #0x30\n"
 371       "BNE     loc_FF0B214C\n"
 372       "BL      sub_FF0B34B0\n"
 373       "LDR     R0, [R6, #0x1C]\n"
 374       "MOV     R1, #1\n"
 375       "BL      sub_0047AC6C\n"
 376       "BL      _ExitTask\n"
 377       "ADD     SP, SP, #0x2C\n"
 378       "LDMFD   SP!, {R4-R9,PC}\n"
 379 "loc_FF0B214C:\n"
 380       "CMP     R1, #0x2F\n"
 381       "BNE     loc_FF0B2168\n"
 382       "LDR     R2, [R0, #0x8C]!\n"
 383       "LDR     R1, [R0, #4]\n"
 384       "MOV     R0, R1\n"
 385       "BLX     R2\n"
 386       "B       loc_FF0B273C\n"
 387 "loc_FF0B2168:\n"
 388       "CMP     R1, #0x28\n"
 389       "BNE     loc_FF0B21B8\n"
 390       "LDR     R0, [R6, #0x1C]\n"
 391       "MOV     R1, #0x80\n"
 392       "BL      sub_0047ACA0\n"
 393       "LDR     R0, =0xFF0ACF98\n"
 394       "MOV     R1, #0x80\n"
 395       "BL      sub_FF173A58\n"
 396       "LDR     R0, [R6, #0x1C]\n"
 397       "MOV     R2, R7\n"
 398       "MOV     R1, #0x80\n"
 399       "BL      sub_0047ABAC\n"
 400       "TST     R0, #1\n"
 401       "LDRNE   R1, =0x1599\n"
 402       "BNE     loc_FF0B2274\n"
 403 "loc_FF0B21A4:\n"
 404       "LDR     R1, [SP, #0x28]\n"
 405       "LDR     R0, [R1, #0x90]\n"
 406       "LDR     R1, [R1, #0x8C]\n"
 407       "BLX     R1\n"
 408       "B       loc_FF0B273C\n"
 409 "loc_FF0B21B8:\n"
 410       "CMP     R1, #0x29\n"
 411       "BNE     loc_FF0B2200\n"
 412       "ADD     R1, SP, #0xC\n"
 413       "BL      sub_FF0B2064\n"
 414       "LDR     R0, [R6, #0x1C]\n"
 415       "MOV     R1, #0x100\n"
 416       "BL      sub_0047ACA0\n"
 417       "LDR     R0, =0xFF0ACFA8\n"
 418       "MOV     R1, #0x100\n"
 419       "BL      sub_FF173BF8\n"
 420       "LDR     R0, [R6, #0x1C]\n"
 421       "MOV     R2, R7\n"
 422       "MOV     R1, #0x100\n"
 423       "BL      sub_0047ABAC\n"
 424       "TST     R0, #1\n"
 425       "BEQ     loc_FF0B21A4\n"
 426       "LDR     R1, =0x15A3\n"
 427       "B       loc_FF0B2274\n"
 428 "loc_FF0B2200:\n"
 429       "CMP     R1, #0x2A\n"
 430       "BNE     loc_FF0B2218\n"
 431 "loc_FF0B2208:\n"
 432       "LDR     R0, [SP, #0x28]\n"
 433       "ADD     R1, SP, #0xC\n"
 434       "BL      sub_FF0B2064\n"
 435       "B       loc_FF0B21A4\n"
 436 "loc_FF0B2218:\n"
 437       "CMP     R1, #0x2D\n"
 438       "BNE     loc_FF0B2230\n"
 439       "BL      sub_FF09DAB8\n"
 440       "BL      sub_FF09E78C\n"
 441       "BL      sub_FF09E2F8\n"
 442       "B       loc_FF0B21A4\n"
 443 "loc_FF0B2230:\n"
 444       "CMP     R1, #0x2E\n"
 445       "BNE     loc_FF0B2280\n"
 446       "LDR     R0, [R6, #0x1C]\n"
 447       "MOV     R1, #4\n"
 448       "BL      sub_0047ACA0\n"
 449       "LDR     R1, =0xFF0ACFC8\n"
 450       "LDR     R0, =0xFFFFF400\n"
 451       "MOV     R2, #4\n"
 452       "BL      sub_FF09D508\n"
 453       "BL      sub_FF09D798\n"
 454       "LDR     R0, [R6, #0x1C]\n"
 455       "MOV     R2, R7\n"
 456       "MOV     R1, #4\n"
 457       "BL      sub_0047AAC8\n"
 458       "TST     R0, #1\n"
 459       "BEQ     loc_FF0B21A4\n"
 460       "LDR     R1, =0x15CB\n"
 461 "loc_FF0B2274:\n"
 462       "LDR     R0, =0xFF0AD7A0\n"
 463       "BL      _DebugAssert\n"
 464       "B       loc_FF0B21A4\n"
 465 "loc_FF0B2280:\n"
 466       "LDR     R0, [SP, #0x28]\n"
 467       "MOV     R8, #1\n"
 468       "LDR     R1, [R0]\n"
 469       "CMP     R1, #0x12\n"
 470       "CMPNE   R1, #0x13\n"
 471       "BNE     loc_FF0B22E8\n"
 472       "LDR     R1, [R0, #0x7C]\n"
 473       "ADD     R1, R1, R1, LSL #1\n"
 474       "ADD     R1, R0, R1, LSL #2\n"
 475       "SUB     R1, R1, #8\n"
 476       "LDMIA   R1, {R2,R3,R9}\n"
 477       "STMIA   R5, {R2,R3,R9}\n"
 478       "BL      sub_FF0B0228\n"
 479       "LDR     R0, [SP, #0x28]\n"
 480       "LDR     R1, [R0, #0x7C]\n"
 481       "LDR     R3, [R0, #0x8C]\n"
 482       "LDR     R2, [R0, #0x90]\n"
 483       "ADD     R0, R0, #4\n"
 484       "BLX     R3\n"
 485       "LDR     R0, [SP, #0x28]\n"
 486       "BL      sub_FF0B38D0\n"
 487       "LDR     R0, [SP, #0x28]\n"
 488       "LDR     R1, [R0, #0x7C]\n"
 489       "LDR     R2, [R0, #0x98]\n"
 490       "LDR     R3, [R0, #0x94]\n"
 491       "B       loc_FF0B2600\n"
 492 "loc_FF0B22E8:\n"
 493       "CMP     R1, #0x14\n"
 494       "CMPNE   R1, #0x15\n"
 495       "CMPNE   R1, #0x16\n"
 496       "CMPNE   R1, #0x17\n"
 497       "BNE     loc_FF0B23A0\n"
 498       "ADD     R3, SP, #0xC\n"
 499       "MOV     R2, SP\n"
 500       "ADD     R1, SP, #0x1C\n"
 501       "BL      sub_FF0B0488\n"
 502       "CMP     R0, #1\n"
 503       "MOV     R9, R0\n"
 504       "CMPNE   R9, #5\n"
 505       "BNE     loc_FF0B233C\n"
 506       "LDR     R0, [SP, #0x28]\n"
 507       "MOV     R2, R9\n"
 508       "LDR     R1, [R0, #0x7C]!\n"
 509       "LDR     R12, [R0, #0x10]!\n"
 510       "LDR     R3, [R0, #4]\n"
 511       "MOV     R0, SP\n"
 512       "BLX     R12\n"
 513       "B       loc_FF0B2374\n"
 514 "loc_FF0B233C:\n"
 515       "LDR     R0, [SP, #0x28]\n"
 516       "CMP     R9, #2\n"
 517       "LDR     R3, [R0, #0x90]\n"
 518       "CMPNE   R9, #6\n"
 519       "BNE     loc_FF0B2388\n"
 520       "LDR     R12, [R0, #0x8C]\n"
 521       "MOV     R2, R9\n"
 522       "MOV     R1, #1\n"
 523       "MOV     R0, SP\n"
 524       "BLX     R12\n"
 525       "LDR     R0, [SP, #0x28]\n"
 526       "MOV     R2, SP\n"
 527       "ADD     R1, SP, #0x1C\n"
 528       "BL      sub_FF0B1D3C\n"
 529 "loc_FF0B2374:\n"
 530       "LDR     R0, [SP, #0x28]\n"
 531       "LDR     R2, [SP, #0xC]\n"
 532       "MOV     R1, R9\n"
 533       "BL      sub_FF0B2004\n"
 534       "B       loc_FF0B2608\n"
 535 "loc_FF0B2388:\n"
 536       "LDR     R1, [R0, #0x7C]\n"
 537       "LDR     R12, [R0, #0x8C]\n"
 538       "MOV     R2, R9\n"
 539       "ADD     R0, R0, #4\n"
 540       "BLX     R12\n"
 541       "B       loc_FF0B2608\n"
 542 "loc_FF0B23A0:\n"
 543       "CMP     R1, #0x24\n"
 544       "CMPNE   R1, #0x25\n"
 545       "BNE     loc_FF0B23EC\n"
 546       "LDR     R1, [R0, #0x7C]\n"
 547       "ADD     R1, R1, R1, LSL #1\n"
 548       "ADD     R1, R0, R1, LSL #2\n"
 549       "SUB     R1, R1, #8\n"
 550       "LDMIA   R1, {R2,R3,R9}\n"
 551       "STMIA   R5, {R2,R3,R9}\n"
 552       "BL      sub_FF0AEFA8\n"
 553       "LDR     R0, [SP, #0x28]\n"
 554       "LDR     R1, [R0, #0x7C]\n"
 555       "LDR     R3, [R0, #0x8C]\n"
 556       "LDR     R2, [R0, #0x90]\n"
 557       "ADD     R0, R0, #4\n"
 558       "BLX     R3\n"
 559       "LDR     R0, [SP, #0x28]\n"
 560       "BL      sub_FF0AF47C\n"
 561       "B       loc_FF0B2608\n"
 562 "loc_FF0B23EC:\n"
 563       "ADD     R1, R0, #4\n"
 564       "LDMIA   R1, {R2,R3,R9}\n"
 565       "STMIA   R5, {R2,R3,R9}\n"
 566       "LDR     R1, [R0]\n"
 567       "CMP     R1, #0x28\n"
 568       "ADDCC   PC, PC, R1, LSL #2\n"
 569       "B       loc_FF0B25F0\n"
 570       "B       loc_FF0B24A8\n"
 571       "B       loc_FF0B24A8\n"
 572       "B       loc_FF0B24B0\n"
 573       "B       loc_FF0B24B8\n"
 574       "B       loc_FF0B24B8\n"
 575       "B       loc_FF0B24B8\n"
 576       "B       loc_FF0B24A8\n"
 577       "B       loc_FF0B24B0\n"
 578       "B       loc_FF0B24B8\n"
 579       "B       loc_FF0B24B8\n"
 580       "B       loc_FF0B24D0\n"
 581       "B       loc_FF0B24D0\n"
 582       "B       loc_FF0B25DC\n"
 583       "B       loc_FF0B25E4\n"
 584       "B       loc_FF0B25E4\n"
 585       "B       loc_FF0B25E4\n"
 586       "B       loc_FF0B25E4\n"
 587       "B       loc_FF0B25EC\n"
 588       "B       loc_FF0B25F0\n"
 589       "B       loc_FF0B25F0\n"
 590       "B       loc_FF0B25F0\n"
 591       "B       loc_FF0B25F0\n"
 592       "B       loc_FF0B25F0\n"
 593       "B       loc_FF0B25F0\n"
 594       "B       loc_FF0B24C0\n"
 595       "B       loc_FF0B24C8\n"
 596       "B       loc_FF0B24C8\n"
 597       "B       loc_FF0B24C8\n"
 598       "B       loc_FF0B24DC\n"
 599       "B       loc_FF0B24DC\n"
 600       "B       loc_FF0B24E4\n"
 601       "B       loc_FF0B251C\n"
 602       "B       loc_FF0B2554\n"
 603       "B       loc_FF0B258C\n"
 604       "B       loc_FF0B25C4\n"
 605       "B       loc_FF0B25C4\n"
 606       "B       loc_FF0B25F0\n"
 607       "B       loc_FF0B25F0\n"
 608       "B       loc_FF0B25CC\n"
 609       "B       loc_FF0B25D4\n"
 610 "loc_FF0B24A8:\n"
 611       "BL      sub_FF0AD5D4\n"
 612       "B       loc_FF0B25F0\n"
 613 "loc_FF0B24B0:\n"
 614       "BL      sub_FF0AD8CC\n"
 615       "B       loc_FF0B25F0\n"
 616 "loc_FF0B24B8:\n"
 617       "BL      sub_FF0ADB34\n"
 618       "B       loc_FF0B25F0\n"
 619 "loc_FF0B24C0:\n"
 620       "BL      sub_FF0ADE28\n"
 621       "B       loc_FF0B25F0\n"
 622 "loc_FF0B24C8:\n"
 623       "BL      sub_FF0AE040\n"
 624       "B       loc_FF0B25F0\n"
 625 "loc_FF0B24D0:\n"
 626 //      "BL      sub_FF0AE530\n" //original
 627       "BL      sub_FF0AE530_my\n"   //patched
 628       "MOV     R8, #0\n"
 629       "B       loc_FF0B25F0\n"
 630 "loc_FF0B24DC:\n"
 631       "BL      sub_FF0AE70C\n"
 632       "B       loc_FF0B25F0\n"
 633 "loc_FF0B24E4:\n"
 634       "LDRH    R1, [R0, #4]\n"
 635       "STRH    R1, [SP, #0x1C]\n"
 636       "LDRH    R1, [R4, #2]\n"
 637       "STRH    R1, [SP, #0x1E]\n"
 638       "LDRH    R1, [R4, #4]\n"
 639       "STRH    R1, [SP, #0x20]\n"
 640       "LDRH    R1, [R4, #6]\n"
 641       "STRH    R1, [SP, #0x22]\n"
 642       "LDRH    R1, [R0, #0xC]\n"
 643       "STRH    R1, [SP, #0x24]\n"
 644       "LDRH    R1, [R4, #0xA]\n"
 645       "STRH    R1, [SP, #0x26]\n"
 646       "BL      sub_FF0B3544\n"
 647       "B       loc_FF0B25F0\n"
 648 "loc_FF0B251C:\n"
 649       "LDRH    R1, [R0, #4]\n"
 650       "STRH    R1, [SP, #0x1C]\n"
 651       "LDRH    R1, [R4, #2]\n"
 652       "STRH    R1, [SP, #0x1E]\n"
 653       "LDRH    R1, [R4, #4]\n"
 654       "STRH    R1, [SP, #0x20]\n"
 655       "LDRH    R1, [R4, #6]\n"
 656       "STRH    R1, [SP, #0x22]\n"
 657       "LDRH    R1, [R4, #8]\n"
 658       "STRH    R1, [SP, #0x24]\n"
 659       "LDRH    R1, [R4, #0xA]\n"
 660       "STRH    R1, [SP, #0x26]\n"
 661       "BL      sub_FF0B36D0\n"
 662       "B       loc_FF0B25F0\n"
 663 "loc_FF0B2554:\n"
 664       "LDRH    R1, [R4]\n"
 665       "STRH    R1, [SP, #0x1C]\n"
 666       "LDRH    R1, [R0, #6]\n"
 667       "STRH    R1, [SP, #0x1E]\n"
 668       "LDRH    R1, [R4, #4]\n"
 669       "STRH    R1, [SP, #0x20]\n"
 670       "LDRH    R1, [R4, #6]\n"
 671       "STRH    R1, [SP, #0x22]\n"
 672       "LDRH    R1, [R4, #8]\n"
 673       "STRH    R1, [SP, #0x24]\n"
 674       "LDRH    R1, [R4, #0xA]\n"
 675       "STRH    R1, [SP, #0x26]\n"
 676       "BL      sub_FF0B3784\n"
 677       "B       loc_FF0B25F0\n"
 678 "loc_FF0B258C:\n"
 679       "LDRH    R1, [R4]\n"
 680       "STRH    R1, [SP, #0x1C]\n"
 681       "LDRH    R1, [R4, #2]\n"
 682       "STRH    R1, [SP, #0x1E]\n"
 683       "LDRH    R1, [R4, #4]\n"
 684       "STRH    R1, [SP, #0x20]\n"
 685       "LDRH    R1, [R4, #6]\n"
 686       "STRH    R1, [SP, #0x22]\n"
 687       "LDRH    R1, [R0, #0xC]\n"
 688       "STRH    R1, [SP, #0x24]\n"
 689       "LDRH    R1, [R4, #0xA]\n"
 690       "STRH    R1, [SP, #0x26]\n"
 691       "BL      sub_FF0B382C\n"
 692       "B       loc_FF0B25F0\n"
 693 "loc_FF0B25C4:\n"
 694       "BL      sub_FF0AED5C\n"
 695       "B       loc_FF0B25F0\n"
 696 "loc_FF0B25CC:\n"
 697       "BL      sub_FF0AF580\n"
 698       "B       loc_FF0B25F0\n"
 699 "loc_FF0B25D4:\n"
 700       "BL      sub_FF0AFAD8\n"
 701       "B       loc_FF0B25F0\n"
 702 "loc_FF0B25DC:\n"
 703       "BL      sub_FF0AFCFC\n"
 704       "B       loc_FF0B25F0\n"
 705 "loc_FF0B25E4:\n"
 706       "BL      sub_FF0AFEB8\n"
 707       "B       loc_FF0B25F0\n"
 708 "loc_FF0B25EC:\n"
 709       "BL      sub_FF0B0020\n"
 710 "loc_FF0B25F0:\n"
 711       "LDR     R0, [SP, #0x28]\n"
 712       "LDR     R1, [R0, #0x7C]\n"
 713       "LDR     R2, [R0, #0x90]\n"
 714       "LDR     R3, [R0, #0x8C]\n"
 715 "loc_FF0B2600:\n"
 716       "ADD     R0, R0, #4\n"
 717       "BLX     R3\n"
 718 "loc_FF0B2608:\n"
 719       "LDR     R0, [SP, #0x28]\n"
 720       "LDR     R0, [R0]\n"
 721       "CMP     R0, #0x10\n"
 722       "BEQ     loc_FF0B2640\n"
 723       "BGT     loc_FF0B2630\n"
 724       "CMP     R0, #1\n"
 725       "CMPNE   R0, #4\n"
 726       "CMPNE   R0, #0xE\n"
 727       "BNE     loc_FF0B2674\n"
 728       "B       loc_FF0B2640\n"
 729 "loc_FF0B2630:\n"
 730       "CMP     R0, #0x13\n"
 731       "CMPNE   R0, #0x17\n"
 732       "CMPNE   R0, #0x1A\n"
 733       "BNE     loc_FF0B2674\n"
 734 "loc_FF0B2640:\n"
 735       "LDRSH   R0, [R4]\n"
 736       "CMN     R0, #0xC00\n"
 737       "LDRNESH R1, [R4, #8]\n"
 738       "CMNNE   R1, #0xC00\n"
 739       "STRNEH  R0, [SP, #0x1C]\n"
 740       "STRNEH  R1, [SP, #0x24]\n"
 741       "BNE     loc_FF0B2674\n"
 742       "ADD     R0, SP, #0x10\n"
 743       "BL      sub_FF0B3AE0\n"
 744       "LDRH    R0, [SP, #0x10]\n"
 745       "STRH    R0, [SP, #0x1C]\n"
 746       "LDRH    R0, [SP, #0x18]\n"
 747       "STRH    R0, [SP, #0x24]\n"
 748 "loc_FF0B2674:\n"
 749       "LDR     R0, [SP, #0x28]\n"
 750       "CMP     R8, #1\n"
 751       "BNE     loc_FF0B26C4\n"
 752       "LDR     R1, [R0, #0x7C]\n"
 753       "MOV     R2, #0xC\n"
 754       "ADD     R1, R1, R1, LSL #1\n"
 755       "ADD     R0, R0, R1, LSL #2\n"
 756       "SUB     R8, R0, #8\n"
 757       "LDR     R0, =0x567A0\n"
 758       "ADD     R1, SP, #0x1C\n"
 759       "BL      sub_0047C17C\n"
 760       "LDR     R0, =0x567AC\n"
 761       "MOV     R2, #0xC\n"
 762       "ADD     R1, SP, #0x1C\n"
 763       "BL      sub_0047C17C\n"
 764       "LDR     R0, =0x567B8\n"
 765       "MOV     R2, #0xC\n"
 766       "MOV     R1, R8\n"
 767       "BL      sub_0047C17C\n"
 768       "B       loc_FF0B273C\n"
 769 "loc_FF0B26C4:\n"
 770       "LDR     R0, [R0]\n"
 771       "MOV     R3, #1\n"
 772       "CMP     R0, #0xB\n"
 773       "BNE     loc_FF0B2708\n"
 774       "MOV     R2, #0\n"
 775       "STRD    R2, [SP]\n"
 776       "MOV     R2, R3\n"
 777       "MOV     R1, R3\n"
 778       "MOV     R0, #0\n"
 779       "BL      sub_FF0AD3B4\n"
 780       "MOV     R3, #1\n"
 781       "MOV     R2, #0\n"
 782       "STRD    R2, [SP]\n"
 783       "MOV     R2, R3\n"
 784       "MOV     R1, R3\n"
 785       "MOV     R0, #0\n"
 786       "B       loc_FF0B2738\n"
 787 "loc_FF0B2708:\n"
 788       "MOV     R2, #1\n"
 789       "STRD    R2, [SP]\n"
 790       "MOV     R3, R2\n"
 791       "MOV     R1, R2\n"
 792       "MOV     R0, R2\n"
 793       "BL      sub_FF0AD3B4\n"
 794       "MOV     R3, #1\n"
 795       "MOV     R2, R3\n"
 796       "MOV     R1, R3\n"
 797       "MOV     R0, R3\n"
 798       "STR     R3, [SP]\n"
 799       "STR     R3, [SP, #4]\n"
 800 "loc_FF0B2738:\n"
 801       "BL      sub_FF0AD520\n"
 802 "loc_FF0B273C:\n"
 803       "LDR     R0, [SP, #0x28]\n"
 804       "BL      sub_FF0B34B0\n"
 805       "B       loc_FF0B20D4\n"
 806         );
 807 }
 808 
 809 //** sub_FF0AE530_my  @ 0xFF0AE530
 810 
 811 void __attribute__((naked,noinline)) sub_FF0AE530_my() {
 812 asm volatile (
 813       "STMFD   SP!, {R4-R8,LR}\n"
 814       "LDR     R7, =0x42E8\n"
 815       "MOV     R4, R0\n"
 816       "LDR     R0, [R7, #0x1C]\n"
 817       "MOV     R1, #0x3E\n"
 818       "BL      sub_0047ACA0\n"
 819       "MOV     R2, #0\n"
 820       "LDRSH   R0, [R4, #4]\n"
 821       "MOV     R1, R2\n"
 822       "BL      sub_FF0AD028\n"
 823       "MOV     R6, R0\n"
 824       "LDRSH   R0, [R4, #6]\n"
 825       "BL      sub_FF0AD1CC\n"
 826       "LDRSH   R0, [R4, #8]\n"
 827       "BL      sub_FF0AD224\n"
 828       "LDRSH   R0, [R4, #0xA]\n"
 829       "BL      sub_FF0AD27C\n"
 830       "LDRSH   R0, [R4, #0xC]\n"
 831       "MOV     R1, #0\n"
 832       "BL      sub_FF0AD2D4\n"
 833       "MOV     R5, R0\n"
 834       "LDR     R0, [R4]\n"
 835       "LDR     R8, =0x567B8\n"
 836       "CMP     R0, #0xB\n"
 837       "MOVEQ   R6, #0\n"
 838       "MOVEQ   R5, R6\n"
 839       "BEQ     loc_FF0AE5C4\n"
 840       "CMP     R6, #1\n"
 841       "BNE     loc_FF0AE5C4\n"
 842       "LDRSH   R0, [R4, #4]\n"
 843       "LDR     R1, =0xFF0ACF88\n"
 844       "MOV     R2, #2\n"
 845       "BL      sub_FF173ADC\n"
 846       "STRH    R0, [R4, #4]\n"
 847       "MOV     R0, #0\n"
 848       "STR     R0, [R7, #0x28]\n"
 849       "B       loc_FF0AE5CC\n"
 850 "loc_FF0AE5C4:\n"
 851       "LDRH    R0, [R8]\n"
 852       "STRH    R0, [R4, #4]\n"
 853 "loc_FF0AE5CC:\n"
 854       "CMP     R5, #1\n"
 855       "LDRNEH  R0, [R8, #8]\n"
 856       "BNE     loc_FF0AE5E8\n"
 857       "LDRSH   R0, [R4, #0xC]\n"
 858       "LDR     R1, =0xFF0AD00C\n"
 859       "MOV     R2, #0x20\n"
 860       "BL      sub_FF0B3500\n"
 861 "loc_FF0AE5E8:\n"
 862       "STRH    R0, [R4, #0xC]\n"
 863       "LDRSH   R0, [R4, #6]\n"
 864 //      "BL      sub_FF09D804\n"  //original
 865       "BL      sub_FF09D804_my\n" //patched
 866       "B       sub_FF0AE5F4 \n" // continue in firmware
 867         );
 868 }
 869 
 870 //** sub_FF09D804_my  @ 0xFF09D804
 871 
 872 void __attribute__((naked,noinline)) sub_FF09D804_my(  ) {
 873 asm volatile (
 874       "STMFD   SP!, {R4-R6,LR}\n"
 875       "LDR     R5, =0x3F58\n"
 876       "MOV     R4, R0\n"
 877       "LDR     R0, [R5, #4]\n"
 878       "CMP     R0, #1\n"
 879       "LDRNE   R1, =0x14D\n"
 880       "LDRNE   R0, =0xFF09D63C\n"
 881       "BLNE    _DebugAssert\n"
 882       "CMN     R4, #0xC00\n"
 883       "LDREQSH R4, [R5, #2]\n"
 884       "CMN     R4, #0xC00\n"
 885       "LDREQ   R1, =0x153\n"
 886       "LDREQ   R0, =0xFF09D63C\n"
 887       "STRH    R4, [R5, #2]\n"
 888       "BLEQ    _DebugAssert\n"
 889       "MOV     R0, R4\n"
 890 //      "BL      _apex2us \n" //original apex2us function
 891       "BL      apex2us \n"    //patch
 892       "MOV     R4, R0\n"
 893       "BL      sub_FF0F01FC\n"
 894       "MOV     R0, R4\n"
 895       "BL      sub_FF0FDEEC\n"
 896       "TST     R0, #1\n"
 897       "LDMEQFD SP!, {R4-R6,PC}\n"
 898       "LDMFD   SP!, {R4-R6,LR}\n"
 899       "MOV     R1, #0x158\n"
 900       "LDR     R0, =0xFF09D63C\n"
 901       "B       _DebugAssert\n"
 902         );
 903 }

/* [<][>][^][v][top][bottom][index][help] */