root/platform/g7x2/sub/101a/boot.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. TestAssert
  2. blinker
  3. blinktask
  4. spytask
  5. CreateTask_spytask
  6. boot
  7. CreateTask_my
  8. sub_e00200f8_my
  9. sub_e0020398_my
  10. sub_e0020750_my
  11. sub_e005b418_my
  12. task_Startup_my
  13. sub_e046e3dc_my
  14. sub_e005b33e_my
  15. sub_e037bccc_my
  16. sub_e0371490_my
  17. sub_e0371330_my
  18. init_file_modules_task
  19. kbd_p2_f_my
  20. sub_fc09b570_my

   1 
   2 #include "lolevel.h"
   3 #include "platform.h"
   4 #include "core.h"
   5 #include "dryos31.h"
   6 
   7 #include "camera_info.h"
   8 
   9 const char * const new_sa = &_end;
  10 
  11 // Forward declarations
  12 extern void task_CaptSeq();
  13 extern void task_InitFileModules();
  14 //extern void task_MovieRecord();
  15 extern void task_ExpDrv();
  16 
  17 void TestAssert()
  18 {
  19     extern void _DebugAssert(int, char*, int);
  20     _DebugAssert(0, "Testing DebugAssert", __LINE__);
  21 }
  22 
  23 void blinker()
  24 {
  25     // green LED
  26     volatile int* p = (int*)0xD20801E4;
  27 
  28     // blinker
  29     int i;
  30     while (1)
  31     {
  32         *p = 0x24D0002;
  33         for(i=0;i<10000000;i++) {
  34             asm volatile(
  35             "nop\n"
  36             );
  37         }
  38         *p = 0x24C0003;
  39         for(i=0;i<10000000;i++) {
  40             asm volatile(
  41             "nop\n"
  42             );
  43         }
  44     }
  45 }
  46 
  47 void blinktask(long ua, long ub, long uc, long ud, long ue, long uf)
  48 {
  49     // green LED
  50     volatile int* p = (int*)0xD20801E4;
  51 
  52     // blinker
  53     while (1)
  54     {
  55         *p = 0x24D0002;
  56         _SleepTask(1000);
  57         *p = 0x24C0003;
  58         _SleepTask(1000);
  59     }
  60 }
  61 
  62 /*----------------------------------------------------------------------
  63     spytask
  64 -----------------------------------------------------------------------*/
  65 void spytask(long ua, long ub, long uc, long ud, long ue, long uf)
  66 {
  67     core_spytask();
  68 }
  69 
  70 /*----------------------------------------------------------------------
  71     CreateTask_spytask
  72 -----------------------------------------------------------------------*/
  73 void CreateTask_spytask()
  74 {
  75     extern int _CreateTask_Alt(const char *name, int prio, int stack_size /*?*/,void *entry, long parm /*?*/);
  76     _CreateTask_Alt("BlinkTask", 0x19, 0x800, blinktask, 0);
  77 //    _CreateTask("SpyTask", 0x19, 0x2000, spytask, 0);
  78 }
  79 
  80 /*----------------------------------------------------------------------
  81     boot()
  82 
  83     Main entry point for the CHDK code
  84 -----------------------------------------------------------------------*/
  85 
  86 /*************************************************************/
  87 void __attribute__((naked,noinline)) boot() {
  88     asm volatile ( // 0xfc02000c
  89             //capdis -f=chdk -s=0xe0020011 -c=65 -stubs PRIMARY.BIN 0xe0000000
  90             "    ldr     r0, =0xe0020200\n"
  91             "    mcr     p15, #0, r0, c12, c0, #0\n"
  92             "    isb     sy\n"
  93             "    movw    r0, #0x2000\n"
  94             "    movt    r0, #0\n"
  95             "    mov     sp, r0\n"
  96             "    mrc     p15, #0, r5, c0, c0, #5\n"
  97             "    ands    r0, r5, #0xf\n"
  98             "    bne     loc_e0020032\n"
  99             "    b.w     loc_e002003c\n"
 100             "loc_e0020032:\n"
 101             "    b.w     sub_e00200f8_my\n"
 102 //            "    movs    r0, r0\n"            // Data
 103 //            "    lsls    r0, r0, #8\n"        // Data
 104 //            "    b       loc_e0020042\n"      // Data
 105             "loc_e002003c:\n"
 106             "    ldr     r0, =0xe0fd3770\n"
 107             "    ldr     r1, =0x00008000\n"
 108             "    ldr     r3, =0x0004c618\n"
 109             "loc_e0020042:\n"
 110             "    cmp     r1, r3\n"
 111             "    itt     lo\n"
 112             "    ldrlo   r2, [r0], #4\n"
 113             "    strlo   r2, [r1], #4\n"
 114             "    blo     loc_e0020042\n"
 115             "    ldr     r1, =0x002c460c\n"
 116             "    mov.w   r2, #0\n"
 117             "loc_e0020056:\n"
 118             "    cmp     r3, r1\n"
 119             "    it      lo\n"
 120             "    strlo   r2, [r3], #4\n"
 121             "    blo     loc_e0020056\n"
 122             "    ldr     r0, =0xe1017d88\n" //  **"zH"
 123             "    ldr     r1, =0x01900000\n" //  **"zH"
 124             "    ldr     r3, =0x0190139c\n"
 125             "loc_e0020066:\n"
 126             "    cmp     r1, r3\n"
 127             "    itt     lo\n"
 128             "    ldrlo   r2, [r0], #4\n"
 129             "    strlo   r2, [r1], #4\n"
 130             "    blo     loc_e0020066\n"
 131             "    ldr     r0, =0x01900000\n" //  **"zH"
 132             "    ldr     r1, =0x0000139c\n"
 133             "    bl      sub_e042eb74\n"
 134             "    ldr     r0, =0x01900000\n" //  **"zH"
 135             "    ldr     r1, =0x0000139c\n"
 136             "    bl      sub_e042ec4c\n"
 137             "    ldr     r0, =0xe1019124\n"
 138             "    ldr     r1, =0xdffc4900\n"
 139             "    ldr     r3, =0xdffd0908\n"
 140             "loc_e002008a:\n"
 141             "    cmp     r1, r3\n"
 142             "    itt     lo\n"
 143             "    ldrlo   r2, [r0], #4\n"
 144             "    strlo   r2, [r1], #4\n"
 145             "    blo     loc_e002008a\n"
 146             "    ldr     r1, =0xdffd0908\n"
 147             "    mov.w   r2, #0\n"
 148             "loc_e002009e:\n"
 149             "    cmp     r3, r1\n"
 150             "    it      lo\n"
 151             "    strlo   r2, [r3], #4\n"
 152             "    blo     loc_e002009e\n"
 153 
 154             // Install CreateTask patch
 155 //            "    adr     r0, patch_CreateTask\n"    // Patch data
 156 //            "    ldm     r0, {r1,r2}\n"             // Get two patch instructions
 157 //            "    ldr     r0, =orig_CreateTask\n"    // Address to patch
 158 //            "    bic     r0, #1\n"                  // clear thumb bit
 159 //            "    stm     r0, {r1,r2}\n"             // Store patch instructions
 160 
 161             "    ldr     r0, =0xdffc4900\n"
 162             "    ldr     r1, =0x0000c008\n"
 163             "    bl      sub_e042eb74\n"
 164             "    ldr     r0, =0xdffc4900\n"
 165             "    ldr     r1, =0x0000c008\n"
 166             "    bl      sub_e042ec4c\n"
 167             "    ldr     r0, =loc_e0020032\n"
 168             "    orr     r0, r0, #1\n"
 169             "    bx      r0\n"
 170 
 171 "patch_CreateTask:\n"
 172 "    ldr.w   pc, [pc,#0]\n"             // Do jump to absolute address CreateTask_my
 173 "    .long   CreateTask_my + 1\n"       // has to be a thumb address
 174 );
 175 }
 176 
 177 /*************************************************************/
 178 void __attribute__((naked,noinline)) CreateTask_my() {
 179 asm volatile (
 180 "    push   {r0}\n"
 181 //R3 = Pointer to task function to create
 182 
 183 //"    ldr     r0, =task_CaptSeq\n"       // DryOS original code function ptr.
 184 //"    cmp     r0, r3\n"                  // is the given taskptr equal to our searched function?
 185 //"    itt     eq\n"                      // EQ block
 186 //"    ldreq   r3, =capt_seq_task\n"      // if so replace with our task function base ptr.
 187 //"    beq     exitHook\n"                // below compares not necessary if this check has found something.
 188 //
 189 //"    ldr     r0, =task_ExpDrv\n"
 190 //"    cmp     r0, R3\n"
 191 //"    itt     eq\n"
 192 //"    ldreq   r3, =exp_drv_task\n"
 193 //"    beq     exitHook\n"
 194 
 195 //"    ldr     r0, =task_DvlpSeq\n"
 196 //"    cmp     r0, R3\n"
 197 //"    itt     eq\n"
 198 //"    LDREQ   r3, =developseq_task\n"
 199 //"    BEQ     exitHook\n"
 200 //
 201 //"    ldr     r0, =task_FileWrite\n"
 202 //"    cmp     r0, R3\n"
 203 //"    itt     eq\n"
 204 //"    ldreq   r3, =filewritetask\n"
 205 //"    beq     exitHook\n"
 206 //
 207 //"    ldr     r0, =task_MovieRecord\n"
 208 //"    cmp     r0, R3\n"
 209 //"    itt     eq\n"
 210 //"    ldreq   r3, =movie_record_task\n"
 211 //"    beq     exitHook\n"
 212 
 213 //"    ldr     r0, =task_InitFileModules\n"
 214 //"    cmp     r0, r3\n"
 215 //"    it      eq\n"
 216 //"    ldreq   r3, =init_file_modules_task\n"
 217 
 218 "exitHook:\n" 
 219 // restore overwritten register(s)
 220 "    pop    {r0}\n"
 221 // Execute overwritten instructions from original code, then jump to firmware
 222 "    push.w  {r1, r2, r3, r4, r5, r6, r7, r8, sb, lr}\n"
 223 "    mov     r4, r0\n"
 224 "    ldr     r0, =0x00008164\n"
 225 "    ldr.w   pc, =(orig_CreateTask + 8) \n"  // Continue in firmware
 226 ".ltorg\n"
 227 );
 228 }
 229 
 230 //e00200f8
 231 void __attribute__((naked,noinline)) sub_e00200f8_my() {
 232 
 233 //    if (*(int*)(0xd20b0000 + 0x97 * 4) & 0x10000) {
 234 //        // see sub_FC0ECF20, sub_FC09B450
 235 //        // GPIO 0x10 (aka ON/OFF button) is not pressed -> play
 236 //        *(int*)(0x9c44+0x8) = 0x200000;
 237 //    }
 238 //    else {
 239 //        // GPIO 0x10 is pressed -> rec
 240 //        *(int*)(0x9c44+0x8) = 0x100000;
 241 //    }
 242 
 243     asm volatile (
 244             //capdis -f=chdk -s=0xe00200f9 -c=81 -stubs PRIMARY.BIN 0xe0000000
 245             "    push    {r4, r5, r6, lr}\n"
 246 #if defined(CHDK_NOT_IN_CANON_HEAP)
 247             "    ldr     r0, =0x002c4613\n"         // heap start, modify here
 248 #else
 249             "    ldr     r0, =new_sa\n"             // +
 250             "    ldr     r0, [r0]\n"                // +
 251             "    add     r0, #7\n"                  // +
 252 #endif
 253             "    sub     sp, #0x80\n"
 254             "    ldr     r1, =0x000f264c\n"
 255             "    bic     r5, r0, #7\n"
 256             "    ldr     r0, =0x006cd400\n"
 257             "    subs    r0, r0, r5\n"
 258             "    cmp     r0, r1\n"
 259             "    bhs     loc_e002010e\n"
 260             "loc_e002010c:\n"
 261             "    b       loc_e002010c\n"
 262             "loc_e002010e:\n"
 263             "    mrc     p15, #0, r0, c0, c0, #5\n"
 264             "    and     r6, r0, #0xf\n"
 265             "    mov.w   r0, #0x400\n"
 266             "    add.w   r1, r5, #0x400\n"
 267             "    str     r0, [sp]\n"
 268             "    lsls    r2, r0, #1\n"
 269             "    mov     r3, r5\n"
 270             "    mov     r4, r1\n"
 271             "    mov     r0, r6\n"
 272             "    bl      sub_e002052c\n"
 273             "    cbz     r6, loc_e0020136\n"
 274             "    bl      sub_dffc570c\n"
 275             "loc_e0020132:\n"
 276             "    add     sp, #0x80\n"
 277             "    pop     {r4, r5, r6, pc}\n"
 278             "loc_e0020136:\n"
 279             "    ldr     r0, =0x00008088\n"
 280             "    mov.w   r1, #0x80000\n"
 281             "    str     r1, [r0]\n"
 282             "    ldr     r1, =0x0000808c\n"
 283             "    ldr     r0, =0x42aaa000\n"
 284             "    str     r0, [r1]\n"
 285             "    ldr     r1, =0x00008090\n"
 286             "    ldr     r0, =0x42aac000\n"
 287             "    str     r0, [r1]\n"
 288             "    movs    r1, #0x78\n"
 289             "    add     r0, sp, #4\n"
 290             "    bl      sub_dffcc544\n"
 291             "    ldr     r1, =0x005ce000\n"
 292             "    mov.w   r0, #0x100000\n"
 293             "    ldr     r2, =0x005bedb4\n"
 294             "    strd    r1, r0, [sp, #4]\n"
 295             "    subs    r2, r2, r5\n"
 296             "    add.w   r0, r5, #0xc00\n"
 297             "    strd    r0, r2, [sp, #0xc]\n"
 298             "    ldr     r2, =0x005bf9b4\n"
 299             "    strd    r2, r1, [sp, #0x14]\n"
 300             "    movs    r1, #0x22\n"
 301             "    str     r1, [sp, #0x1c]\n"
 302             "    movs    r1, #0xca\n"
 303             "    str     r1, [sp, #0x20]\n"
 304             "    mov.w   r1, #0x2b0\n"
 305             "    str     r1, [sp, #0x24]\n"
 306             "    movs    r1, #0xfa\n"
 307             "    str     r1, [sp, #0x28]\n"
 308             "    mov.w   r1, #0x11a\n"
 309             "    str     r1, [sp, #0x2c]\n"
 310             "    movs    r1, #0x85\n"
 311             "    str     r1, [sp, #0x30]\n"
 312             "    movs    r1, #0x40\n"
 313             "    str     r1, [sp, #0x34]\n"
 314             "    movs    r1, #4\n"
 315             "    str     r1, [sp, #0x38]\n"
 316             "    movs    r1, #0\n"
 317             "    str     r1, [sp, #0x3c]\n"
 318             "    movs    r1, #0x10\n"
 319             "    str     r1, [sp, #0x60]\n"
 320             "    lsls    r1, r1, #8\n"
 321             "    str     r1, [sp, #0x64]\n"
 322             "    asrs    r1, r1, #4\n"
 323             "    str     r1, [sp, #0x68]\n"
 324             "    lsls    r1, r1, #5\n"
 325             "    str     r1, [sp, #0x6c]\n"
 326             "    mov.w   r1, #-0x11111112\n"
 327             "    b       loc_e00201ae\n"
 328             "loc_e00201ac:\n"
 329             "    stm     r4!, {r1}\n"
 330             "loc_e00201ae:\n"
 331             "    cmp     r0, r4\n"
 332             "    bhi     loc_e00201ac\n"
 333             "    movs    r2, #0\n"
 334             "    ldr     r1, =sub_e0020398_my\n"
 335             "    add     r0, sp, #4\n"
 336             "    bl      sub_dffc49e0\n"
 337             "    b       loc_e0020132\n"
 338     );
 339 }
 340 
 341 //e0020398
 342 void __attribute__((naked,noinline)) sub_e0020398_my() {
 343     asm volatile (
 344             //capdis -f=chdk -s=0xe0020399 -c=47 -stubs PRIMARY.BIN 0xe0000000
 345             "    push    {r4, lr}\n"
 346             "    ldr     r4, =0xe0020474\n" //  *"/_term"
 347             "    bl      sub_e00213fa\n"
 348             "    ldr     r0, =0x00008154\n"
 349             "    ldr     r1, [r0]\n"
 350             "    ldr     r0, =0x00008088\n"
 351             "    ldr     r0, [r0]\n"
 352             "    adds    r0, #0x10\n"
 353             "    cmp     r1, r0\n"
 354             "    bhs     loc_e00203b4\n"
 355             "    ldr     r0, =0xe0020484\n" //  *"USER_MEM size checking"
 356             "    bl      sub_e0020418\n"
 357             "loc_e00203b4:\n"
 358             "    bl      sub_e0450d70\n"
 359             "    cmp     r0, #0\n"
 360             "    bge     loc_e00203c2\n"
 361             "    ldr     r0, =0xe002049c\n" //  *"dmSetup"
 362             "    bl      sub_e0020418\n"
 363             "loc_e00203c2:\n"
 364             "    bl      sub_e002210c\n"
 365             "    cmp     r0, #0\n"
 366             "    bge     loc_e00203d0\n"
 367             "    ldr     r0, =0xe00204a4\n" //  *"termDriverInit"
 368             "    bl      sub_e0020418\n"
 369             "loc_e00203d0:\n"
 370             "    mov     r0, r4\n"
 371             "    bl      sub_e00221b0\n"
 372             "    cmp     r0, #0\n"
 373             "    bge     loc_e00203e0\n"
 374             "    ldr     r0, =0xe00204b4\n" //  *"termDeviceCreate"
 375             "    bl      sub_e0020418\n"
 376             "loc_e00203e0:\n"
 377             "    mov     r0, r4\n"
 378             "    bl      sub_e002056c\n"
 379             "    cmp     r0, #0\n"
 380             "    bge     loc_e00203f0\n"
 381             "    ldr     r0, =0xe00204c8\n" //  *"stdioSetup"
 382             "    bl      sub_e0020418\n"
 383             "loc_e00203f0:\n"
 384             "    bl      sub_e00206b0\n"
 385             "    cmp     r0, #0\n"
 386             "    bge     loc_e00203fe\n"
 387             "    ldr     r0, =0xe00204d4\n" //  *"stdlibSetup"
 388             "    bl      sub_e0020418\n"
 389             "loc_e00203fe:\n"
 390             "    bl      sub_e0029ae4\n"
 391             "    cmp     r0, #0\n"
 392             "    bge     loc_e002040c\n"
 393             "    ldr     r0, =0xe00204e0\n" //  *"extlib_setup"
 394             "    bl      sub_e0020418\n"
 395             "loc_e002040c:\n"
 396             "    bl      sub_e002042e\n"
 397             "    pop.w   {r4, lr}\n"
 398             "    b.w     sub_e0020750_my\n" // -> continue (taskcreate_startup)
 399     );
 400 }
 401 
 402 //e0020750
 403 void __attribute__((naked,noinline)) sub_e0020750_my() {
 404     asm volatile (
 405             //capdis -f=chdk -s=0xe0020751 -c=21 -stubs PRIMARY.BIN 0xe0000000
 406             "    push    {r3, lr}\n"
 407             "    bl      sub_e002088c\n"
 408             "    bl      sub_e0020848\n"
 409             "    movs    r0, #1\n"
 410 //            "    bl      sub_e051e07c\n"    // ********** Hangs if this is called
 411             "    bl      sub_e003e3bc\n"
 412             "    bl      sub_e005b418_my\n"  // -> power-on mode handling & startupchecks here
 413             "    cbz     r0, loc_e002078a\n"
 414             "    bl      sub_dffc9094\n"
 415             "    ldr     r1, =0x006ce000\n"
 416             "    movs    r0, #0\n"
 417             "    bl      sub_e037e5d0\n"
 418             "    ldr     r3, =task_Startup_my\n"
 419             "    movs    r0, #0\n"
 420             "    mov     r2, r0\n"
 421             "    str     r0, [sp]\n"
 422             "    movs    r1, #0x19\n"
 423             "    ldr     r0, =0xe00207a8\n" //  *"Startup"
 424             "    bl      sub_dffc93ba\n"
 425             "    movs    r0, #0\n"
 426             "    pop     {r3, pc}\n"
 427             "loc_e002078a:\n"
 428             "    bl      sub_e002087c\n"
 429             "loc_e002078e:\n"
 430             "    b       loc_e002078e\n"
 431     );
 432 }
 433 
 434 //e005b418
 435 void __attribute__((naked,noinline)) sub_e005b418_my() {
 436     asm volatile (
 437             //capdis -f=chdk -s=0xe005b419 -c=44 -stubs PRIMARY.BIN 0xe0000000
 438             "    push.w  {r3, r4, r5, r6, r7, r8, sb, sl, fp, lr}\n"
 439             "    movs    r5, #0\n"
 440             "    mov     sl, r0\n"
 441             "    mov     r4, r5\n"
 442             "    bl      sub_e004e4d2\n"
 443             "    mov.w   r0, #0x168\n"
 444             "    bl      sub_e004ed2a\n"
 445             "    movs    r6, #1\n"
 446             "    bic.w   r7, r6, r0\n"
 447             "    mov.w   r0, #0x150\n"
 448             "    bl      sub_e004ed2a\n"
 449             "    bic.w   r8, r6, r0\n"
 450             "    movs    r0, #0\n"
 451             "    bl      sub_e004e4ce\n"
 452             "    cbz     r0, loc_e005b454\n"
 453             "    mov.w   r0, #0x16c\n"
 454             "    bl      sub_e004ed2a\n"
 455             "    bic.w   r5, r6, r0\n"
 456             "loc_e005b454:\n"
 457             "    movs    r0, #0x38\n"
 458             "    bl      sub_e004ed2a\n"
 459             "    mov     sb, r6\n"
 460             "    bics    r6, r0\n"
 461             "    movs    r0, #1\n"
 462             "    bl      sub_e004e4ce\n"
 463             "    cbz     r0, loc_e005b472\n"
 464             "    mov.w   r0, #0x194\n"
 465             "    bl      sub_e004ed2a\n"
 466             "    bic.w   r4, sb, r0\n"
 467             "loc_e005b472:\n"
 468             "    cmp.w   sl, #0\n"
 469             "    beq     loc_e005b486\n"
 470             "    orr.w   r0, r7, r8\n"
 471             "    orr.w   r1, r5, r6\n"
 472             "    orrs    r0, r1\n"
 473             "    orrs    r0, r4\n"
 474 //            "    beq     loc_e005b49a\n"
 475             "loc_e005b486:\n"
 476             "    mov     r3, r6\n"
 477             "    mov     r2, r5\n"
 478             "    mov     r1, r8\n"
 479             "    mov     r0, r7\n"
 480             "    str     r4, [sp]\n"
 481             "    bl      sub_e004e4d6\n"
 482             "    bl      sub_e004e4d4\n"
 483             "    movs    r0, #1\n"
 484             "loc_e005b49a:\n"
 485             "    pop.w   {r3, r4, r5, r6, r7, r8, sb, sl, fp, pc}\n"
 486     );
 487 }
 488 
 489 // task_Startup e00206d4
 490 void __attribute__((naked,noinline)) task_Startup_my() {
 491     asm volatile (
 492             //capdis -f=chdk -s=0xe00206d5 -c=34 -stubs PRIMARY.BIN 0xe0000000
 493             "    push    {r4, lr}\n"
 494             "    bl      sub_e013a49a\n"
 495             "    ldr     r0, =0x4194a000\n"
 496             "    mov.w   r1, #0x20000\n"
 497             "    bl      sub_e03ea27c\n"
 498             "    cbz     r0, loc_e00206f0\n"
 499             "    movs    r2, #0x7d\n"
 500             "    movs    r0, #0\n"
 501             "    ldr     r1, =0xe0020794\n" //  *"Startup.c"
 502             "    bl      sub_dffc96f4\n"
 503             "loc_e00206f0:\n"
 504             "    bl      sub_e0020860\n"
 505             "    bl      sub_e046e380\n"
 506             "    bl      sub_e052fdac\n"
 507             "    bl      sub_e046e3dc_my\n"       // - startdiskboot
 508             "    bl      sub_e005a122\n"
 509             "    bl      sub_e0425880\n"
 510             "    bl      sub_e0020924\n"
 511             "    bl      sub_e00208be\n"
 512             "    bl      sub_e052fde2\n"
 513             "    bl      sub_e0056650\n"
 514 //            "    bl      TestAssert\n"          // +++
 515             "    bl      sub_e0425886\n"
 516             "    bl      sub_e005b33e\n"    //_my\n"     // -> taskcreate_physw
 517             "    BL      CreateTask_spytask\n"  // +
 518 //            "    bl      init_required_fw_features\n" // added TODO: Check if needed on G7X2
 519             "    bl      sub_e0297df6\n"
 520             "    bl      sub_e042589c\n"
 521             "    bl      sub_e052fd44\n"
 522             "    bl      sub_e04914a0\n"
 523             "    bl      sub_e005b870\n"
 524             "    bl      sub_e005a0d2\n"
 525             "    bl      sub_e049145c\n"
 526             "    bl      sub_e0020928\n"
 527             "    bl      sub_e037bccc_my\n"        // ********** Hangs in here (see extracted code below)
 528             "    bl      sub_e049142e\n"
 529             "    pop.w   {r4, lr}\n"
 530             "    b.w     sub_e013a496\n"
 531     );
 532 }
 533 
 534 //e046e3dc
 535 void __attribute__((naked,noinline)) sub_e046e3dc_my() {
 536     asm volatile (
 537             //capdis -f=chdk -s=0xe046e3dd -c=28 -stubs PRIMARY.BIN 0xe0000000
 538             "    push    {r4, lr}\n"
 539             "    ldr     r0, =0xe046e3dd\n"
 540             "    lsrs    r0, r0, #0x18\n"
 541             "    beq     loc_e046e426\n"
 542             "    movs    r0, #0\n"
 543             "    bl      sub_e0531c8c\n"
 544             "    lsls    r0, r0, #0x1f\n"
 545             "    bne     loc_e046e426\n"
 546             "    bl      sub_e04d9a1e\n"
 547             "    movs    r0, #1\n"
 548             "    bl      sub_e0531c8c\n"
 549             "    lsls    r0, r0, #0x1f\n"
 550             "    beq     loc_e046e426\n"
 551             "    bl      sub_e0531c8a\n"
 552             "    movs    r0, #0\n"
 553             "    bl      sub_e0375014\n"
 554             "    movs    r0, #0\n"
 555             "    bl      sub_e0375042\n"
 556             "    cbz     r0, loc_e046e426\n"
 557             "    ldr     r0, =0xe046e4f8\n" //  *"\nStartDiskboot"
 558             "    bl      sub_e037e664\n"
 559             "    movs    r0, #0\n"
 560             "    bl      sub_e0375070\n"
 561 //            "    bl      sub_e046e4b0\n"  // Check for diskboot.bin
 562             "    movs    r0, #0\n"
 563             "    bl      sub_e0374fc6\n"
 564             "loc_e046e426:\n"
 565             "    pop.w   {r4, lr}\n"
 566             "    bx      lr\n"
 567     );
 568 }
 569 
 570 //taskcreate_physw e005b33e
 571 void __attribute__((naked,noinline)) sub_e005b33e_my() {
 572     asm volatile (
 573             //capdis -f=chdk -s=0xe005b33f -c=18 -stubs PRIMARY.BIN 0xe0000000
 574             "    push    {r2, r3, r4, lr}\n"
 575             "    bl      sub_e005744c\n"
 576             "    bl      sub_e003e33c\n"
 577             "    cbnz    r0, loc_e005b34e\n"
 578             "    bl      sub_e00573f0\n"
 579             "loc_e005b34e:\n"
 580             "    ldr     r4, =0x00008370\n"
 581             "    ldr     r0, [r4, #4]\n"
 582             "    cmp     r0, #0\n"
 583             "    bne     loc_e005b36a\n"
 584             "    movs    r1, #1\n"
 585             "    ldr     r3, =0xe005b319\n" //=mykbd_task\n" // task_PhySw replacement
 586             "    lsls    r2, r1, #0xb\n"
 587             "    strd    r0, r1, [sp]\n"
 588             "    movs    r1, #0x17\n"
 589             "    ldr     r0, =0xe005b6a4\n" //  *"PhySw"
 590             "    bl      sub_dffc95d8\n"    // ??? stack size set in here not as param - may need replacing
 591             "    str     r0, [r4, #4]\n"
 592             "loc_e005b36a:\n"
 593             "    pop     {r2, r3, r4, pc}\n"
 594     );
 595 }
 596 
 597 //e037bccc
 598 void __attribute__((naked,noinline)) sub_e037bccc_my() {
 599     asm volatile (
 600 //capdis -f=chdk -s=0xe037bccd -c=18 -stubs PRIMARY.BIN 0xe0000000
 601             "    push    {r4, lr}\n"
 602             "    bl      sub_e03bf1fc\n"
 603             "    bl      sub_e003e33c\n"
 604             "    cmp     r0, #1\n"
 605             "    beq     loc_e037bcf2\n"
 606             "    bl      sub_e035f864\n"
 607             "    ldr     r4, =0x00008270\n"
 608             "    ldr     r0, [r4, #4]\n"
 609             "    cmp     r0, #0\n"
 610             "    bne     loc_e037bcf0\n"
 611             "    movs    r1, #0\n"
 612             "    ldr     r0, =0xe037b94d\n"
 613             "    bl      sub_e0371490_my\n"     // +
 614             "    str     r0, [r4, #4]\n"
 615             "loc_e037bcf0:\n"
 616             "    pop     {r4, pc}\n"
 617             "loc_e037bcf2:\n"
 618             "    bl      sub_e04201b8\n"
 619             "    pop.w   {r4, lr}\n"
 620             "    b.w     sub_e003e3ca\n"
 621     );
 622 }
 623 
 624 //e0371490
 625 void __attribute__((naked,noinline)) sub_e0371490_my() {
 626     asm volatile (
 627             //capdis -f=chdk -s=0xe0371491 -c=56 -stubs PRIMARY.BIN 0xe0000000
 628             "    push.w  {r4, r5, r6, r7, r8, lr}\n"
 629             "    mov     r7, r0\n"
 630             "    ldr     r5, =0x0000c518\n"
 631             "    movs    r6, #0\n"
 632             "    mov     r8, r1\n"
 633             "    ldrb    r0, [r5]\n"
 634             "    lsls    r0, r0, #0x1f\n"
 635             "    beq     loc_e03714a6\n"
 636             "loc_e03714a2:\n"
 637             "    movs    r0, #0x11\n"
 638             "    b       sub_e037134a\n"
 639             "loc_e03714a6:\n"
 640             "    movs    r0, #0x28\n"
 641             "    bl      sub_e0371f08\n"
 642             "    ldr     r1, =0x0001d4c0\n"
 643             "    mov     r4, r0\n"
 644             "    ldr     r0, [r5]\n"
 645             "    mov.w   r3, #0x288\n"
 646             "    ldr     r2, =0xe037173c\n" //  *"CtrlMan.c"
 647             "    bl      sub_dffca338\n"
 648             "    cbz     r0, loc_e03714c6\n"
 649             "    mov     r0, r4\n"
 650             "    bl      sub_e0371f0e\n"
 651             "    b       loc_e03714a2\n"
 652             "loc_e03714c6:\n"
 653             "    ldr     r0, [r5, #0xc]\n"
 654             "    cbz     r0, loc_e03714cc\n"
 655             "    mov     r6, r0\n"
 656             "loc_e03714cc:\n"
 657             "    str     r7, [r4]\n"
 658             "    strd    r8, r0, [r4, #4]\n"
 659             "    movs    r0, #0x19\n"
 660             "    str     r0, [r4, #0xc]\n"
 661             "    movs    r1, #0x19\n"
 662             "    ldr     r0, [r5, #0x14]\n"
 663             "    str     r0, [r4, #0x10]\n"
 664             "    movs    r0, #0\n"
 665             "    str     r0, [r4, #0x18]\n"
 666             "    str     r0, [r4, #0x1c]\n"
 667             "    str     r0, [r4, #0x20]\n"
 668             "    ldr     r0, [r5, #0x1c]\n"
 669             "    str     r0, [r4, #0x24]\n"
 670             "    adds    r0, r0, #1\n"
 671             "    str     r0, [r5, #0x1c]\n"
 672             "    ldr     r0, =0xe03713bd\n"
 673             "    str     r0, [r4, #0x14]\n"
 674             "    mov     r0, r4\n"
 675             "    bl      sub_e03713f4\n"
 676             "    ldr     r0, [r5]\n"
 677             "    bl      sub_dffcad46\n"
 678             "    movs    r3, #0\n"
 679             "    movw    r1, #0x803\n"
 680             "    mov     r2, r3\n"
 681             "    mov     r0, r4\n"
 682             "    bl      sub_e0371330_my\n"     // +
 683             "    mov     r1, r4\n"
 684             "    mov     r0, r6\n"
 685             "    bl      sub_e03719b8\n"
 686             "    mov     r0, r4\n"
 687             "    b       sub_e037134a\n"
 688     );
 689 }
 690 
 691 //e0371330
 692 void __attribute__((naked,noinline)) sub_e0371330_my() {
 693     asm volatile (
 694             //capdis -f=chdk -s=0xe0371331 -c=31 -stubs PRIMARY.BIN 0xe0000000
 695             "    push.w  {r4, r5, r6, r7, r8, lr}\n"
 696             "    movs    r4, r0\n"
 697             "    mov     r6, r3\n"
 698             "    mov     r7, r2\n"
 699             "    mov     r8, r1\n"
 700             "    beq     loc_e0371348\n"
 701             "    ldr     r5, =0x0000c518\n"
 702             "    ldr     r0, [r5, #0x18]\n"
 703             "    cmp     r0, #0xe\n"
 704             "    bne     loc_e0371358\n"
 705             "    b       loc_e037134e\n"
 706             "loc_e0371348:\n"
 707             "    movs    r0, #1\n"
 708             "loc_e037134a:\n"
 709             "    pop.w   {r4, r5, r6, r7, r8, pc}\n"
 710             "loc_e037134e:\n"
 711             "    movs    r2, #0x7e\n"
 712             "    movs    r0, #0\n"
 713             "    ldr     r1, =0xe037173c\n" //  *"CtrlMan.c"
 714             "    bl      sub_dffc96f4\n"
 715             "loc_e0371358:\n"
 716             "    ldr     r2, =0x0005ba58\n"
 717             "    mov     r3, r6\n"
 718             "    ldr     r0, [r5, #0x18]\n"
 719             "    mov     r1, r8\n"
 720             "    str.w   r4, [r2, r0, lsl #2]\n"
 721             "    adds    r0, r0, #1\n"
 722             "    str     r0, [r5, #0x18]\n"
 723             "    mov     r2, r7\n"
 724             "    ldrd    r4, r0, [r4]\n"
 725 //            "    blx     r4\n"                  // ********** Hangs here ???
 726             "    ldr     r1, [r5, #0x18]\n"
 727             "    subs    r1, r1, #1\n"
 728             "    str     r1, [r5, #0x18]\n"
 729             "    b       loc_e037134a\n"
 730     );
 731 }
 732 
 733 //fc157608
 734 void __attribute__((naked,noinline)) init_file_modules_task() {
 735     asm volatile (
 736 ////capdis -f=chdk -s=0xfc157609 -c=18 -stubs PRIMARY.BIN 0xfc000000
 737 //"    push    {r4, r5, r6, lr}\n"
 738 //"    movs    r0, #6\n"
 739 //"    bl      sub_fc368a14\n"
 740 //"    bl      sub_fc0c994c\n"
 741 //"    movs    r4, r0\n"
 742 //"    movw    r5, #0x5006\n"
 743 //"    beq     loc_fc157624\n"
 744 //"    movs    r1, #0\n"
 745 //"    mov     r0, r5\n"
 746 //"    bl      sub_fc3bd76c\n"
 747 //"loc_fc157624:\n"
 748 //"    bl      sub_fc0c9976\n"
 749 //"    bl      core_spytask_can_start\n" // + CHDK: Set "it's-safe-to-start" flag for spytask
 750 //"    cmp     r4, #0\n"
 751 //"    bne     loc_fc157638\n"
 752 //"    mov     r0, r5\n"
 753 //"    pop.w   {r4, r5, r6, lr}\n"
 754 //"    movs    r1, #1\n"
 755 //"    b.w     sub_fc3bd76c\n"
 756 //"loc_fc157638:\n"
 757 //"    pop     {r4, r5, r6, pc}\n"
 758 ".ltorg\n"
 759     );
 760 }
 761 
 762 //fc0ecb7c
 763 void __attribute__((naked,noinline)) kbd_p2_f_my() {
 764     asm volatile(
 765 ////capdis -f=chdk -s=0xfc0ecb7d -c=77 -stubs PRIMARY.BIN 0xfc000000
 766 //"    push.w  {r4, r5, r6, r7, r8, lr}\n"
 767 //"    ldr     r6, =0x0003ef70\n"
 768 //"    sub     sp, #0x18\n"
 769 //"    add     r7, sp, #8\n"
 770 //"    subs    r6, #0xc\n"
 771 //"    b       loc_fc0ecbbe\n"
 772 //"loc_fc0ecb8a:\n"
 773 //"    ldr     r1, =0x0003ef70\n"
 774 //"    add     r3, sp, #8\n"
 775 //"    ldrb.w  r0, [sp, #4]\n"
 776 //"    add     r2, sp, #0x14\n"
 777 //"    subs    r1, #0x18\n"
 778 //"    bl      sub_fc09bb10\n"
 779 //"    cbnz    r0, loc_fc0ecba4\n"
 780 //"    ldr     r1, [sp, #0x14]\n"
 781 //"    movs    r0, #0\n"
 782 //"    bl      sub_fc0ecaee\n"
 783 //"loc_fc0ecba4:\n"
 784 //"    movs    r0, #2\n"
 785 //"loc_fc0ecba6:\n"
 786 //"    ldr.w   r1, [r7, r0, lsl #2]\n"
 787 //"    cbz     r1, loc_fc0ecbb6\n"
 788 //"    ldr.w   r2, [r6, r0, lsl #2]\n"
 789 //"    bics    r2, r1\n"
 790 //"    str.w   r2, [r6, r0, lsl #2]\n"
 791 //"loc_fc0ecbb6:\n"
 792 //"    subs    r0, r0, #1\n"
 793 //"    sxtb    r0, r0\n"
 794 //"    cmp     r0, #0\n"
 795 //"    bge     loc_fc0ecba6\n"
 796 //"loc_fc0ecbbe:\n"
 797 //"    ldr     r0, =0x0003ef70\n"
 798 //"    add     r1, sp, #4\n"
 799 //"    subs    r0, #0xc\n"
 800 //"    bl      sub_fc09b7f6\n"
 801 //"    cmp     r0, #0\n"
 802 //"    bne     loc_fc0ecb8a\n"
 803 //"    ldr.w   r8, =0x0003ef70\n"
 804 //"    movs    r4, #0\n"
 805 //"loc_fc0ecbd2:\n"
 806 //"    movs    r5, #0\n"
 807 //"    ldr.w   r0, [r6, r4, lsl #2]\n"
 808 //"    ldr.w   r1, [r8, r4, lsl #2]\n"
 809 //"    ands    r0, r1\n"
 810 //"    str.w   r0, [r6, r4, lsl #2]\n"
 811 //"    b       loc_fc0ecc2a\n"
 812 //"loc_fc0ecbe4:\n"
 813 //"    lsrs    r0, r5\n"
 814 //"    lsls    r0, r0, #0x1f\n"
 815 //"    beq     loc_fc0ecc22\n"
 816 //"    ldr     r1, =0x0003ef70\n"
 817 //"    add.w   r0, r5, r4, lsl #5\n"
 818 //"    add     r3, sp, #8\n"
 819 //"    subs    r1, #0x18\n"
 820 //"    add     r2, sp, #0x14\n"
 821 //"    uxtb    r0, r0\n"
 822 //"    bl      sub_fc09bb10\n"
 823 //"    cbnz    r0, loc_fc0ecc06\n"
 824 //"    ldr     r1, [sp, #0x14]\n"
 825 //"    movs    r0, #1\n"
 826 //"    bl      sub_fc0ecaee\n"
 827 //"loc_fc0ecc06:\n"
 828 //"    mov     r0, r4\n"
 829 //"    b       loc_fc0ecc1e\n"
 830 //"loc_fc0ecc0a:\n"
 831 //"    ldr.w   r1, [r7, r0, lsl #2]\n"
 832 //"    cbz     r1, loc_fc0ecc1a\n"
 833 //"    ldr.w   r2, [r6, r0, lsl #2]\n"
 834 //"    bics    r2, r1\n"
 835 //"    str.w   r2, [r6, r0, lsl #2]\n"
 836 //"loc_fc0ecc1a:\n"
 837 //"    adds    r0, r0, #1\n"
 838 //"    sxtb    r0, r0\n"
 839 //"loc_fc0ecc1e:\n"
 840 //"    cmp     r0, #3\n"
 841 //"    blt     loc_fc0ecc0a\n"
 842 //"loc_fc0ecc22:\n"
 843 //"    ldr.w   r0, [r6, r4, lsl #2]\n"
 844 //"    adds    r5, r5, #1\n"
 845 //"    uxtb    r5, r5\n"
 846 //"loc_fc0ecc2a:\n"
 847 //"    cmp     r0, #0\n"
 848 //"    bne     loc_fc0ecbe4\n"
 849 //"    adds    r4, r4, #1\n"
 850 //"    sxtb    r4, r4\n"
 851 //"    cmp     r4, #3\n"
 852 //"    blt     loc_fc0ecbd2\n"
 853 //"    bl      sub_fc09b570_my\n"
 854 //"    add     sp, #0x18\n"
 855 //"    pop.w   {r4, r5, r6, r7, r8, pc}\n"
 856 ".ltorg\n"
 857     );
 858 }
 859 
 860 //fc09b570
 861 void __attribute__((naked,noinline)) sub_fc09b570_my() {
 862     asm volatile(
 863 ////capdis -f=chdk -s=0xfc09b571 -c=14 -stubs PRIMARY.BIN 0xfc000000
 864 //"    push    {r4, lr}\n"
 865 //"    ldr     r4, =0x00009c44\n"
 866 //"    ldr     r0, [r4, #0xc]\n"
 867 //"    bl      sub_fc0a3b54\n"
 868 //"    ldr     r0, [r4, #0x10]\n"
 869 //"    bl      sub_fc0a3bde\n"
 870 //"    bl      sub_fc0a3c66\n"
 871 //"    bl      sub_fc10b3f4\n"
 872 //"    ldr     r0, [r4, #0x14]\n"
 873 //"    bl      sub_fc0a3a84\n"
 874 //"    ldr     r0, [r4, #0x18]\n"
 875 //"    bl      sub_fc0a3a84\n"
 876 //"    bl      handle_jogdial\n"  // +
 877 //"    cmp     r0, #0\n"          // +
 878 //"    beq     no_scroll\n"       // +
 879 //"    pop.w   {r4, lr}\n"
 880 //"    b.w     sub_fc0a3fc2\n"
 881 //"no_scroll:\n"                  // +
 882 //"    pop     {r4, pc}\n"        // +
 883 ".ltorg\n"
 884     );
 885 }

/* [<][>][^][v][top][bottom][index][help] */