root/platform/s95/sub/100k/boot.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. taskCreateHook
  2. boot
  3. sub_FF810354_my
  4. sub_FF811198_my
  5. sub_FF815EE0_my
  6. taskcreate_Startup_my
  7. task_Startup_my
  8. spytask
  9. CreateTask_spytask
  10. CreateTask_PhySw
  11. init_file_modules_task
  12. sub_FF896D0C_my
  13. sub_FF876598_my
  14. sub_FF8761C0_my
  15. sub_FF875EE0_my
  16. JogDial_task_my

   1 #include "lolevel.h"
   2 #include "platform.h"
   3 #include "core.h"
   4 #include "stdlib.h"
   5 
   6 const char * const new_sa = &_end;
   7 
   8 
   9 // Forward declarations
  10 void CreateTask_PhySw();
  11 void CreateTask_spytask();
  12 extern volatile int jogdial_stopped;
  13 void JogDial_task_my(void);
  14 
  15 
  16 /*---------------------------------------------------------------------
  17   Memory Map:
  18         00001900     MEMBASEADDR             start of data - used for initialized vars
  19         00010FE3                             end of inited data
  20         00010FE4                             start of bss - used for zeroed/uninited vars
  21         00016E2F                             end of bss
  22         0016EE30     MEMISOSTART             start of CHDK code / data / bss
  23         001B0000                                                         end of CHDK data (approx)
  24         001B0001                                                         start of DRYOS heap (approx)
  25         0037FFFF                                                         end of heap (?)
  26 
  27         41269150                                                         raw buffer 0
  28         46000000                             raw buffer 1
  29 
  30         C0xxxxxx                            I/O
  31 
  32         FF810000    ROMBASEADDR             start of rom
  33         FFFFFFFF                            end of rom
  34 ----------------------------------------------------------------------*/
  35 
  36 
  37 /*----------------------------------------------------------------------
  38         taskCreateHook()
  39 -----------------------------------------------------------------------*/
  40 void taskCreateHook(int *p)
  41 {
  42         p-=17;
  43 
  44         if (p[0] == 0xFF88322C)
  45                 p[0] = (int) capt_seq_task;
  46 
  47         if (p[0] == 0xFF98642C)
  48 
  49 
  50 
  51 
  52 
  53 
  54 
  55 
  56 
  57 
  58 
  59 
  60 
  61                 p[0] = (int) movie_record_task;
  62 
  63         if (p[0] == 0xFF8A0AA0)
  64                 p[0] = (int) init_file_modules_task;
  65 
  66         if (p[0] == 0xFF8CF1A8)
  67 
  68 
  69 
  70 
  71 
  72                 p[0] = (int) exp_drv_task;
  73 
  74         if (p[0] == 0xFF865894)
  75                 p[0] = (int) JogDial_task_my;
  76 }
  77 
  78 
  79 
  80 
  81 /*----------------------------------------------------------------------
  82         boot()
  83 
  84         Main entry point for the CHDK code
  85 -----------------------------------------------------------------------*/
  86 void __attribute__((naked,noinline)) boot()
  87 {
  88     asm volatile (
  89         
  90 /*              // LED Test
  91         "LDR     R1, =0xC0220134\n"     // Orange LED
  92         "MOV     R0, #0x46\n"   
  93         "STR     R0, [R1]\n"
  94         "LDR     R1, =0xC0223030\n"     // AF LED
  95         "MOV     R0, #0x46\n"
  96         "STR     R0, [R1]\n"    
  97         "LDR     R0, =0x100000 \n"
  98 "loop1: \n"
  99         "nop\n"
 100         "SUBS   R0,R0,#1 \n"
 101         "BNE    loop1 \n"       
 102         // End LED Test
 103 */      
 104 "       LDR     R1, =0xC0410000 \n"                  
 105 "       MOV     R0, #0 \n"                           
 106 "       STR     R0, [R1] \n"                         
 107 "       MOV     R1, #0x78 \n"                        
 108 "       MCR     p15, 0, R1, c1, c0 \n"               
 109 "       MOV     R1, #0 \n"                           
 110 "       MCR     p15, 0, R1, c7, c10, 4 \n"           
 111 "       MCR     p15, 0, R1, c7, c5 \n"               
 112 "       MCR     p15, 0, R1, c7, c6 \n"               
 113 "       MOV     R0, #0x3D \n"                        
 114 "       MCR     p15, 0, R0, c6, c0 \n"               
 115 "       MOV     R0, #0xC000002F \n"                  
 116 "       MCR     p15, 0, R0, c6, c1 \n"               
 117 "       MOV     R0, #0x35 \n"                        
 118 "       MCR     p15, 0, R0, c6, c2 \n"               
 119 "       MOV     R0, #0x40000035 \n"                  
 120 "       MCR     p15, 0, R0, c6, c3 \n"               
 121 "       MOV     R0, #0x80000017 \n"                  
 122 "       MCR     p15, 0, R0, c6, c4 \n"               
 123 "       LDR     R0, =0xFF80002D \n"                  
 124 "       MCR     p15, 0, R0, c6, c5 \n"               
 125 "       MOV     R0, #0x34 \n"                        
 126 "       MCR     p15, 0, R0, c2, c0 \n"               
 127 "       MOV     R0, #0x34 \n"                        
 128 "       MCR     p15, 0, R0, c2, c0, 1 \n"            
 129 "       MOV     R0, #0x34 \n"                        
 130 "       MCR     p15, 0, R0, c3, c0 \n"               
 131 "       LDR     R0, =0x3333330 \n"                   
 132 "       MCR     p15, 0, R0, c5, c0, 2 \n"            
 133 "       LDR     R0, =0x3333330 \n"                   
 134 "       MCR     p15, 0, R0, c5, c0, 3 \n"            
 135 "       MRC     p15, 0, R0, c1, c0 \n"               
 136 "       ORR     R0, R0, #0x1000 \n"                  
 137 "       ORR     R0, R0, #4 \n"                       
 138 "       ORR     R0, R0, #1 \n"                       
 139 "       MCR     p15, 0, R0, c1, c0 \n"               
 140 "       MOV     R1, #0x80000006 \n"                  
 141 "       MCR     p15, 0, R1, c9, c1 \n"               
 142 "       MOV     R1, #6 \n"                           
 143 "       MCR     p15, 0, R1, c9, c1, 1 \n"            
 144 "       MRC     p15, 0, R1, c1, c0 \n"               
 145 "       ORR     R1, R1, #0x50000 \n"                 
 146 "       MCR     p15, 0, R1, c1, c0 \n"               
 147 "       LDR     R2, =0xC0200000 \n"                  
 148 "       MOV     R1, #1 \n"                           
 149 "       STR     R1, [R2, #0x10C] \n"                 
 150 "       MOV     R1, #0xFF \n"                        
 151 "       STR     R1, [R2, #0xC] \n"                   
 152 "       STR     R1, [R2, #0x1C] \n"                  
 153 "       STR     R1, [R2, #0x2C] \n"                  
 154 "       STR     R1, [R2, #0x3C] \n"                  
 155 "       STR     R1, [R2, #0x4C] \n"                  
 156 "       STR     R1, [R2, #0x5C] \n"                  
 157 "       STR     R1, [R2, #0x6C] \n"                  
 158 "       STR     R1, [R2, #0x7C] \n"                  
 159 "       STR     R1, [R2, #0x8C] \n"                  
 160 "       STR     R1, [R2, #0x9C] \n"                  
 161 "       STR     R1, [R2, #0xAC] \n"                  
 162 "       STR     R1, [R2, #0xBC] \n"                  
 163 "       STR     R1, [R2, #0xCC] \n"                  
 164 "       STR     R1, [R2, #0xDC] \n"                  
 165 "       STR     R1, [R2, #0xEC] \n"                  
 166 "       STR     R1, [R2, #0xFC] \n"                  
 167 "       LDR     R1, =0xC0400008 \n"                  
 168 "       LDR     R2, =0x430005 \n"                    
 169 "       STR     R2, [R1] \n"                         
 170 "       MOV     R1, #1 \n"                           
 171 "       LDR     R2, =0xC0243100 \n"                  
 172 "       STR     R2, [R1] \n"                         
 173 "       LDR     R2, =0xC0242010 \n"                  
 174 "       LDR     R1, [R2] \n"                         
 175 "       ORR     R1, R1, #1 \n"                       
 176 "       STR     R1, [R2] \n"                         
 177 "       LDR     R0, =0xFFC9A254 \n"                  
 178 
 179 "       LDR     R1, =0x1900 \n"                      
 180 "       LDR     R3, =0x10FE4 \n"                     
 181 "loc_FF81013C:\n"
 182 "       CMP     R1, R3 \n"                           
 183 "       LDRCC   R2, [R0], #4 \n"                   
 184 "       STRCC   R2, [R1], #4 \n"                   
 185 "       BCC     loc_FF81013C \n"                     
 186 "       LDR     R1, =0x16EE30 \n"                    
 187 "       MOV     R2, #0 \n"                           
 188 "loc_FF810154:\n"
 189 "       CMP     R3, R1 \n"                           
 190 "       STRCC   R2, [R3], #4 \n"                   
 191 "       BCC     loc_FF810154 \n"   
 192 //"             B       sub_FF810354 \n"                  
 193 "       B       sub_FF810354_my \n"     
 194     );
 195 };
 196 
 197 
 198 /*----------------------------------------------------------------------
 199         sub_FF810354_my    0xFF810354
 200 -----------------------------------------------------------------------*/
 201 void __attribute__((naked,noinline)) sub_FF810354_my()
 202 {
 203     *(int*)0x1938 = (int)taskCreateHook;
 204     *(int*)0x193C = (int)taskCreateHook;
 205 
 206 
 207         // s95 @FF864D68
 208         // fix for correct power-on
 209         // must also comment out function in taskcreate_Startup_my
 210 
 211         if ((*(int*) 0xC0220128) & 1)                                   // look at play switch
 212                 *(int*)(0x25E8) = 0x200000;                                     // start in play mode
 213         else
 214                 *(int*)(0x25E8) = 0x100000;                                     // start in rec mode
 215 
 216 
 217 
 218         asm volatile (
 219 "       LDR     R0, =0xFF8103CC \n"                  
 220 "       MOV     R1, #0 \n"                           
 221 "       LDR     R3, =0xFF810404 \n"                  
 222 "loc_FF810360:\n"
 223 "       CMP     R0, R3 \n"                           
 224 "       LDRCC   R2, [R0], #4 \n"                   
 225 "       STRCC   R2, [R1], #4 \n"                   
 226 "       BCC     loc_FF810360 \n"                     
 227 "       LDR     R0, =0xFF810404 \n"                  
 228 "       MOV     R1, #0x4B0 \n"                       
 229 "       LDR     R3, =0xFF810618 \n"                  
 230 "loc_FF81037C:\n"
 231 "       CMP     R0, R3 \n"                           
 232 "       LDRCC   R2, [R0], #4 \n"                   
 233 "       STRCC   R2, [R1], #4 \n"                   
 234 "       BCC     loc_FF81037C \n"                     
 235 "       MOV     R0, #0xD2 \n"                        
 236 "       MSR     CPSR_cxsf, R0 \n"                    
 237 "       MOV     SP, #0x1000 \n"                      
 238 "       MOV     R0, #0xD3 \n"                        
 239 "       MSR     CPSR_cxsf, R0 \n"                    
 240 "       MOV     SP, #0x1000 \n"                      
 241 "       LDR     R0, =0x6C4 \n"                       
 242 "       LDR     R2, =0xEEEEEEEE \n"                  
 243 "       MOV     R3, #0x1000 \n"                      
 244 "loc_FF8103B0:\n"
 245 "       CMP     R0, R3 \n"                           
 246 "       STRCC   R2, [R0], #4 \n"                   
 247 "       BCC     loc_FF8103B0 \n"                     
 248 //"     BL      sub_FF811198 \n"   
 249 "       BL      sub_FF811198_my \n"                     // patched 
 250         );
 251 }
 252 
 253 /*----------------------------------------------------------------------
 254  ** sub_FF811198_my  @ 0xFF811198 
 255 -----------------------------------------------------------------------*/
 256 
 257 
 258 
 259 void __attribute__((naked,noinline)) sub_FF811198_my(  ) { 
 260 asm volatile (
 261 "       STR     LR, [SP, #-4]! \n"                   
 262 "       SUB     SP, SP, #0x74 \n"                    
 263 "       MOV     R0, SP \n"                           
 264 "       MOV     R1, #0x74 \n"                        
 265 "       BL      sub_FFB9F348 \n"                      
 266 
 267 "       MOV     R0, #0x53000 \n"                     
 268 "       STR     R0, [SP, #4] \n"                     
 269 //"     LDR     R0, =0x16EE30 \n"                    
 270 "       LDR     R0, =new_sa \n"                                 // patched
 271 "       LDR R0, [R0] \n"
 272 
 273 "       LDR     R1, =0x379C00 \n"                    
 274 "       STR     R0, [SP, #8] \n"                     
 275 "       RSB     R0, R0, #0x1F80 \n"                  
 276 "       ADD     R0, R0, #0x370000 \n"                
 277 "       STR     R0, [SP, #0xC] \n"                   
 278 "       LDR     R0, =0x371F80 \n"                    
 279 "       STR     R1, [SP] \n"                         
 280 "       STRD    R0, [SP, #0x10] \n"                 
 281 "       MOV     R0, #0x22 \n"                        
 282 "       STR     R0, [SP, #0x18] \n"                  
 283 "       MOV     R0, #0x68 \n"                        
 284 "       STR     R0, [SP, #0x1C] \n"                  
 285 "       LDR     R0, =0x19B \n"                       
 286 //"     LDR     R1, =sub_FF815EE0 \n" 
 287 "       LDR     R1, =sub_FF815EE0_my \n"                // patched
 288 
 289 "       STR     R0, [SP, #0x20] \n"                  
 290 "       MOV     R0, #0x96 \n"                        
 291 "       STR     R0, [SP, #0x24] \n"                  
 292 "       STR     R0, [SP, #0x28] \n"                  
 293 "       MOV     R0, #0x64 \n"                        
 294 "       STR     R0, [SP, #0x2C] \n"                  
 295 "       MOV     R0, #0 \n"                           
 296 "       STR     R0, [SP, #0x30] \n"                  
 297 "       STR     R0, [SP, #0x34] \n"                  
 298 "       MOV     R0, #0x10 \n"                        
 299 "       STR     R0, [SP, #0x5C] \n"                  
 300 "       MOV     R0, #0x800 \n"                       
 301 "       STR     R0, [SP, #0x60] \n"                  
 302 "       MOV     R0, #0xA0 \n"                        
 303 "       STR     R0, [SP, #0x64] \n"                  
 304 "       MOV     R0, #0x280 \n"                       
 305 "       STR     R0, [SP, #0x68] \n"                  
 306 "       MOV     R0, SP \n"                           
 307 "       MOV     R2, #0 \n"                           
 308 "       BL      sub_FF8134B8 \n"                      
 309 "       ADD     SP, SP, #0x74 \n"                    
 310 "       LDR     PC, [SP], #4 \n"                     
 311         );
 312 }
 313 
 314 
 315 /*----------------------------------------------------------------------
 316         sub_FF815EE0_my     0xFF815EE0 
 317 -----------------------------------------------------------------------*/
 318 
 319 void __attribute__((naked,noinline)) sub_FF815EE0_my()
 320 {
 321         asm volatile (
 322 "       STMFD   SP!, {R4,LR} \n"                   
 323 "       BL      sub_FF810B20 \n"                      
 324 "       BL      sub_FF81A33C \n"                      
 325 "       CMP     R0, #0 \n"                           
 326 "       LDRLT   R0, =0xFF815FF4 \n"                
 327 "       BLLT    sub_FF815FD4 \n"                    
 328 "       BL      sub_FF815B1C \n"                      
 329 "       CMP     R0, #0 \n"                           
 330 "       LDRLT   R0, =0xFF815FFC \n"                
 331 "       BLLT    sub_FF815FD4 \n"                    
 332 "       LDR     R0, =0xFF81600C \n"                  
 333 "       BL      sub_FF815C04 \n"                      
 334 "       CMP     R0, #0 \n"                           
 335 "       LDRLT   R0, =0xFF816014 \n"                
 336 "       BLLT    sub_FF815FD4 \n"                    
 337 "       LDR     R0, =0xFF81600C \n"                  
 338 "       BL      sub_FF813CA4 \n"                      
 339 "       CMP     R0, #0 \n"                           
 340 "       LDRLT   R0, =0xFF816028 \n"                
 341 "       BLLT    sub_FF815FD4 \n"                    
 342 "       BL      sub_FF819CC4 \n"                      
 343 "       CMP     R0, #0 \n"                           
 344 "       LDRLT   R0, =0xFF816034 \n"                
 345 "       BLLT    sub_FF815FD4 \n"                    
 346 "       BL      sub_FF81167C \n"                      
 347 "       CMP     R0, #0 \n"                           
 348 "       LDRLT   R0, =0xFF816040 \n"                
 349 "       BLLT    sub_FF815FD4 \n"                    
 350 "       LDMFD   SP!, {R4,LR} \n"                   
 351 //"     B       sub_FF81FB54 \n"         
 352 "       B       taskcreate_Startup_my \n" 
 353 "               MOV     R0, #0 \n"
 354 "               LDMFD   SP!, {R3-R5,PC} \n"
 355         );
 356 }
 357 
 358 
 359 /*----------------------------------------------------------------------
 360         taskcreate_Startup_my     0xFF81FB54
 361 -----------------------------------------------------------------------*/
 362 
 363 void __attribute__((naked,noinline)) taskcreate_Startup_my()
 364 {
 365     asm volatile (
 366 "       STMFD   SP!, {R3-R5,LR} \n"                
 367 "       BL      sub_FF8346CC \n"                      
 368 "       BL      sub_FF83C6B0 \n"                      
 369 "       CMP     R0, #0 \n"                           
 370 "       BNE     loc_FF81FBA8 \n"                     
 371 "       BL      sub_FF8360B8 \n"                      
 372 "       CMP     R0, #0 \n"                           
 373 "       BEQ     loc_FF81FBA8 \n"                     
 374 "       LDR     R4, =0xC0220000 \n"                  
 375 "       LDR     R0, [R4, #0x12C] \n"                 
 376 "       TST     R0, #1 \n"                           
 377 "       MOVEQ   R0, #0x12C \n"                     
 378 "       BLEQ    sub_FF83AA4C \n"                    
 379 "       BL      sub_FF8346C8 \n"                      
 380 "       CMP     R0, #0 \n"                           
 381 "       BNE     loc_FF81FBA8 \n"                     
 382 "       BL      sub_FF833D5C \n"                      
 383 "       MOV     R0, #0x44 \n"                        
 384 "       STR     R0, [R4, #0x1C] \n"                  
 385 "       BL      sub_FF833F4C \n"                      
 386 "loc_FF81FBA4:\n"
 387 "       B       loc_FF81FBA4 \n"                       
 388 "loc_FF81FBA8:\n"
 389 // we must remove this for power-on mode handling in sub_FF810354_my to work
 390 //"     BL      sub_FF8346D4 \n"                      
 391 "       BL      sub_FF8346D0 \n"                      
 392 "       BL      sub_FF83A8C4 \n"                      
 393 "       LDR     R1, =0x3CE000 \n"                    
 394 "       MOV     R0, #0 \n"                           
 395 "       BL      sub_FF83AD0C \n"                      
 396 "       BL      sub_FF83AAB8 \n"                      
 397 "       MOV     R3, #0 \n"                           
 398 "       STR     R3, [SP] \n"                         
 399 //"     LDR     R3, =0xFF81FAF0 \n"        
 400 "       LDR     R3, =task_Startup_my \n"                // patched     
 401 
 402 "       MOV     R2, #0 \n"                           
 403 "       MOV     R1, #0x19 \n"                        
 404 "       LDR     R0, =0xFF81FBF0 \n"                  
 405 "       BL      sub_FF81E8A0 \n"                      
 406 "       MOV     R0, #0 \n"                           
 407 "       LDMFD   SP!, {R3-R5,PC} \n" 
 408        
 409 
 410 
 411 
 412 
 413 
 414 
 415 
 416 
 417 
 418 
 419 
 420 
 421 
 422 
 423 
 424 
 425 
 426 
 427 
 428 
 429 
 430 
 431 
 432 
 433 
 434 
 435 
 436 
 437         );
 438 }
 439 
 440 
 441 /*----------------------------------------------------------------------
 442         task_Startup_my    0xFF81FAF0
 443 -----------------------------------------------------------------------*/
 444 
 445 void __attribute__((naked,noinline)) task_Startup_my()
 446 {
 447         asm volatile (
 448 "       STMFD   SP!, {R4,LR} \n"                   
 449 "       BL      sub_FF816594 \n"                      
 450 "       BL      sub_FF835830 \n"                      
 451 "       BL      sub_FF8339B4 \n"                      
 452 "       BL      sub_FF83C6F4 \n"                      
 453 "       BL      sub_FF83C8E0 \n"                      
 454 //"     BL      sub_FF83C788 \n"                      
 455 "       BL      sub_FF83CA88 \n"                      
 456 "       BL      sub_FF832484 \n"                      
 457 "       BL      sub_FF83C910 \n"                      
 458 "       BL      sub_FF83A068 \n"                      
 459 "       BL      sub_FF83CA8C \n"                      
 460 //"     BL      sub_FF8345B0 \n" 
 461         );
 462 
 463                 CreateTask_PhySw();                                     // our keyboard task
 464                 CreateTask_spytask();                           // chdk initialization
 465 
 466     asm volatile (
 467 "       BL      sub_FF837D14 \n"                      
 468 "       BL      sub_FF83CAA4 \n"                      
 469 "       BL      sub_FF831888 \n"                      
 470 "       BL      sub_FF833318 \n"                      
 471 "       BL      sub_FF83C478 \n"                      
 472 "       BL      sub_FF833968 \n"                      
 473 "       BL      sub_FF8332B4 \n"                      
 474 "       BL      sub_FF8324B8 \n"                      
 475 "       BL      sub_FF83D670 \n"                      
 476 "       BL      sub_FF833278 \n"                      
 477 "       LDMFD   SP!, {R4,LR} \n"                   
 478 "       B       sub_FF8166B4 \n" 
 479 
 480 
 481 
 482 
 483 
 484 
 485 
 486 
 487 
 488 
 489 
 490 
 491 
 492 
 493 
 494 
 495 
 496 
 497 
 498 
 499 
 500 
 501 
 502 
 503 
 504 
 505 
 506 
 507 
 508 
 509 
 510 
 511 
 512 
 513 
 514 
 515 
 516 
 517 
 518 
 519 
 520         );
 521 }
 522 
 523 
 524 /*----------------------------------------------------------------------
 525         spytask
 526 -----------------------------------------------------------------------*/
 527 void spytask(long ua, long ub, long uc, long ud, long ue, long uf)
 528 {
 529     core_spytask();
 530 }
 531 
 532 
 533 /*----------------------------------------------------------------------
 534         CreateTask_spytask
 535 -----------------------------------------------------------------------*/
 536 void CreateTask_spytask()
 537 {
 538         _CreateTask("SpyTask", 0x19, 0x2000, spytask, 0);
 539 }
 540 
 541 
 542 
 543 /*----------------------------------------------------------------------
 544         CreateTask_PhySw   0xFF8345A8
 545 -----------------------------------------------------------------------*/
 546 void __attribute__((naked,noinline)) CreateTask_PhySw()
 547 {
 548     asm volatile (                  
 549 
 550 
 551 "       STMFD   SP!, {R3-R5,LR} \n"                
 552 "       LDR     R4, =0x1C30 \n"                      
 553 "       LDR     R0, [R4, #0x10] \n"                  
 554 "       CMP     R0, #0 \n"                           
 555 "       BNE     loc_FF8345E4 \n"                     
 556 "       MOV     R3, #0 \n"                           
 557 "       STR     R3, [SP] \n"                         
 558 //"     LDR     R3, =sub_FF83457C \n"                  
 559 "       LDR     R3, =mykbd_task \n"                     // PhySw Task patch 
 560 "       MOV     R2, #0x2000 \n"                                 // larger stack                      
 561 
 562 
 563 "       MOV     R1, #0x17 \n"                        
 564 "       LDR     R0, =0xFF8347DC \n"                  
 565 "       BL      sub_FF83AB0C \n"                      
 566 "       STR     R0, [R4, #0x10] \n"                  
 567 "loc_FF8345E4:\n"
 568 "       BL      sub_FF865BC0 \n"                      
 569 "       BL      sub_FF894834 \n"                      
 570 "       BL      sub_FF836030 \n"                      
 571 "       CMP     R0, #0 \n"                           
 572 "       LDREQ   R1, =0x34CC0 \n"                   
 573 "       LDMEQFD SP!, {R3-R5,LR} \n"              
 574 "       BEQ     sub_FF8947BC \n"                     
 575 "       LDMFD   SP!, {R3-R5,PC} \n"  
 576 
 577 
 578 
 579 
 580 
 581 
 582 
 583 
 584 
 585 
 586 
 587 
 588 
 589 
 590 
 591 
 592 
 593 
 594         );
 595 }
 596 
 597 
 598 /*----------------------------------------------------------------------
 599         init_file_modules_task()   0xFF8A0AA0
 600 -----------------------------------------------------------------------*/
 601 
 602 void __attribute__((naked,noinline)) init_file_modules_task()
 603 {
 604         asm volatile (
 605 "       STMFD   SP!, {R4-R6,LR} \n"                
 606 "       BL      sub_FF896CE0 \n"                      
 607 "       LDR     R5, =0x5006 \n"                      
 608 "       MOVS    R4, R0 \n"                          
 609 "       MOVNE   R1, #0 \n"                         
 610 "       MOVNE   R0, R5 \n"                         
 611 "       BLNE    sub_FF89AAD4 \n"                    
 612 //"     BL      sub_FF896D0C \n"                      
 613 "       BL      sub_FF896D0C_my \n"                             // patched  
 614 "       BL      core_spytask_can_start\n"       // added
 615 "       CMP     R4, #0 \n"                           
 616 "       MOVEQ   R0, R5 \n"                         
 617 "       LDMEQFD SP!, {R4-R6,LR} \n"              
 618 "       MOVEQ   R1, #0 \n"                         
 619 "       BEQ     sub_FF89AAD4 \n"                     
 620 "       LDMFD   SP!, {R4-R6,PC} \n"     
 621         );
 622 }
 623 
 624 
 625 /*----------------------------------------------------------------------
 626         sub_FF896D0C_my()
 627 -----------------------------------------------------------------------*/
 628 
 629 void __attribute__((naked,noinline)) sub_FF896D0C_my()
 630 {
 631         asm volatile (
 632 "       STMFD   SP!, {R4,LR} \n"                   
 633 "       MOV     R0, #3 \n"                           
 634 //"     BL      sub_FF876598 \n"
 635 "       BL      sub_FF876598_my \n"                     // patched   
 636 "       BL      sub_FF96A8E8 \n"                      
 637 "       LDR     R4, =0x3244 \n"                      
 638 "       LDR     R0, [R4, #4] \n"                     
 639 "       CMP     R0, #0 \n"                           
 640 "       BNE     loc_FF896D44 \n"                     
 641 "       BL      sub_FF8757DC \n"                      
 642 "       BL      sub_FF95D878 \n"                      
 643 "       BL      sub_FF8757DC \n"                      
 644 "       BL      sub_FF871B80 \n"                      
 645 "       BL      sub_FF8756DC \n"                      
 646 "       BL      sub_FF95D914 \n"                      
 647 "loc_FF896D44:\n"
 648 "       MOV     R0, #1 \n"                           
 649 "       STR     R0, [R4] \n"                         
 650 "       LDMFD   SP!, {R4,PC} \n"  
 651         );
 652 }
 653 
 654 
 655 /*----------------------------------------------------------------------
 656         sub_FF876598_my()
 657 -----------------------------------------------------------------------*/
 658 
 659 void __attribute__((naked,noinline)) sub_FF876598_my()
 660 {
 661         asm volatile (
 662 "       STMFD   SP!, {R4-R8,LR} \n"                
 663 "       MOV     R8, R0 \n"                           
 664 "       BL      sub_FF876518 \n"                      
 665 "       LDR     R1, =0x3B0A8 \n"                     
 666 "       MOV     R6, R0 \n"                           
 667 "       ADD     R4, R1, R0, LSL #7 \n"               
 668 "       LDR     R0, [R4, #0x6C] \n"                  
 669 "       CMP     R0, #4 \n"                           
 670 "       LDREQ   R1, =0x83F \n"                     
 671 "       LDREQ   R0, =0xFF876058 \n"                
 672 "       BLEQ    sub_FF81EB78 \n"                    
 673 "       MOV     R1, R8 \n"                           
 674 "       MOV     R0, R6 \n"                           
 675 "       BL      sub_FF875DCC \n"                      
 676 "       LDR     R0, [R4, #0x38] \n"                  
 677 "       BL      sub_FF876C3C \n"                      
 678 "       CMP     R0, #0 \n"                           
 679 "       STREQ   R0, [R4, #0x6C] \n"                
 680 "       MOV     R0, R6 \n"                           
 681 "       BL      sub_FF875E5C \n"                      
 682 "       MOV     R0, R6 \n"                           
 683 //"     BL      sub_FF8761C0 \n"  
 684 "       BL      sub_FF8761C0_my \n"                     // patched                     
 685 
 686 "       MOV     R5, R0 \n"                           
 687 "       MOV     R0, R6 \n"                           
 688 "       BL      sub_FF8763F0 \n"                      
 689 "       LDR     R6, [R4, #0x3C] \n"                  
 690 "       AND     R7, R5, R0 \n"                       
 691 "       CMP     R6, #0 \n"                           
 692 "       LDR     R1, [R4, #0x38] \n"                  
 693 "       MOVEQ   R0, #0x80000001 \n"                
 694 "       MOV     R5, #0 \n"                           
 695 "       BEQ     loc_FF876648 \n"                     
 696 "       MOV     R0, R1 \n"                           
 697 "       BL      sub_FF875944 \n"                      
 698 "       CMP     R0, #0 \n"                           
 699 "       MOVNE   R5, #4 \n"                         
 700 "       CMP     R6, #5 \n"                           
 701 "       ORRNE   R0, R5, #1 \n"                     
 702 "       BICEQ   R0, R5, #1 \n"                     
 703 "       CMP     R7, #0 \n"                           
 704 "       BICEQ   R0, R0, #2 \n"                     
 705 "       ORREQ   R0, R0, #0x80000000 \n"            
 706 "       BICNE   R0, R0, #0x80000000 \n"            
 707 "       ORRNE   R0, R0, #2 \n"                     
 708 "loc_FF876648:\n"
 709 "       CMP     R8, #7 \n"                           
 710 "       STR     R0, [R4, #0x40] \n"                  
 711 "       LDMNEFD SP!, {R4-R8,PC} \n"              
 712 "       MOV     R0, R8 \n"                           
 713 "       BL      sub_FF876568 \n"                      
 714 "       CMP     R0, #0 \n"                           
 715 "       LDMEQFD SP!, {R4-R8,LR} \n"              
 716 "       LDREQ   R0, =0xFF876694 \n"                
 717 "       BEQ     sub_FF81177C \n"                     
 718 "       LDMFD   SP!, {R4-R8,PC} \n"         
 719         );
 720 }
 721 
 722 
 723 /*----------------------------------------------------------------------
 724         sub_FF8761C0_my()
 725 -----------------------------------------------------------------------*/
 726 
 727 void __attribute__((naked,noinline)) sub_FF8761C0_my()
 728 {
 729         asm volatile (
 730 "       STMFD   SP!, {R4-R6,LR} \n"                
 731 "       MOV     R5, R0 \n"                           
 732 "       LDR     R0, =0x3B0A8 \n"                     
 733 "       ADD     R4, R0, R5, LSL #7 \n"               
 734 "       LDR     R0, [R4, #0x6C] \n"                  
 735 "       TST     R0, #2 \n"                           
 736 "       MOVNE   R0, #1 \n"                         
 737 "       LDMNEFD SP!, {R4-R6,PC} \n"              
 738 "       LDR     R0, [R4, #0x38] \n"                  
 739 "       MOV     R1, R5 \n"                           
 740 //"     BL      sub_FF875EE0 \n"    
 741 "       BL      sub_FF875EE0_my \n"                             // patched                      
 742 
 743 "       CMP     R0, #0 \n"                           
 744 "       LDRNE   R0, [R4, #0x38] \n"                
 745 "       MOVNE   R1, R5 \n"                         
 746 "       BLNE    sub_FF87607C \n"                    
 747 "       LDR     R2, =0x3B128 \n"                     
 748 "       ADD     R1, R5, R5, LSL #4 \n"               
 749 "       LDR     R1, [R2, R1, LSL #2] \n"             
 750 "       CMP     R1, #4 \n"                           
 751 "       BEQ     loc_FF876220 \n"                     
 752 "       CMP     R0, #0 \n"                           
 753 "       LDMEQFD SP!, {R4-R6,PC} \n"              
 754 "       MOV     R0, R5 \n"                           
 755 "       BL      sub_FF8759D4 \n"                      
 756 "loc_FF876220:\n"
 757 "       CMP     R0, #0 \n"                           
 758 "       LDRNE   R1, [R4, #0x6C] \n"                
 759 "       ORRNE   R1, R1, #2 \n"                     
 760 "       STRNE   R1, [R4, #0x6C] \n"                
 761 "       LDMFD   SP!, {R4-R6,PC} \n"  
 762         );
 763 }
 764 
 765 
 766 /*----------------------------------------------------------------------
 767         sub_FF875EE0_my()
 768 -----------------------------------------------------------------------*/
 769 
 770 void __attribute__((naked,noinline)) sub_FF875EE0_my()
 771 {
 772         asm volatile (
 773 "       STMFD   SP!, {R4-R10,LR} \n"               
 774 "       MOV     R9, R0 \n"                           
 775 "       LDR     R0, =0x3B0A8 \n"                     
 776 "       MOV     R8, #0 \n"                           
 777 "       ADD     R5, R0, R1, LSL #7 \n"               
 778 "       LDR     R0, [R5, #0x3C] \n"                  
 779 "       MOV     R7, #0 \n"                           
 780 "       CMP     R0, #7 \n"                           
 781 "       MOV     R6, #0 \n"                           
 782 "       ADDLS   PC, PC, R0, LSL #2 \n"             
 783 "       B       loc_FF876038 \n"                       
 784 "       B       loc_FF875F44 \n"                       
 785 "       B       loc_FF875F2C \n"                       
 786 "       B       loc_FF875F2C \n"                       
 787 "       B       loc_FF875F2C \n"                       
 788 "       B       loc_FF875F2C \n"                       
 789 "       B       loc_FF876030 \n"                       
 790 "       B       loc_FF875F2C \n"                       
 791 "       B       loc_FF875F2C \n"                       
 792 "loc_FF875F2C:\n"
 793 "       MOV     R2, #0 \n"                           
 794 "       MOV     R1, #0x200 \n"                       
 795 "       MOV     R0, #2 \n"                           
 796 "       BL      sub_FF890D90 \n"                      
 797 "       MOVS    R4, R0 \n"                          
 798 "       BNE     loc_FF875F4C \n"                     
 799 "loc_FF875F44:\n"
 800 "       MOV     R0, #0 \n"                           
 801 "       LDMFD   SP!, {R4-R10,PC} \n"               
 802 "loc_FF875F4C:\n"
 803 "       LDR     R12, [R5, #0x50] \n"                 
 804 "       MOV     R3, R4 \n"                           
 805 "       MOV     R2, #1 \n"                           
 806 "       MOV     R1, #0 \n"                           
 807 "       MOV     R0, R9 \n"                           
 808 "       BLX     R12 \n"                              
 809 "       CMP     R0, #1 \n"                           
 810 "       BNE     loc_FF875F78 \n"                     
 811 "       MOV     R0, #2 \n"                           
 812 "       BL      sub_FF890EE0 \n"                      
 813 "       B       loc_FF875F44 \n"                       
 814 "loc_FF875F78:\n"
 815 "       LDR     R1, [R5, #0x64] \n"                  
 816 "       MOV     R0, R9 \n"                           
 817 "       BLX     R1 \n"                               
 818 //------------------  begin added code ---------------
 819                 "MOV   R1, R4\n"           //  pointer to MBR in R1
 820                 "BL    mbr_read_dryos\n"   //  total sectors count in R0 before and after call
 821 
 822                 // Start of DataGhost's FAT32 autodetection code
 823                 // Policy: If there is a partition which has type W95 FAT32, use the first one of those for image storage
 824                 // According to the code below, we can use R1, R2, R3 and R12.
 825                 // LR wasn't really used anywhere but for storing a part of the partition signature. This is the only thing
 826                 // that won't work with an offset, but since we can load from LR+offset into LR, we can use this to do that :)
 827                 "MOV     R12, R4\n"                    // Copy the MBR start address so we have something to work with
 828                 "MOV     LR, R4\n"                     // Save old offset for MBR signature
 829                 "MOV     R1, #1\n"                     // Note the current partition number
 830                 "B       dg_sd_fat32_enter\n"          // We actually need to check the first partition as well, no increments yet!
 831    "dg_sd_fat32:\n"
 832                 "CMP     R1, #4\n"                     // Did we already see the 4th partition?
 833                 "BEQ     dg_sd_fat32_end\n"            // Yes, break. We didn't find anything, so don't change anything.
 834                 "ADD     R12, R12, #0x10\n"            // Second partition
 835                 "ADD     R1, R1, #1\n"                 // Second partition for the loop
 836    "dg_sd_fat32_enter:\n"
 837                 "LDRB    R2, [R12, #0x1BE]\n"          // Partition status
 838                 "LDRB    R3, [R12, #0x1C2]\n"          // Partition type (FAT32 = 0xB)
 839                 "CMP     R3, #0xB\n"                   // Is this a FAT32 partition?
 840                 "CMPNE   R3, #0xC\n"                   // Not 0xB, is it 0xC (FAT32 LBA) then?
 841                 "BNE     dg_sd_fat32\n"                // No, it isn't.
 842                 "CMP     R2, #0x00\n"                  // It is, check the validity of the partition type
 843                 "CMPNE   R2, #0x80\n"
 844                 "BNE     dg_sd_fat32\n"                // Invalid, go to next partition
 845                                                                                            // This partition is valid, it's the first one, bingo!
 846                 "MOV     R4, R12\n"                    // Move the new MBR offset for the partition detection.
 847 
 848    "dg_sd_fat32_end:\n"
 849                 // End of DataGhost's FAT32 autodetection code
 850 //------------------  end added code ---------------
 851 "       LDRB    R1, [R4, #0x1C9] \n"                
 852 "       LDRB    R3, [R4, #0x1C8] \n"                
 853 "       LDRB    R12, [R4, #0x1CC] \n"               
 854 "       MOV     R1, R1, LSL #0x18 \n"                
 855 "       ORR     R1, R1, R3, LSL #0x10 \n"            
 856 "       LDRB    R3, [R4, #0x1C7] \n"                
 857 "       LDRB    R2, [R4, #0x1BE] \n"                
 858 //"     LDRB    LR, [R4, #0x1FF] \n"                            // replaced, see below                
 859 
 860 "       ORR     R1, R1, R3, LSL #8 \n"               
 861 "       LDRB    R3, [R4, #0x1C6] \n"                
 862 "       CMP     R2, #0 \n"                           
 863 "       CMPNE   R2, #0x80 \n"                      
 864 "       ORR     R1, R1, R3 \n"                       
 865 "       LDRB    R3, [R4, #0x1CD] \n"                
 866 "       MOV     R3, R3, LSL #0x18 \n"                
 867 "       ORR     R3, R3, R12, LSL #0x10 \n"           
 868 "       LDRB    R12, [R4, #0x1CB] \n"               
 869 "       ORR     R3, R3, R12, LSL #8 \n"              
 870 "       LDRB    R12, [R4, #0x1CA] \n"               
 871 "       ORR     R3, R3, R12 \n"                      
 872 //"     LDRB    R12, [R4, #0x1FE] \n"               
 873 "       LDRB    R12, [LR,#0x1FE]\n"        // New! First MBR signature byte (0x55)
 874 "       LDRB    LR, [LR,#0x1FF]\n"         //      Last MBR signature byte (0xAA)
 875 "       BNE     loc_FF876004 \n"                     
 876 "       CMP     R0, R1 \n"                           
 877 "       BCC     loc_FF876004 \n"                     
 878 "       ADD     R2, R1, R3 \n"                       
 879 "       CMP     R2, R0 \n"                           
 880 "       CMPLS   R12, #0x55 \n"                     
 881 "       CMPEQ   LR, #0xAA \n"                      
 882 "       MOVEQ   R7, R1 \n"                         
 883 "       MOVEQ   R6, R3 \n"                         
 884 "       MOVEQ   R4, #1 \n"                         
 885 "       BEQ     loc_FF876008 \n"                     
 886 "loc_FF876004:\n"
 887 "       MOV     R4, R8 \n"                           
 888 "loc_FF876008:\n"
 889 "       MOV     R0, #2 \n"                           
 890 "       BL      sub_FF890EE0 \n"                      
 891 "       CMP     R4, #0 \n"                           
 892 "       BNE     loc_FF876044 \n"                     
 893 "       LDR     R1, [R5, #0x64] \n"                  
 894 "       MOV     R7, #0 \n"                           
 895 "       MOV     R0, R9 \n"                           
 896 "       BLX     R1 \n"                               
 897 "       MOV     R6, R0 \n"                           
 898 "       B       loc_FF876044 \n"                       
 899 "loc_FF876030:\n"
 900 "       MOV     R6, #0x40 \n"                        
 901 "       B       loc_FF876044 \n"                       
 902 "loc_FF876038:\n"
 903 "       LDR     R1, =0x597 \n"                       
 904 "       LDR     R0, =0xFF876058 \n"                  
 905 "       BL      sub_FF81EB78 \n"                      
 906 "loc_FF876044:\n"
 907 "       STR     R7, [R5, #0x44]! \n"                 
 908 "       STMIB   R5, {R6,R8} \n"                    
 909 "       MOV     R0, #1 \n"                           
 910 "       LDMFD   SP!, {R4-R10,PC} \n"   
 911         );
 912 }
 913 
 914 
 915 /*----------------------------------------------------------------------
 916         JogDial_task_my()  0xFF865894
 917 
 918         Patched jog dial task
 919 -----------------------------------------------------------------------*/
 920 void __attribute__((naked,noinline)) JogDial_task_my()
 921 {
 922         asm volatile (
 923 "       STMFD   SP!, {R4-R11,LR} \n"               
 924 "       SUB     SP, SP, #0x24 \n"                    
 925 "       BL      sub_FF865C2C \n"                      
 926 "       LDR     R1, =0x25FC \n"                      
 927 "       LDR     R6, =0xFFBA548C \n"                  
 928 
 929 "       MOV     R0, #0 \n"                           
 930 "       ADD     R3, SP, #0x18 \n"                    
 931 "       ADD     R12, SP, #0x1C \n"                   
 932 "       ADD     R10, SP, #8 \n"                      
 933 "       MOV     R2, #0 \n"                           
 934 "       ADD     R9, SP, #0x10 \n"                    
 935 "loc_FF8658C0:\n"
 936 "       ADD     R12, SP, #0x1C \n"                   
 937 "       ADD     LR, R12, R0, LSL #1 \n"              
 938 "       MOV     R2, #0 \n"                           
 939 "       ADD     R3, SP, #0x18 \n"                    
 940 "       STRH    R2, [LR] \n"                        
 941 "       ADD     LR, R3, R0, LSL #1 \n"               
 942 "       STRH    R2, [LR] \n"                        
 943 "       STR     R2, [R9, R0, LSL #2] \n"             
 944 "       STR     R2, [R10, R0, LSL #2] \n"            
 945 "       ADD     R0, R0, #1 \n"                       
 946 "       CMP     R0, #2 \n"                           
 947 "       BLT     loc_FF8658C0 \n"                     
 948 "loc_FF8658F0:\n"
 949 "       LDR     R0, =0x25FC \n"                      
 950 "       MOV     R2, #0 \n"                           
 951 "       LDR     R0, [R0, #8] \n"                     
 952 "       MOV     R1, SP \n"                           
 953 "       BL      sub_FF83A2F8 \n"                      
 954 "       CMP     R0, #0 \n"                           
 955 "       LDRNE   R1, =0x262 \n"                     
 956 "       LDRNE   R0, =0xFF865B50 \n"                
 957 "       BLNE    sub_FF81EB78 \n"                    
 958 //------------------  begin added code ---------------
 959 "labelA:\n"
 960                 "LDR     R0, =jogdial_stopped\n"
 961                 "LDR     R0, [R0]\n"
 962                 "CMP     R0, #1\n"
 963                 "BNE     labelB\n"                                      // continue on if jogdial_stopped = 0
 964                 "MOV     R0, #40\n"
 965                 "BL      _SleepTask\n"                          // jogdial_stopped=1 -- give time back to OS and suspend jogdial task
 966                 "B       labelA\n"
 967 "labelB:\n"
 968 //------------------  end added code -----------------
 969 "       LDR     R0, [SP] \n"                         
 970 "       AND     R4, R0, #0xFF \n"                    
 971 "       AND     R0, R0, #0xFF00 \n"                  
 972 "       CMP     R0, #0x100 \n"                       
 973 "       BEQ     loc_FF865960 \n"                     
 974 "       CMP     R0, #0x200 \n"                       
 975 "       BEQ     loc_FF865998 \n"                     
 976 "       CMP     R0, #0x300 \n"                       
 977 "       BEQ     loc_FF865B90 \n"                     
 978 "       CMP     R0, #0x400 \n"                       
 979 "       BNE     loc_FF8658F0 \n"                     
 980 "       CMP     R4, #0 \n"                           
 981 "       LDRNE   R1, =0x2ED \n"                     
 982 "       LDRNE   R0, =0xFF865B50 \n"                
 983 "       BLNE    sub_FF81EB78 \n"                    
 984 "       RSB     R0, R4, R4, LSL #3 \n"               
 985 "       LDR     R0, [R6, R0, LSL #2] \n"             
 986 "loc_FF865958:\n"
 987 "       BL      sub_FF865C10 \n"                      
 988 "       B       loc_FF8658F0 \n"                       
 989 "loc_FF865960:\n"
 990 "       LDR     R7, =0x260C \n"                      
 991 "       LDR     R0, [R7, R4, LSL #2] \n"             
 992 "       BL      sub_FF83B290 \n"                      
 993 "       LDR     R2, =0xFF8657E0 \n"                  
 994 "       ADD     R1, R2, #0 \n"                       
 995 "       ORR     R3, R4, #0x200 \n"                   
 996 "       MOV     R0, #0x28 \n"                        
 997 "       BL      sub_FF83B1AC \n"                      
 998 "       TST     R0, #1 \n"                           
 999 "       CMPNE   R0, #0x15 \n"                      
1000 "       STR     R0, [R10, R4, LSL #2] \n"            
1001 "       BEQ     loc_FF8658F0 \n"                     
1002 "       MOV     R1, #0x274 \n"                       
1003 "       B       loc_FF865B3C \n"                       
1004 "loc_FF865998:\n"
1005 "       RSB     R5, R4, R4, LSL #3 \n"               
1006 "       LDR     R0, [R6, R5, LSL #2] \n"             
1007 "       LDR     R1, =0xC0240104 \n"                  
1008 "       LDR     R0, [R1, R0, LSL #8] \n"             
1009 "       MOV     R2, R0, ASR #0x10 \n"                
1010 "       ADD     R0, SP, #0x1C \n"                    
1011 "       ADD     R0, R0, R4, LSL #1 \n"               
1012 "       STR     R0, [SP, #0x20] \n"                  
1013 "       STRH    R2, [R0] \n"                        
1014 "       ADD     R0, SP, #0x18 \n"                    
1015 "       ADD     R11, R0, R4, LSL #1 \n"              
1016 "       LDRSH   R3, [R11] \n"                      
1017 "       SUB     R0, R2, R3 \n"                       
1018 "       CMP     R0, #0 \n"                           
1019 "       BNE     loc_FF865A18 \n"                     
1020 "       LDR     R0, [R9, R4, LSL #2] \n"             
1021 "       CMP     R0, #0 \n"                           
1022 "       BEQ     loc_FF865AF8 \n"                     
1023 "       LDR     R7, =0x260C \n"                      
1024 "       LDR     R0, [R7, R4, LSL #2] \n"             
1025 "       BL      sub_FF83B290 \n"                      
1026 "       LDR     R2, =0xFF8657EC \n"                  
1027 "       ADD     R1, R2, #0 \n"                       
1028 "       ORR     R3, R4, #0x300 \n"                   
1029 "       MOV     R0, #0x1F4 \n"                       
1030 "       BL      sub_FF83B1AC \n"                      
1031 "       TST     R0, #1 \n"                           
1032 "       CMPNE   R0, #0x15 \n"                      
1033 "       STR     R0, [R7, R4, LSL #2] \n"             
1034 "       BEQ     loc_FF865AF8 \n"                     
1035 "       LDR     R1, =0x28D \n"                       
1036 "       B       loc_FF865AF0 \n"                       
1037 "loc_FF865A18:\n"
1038 "       MOV     R1, R0 \n"                           
1039 "       RSBLT   R0, R0, #0 \n"                     
1040 "       MOVLE   R7, #0 \n"                         
1041 "       MOVGT   R7, #1 \n"                         
1042 "       CMP     R0, #0xFF \n"                        
1043 "       BLS     loc_FF865A58 \n"                     
1044 "       CMP     R1, #0 \n"                           
1045 "       RSBLE   R0, R3, #0xFF \n"                  
1046 "       ADDLE   R0, R0, #0x7F00 \n"                
1047 "       ADDLE   R0, R0, R2 \n"                     
1048 "       RSBGT   R0, R2, #0xFF \n"                  
1049 "       ADDGT   R0, R0, #0x7F00 \n"                
1050 "       ADDGT   R0, R0, R3 \n"                     
1051 "       ADD     R0, R0, #0x8000 \n"                  
1052 "       ADD     R0, R0, #1 \n"                       
1053 "       EOR     R7, R7, #1 \n"                       
1054 "loc_FF865A58:\n"
1055 "       STR     R0, [SP, #4] \n"                     
1056 "       LDR     R0, [R9, R4, LSL #2] \n"             
1057 "       CMP     R0, #0 \n"                           
1058 "       ADDEQ   R0, R6, R5, LSL #2 \n"             
1059 "       LDREQ   R0, [R0, #8] \n"                   
1060 "       BEQ     loc_FF865A90 \n"                     
1061 "       ADD     R8, R6, R5, LSL #2 \n"               
1062 "       ADD     R1, R8, R7, LSL #2 \n"               
1063 "       LDR     R1, [R1, #0x10] \n"                  
1064 "       CMP     R1, R0 \n"                           
1065 "       BEQ     loc_FF865A94 \n"                     
1066 "       LDR     R0, [R8, #0xC] \n"                   
1067 "       BL      sub_FF89CCA4 \n"                      
1068 "       LDR     R0, [R8, #8] \n"                     
1069 "loc_FF865A90:\n"
1070 "       BL      sub_FF89CCA4 \n"                      
1071 "loc_FF865A94:\n"
1072 "       ADD     R0, R6, R5, LSL #2 \n"               
1073 "       ADD     R7, R0, R7, LSL #2 \n"               
1074 "       LDR     R0, [R7, #0x10] \n"                  
1075 "       LDR     R1, [SP, #4] \n"                     
1076 "       BL      sub_FF89CBCC \n"                      
1077 "       LDR     R0, [R7, #0x10] \n"                  
1078 "       LDR     R7, =0x260C \n"                      
1079 "       STR     R0, [R9, R4, LSL #2] \n"             
1080 "       LDR     R0, [SP, #0x20] \n"                  
1081 "       LDRH    R0, [R0] \n"                        
1082 "       STRH    R0, [R11] \n"                       
1083 "       LDR     R0, [R7, R4, LSL #2] \n"             
1084 "       BL      sub_FF83B290 \n"                      
1085 "       LDR     R2, =0xFF8657EC \n"                  
1086 "       ADD     R1, R2, #0 \n"                       
1087 "       ORR     R3, R4, #0x300 \n"                   
1088 "       MOV     R0, #0x1F4 \n"                       
1089 "       BL      sub_FF83B1AC \n"                      
1090 "       TST     R0, #1 \n"                           
1091 "       CMPNE   R0, #0x15 \n"                      
1092 "       STR     R0, [R7, R4, LSL #2] \n"             
1093 "       BEQ     loc_FF865AF8 \n"                     
1094 "       LDR     R1, =0x2CF \n"                       
1095 "loc_FF865AF0:\n"
1096 "       LDR     R0, =0xFF865B50 \n"                  
1097 "       BL      sub_FF81EB78 \n"                      
1098 "loc_FF865AF8:\n"
1099 "       ADD     R0, R6, R5, LSL #2 \n"               
1100 "       LDR     R0, [R0, #0x18] \n"                  
1101 "       CMP     R0, #1 \n"                           
1102 "       BNE     loc_FF865B88 \n"                     
1103 "       LDR     R0, =0x25FC \n"                      
1104 "       LDR     R0, [R0, #0xC] \n"                   
1105 "       CMP     R0, #0 \n"                           
1106 "       BEQ     loc_FF865B88 \n"                     
1107 "       LDR     R2, =0xFF8657E0 \n"                  
1108 "       ADD     R1, R2, #0 \n"                       
1109 "       ORR     R3, R4, #0x400 \n"                   
1110 "       BL      sub_FF83B1AC \n"                      
1111 "       TST     R0, #1 \n"                           
1112 "       CMPNE   R0, #0x15 \n"                      
1113 "       STR     R0, [R10, R4, LSL #2] \n"            
1114 "       BEQ     loc_FF8658F0 \n"                     
1115 "       LDR     R1, =0x2D6 \n"                       
1116 "loc_FF865B3C:\n"
1117 "       LDR     R0, =0xFF865B50 \n"                  
1118 "       BL      sub_FF81EB78 \n"                      
1119 "       B       loc_FF8658F0 \n"                       
1120 "       NOP \n"
1121 
1122 
1123 
1124 
1125 
1126 
1127 
1128 
1129 
1130 
1131 
1132 
1133 
1134 
1135 
1136 
1137 "loc_FF865B88:\n"
1138 "       LDR     R0, [R6, R5, LSL #2] \n"             
1139 "       B       loc_FF865958 \n"                       
1140 "loc_FF865B90:\n"
1141 "       LDR     R0, [R9, R4, LSL #2] \n"             
1142 "       CMP     R0, #0 \n"                           
1143 "       MOVEQ   R1, #0x2E0 \n"                     
1144 "       LDREQ   R0, =0xFF865B50 \n"                
1145 "       BLEQ    sub_FF81EB78 \n"                    
1146 "       RSB     R0, R4, R4, LSL #3 \n"               
1147 "       ADD     R0, R6, R0, LSL #2 \n"               
1148 "       LDR     R0, [R0, #0xC] \n"                   
1149 "       BL      sub_FF89CCA4 \n"                      
1150 "       MOV     R2, #0 \n"                           
1151 "       STR     R2, [R9, R4, LSL #2] \n"             
1152 "       B       loc_FF8658F0 \n" 
1153 
1154 
1155 
1156 
1157 
1158 
1159 
1160 
1161 
1162 
1163 
1164 
1165 
1166 
1167 
1168 
1169 
1170 
1171         );
1172 };
1173 
1174 
1175 
1176 
1177 
1178 
1179 
1180 
1181 
1182 
1183 
1184 
1185 
1186 
1187 
1188 
1189 
1190 
1191 
1192 
1193 
1194 
1195 
1196 
1197 
1198 
1199 
1200 
1201 
1202 
1203 
1204 
1205 
1206 
1207 
1208 
1209 
1210 
1211 
1212 
1213 
1214 
1215 
1216 
1217 
1218 
1219 
1220 
1221 
1222 
1223 
1224 
1225 
1226 
1227 
1228 
1229 
1230 
1231 
1232 
1233 
1234 
1235 
1236 
1237 
1238 
1239 
1240 
1241 
1242 
1243 
1244 
1245 
1246 
1247 
1248 
1249 
1250 
1251 
1252 
1253 
1254 
1255 
1256 
1257 
1258 
1259 
1260 
1261 
1262 
1263 
1264 
1265 
1266 
1267 
1268 
1269 
1270 
1271 
1272 
1273 
1274 
1275 
1276 
1277 
1278 
1279 
1280 
1281 
1282 
1283 
1284 
1285 
1286 
1287 
1288 
1289 
1290 
1291 
1292 
1293 
1294 
1295 
1296 
1297 
1298 
1299 
1300 
1301 
1302 
1303 
1304 
1305 
1306 
1307 
1308 
1309 
1310 
1311 
1312 
1313 
1314 
1315 
1316 
1317 
1318 
1319 
1320 
1321 
1322 
1323 
1324 
1325 
1326 
1327 
1328 
1329 
1330 
1331 
1332 
1333 
1334 
1335 
1336 
1337 
1338 
1339 
1340 
1341 
1342 
1343 
1344 
1345 
1346 
1347 
1348 
1349 
1350 
1351 
1352 
1353 
1354 
1355 
1356 
1357 
1358 
1359 
1360 
1361 
1362 
1363 
1364 
1365 
1366 
1367 
1368 
1369 
1370 
1371 
1372 
1373 
1374 
1375 
1376 
1377 
1378 
1379 
1380 
1381 
1382 
1383 
1384 
1385 
1386 
1387 
1388 
1389 
1390 
1391 
1392 
1393 
1394 
1395 
1396 
1397 
1398 
1399 
1400 
1401 
1402 
1403 
1404 
1405 
1406 
1407 
1408 
1409 
1410 
1411 
1412 
1413 
1414 
1415 
1416 
1417 
1418 
1419 
1420 
1421 
1422 
1423 
1424 
1425 
1426 
1427 
1428 
1429 
1430 
1431 
1432 
1433 
1434 
1435 
1436 
1437 
1438 
1439 
1440 
1441 
1442 
1443 
1444 
1445 
1446 
1447 
1448 
1449 
1450 
1451 
1452 
1453 
1454 
1455 
1456 
1457 
1458 
1459 
1460 
1461 
1462 
1463 
1464 
1465 
1466 
1467 
1468 
1469 
1470 
1471 
1472 
1473 
1474 
1475 
1476 
1477 
1478 
1479 
1480 
1481 
1482 
1483 
1484 
1485 
1486 
1487 
1488 
1489 
1490 
1491 
1492 
1493 
1494 
1495 
1496 
1497 
1498 
1499 
1500 
1501 
1502 
1503 
1504 
1505 
1506 
1507 
1508 
1509 
1510 
1511 
1512 
1513 
1514 
1515 
1516 
1517 
1518 
1519 
1520 
1521 
1522 
1523 
1524 
1525 
1526 
1527 
1528 
1529 
1530 
1531 
1532 
1533 
1534 
1535 
1536 
1537 
1538 
1539 
1540 
1541 
1542 
1543 
1544 
1545 
1546 
1547 
1548 
1549 
1550 
1551 
1552 
1553 
1554 
1555 
1556 
1557 
1558 
1559 
1560 
1561 
1562 
1563 
1564 
1565 
1566 
1567 
1568 
1569 
1570 
1571 
1572 
1573 
1574 
1575 
1576 
1577 
1578 
1579 
1580 
1581 
1582 
1583 
1584 
1585 
1586 
1587 
1588 
1589 
1590 
1591 
1592 
1593 
1594 
1595 
1596 
1597 
1598 
1599 
1600 
1601 
1602 
1603 
1604 
1605 
1606 
1607 
1608 
1609 
1610 
1611 
1612 
1613 
1614 
1615 
1616 
1617 
1618 
1619 
1620 
1621 
1622 
1623 
1624 
1625 
1626 
1627 
1628 
1629 
1630 
1631 
1632 
1633 
1634 
1635 
1636 
1637 
1638 
1639 
1640 
1641 
1642 
1643 
1644 
1645 
1646 
1647 
1648 
1649 
1650 
1651 
1652 
1653 
1654 
1655 
1656 
1657 
1658 
1659 
1660 
1661 
1662 
1663 
1664 
1665 
1666 
1667 
1668 
1669 
1670 
1671 
1672 
1673 
1674 
1675 
1676 
1677 
1678 
1679 
1680 
1681 
1682 
1683 
1684 
1685 
1686 
1687 
1688 
1689 
1690 
1691 
1692 
1693 
1694 
1695 
1696 
1697 
1698 
1699 
1700 
1701 
1702 
1703 
1704 
1705 
1706 
1707 
1708 
1709 
1710 
1711 
1712 
1713 
1714 
1715 
1716 
1717 
1718 
1719 
1720 
1721 
1722 
1723 
1724 
1725 
1726 
1727 
1728 
1729 
1730 
1731 
1732 
1733 
1734 
1735 
1736 
1737 
1738 
1739 
1740 
1741 
1742 
1743 
1744 
1745 
1746 
1747 
1748 
1749 
1750 
1751 
1752 
1753 
1754 
1755 
1756 
1757 
1758 
1759 
1760 
1761 
1762 
1763 
1764 
1765 
1766 
1767 
1768 
1769 
1770 
1771 
1772 
1773 
1774 
1775 
1776 
1777 
1778 
1779 
1780 
1781 
1782 
1783 
1784 
1785 
1786 
1787 
1788 
1789 
1790 
1791 
1792 
1793 
1794 
1795 
1796 
1797 
1798 
1799 
1800 
1801 
1802 
1803 
1804 
1805 
1806 
1807 
1808 
1809 
1810 
1811 
1812 
1813 
1814 
1815 
1816 
1817 
1818 
1819 
1820 
1821 
1822 
1823 
1824 
1825 
1826 
1827 
1828 
1829 
1830 
1831 
1832 
1833 
1834 
1835 
1836 
1837 
1838 
1839 
1840 
1841 
1842 
1843 
1844 
1845 
1846 
1847 
1848 
1849 
1850 
1851 
1852 
1853 
1854 
1855 
1856 
1857 
1858 
1859 
1860 
1861 
1862 
1863 
1864 
1865 
1866 
1867 
1868 
1869 
1870 
1871 
1872 
1873 
1874 
1875 
1876 
1877 
1878 
1879 
1880 
1881 
1882 
1883 
1884 
1885 
1886 
1887 
1888 
1889 
1890 
1891 
1892 
1893 
1894 
1895 
1896 
1897 
1898 
1899 
1900 
1901 
1902 
1903 
1904 
1905 
1906 
1907 
1908 
1909 
1910 
1911 
1912 
1913 
1914 
1915 
1916 
1917 
1918 
1919 
1920 
1921 
1922 
1923 
1924 
1925 
1926 
1927 
1928 
1929 
1930 
1931 
1932 
1933 
1934 
1935 
1936 
1937 
1938 
1939 
1940 
1941 
1942 
1943 
1944 
1945 
1946 
1947 
1948 
1949 
1950 
1951 
1952 
1953 
1954 
1955 
1956 
1957 
1958 
1959 
1960 
1961 
1962 
1963 
1964 
1965 
1966 
1967 
1968 
1969 
1970 
1971 
1972 
1973 
1974 
1975 
1976 
1977 
1978 
1979 
1980 
1981 
1982 
1983 
1984 
1985 
1986 
1987 
1988 
1989 
1990 
1991 
1992 
1993 
1994 
1995 
1996 
1997 
1998 
1999 
2000 
2001 
2002 
2003 
2004 
2005 
2006 
2007 
2008 
2009 
2010 
2011 
2012 
2013 
2014 
2015 
2016 
2017 
2018 
2019 
2020 
2021 
2022 
2023 
2024 
2025 
2026 
2027 
2028 
2029 
2030 
2031 
2032 
2033 
2034 
2035 
2036 
2037 
2038 
2039 
2040 
2041 
2042 
2043 
2044 
2045 
2046 
2047 
2048 
2049 
2050 
2051 
2052 
2053 
2054 
2055 
2056 
2057 
2058 
2059 
2060 
2061 
2062 
2063 
2064 
2065 
2066 
2067 
2068 
2069 
2070 
2071 
2072 
2073 
2074 
2075 
2076 
2077 
2078 
2079 
2080 
2081 
2082 
2083 
2084 
2085 
2086 
2087 
2088 
2089 
2090 
2091 
2092 
2093 
2094 
2095 
2096 
2097 
2098 
2099 
2100 
2101 
2102 
2103 
2104 
2105 
2106 
2107 
2108 
2109 
2110 
2111 
2112 
2113 
2114 
2115 
2116 
2117 
2118 
2119 
2120 
2121 
2122 
2123 
2124 
2125 
2126 
2127 
2128 
2129 
2130 
2131 
2132 
2133 
2134 
2135 
2136 
2137 
2138 
2139 
2140 
2141 
2142 
2143 
2144 
2145 
2146 
2147 
2148 
2149 
2150 
2151 
2152 
2153 
2154 
2155 
2156 
2157 
2158 
2159 
2160 
2161 
2162 
2163 
2164 
2165 
2166 
2167 
2168 
2169 
2170 
2171 
2172 
2173 
2174 
2175 
2176 
2177 
2178 
2179 
2180 
2181 
2182 
2183 
2184 
2185 
2186 
2187 
2188 
2189 
2190 
2191 
2192 
2193 
2194 
2195 
2196 
2197 
2198 
2199 
2200 
2201 
2202 
2203 
2204 
2205 
2206 
2207 
2208 
2209 
2210 
2211 
2212 
2213 
2214 
2215 
2216 
2217 
2218 
2219 
2220 
2221 
2222 
2223 
2224 
2225 
2226 
2227 
2228 
2229 
2230 
2231 
2232 
2233 
2234 
2235 
2236 
2237 
2238 
2239 
2240 
2241 
2242 
2243 
2244 
2245 
2246 
2247 
2248 
2249 
2250 
2251 
2252 
2253 
2254 
2255 
2256 
2257 
2258 
2259 
2260 
2261 
2262 
2263 
2264 
2265 
2266 
2267 
2268 
2269 
2270 
2271 
2272 
2273 
2274 
2275 
2276 
2277 
2278 
2279 
2280 
2281 
2282 
2283 
2284 
2285 
2286 
2287 
2288 
2289 
2290 
2291 
2292 
2293 
2294 
2295 
2296 
2297 
2298 
2299 
2300 
2301 
2302 
2303 
2304 
2305 
2306 
2307 
2308 
2309 
2310 
2311 
2312 
2313 
2314 
2315 
2316 
2317 
2318 
2319 
2320 
2321 
2322 
2323 
2324 
2325 
2326 
2327 
2328 
2329 
2330 
2331 
2332 
2333 
2334 
2335 
2336 
2337 
2338 
2339 
2340 
2341 
2342 
2343 
2344 
2345 
2346 
2347 
2348 
2349 
2350 
2351 
2352 
2353 
2354 
2355 
2356 
2357 
2358 
2359 
2360 
2361 
2362 
2363 
2364 
2365 
2366 
2367 
2368 
2369 
2370 
2371 
2372 
2373 
2374 
2375 
2376 
2377 
2378 
2379 
2380 
2381 
2382 
2383 
2384 
2385 
2386 
2387 
2388 
2389 
2390 
2391 
2392 
2393 
2394 
2395 
2396 
2397 
2398 
2399 
2400 
2401 
2402 
2403 
2404 
2405 
2406 
2407 
2408 
2409 
2410 
2411 
2412 
2413 
2414 
2415 
2416 
2417 
2418 
2419 
2420 
2421 
2422 
2423 
2424 
2425 
2426 
2427 
2428 
2429 
2430 
2431 
2432 
2433 
2434 
2435 
2436 
2437 
2438 
2439 
2440 
2441 
2442 
2443 
2444 
2445 
2446 
2447 
2448 
2449 
2450 
2451 
2452 
2453 
2454 
2455 
2456 
2457 
2458 
2459 
2460 
2461 
2462 
2463 
2464 
2465 
2466 
2467 
2468 
2469 
2470 
2471 
2472 
2473 
2474 
2475 
2476 
2477 
2478 
2479 
2480 
2481 
2482 
2483 
2484 
2485 
2486 
2487 
2488 
2489 
2490 
2491 
2492 
2493 
2494 
2495 
2496 
2497 
2498 
2499 
2500 
2501 
2502 
2503 
2504 
2505 
2506 
2507 
2508 
2509 
2510 
2511 
2512 
2513 
2514 
2515 
2516 
2517 
2518 
2519 
2520 
2521 
2522 
2523 
2524 
2525 
2526 
2527 
2528 
2529 
2530 
2531 
2532 
2533 
2534 
2535 
2536 
2537 
2538 
2539 
2540 
2541 
2542 
2543 
2544 
2545 
2546 
2547 
2548 
2549 
2550 
2551 
2552 
2553 
2554 
2555 
2556 
2557 
2558 
2559 
2560 
2561 
2562 
2563 
2564 
2565 
2566 
2567 
2568 
2569 
2570 
2571 
2572 
2573 
2574 
2575 
2576 
2577 
2578 
2579 
2580 
2581 
2582 
2583 
2584 
2585 
2586 
2587 
2588 
2589 
2590 
2591 
2592 
2593 
2594 
2595 
2596 
2597 
2598 
2599 
2600 
2601 
2602 
2603 
2604 
2605 
2606 
2607 
2608 
2609 
2610 
2611 
2612 
2613 
2614 
2615 
2616 
2617 
2618 
2619 
2620 
2621 
2622 
2623 
2624 
2625 
2626 
2627 
2628 
2629 
2630 
2631 
2632 
2633 
2634 
2635 
2636 
2637 
2638 
2639 
2640 
2641 
2642 
2643 
2644 
2645 
2646 
2647 
2648 
2649 
2650 
2651 
2652 
2653 
2654 
2655 
2656 
2657 
2658 
2659 
2660 
2661 
2662 
2663 
2664 
2665 
2666 
2667 
2668 
2669 
2670 
2671 
2672 
2673 
2674 
2675 
2676 
2677 
2678 
2679 
2680 
2681 
2682 
2683 
2684 
2685 
2686 
2687 
2688 
2689 
2690 
2691 
2692 
2693 
2694 
2695 
2696 
2697 
2698 
2699 
2700 
2701 
2702 
2703 
2704 
2705 
2706 
2707 
2708 
2709 
2710 
2711 
2712 
2713 
2714 
2715 
2716 
2717 
2718 
2719 
2720 
2721 
2722 
2723 
2724 
2725 
2726 
2727 
2728 
2729 
2730 
2731 
2732 
2733 
2734 
2735 
2736 
2737 
2738 
2739 
2740 
2741 
2742 
2743 
2744 
2745 
2746 
2747 
2748 
2749 
2750 
2751 
2752 
2753 
2754 
2755 
2756 
2757 
2758 
2759 
2760 
2761 
2762 
2763 
2764 
2765 
2766 
2767 
2768 
2769 
2770 
2771 
2772 
2773 
2774 
2775 
2776 
2777 
2778 
2779 
2780 
2781 
2782 
2783 
2784 
2785 
2786 
2787 
2788 
2789 
2790 
2791 
2792 
2793 
2794 
2795 
2796 
2797 
2798 
2799 
2800 
2801 
2802 
2803 
2804 
2805 
2806 
2807 
2808 
2809 
2810 
2811 
2812 
2813 
2814 
2815 
2816 
2817 
2818 
2819 
2820 
2821 
2822 
2823 
2824 
2825 

/* [<][>][^][v][top][bottom][index][help] */