This source file includes following definitions.
- spytask
- CreateTask_spytask
- task_blinker
- CreateTask_blinker
- init_required_fw_features
- boot
- CreateTask_my
- sub_fc05d050_my
- sub_fc05d1e0_my
- sub_fc05d5e6_my
- task_Startup_my
- sub_fc07a0e2_my
- init_file_modules_task
- kbd_p2_f_my
- sub_fc06e104_my
1 #include "lolevel.h"
2 #include "platform.h"
3 #include "core.h"
4
5
6 #define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
7
8 const char * const new_sa = &_end;
9
10
11 extern volatile int jogdial_stopped;
12 void JogDial_task_my(void);
13
14 extern void task_CaptSeq();
15 extern void task_InitFileModules();
16 extern void task_RotaryEncoder();
17 extern void task_MovieRecord();
18
19 extern void task_ExpDrv();
20
21 extern void handle_jogdial();
22
23
24
25
26
27 void spytask(long ua, long ub, long uc, long ud, long ue, long uf)
28 {
29 (void)ua; (void)ub; (void)uc; (void)ud; (void)ue; (void)uf;
30 core_spytask();
31 }
32
33
34
35
36 void CreateTask_spytask()
37 {
38
39
40 _CreateTask("SpyTask", 0x19, 0x2000, spytask, 0);
41 }
42
43
44 void task_blinker()
45 {
46 #if 0
47 unsigned v=*(volatile unsigned *)(0x9808);
48 unsigned pat=0;
49 if(v & 0x80000){
50 pat |=1;
51 }
52 if(v & 0x100000){
53 pat |=2;
54 }
55 if(v & 0x200000){
56 pat |=4;
57 }
58 if(v & 0x400000){
59 pat |=8;
60 }
61 if(v & 0x800000){
62 pat |=0x10;
63 }
64 while(1) {
65 int i;
66 for(i=0;i<5;i++) {
67 *(volatile int*)0xd20b0994 = 0x4d0002;
68 if((pat >> i) & 1) {
69 msleep(1000);
70 } else {
71 msleep(250);
72 }
73 *(volatile int*)0xd20b0994 = 0x4c0003;
74 msleep(500);
75 }
76 msleep(5000);
77 }
78 #endif
79 #if 0
80 int delay=1000;
81 if(rbval == 0x12345678) {
82 delay=100;
83 }
84 while(1) {
85 *(volatile int*)0xd20b0994 = 0x4d0002;
86 msleep(delay);
87 *(volatile int*)0xd20b0994 = 0x4c0003;
88 msleep(delay);
89 }
90 #endif
91 while(1) {
92 *(volatile int*)0xd20b0994 = 0x4d0002;
93 msleep(250);
94 *(volatile int*)0xd20b0994 = 0x4c0003;
95 msleep(250);
96 }
97 }
98
99 void CreateTask_blinker()
100 {
101 _CreateTask("blinker", 0x19, 0x200, task_blinker, 0);
102 }
103
104
105
106
107
108
109
110
111
112 void init_required_fw_features(void) {
113 extern void _init_focus_eventflag();
114 extern void _init_nd_eventflag();
115
116
117
118 _init_focus_eventflag();
119 _init_nd_eventflag();
120
121 extern int av_override_semaphore;
122 extern int _CreateBinarySemaphoreStrictly(int x, int y);
123 av_override_semaphore = _CreateBinarySemaphoreStrictly(0,0);
124
125 }
126
127
128
129
130
131
132
133
134
135
136
137
138
139 void __attribute__((naked,noinline)) boot() {
140 asm volatile (
141 " ldr.w sp, =0x80010000\n"
142 " bl sub_fc020064\n"
143 " ldr r2, =0xc0242010\n"
144 " ldr r1, [r2]\n"
145 " orr r1, r1, #1\n"
146 " str r1, [r2]\n"
147 " ldr r0, =0xfcc64f9c\n"
148 " ldr r1, =0x010c1000\n"
149 " ldr r3, =0x010df808\n"
150 "loc_fc020024:\n"
151 " cmp r1, r3\n"
152 " itt lo\n"
153 " ldrlo r2, [r0], #4\n"
154 " strlo r2, [r1], #4\n"
155 " blo loc_fc020024\n"
156
157
158 "adr r0, patch_CreateTask\n"
159 "ldr r1, =hook_CreateTask\n"
160 "add r2, r0, #8\n"
161 "task_hook_loop:\n"
162 "ldrh r3, [r0],#2\n"
163 "strh r3, [r1],#2\n"
164 "cmp r0,r2\n"
165 "blo task_hook_loop\n"
166 " ldr r0, =0x010c1000\n"
167 " ldr r1, =0x0001e808\n"
168 " bl sub_fc1194ee\n"
169 " ldr r0, =0xfcc3dfc0\n"
170 " ldr r1, =0x00008000\n"
171 " ldr r3, =0x0002efdc\n"
172 "loc_fc020040:\n"
173 " cmp r1, r3\n"
174 " itt lo\n"
175 " ldrlo r2, [r0], #4\n"
176 " strlo r2, [r1], #4\n"
177 " blo loc_fc020040\n"
178 " ldr r3, =0x0002efdc\n"
179 " ldr r1, =0x0035bb28\n"
180 " mov.w r2, #0\n"
181 "loc_fc020056:\n"
182 " cmp r3, r1\n"
183 " it lo\n"
184 " strlo r2, [r3], #4\n"
185 " blo loc_fc020056\n"
186
187 " b.w sub_fc05d050_my\n"
188 "patch_CreateTask:\n"
189 "ldr.w pc, [pc,#0]\n"
190 ".long CreateTask_my + 1\n"
191 );
192 }
193
194
195 void __attribute__((naked,noinline)) CreateTask_my() {
196
197 asm volatile (
198 " push {r0}\n"
199
200
201 " ldr r0, =task_CaptSeq\n"
202 " cmp r0, r3\n"
203 " itt eq\n"
204 " ldreq r3, =capt_seq_task\n"
205 " orreq r3, #1\n"
206 " beq exitHook\n"
207
208
209
210
211 #if 0
212 " LDR R0, =task_ExpDrv\n"
213 " CMP R0, R3\n"
214 " itt eq\n"
215 " LDREQ R3, =exp_drv_task\n"
216 " orreq r3, #1\n"
217 " BEQ exitHook\n"
218 #endif
219
220
221
222
223
224
225
226
227
228
229 " ldr r0, =task_FileWrite\n"
230 " cmp r0, r3\n"
231 " itt eq\n"
232 " ldreq r3, =filewritetask\n"
233 " orreq r3, #1\n"
234 " beq exitHook\n"
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250 " ldr r0, =task_InitFileModules\n"
251 " cmp r0, r3\n"
252 " itt eq\n"
253 " ldreq r3, =init_file_modules_task\n"
254 " orreq r3, #1\n"
255
256 "exitHook:\n"
257
258
259 " pop {r0}\n"
260
261
262
263 " stmdb sp!, {r1, r2, r3, r4, r5, r6, r7, r8, r9, lr}\n"
264 " mov r4, r0\n"
265 " ldr r0, =0x0000815c\n"
266 " ldr.w pc, =(hook_CreateTask + 8 + 1) \n"
267 ".ltorg\n"
268 );
269
270 }
271
272
273 void __attribute__((naked,noinline)) sub_fc05d050_my() {
274 asm volatile (
275 " push {r4, lr}\n"
276 #if defined(CHDK_NOT_IN_CANON_HEAP)
277 "ldr r4, =0x0035bb28\n"
278 #else
279 "ldr r4, =new_sa\n"
280 "ldr r4, [r4]\n"
281 #endif
282 " sub sp, #0x78\n"
283 " ldr r0, =0x006ce000\n"
284 " ldr r1, =0x0008fd8c\n"
285 " subs r0, r0, r4\n"
286 " cmp r0, r1\n"
287 " bhs loc_fc05d062\n"
288 "loc_fc05d060:\n"
289 " b loc_fc05d060\n"
290 "loc_fc05d062:\n"
291 " ldr r1, =0x00008074\n"
292 " mov.w r0, #0x80000\n"
293 " str r0, [r1]\n"
294 " ldr r1, =0x00008078\n"
295 " ldr r0, =0x42a21000\n"
296 " str r0, [r1]\n"
297 " ldr r1, =0x0000807c\n"
298 " ldr r0, =0x42a23000\n"
299 " str r0, [r1]\n"
300 " movs r1, #0x78\n"
301 " mov r0, sp\n"
302 " blx sub_fc29b568\n"
303 " ldr r0, =0x0062e000\n"
304 " mov.w r1, #0xa0000\n"
305 " stm.w sp, {r0, r1, r4}\n"
306 " ldr r1, =0x00622274\n"
307 " subs r2, r1, r4\n"
308 " strd r2, r1, [sp, #0xc]\n"
309 " str r0, [sp, #0x14]\n"
310 " movs r0, #0x22\n"
311 " str r0, [sp, #0x18]\n"
312 " movs r0, #0x98\n"
313 " str r0, [sp, #0x1c]\n"
314 " movw r0, #0x24c\n"
315 " str r0, [sp, #0x20]\n"
316 " movs r0, #0xfa\n"
317 " str r0, [sp, #0x24]\n"
318 " movs r0, #0xe8\n"
319 " str r0, [sp, #0x28]\n"
320 " movs r0, #0x85\n"
321 " str r0, [sp, #0x2c]\n"
322 " movs r0, #0x40\n"
323 " str r0, [sp, #0x30]\n"
324 " movs r0, #4\n"
325 " str r0, [sp, #0x34]\n"
326 " movs r0, #0\n"
327 " str r0, [sp, #0x38]\n"
328 " movs r0, #0x10\n"
329 " str r0, [sp, #0x5c]\n"
330 " movs r2, #0\n"
331 " lsls r0, r0, #8\n"
332 " str r0, [sp, #0x60]\n"
333
334 "ldr r1, =sub_fc05d1e0_my\n"
335 " asrs r0, r0, #4\n"
336 " str r0, [sp, #0x64]\n"
337 " lsls r0, r0, #5\n"
338 " str r0, [sp, #0x68]\n"
339 " mov r0, sp\n"
340 " blx sub_fc29abb0\n"
341 " add sp, #0x78\n"
342 " pop {r4, pc}\n"
343 ".ltorg\n"
344
345 );
346
347
348 }
349
350
351
352 void __attribute__((naked,noinline)) sub_fc05d1e0_my() {
353 asm volatile (
354 " push {r4, lr}\n"
355 " ldr r4, =0xfc05d28c\n"
356 " bl sub_fc05e4a8\n"
357 " ldr r0, =0x000080ec\n"
358 " ldr r1, [r0]\n"
359 " ldr r0, =0x00008074\n"
360 " ldr r0, [r0]\n"
361 " adds r0, #0x10\n"
362 " cmp r1, r0\n"
363 " bhs loc_fc05d1fc\n"
364 " ldr r0, =0xfc05d29c\n"
365 " bl sub_fc05d274\n"
366 "loc_fc05d1fc:\n"
367 " bl sub_fc1195c8\n"
368 " ldr r3, =0x80000800\n"
369
370
371
372 "mov.w r1, #0x80000000\n"
373 "mov.w r2, #0xeeeeeeee\n"
374 "loc_fc05d20a:\n"
375 " stm r1!, {r2}\n"
376 " cmp r1, r3\n"
377 " blo loc_fc05d20a\n"
378 " bl sub_fc1195da\n"
379 " bl sub_fc11961c\n"
380 " cmp r0, #0\n"
381 " bge loc_fc05d222\n"
382 " ldr r0, =0xfc05d2b8\n"
383 " bl sub_fc05d274\n"
384 "loc_fc05d222:\n"
385 " bl sub_fc05da54\n"
386 " cmp r0, #0\n"
387 " bge loc_fc05d230\n"
388 " ldr r0, =0xfc05d2c0\n"
389 " bl sub_fc05d274\n"
390 "loc_fc05d230:\n"
391 " mov r0, r4\n"
392 " bl sub_fc05dae8\n"
393 " cmp r0, #0\n"
394 " bge loc_fc05d240\n"
395 " ldr r0, =0xfc05d2d0\n"
396 " bl sub_fc05d274\n"
397 "loc_fc05d240:\n"
398 " mov r0, r4\n"
399 " bl sub_fc05d418\n"
400 " cmp r0, #0\n"
401 " bge loc_fc05d250\n"
402 " ldr r0, =0xfc05d2e4\n"
403 " bl sub_fc05d274\n"
404 "loc_fc05d250:\n"
405 " bl sub_fc05d55c\n"
406 " cmp r0, #0\n"
407 " bge loc_fc05d25e\n"
408 " ldr r0, =0xfc05d2f0\n"
409 " bl sub_fc05d274\n"
410 "loc_fc05d25e:\n"
411 " bl sub_fc060920\n"
412 " cmp r0, #0\n"
413 " bge loc_fc05d26c\n"
414 " ldr r0, =0xfc05d2fc\n"
415 " bl sub_fc05d274\n"
416 "loc_fc05d26c:\n"
417 " pop.w {r4, lr}\n"
418 " b.w sub_fc05d5e6_my\n"
419 ".ltorg\n"
420 );
421 }
422
423
424 void __attribute__((naked,noinline)) sub_fc05d5e6_my() {
425 asm volatile (
426 " push {r3, lr}\n"
427 " bl sub_fc05d700\n"
428 " bl sub_fc0a6f3c\n"
429 " cbnz r0, loc_fc05d5fc\n"
430 " bl sub_fc07bf42\n"
431 " cbz r0, loc_fc05d5fc\n"
432 " movs r0, #1\n"
433 " b loc_fc05d5fe\n"
434 "loc_fc05d5fc:\n"
435 " movs r0, #0\n"
436 "loc_fc05d5fe:\n"
437 " bl sub_fc07a1f0\n"
438 " cbnz r0, loc_fc05d60a\n"
439 " bl sub_fc05d6ee\n"
440 "loc_fc05d608:\n"
441 " b loc_fc05d608\n"
442 "loc_fc05d60a:\n"
443 " blx sub_fc29ac08\n"
444 " ldr r1, =0x006ce000\n"
445 " movs r0, #0\n"
446 " bl sub_fc30f8b8\n"
447 " blx sub_fc29b160\n"
448 " movs r3, #0\n"
449 " str r3, [sp]\n"
450
451 "ldr r3, =task_Startup_my\n"
452 " movs r2, #0\n"
453 " movs r1, #0x19\n"
454 " ldr r0, =0xfc05d638\n"
455
456 " bl _CreateTask\n"
457 " movs r0, #0\n"
458 " pop {r3, pc}\n"
459 ".ltorg\n"
460 );
461
462 }
463
464
465
466
467
468
469 void __attribute__((naked,noinline)) task_Startup_my() {
470 asm volatile (
471 " push {r4, lr}\n"
472 " bl sub_fc11a940\n"
473 " bl sub_fc05d6cc\n"
474
475 " bl sub_fc0c8f3c\n"
476 "bl sub_fc0945b5\n"
477
478 " bl sub_fc0871d2\n"
479 " bl sub_fc11a9d8\n"
480 " bl sub_fc05d994\n"
481 " bl sub_fc05d7e0\n"
482 " bl sub_fc0c8f7a\n"
483 " bl sub_fc0a6c8c\n"
484 " bl sub_fc11a9de\n"
485
486 " bl sub_fc07a0e2_my\n"
487 " bl CreateTask_spytask\n"
488 " bl init_required_fw_features\n"
489
490 " bl sub_fc25b37c\n"
491 " bl sub_fc11a9f4\n"
492 " bl sub_fc0a6c28\n"
493 " bl sub_fc11a6f8\n"
494 " bl sub_fc0a6dec\n"
495 " bl sub_fc0c8eee\n"
496 " bl sub_fc11a6b4\n"
497 " bl sub_fc05d998\n"
498 " bl sub_fc300f40\n"
499 " bl sub_fc11a688\n"
500 " pop.w {r4, lr}\n"
501
502 " ldr pc,=0xfc11a917\n"
503 ".ltorg\n"
504 );
505 }
506
507
508 void __attribute__((naked,noinline)) sub_fc07a0e2_my() {
509
510 asm volatile (
511 " push {r3, r4, r5, lr}\n"
512 " bl sub_fc06f9d4\n"
513 " bl sub_fc07bec0\n"
514 " cbnz r0, loc_fc07a0f2\n"
515 " bl sub_fc06f978\n"
516 "loc_fc07a0f2:\n"
517 " ldr r4, =0x000082c8\n"
518 " ldr r0, [r4, #4]\n"
519 " cmp r0, #0\n"
520 " bne loc_fc07a10e\n"
521 " movs r3, #0\n"
522 " str r3, [sp]\n"
523
524 " ldr r3, =mykbd_task\n"
525 " movs r1, #0x17\n"
526 " ldr r0, =0xfc07a13c\n"
527
528 " movw r2, #0x2000\n"
529 " blx sub_fc29b450\n"
530 " str r0, [r4, #4]\n"
531 "loc_fc07a10e:\n"
532 " pop {r3, r4, r5, pc}\n"
533 ".ltorg\n"
534 );
535 }
536
537
538
539 void __attribute__((naked,noinline)) init_file_modules_task() {
540 asm volatile (
541 " push {r4, r5, r6, lr}\n"
542 " bl sub_fc0ac1bc\n"
543 " movs r4, r0\n"
544 " movw r5, #0x5006\n"
545 " beq loc_fc0aa10e\n"
546 " movs r1, #0\n"
547 " mov r0, r5\n"
548 " bl _PostLogicalEventToUI\n"
549 "loc_fc0aa10e:\n"
550 " bl sub_fc0ac1e6\n"
551 " BL core_spytask_can_start\n"
552 " cmp r4, #0\n"
553 " bne loc_fc0aa122\n"
554 " mov r0, r5\n"
555 " pop.w {r4, r5, r6, lr}\n"
556 " movs r1, #0\n"
557 " b.w _PostLogicalEventToUI\n"
558 "loc_fc0aa122:\n"
559 " pop {r4, r5, r6, pc}\n"
560 " .ltorg\n"
561 );
562
563 }
564
565
566 #ifdef CAM_HAS_JOGDIAL
567
568
569
570 void __attribute__((naked,noinline)) kbd_p2_f_my() {
571 asm volatile(
572 " push.w {r4, r5, r6, r7, r8, lr}\n"
573 " ldr r6, =0x000308d4\n"
574 " sub sp, #0x18\n"
575 " add r7, sp, #8\n"
576 " subs r6, #0xc\n"
577 " b loc_fc079eca\n"
578 "loc_fc079e96:\n"
579 " ldr r1, =0x000308d4\n"
580 " add r3, sp, #8\n"
581 " ldrb.w r0, [sp, #4]\n"
582 " add r2, sp, #0x14\n"
583 " subs r1, #0x18\n"
584 " bl sub_fc06e51c\n"
585 " cbnz r0, loc_fc079eb0\n"
586 " ldr r1, [sp, #0x14]\n"
587 " movs r0, #0\n"
588 " bl sub_fc079dfa\n"
589 "loc_fc079eb0:\n"
590 " movs r0, #2\n"
591 "loc_fc079eb2:\n"
592 " ldr.w r1, [r7, r0, lsl #2]\n"
593 " cbz r1, loc_fc079ec2\n"
594 " ldr.w r2, [r6, r0, lsl #2]\n"
595 " bics r2, r1\n"
596 " str.w r2, [r6, r0, lsl #2]\n"
597 "loc_fc079ec2:\n"
598 " subs r0, r0, #1\n"
599 " sxtb r0, r0\n"
600 " cmp r0, #0\n"
601 " bge loc_fc079eb2\n"
602 "loc_fc079eca:\n"
603 " ldr r0, =0x000308d4\n"
604 " add r1, sp, #4\n"
605 " subs r0, #0xc\n"
606 " bl sub_fc06e268\n"
607 " cmp r0, #0\n"
608 " bne loc_fc079e96\n"
609 " ldr.w r8, =0x000308d4\n"
610 " movs r4, #0\n"
611 "loc_fc079ede:\n"
612 " movs r5, #0\n"
613 " ldr.w r0, [r6, r4, lsl #2]\n"
614 " ldr.w r1, [r8, r4, lsl #2]\n"
615 " ands r0, r1\n"
616 " str.w r0, [r6, r4, lsl #2]\n"
617 " b loc_fc079f36\n"
618 "loc_fc079ef0:\n"
619 " lsrs r0, r5\n"
620 " lsls r0, r0, #0x1f\n"
621 " beq loc_fc079f2e\n"
622 " ldr r1, =0x000308d4\n"
623 " add.w r0, r5, r4, lsl #5\n"
624 " add r3, sp, #8\n"
625 " subs r1, #0x18\n"
626 " add r2, sp, #0x14\n"
627 " uxtb r0, r0\n"
628 " bl sub_fc06e51c\n"
629 " cbnz r0, loc_fc079f12\n"
630 " ldr r1, [sp, #0x14]\n"
631 " movs r0, #1\n"
632 " bl sub_fc079dfa\n"
633 "loc_fc079f12:\n"
634 " mov r0, r4\n"
635 " b loc_fc079f2a\n"
636 "loc_fc079f16:\n"
637 " ldr.w r1, [r7, r0, lsl #2]\n"
638 " cbz r1, loc_fc079f26\n"
639 " ldr.w r2, [r6, r0, lsl #2]\n"
640 " bics r2, r1\n"
641 " str.w r2, [r6, r0, lsl #2]\n"
642 "loc_fc079f26:\n"
643 " adds r0, r0, #1\n"
644 " sxtb r0, r0\n"
645 "loc_fc079f2a:\n"
646 " cmp r0, #3\n"
647 " blt loc_fc079f16\n"
648 "loc_fc079f2e:\n"
649 " ldr.w r0, [r6, r4, lsl #2]\n"
650 " adds r5, r5, #1\n"
651 " uxtb r5, r5\n"
652 "loc_fc079f36:\n"
653 " cmp r0, #0\n"
654 " bne loc_fc079ef0\n"
655 " adds r4, r4, #1\n"
656 " sxtb r4, r4\n"
657 " cmp r4, #3\n"
658 " blt loc_fc079ede\n"
659
660 " bl sub_fc06e104_my\n"
661 " add sp, #0x18\n"
662 " pop.w {r4, r5, r6, r7, r8, pc}\n"
663 ".ltorg\n"
664 );
665 }
666
667
668
669 void __attribute__((naked,noinline)) sub_fc06e104_my() {
670 asm volatile(
671 " push {r4, lr}\n"
672 " ldr r4, =0x00009334\n"
673 " ldr r0, [r4, #8]\n"
674 " bl sub_fc070a80\n"
675 " bl sub_fc0e4168\n"
676 " ldr r0, [r4, #0xc]\n"
677 " bl sub_fc07099c\n"
678
679
680 " bl handle_jogdial\n"
681 " cmp r0, #0\n"
682 " beq no_scroll\n"
683 " bl sub_fc06bf5e\n"
684 "no_scroll:\n"
685 " pop {r4, pc}\n"
686 ".ltorg\n"
687 );
688 }
689 #endif