root/platform/ixus90_sd790/sub/100c/boot.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. taskCreateHook
  2. boot
  3. sub_FF8101A4_my
  4. sub_FF810FA0_my
  5. uHwSetup_my
  6. taskcreate_Startup_my
  7. task_Startup_my
  8. CreateTask_spytask
  9. init_file_modules_task
  10. sub_FF86DB14_my
  11. sub_FF84F174_my
  12. sub_FF84EFB0_my
  13. sub_FF84ED40_my
  14. jogdial_task_my
   1 #include "lolevel.h"
   2 #include "platform.h"
   3 #include "core.h"
   4 
   5 const char * const new_sa = &_end;
   6 
   7 void __attribute__((naked,noinline)) jogdial_task_my();
   8 
   9 // Forward declarations
  10 //void CreateTask_PhySw();
  11 void CreateTask_spytask();
  12 
  13 void taskCreateHook(unsigned int *p)
  14 {
  15         p-=16;
  16         if (p[0]==0xFF821ADC)  p[0]=(unsigned int)mykbd_task;
  17         if (p[0]==0xFF842C84)  p[0]=(unsigned int)jogdial_task_my; 
  18         if (p[0]==0xFF85A278)  p[0]=(unsigned int)movie_record_task;
  19         if (p[0]==0xFF85E2b0)  p[0]=(unsigned int)capt_seq_task;
  20         if (p[0]==0xFF8791D0)  p[0]=(unsigned int)init_file_modules_task;
  21         if (p[0]==0xFF8b6A80)  p[0]=(unsigned int)exp_drv_task;
  22         if (p[0]==0xFFA0F034)  p[0]=(int)filewritetask;
  23 }
  24 
  25 void boot();
  26 
  27 void boot() { //#fs
  28     long *canon_data_src = (void*)0xFFB1CDDC;
  29     long *canon_data_dst = (void*)0x1900;
  30     long canon_data_len = 0xF134 - 0x1900; // data_end - data_start
  31     long *canon_bss_start = (void*)0xF134; // just after data
  32     long canon_bss_len = 0xCBC48 - 0xF134; //0xFEBC;
  33 
  34     long i;
  35 
  36     // Code taken from VxWorks CHDK. Changes CPU speed?
  37     asm volatile (
  38         "MRC     p15, 0, R0,c1,c0\n"
  39         "ORR     R0, R0, #0x1000\n"
  40         "ORR     R0, R0, #4\n"
  41         "ORR     R0, R0, #1\n"
  42         "MCR     p15, 0, R0,c1,c0\n"
  43     :::"r0");
  44 
  45     for(i=0;i<canon_data_len/4;i++)
  46         canon_data_dst[i]=canon_data_src[i];
  47 
  48     for(i=0;i<canon_bss_len/4;i++)
  49         canon_bss_start[i]=0;
  50 
  51     // jump to init-sequence that follows the data-copy-routine 
  52     asm volatile ("B  sub_FF8101A4_my\n" );
  53 }; //#fe
  54 
  55 
  56 // init
  57 void __attribute__((naked,noinline)) sub_FF8101A4_my() { //#fs 
  58     //http://chdk.setepontos.com/index.php/topic,4194.0.html
  59     *(int*)0x1930=(int)taskCreateHook;
  60 
  61     // replacement of sub_FF821C08  (sub_FF842634) for correct power-on.
  62     //(short press = playback mode, long press = record mode)
  63     *(int*)(0x2290)= (*(int*)0xC02200F8) & 1 ? 0x100000 : 0x200000;
  64 
  65         asm volatile (
  66 "loc_FF8101A4:\n" //                               ; CODE XREF: ROM:FF810160j
  67         "LDR     R0, =0xFF81021C\n"
  68         "MOV     R1, #0\n"
  69         "LDR     R3, =0xFF810254\n"
  70 
  71 "loc_FF8101B0:\n" //                               ; CODE XREF: ROM:FF8101BCj
  72         "CMP     R0, R3\n"
  73         "LDRCC   R2, [R0],#4\n"
  74         "STRCC   R2, [R1],#4\n"
  75         "BCC     loc_FF8101B0\n"
  76         "LDR     R0, =0xFF810254\n"
  77         "MOV     R1, #0x4B0\n"
  78         "LDR     R3, =0xFF810468\n"
  79 
  80 "loc_FF8101CC:\n" //                               ; CODE XREF: ROM:FF8101D8j
  81         "CMP     R0, R3\n"
  82         "LDRCC   R2, [R0],#4\n"
  83         "STRCC   R2, [R1],#4\n"
  84         "BCC     loc_FF8101CC\n"
  85         "MOV     R0, #0xD2\n"
  86         "MSR     CPSR_cxsf, R0\n"
  87         "MOV     SP, #0x1000\n"
  88         "MOV     R0, #0xD3\n"
  89         "MSR     CPSR_cxsf, R0\n"
  90         "MOV     SP, #0x1000\n"
  91 //        "LDR     R0, loc_FF810210\n" // =0x6C4\n" //loc_FF810210\n"
  92                           "LDR     R0, =0x6C4\n" // +
  93         "LDR     R2, =0xEEEEEEEE\n"
  94         "MOV     R3, #0x1000\n"
  95 
  96 "loc_FF810200:\n" //                               ; CODE XREF: ROM:FF810208j
  97         "CMP     R0, R3\n"
  98         "STRCC   R2, [R0],#4\n"
  99         "BCC     loc_FF810200\n"
 100         "BL      sub_FF810FA0_my\n"
 101         );
 102         // Working
 103 } //#fe
 104 
 105 void __attribute__((naked,noinline)) sub_FF810FA0_my() { //#fs 
 106         asm volatile (
 107         "STR     LR, [SP,#-4]!\n"
 108         "SUB     SP, SP, #0x74\n"
 109         "MOV     R0, SP\n"
 110         "MOV     R1, #0x74\n"
 111         "BL      sub_FFAACA5C\n"
 112         "MOV     R0, #0x53000\n"
 113         "STR     R0, [SP, #4]\n"
 114 #if defined(CHDK_NOT_IN_CANON_HEAP)
 115         "LDR     R0, =0xCBC48\n"
 116 #else
 117         "LDR     R0, =new_sa\n"
 118         "LDR     R0, [R0]\n"
 119 #endif
 120         "LDR     R2, =0x279C00\n"
 121         "LDR     R1, =0x272968\n"
 122         "STR     R0, [SP,#0x74-0x6C]\n"
 123         "SUB     R0, R1, R0\n"
 124         "ADD     R3, SP, #0x74-0x68\n"
 125         "STR     R2, [SP,#0x74-0x74]\n"
 126         "STMIA   R3, {R0-R2}\n"
 127         "MOV     R0, #0x22\n"
 128         "STR     R0, [SP,#0x74-0x5C]\n"
 129         "MOV     R0, #0x68\n"
 130         "STR     R0, [SP,#0x74-0x58]\n"
 131         "LDR     R0, =0x19B\n"
 132         "MOV     R1, #0x64\n"
 133         //"STRD    R0, [SP,#0x74-0x54]\n"
 134         "STR     R0, [SP,#0x74-0x54]\n"
 135         "STR     R1, [SP,#0x74-0x50]\n"
 136         "MOV     R0, #0x78\n"
 137         //"STRD    R0, [SP,#0x74-0x4C]\n"
 138         "STR     R0, [SP,#0x74-0x4C]\n"
 139         "STR     R1, [SP,#0x74-0x48]\n"
 140         "MOV     R0, #0\n"
 141         "STR     R0, [SP,#0x74-0x44]\n"
 142         "STR     R0, [SP,#0x74-0x40]\n"
 143         "MOV     R0, #0x10\n"
 144         "STR     R0, [SP,#0x74-0x18]\n"
 145         "MOV     R0, #0x800\n"
 146         "STR     R0, [SP,#0x74-0x14]\n"
 147         "MOV     R0, #0xA0\n"
 148         "STR     R0, [SP,#0x74-0x10]\n"
 149         "MOV     R0, #0x280\n"
 150         "STR     R0, [SP,#0x74-0xC]\n"
 151         //"LDR     R1, =0xFF814DA4\n"
 152         "LDR     R1, =uHwSetup_my\n"
 153         "MOV     R0, SP\n"
 154         "MOV     R2, #0\n"
 155         "BL      sub_FF812D58\n"
 156 
 157         "ADD     SP, SP, #0x74\n"
 158         "LDR     PC, [SP],#4\n"
 159         );
 160         // Working
 161 }; //#fe
 162 
 163 // Extracted method: uHwSetup (FF814DA4)
 164 void __attribute__((naked,noinline)) uHwSetup_my() { //#fs 
 165         asm volatile (
 166         "STMFD   SP!, {R4,LR}\n"
 167         "BL      sub_FF81094C\n"
 168         "BL      sub_FF819664\n"
 169         "CMP     R0, #0\n"
 170         "LDRLT   R0, =0xFF814EB8\n" //    ; "dmSetup"\n"
 171         "BLLT    sub_FF814E98\n"
 172         "BL      sub_FF8149C8\n"
 173         "CMP     R0, #0\n"
 174         "LDRLT   R0, =0xFF814EC0\n" // ; "termDriverInit"\n"
 175         "BLLT    sub_FF814E98\n"
 176         "LDR     R0, =0xFF814ED0\n" //      ; "/_term"\n"
 177         "BL      sub_FF814AB4\n"
 178         "CMP     R0, #0\n"
 179         "LDRLT   R0, =0xFF814ED8\n" // ; "termDeviceCreate"\n"
 180         "BLLT    sub_FF814E98\n"
 181         "LDR     R0, =0xFF814ED0\n" //      ; "/_term"\n"
 182         "BL      sub_FF813564\n"
 183         "CMP     R0, #0\n"
 184         "LDRLT   R0, =0xFF814EEC\n" // ; "stdioSetup"\n"
 185         "BLLT    sub_FF814E98\n"
 186         "BL      sub_FF8191EC\n"
 187         "CMP     R0, #0\n"
 188         "LDRLT   R0, =0xFF814EF8\n" // ; "stdlibSetup"\n"
 189         "BLLT    sub_FF814E98\n"
 190         "BL      sub_FF8114B8\n"
 191         "CMP     R0, #0\n"
 192         "LDRLT   R0, =0xFF814F04\n" // ; "armlib_setup"\n"
 193         "BLLT    sub_FF814E98\n"
 194         "LDMFD   SP!, {R4,LR}\n"
 195         "B       taskcreate_Startup_my\n"
 196         );
 197 }; //#fe
 198 
 199 // Extracted method: taskcreate_Startup (FF81CCBC)
 200 void __attribute__((naked,noinline)) taskcreate_Startup_my() { //#fs 
 201         asm volatile (
 202         "STMFD   SP!, {R3-R5,LR}\n"
 203         "BL      sub_FF821C00\n"
 204         "BL      sub_FF829EF0\n"
 205         "CMP     R0, #0\n"
 206         "BNE     loc_FF81CCFC\n"
 207         "LDR     R4, =0xC0220000\n"
 208         "LDR     R0, [R4,#0xFC]\n"
 209         "TST     R0, #1\n"
 210         "MOVEQ   R0, #0x12C\n"
 211         "BLEQ    sub_FF828400\n"
 212         "BL      sub_FF821BFC\n"
 213         "CMP     R0, #0\n"
 214         "BNE     loc_FF81CCFC\n"
 215         "MOV     R0, #0x44\n"
 216         "STR     R0, [R4,#0x4C]\n"
 217 
 218 "loc_FF81CCF8:\n" //                               ; CODE XREF: taskcreate_Startup:loc_FF81CCF8j
 219         "B       loc_FF81CCF8\n"
 220 
 221 "loc_FF81CCFC:\n" //                               ; CODE XREF: taskcreate_Startup+10j
 222 //        "BL      sub_FF821C08\n"  // Removed for correct power-on
 223         "BL      sub_FF821C04\n"
 224         "BL      sub_FF828278\n"
 225         "LDR     R1, =0x2CE000\n"
 226         "MOV     R0, #0\n"
 227         "BL      sub_FF8284C0\n"
 228         "BL      sub_FF82846C\n"
 229         "MOV     R3, #0\n"
 230         "STR     R3, [SP,#0x10-0x10]\n"
 231         "LDR     R3, =task_Startup_my\n" //task_Startup
 232         "MOV     R2, #0\n"
 233         "MOV     R1, #0x19\n"
 234         "LDR     R0, =0xFF81CD44\n"   // ; "Startup"\n"
 235         "BL      sub_FF81B818\n"
 236         "MOV     R0, #0\n"
 237         //"LDMFD   SP!, {R3-R5,PC}\n"
 238         "LDMFD   SP!, {ip, pc}\n"
 239                 );
 240 }; //#fe
 241 
 242 // Extracted method: task_Startup (FF81CC60)
 243 void __attribute__((naked,noinline)) task_Startup_my() { //#fs 
 244         asm volatile (
 245         "STMFD   SP!, {R4,LR}\n"
 246         "BL      sub_FF81516C\n" // clockSave
 247         "BL      sub_FF822D60\n"
 248         "BL      sub_FF81FE00\n"
 249         //"BL      sub_FF829F30\n"                      // hl??
 250         "BL      sub_FF82A0F8\n"
 251         //"BL      sub_FF829FB8\n" // StartDiskBoot
 252         );
 253 
 254                 CreateTask_spytask();
 255 
 256         asm volatile (
 257         "BL      sub_FF82A2AC\n"
 258         "BL      sub_FF82A148\n" // good question.... equiv of touch_wheel.c ?
 259         "BL      sub_FF8277B8\n"
 260         "BL      sub_FF82A2B0\n"
 261                 );
 262 
 263 //              CreateTask_PhySw();
 264 
 265                 asm volatile (
 266         "BL      sub_FF821B10\n" // taskcreate_PhySw
 267         "BL      sub_FF824CC8\n" // task_ShootSeqTask
 268         "BL      sub_FF82A2C8\n"
 269         //"BL      sub_FF81FB20\n" // nullsub_2
 270         "BL      sub_FF820FCC\n"
 271         "BL      sub_FF829CB8\n" // taskcreate_Bye
 272         "BL      sub_FF821640\n"
 273         "BL      sub_FF820EBC\n" // taskcreate_TempCheck\n"
 274         "BL      sub_FF82AD6C\n"
 275         "BL      sub_FF820E78\n"
 276         //"LDMFD   SP!, {R4,LR}\n"
 277         "BL       sub_FF815070\n"
 278                 "LDMFD   SP!, {R4,PC}\n"
 279         );
 280 }; //#fe
 281 
 282 void CreateTask_spytask() { //#fs 
 283     _CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
 284 }; //#fe
 285 
 286 //void CreateTask_PhySw() { //#fs 
 287 //    _CreateTask("PhySw", 0x18, 0x800, mykbd_task, 0);
 288 //}; //#fe
 289 
 290 
 291 // -----------------
 292 // SDHC-Boot-Support
 293 // -----------------
 294 
 295 // 0xFF8791d0
 296 void __attribute__((naked,noinline)) init_file_modules_task() { //#fs  
 297         asm volatile (
 298         "STMFD   SP!, {R4-R6,LR}\n"
 299         "BL      sub_FF86DAE8\n"
 300         "LDR     R5, =0x5006\n"
 301         "MOVS    R4, R0\n"
 302         "MOVNE   R1, #0\n"
 303         "MOVNE   R0, R5\n"
 304         "BLNE    _PostLogicalEventToUI\n"
 305         "BL      sub_FF86DB14_my\n"
 306         "BL      core_spytask_can_start\n"  // CHDK: Set "it's-safe-to-start" -flag for spytask
 307         "CMP     R4, #0\n"
 308         "MOVEQ   R0, R5\n"
 309         "LDMEQFD SP!, {R4-R6,LR}\n"
 310         "MOVEQ   R1, #0\n"
 311         "BEQ     _PostLogicalEventToUI\n"
 312         "LDMFD   SP!, {R4-R6,PC}\n"
 313         );
 314 }; //#fe
 315 
 316 void __attribute__((naked,noinline)) sub_FF86DB14_my() { //#fs  
 317         asm volatile (
 318         "STMFD   SP!, {R4,LR}\n"
 319         "BL      sub_FF84F174_my\n"  // continue to SDHC-hook here
 320         "LDR     R4, =0x57D0\n"
 321         "LDR     R0, [R4,#4]\n"
 322         "CMP     R0, #0\n"
 323         "BNE     loc_FF86DB44\n"
 324         "BL      sub_FF881C08\n"
 325         "BL      sub_FF9055FC\n"
 326         "BL      sub_FF881C08\n"
 327         "BL      sub_FF84CB64\n"
 328         "BL      sub_FF881C18\n"
 329         "BL      sub_FF9056C8\n"
 330 
 331 "loc_FF86DB44:\n" //                            ; CODE XREF: sub_FF86DB14+14j
 332         "MOV     R0, #1\n"
 333         "STR     R0, [R4]\n"
 334         "LDMFD   SP!, {R4,PC}\n"
 335         );
 336 }; //#fe
 337 
 338 void __attribute__((naked,noinline)) sub_FF84F174_my() { //#fs  
 339         asm volatile (
 340         "STMFD   SP!, {R4-R6,LR}\n"
 341         "MOV     R6, #0\n"
 342         "MOV     R0, R6\n"
 343         "BL      sub_FF84EC34\n"
 344         "LDR     R4, =0x11890\n"
 345         "MOV     R5, #0\n"
 346         "LDR     R0, [R4,#0x38]\n"
 347         "BL      sub_FF84F668\n"
 348         "CMP     R0, #0\n"
 349         "LDREQ   R0, =0x29D4\n"
 350         "STREQ   R5, [R0,#0x10]\n"
 351         "STREQ   R5, [R0,#0x14]\n"
 352         "STREQ   R5, [R0,#0x18]\n"
 353         "MOV     R0, R6\n"
 354         "BL      sub_FF84EC74\n" //uMounter (u=unknown, just to prevent misunderstandings)
 355         "MOV     R0, R6\n"
 356         "BL      sub_FF84EFB0_my\n" // continue to SDHC-hook here!
 357         "MOV     R5, R0\n"
 358         "MOV     R0, R6\n"
 359         "BL      sub_FF84F01C\n"
 360         "LDR     R1, [R4,#0x3C]\n"
 361         "AND     R2, R5, R0\n"
 362         "CMP     R1, #0\n"
 363         "MOV     R0, #0\n"
 364         "MOVEQ   R0, #0x80000001\n"
 365         "BEQ     loc_FF84F208\n"
 366         "LDR     R3, [R4,#0x2C]\n"
 367         "CMP     R3, #2\n"
 368         "MOVEQ   R0, #4\n"
 369         "CMP     R1, #5\n"
 370         "ORRNE   R0, R0, #1\n"
 371         "BICEQ   R0, R0, #1\n"
 372         "CMP     R2, #0\n"
 373         "BICEQ   R0, R0, #2\n"
 374         "ORREQ   R0, R0, #0x80000000\n"
 375         "BICNE   R0, R0, #0x80000000\n"
 376         "ORRNE   R0, R0, #2\n"
 377 
 378 "loc_FF84F208:\n" //                            ; CODE XREF: sub_FF84F174+64j
 379         "STR     R0, [R4,#0x40]\n"
 380         "LDMFD   SP!, {R4-R6,PC}\n"
 381         );
 382 }; //#fe
 383 
 384 void __attribute__((naked,noinline)) sub_FF84EFB0_my() { //#fs  
 385         asm volatile (
 386         "STMFD   SP!, {R4-R6,LR}\n"
 387         "LDR     R5, =0x29D4\n"
 388         "MOV     R6, R0\n"
 389         "LDR     R0, [R5,#0x14]\n"
 390         "CMP     R0, #0\n"
 391         "MOVNE   R0, #1\n"
 392         "LDMNEFD SP!, {R4-R6,PC}\n"
 393         "MOV     R0, #0x17\n"
 394         "MUL     R1, R0, R6\n"
 395         "LDR     R0, =0x11890\n"
 396         "ADD     R4, R0, R1,LSL#2\n"
 397         "LDR     R0, [R4,#0x38]\n"
 398         "MOV     R1, R6\n"
 399         "BL      sub_FF84ED40_my\n" //continue to SDHC-hook here
 400         "CMP     R0, #0\n"
 401         "LDMEQFD SP!, {R4-R6,PC}\n"
 402         "LDR     R0, [R4,#0x38]\n"
 403         "MOV     R1, R6\n"
 404         "BL      sub_FF84EEA8\n"
 405         "CMP     R0, #0\n"
 406         "LDMEQFD SP!, {R4-R6,PC}\n"
 407         "MOV     R0, R6\n"
 408         "BL      sub_FF84E83C\n"
 409         "CMP     R0, #0\n"
 410         "MOVNE   R1, #1\n"
 411         "STRNE   R1, [R5,#0x14]\n"
 412         "LDMFD   SP!, {R4-R6,PC}\n"
 413         );
 414 }; //#fe
 415 
 416 
 417 
 418 void __attribute__((naked,noinline)) sub_FF84ED40_my() { //#fs  ; Partition t
 419         asm volatile (
 420         "STMFD   SP!, {R4-R8,LR}\n"
 421         "MOV     R8, R0\n"
 422         "MOV     R0, #0x17\n"
 423         "MUL     R1, R0, R1\n"
 424         "LDR     R0, =0x11890\n"
 425         "MOV     R6, #0\n"
 426         "ADD     R7, R0, R1,LSL#2\n"
 427         "LDR     R0, [R7,#0x3C]\n"
 428         "MOV     R5, #0\n"
 429         "CMP     R0, #6\n"
 430         "ADDLS   PC, PC, R0,LSL#2\n"
 431         "B       loc_FF84EE8C\n"
 432  
 433 
 434 "loc_FF84ED70:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 435         "B       loc_FF84EDA4\n"
 436  
 437 
 438 "loc_FF84ED74:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 439         "B       loc_FF84ED8C\n"
 440  
 441 
 442 "loc_FF84ED78:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 443         "B       loc_FF84ED8C\n"
 444  
 445 
 446 "loc_FF84ED7C:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 447         "B       loc_FF84ED8C\n"
 448  
 449 
 450 "loc_FF84ED80:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 451         "B       loc_FF84ED8C\n"
 452  
 453 
 454 "loc_FF84ED84:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 455         "B       loc_FF84EE84\n"
 456  
 457 
 458 "loc_FF84ED88:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 459         "B       loc_FF84ED8C\n"
 460 
 461 "loc_FF84ED8C:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 462 
 463 
 464         "MOV     R2, #0\n"
 465         "MOV     R1, #0x200\n"
 466         "MOV     R0, #3\n"
 467         "BL      sub_FF867C94\n"
 468         "MOVS    R4, R0\n"
 469         "BNE     loc_FF84EDAC\n"
 470 
 471 "loc_FF84EDA4:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 472 
 473 
 474         "MOV     R0, #0\n"
 475         "LDMFD   SP!, {R4-R8,PC}\n"
 476  
 477 
 478 "loc_FF84EDAC:\n" //                            ; CODE XREF: sub_FF84ED40+60j
 479         "LDR     R12, [R7,#0x4C]\n"
 480         "MOV     R3, R4\n"
 481         "MOV     R2, #1\n"
 482         "MOV     R1, #0\n"
 483         "MOV     R0, R8\n"
 484         //"BLX     R12 //\n"
 485         "MOV     LR, PC\n"
 486         "MOV     PC, R12\n"
 487         "CMP     R0, #1\n"
 488         "BNE     loc_FF84EDD8\n"
 489         "MOV     R0, #3\n"
 490         "BL      sub_FF867DD4\n"
 491         "B       loc_FF84EDA4\n"
 492  
 493 
 494 "loc_FF84EDD8:\n" //                            ; CODE XREF: sub_FF84ED40+88j
 495         "MOV     R0, R8\n"
 496         "BL      sub_FF922E24\n"
 497         
 498                   "MOV   R1, R4\n"           //  pointer to MBR in R1
 499                   "BL    mbr_read_dryos\n"   //  total sectors count in R0 before and after call
 500 
 501         // Start of DataGhost's FAT32 autodetection code
 502         // Policy: If there is a partition which has type W95 FAT32, use the first one of those for image storage
 503         // According to the code below, we can use R1, R2, R3 and R12.
 504         // LR wasn't really used anywhere but for storing a part of the partition signature. This is the only thing
 505         // that won't work with an offset, but since we can load from LR+offset into LR, we can use this to do that :)
 506         "MOV     R12, R4\n"                    // Copy the MBR start address so we have something to work with
 507         "MOV     LR, R4\n"                     // Save old offset for MBR signature
 508         "MOV     R1, #1\n"                     // Note the current partition number
 509         "B       dg_sd_fat32_enter\n"          // We actually need to check the first partition as well, no increments yet!
 510    "dg_sd_fat32:\n"
 511         "CMP     R1, #4\n"                     // Did we already see the 4th partition?
 512         "BEQ     dg_sd_fat32_end\n"            // Yes, break. We didn't find anything, so don't change anything.
 513         "ADD     R12, R12, #0x10\n"            // Second partition
 514         "ADD     R1, R1, #1\n"                 // Second partition for the loop
 515    "dg_sd_fat32_enter:\n"
 516         "LDRB    R2, [R12, #0x1BE]\n"          // Partition status
 517         "LDRB    R3, [R12, #0x1C2]\n"          // Partition type (FAT32 = 0xB)
 518         "CMP     R3, #0xB\n"                   // Is this a FAT32 partition?
 519                 "CMPNE   R3, #0xC\n"                   // Not 0xB, is it 0xC (FAT32 LBA) then?
 520         "BNE     dg_sd_fat32\n"                // No, it isn't.
 521         "CMP     R2, #0x00\n"                  // It is, check the validity of the partition type
 522         "CMPNE   R2, #0x80\n"
 523         "BNE     dg_sd_fat32\n"                // Invalid, go to next partition
 524                                                // This partition is valid, it's the first one, bingo!
 525         "MOV     R4, R12\n"                    // Move the new MBR offset for the partition detection.
 526         
 527    "dg_sd_fat32_end:\n"
 528         // End of DataGhost's FAT32 autodetection code             
 529         "LDRB    R1, [R4,#0x1C9]\n"
 530         "LDRB    R3, [R4,#0x1C8]\n"
 531         "LDRB    R12, [R4,#0x1CC]\n"
 532         "MOV     R1, R1,LSL#24\n"
 533         "ORR     R1, R1, R3,LSL#16\n"
 534         "LDRB    R3, [R4,#0x1C7]\n"
 535         "LDRB    R2, [R4,#0x1BE]\n"
 536         //"LDRB    LR, [R4,#0x1FF]\n"
 537         "ORR     R1, R1, R3,LSL#8\n"
 538         "LDRB    R3, [R4,#0x1C6]\n"
 539         "CMP     R2, #0\n"
 540         "CMPNE   R2, #0x80\n"
 541         "ORR     R1, R1, R3\n"
 542         "LDRB    R3, [R4,#0x1CD]\n"
 543         "MOV     R3, R3,LSL#24\n"
 544         "ORR     R3, R3, R12,LSL#16\n"
 545         "LDRB    R12, [R4,#0x1CB]\n"
 546         "ORR     R3, R3, R12,LSL#8\n"
 547         "LDRB    R12, [R4,#0x1CA]\n"
 548         "ORR     R3, R3, R12\n"
 549         //"LDRB    R12, [R4,#0x1FE]\n"
 550 
 551         "LDRB    R12, [LR,#0x1FE]\n"
 552         "LDRB    LR, [LR,#0x1FF]\n"
 553 
 554         "MOV     R4, #0\n"
 555         "BNE     loc_FF84EE60\n"
 556         "CMP     R0, R1\n"
 557         "BCC     loc_FF84EE60\n"
 558         "ADD     R2, R1, R3\n"
 559         "CMP     R2, R0\n"
 560         "CMPLS   R12, #0x55\n"
 561         "CMPEQ   LR, #0xAA\n"
 562         "MOVEQ   R6, R1\n"
 563         "MOVEQ   R5, R3\n"
 564         "MOVEQ   R4, #1\n"
 565 
 566 "loc_FF84EE60:\n" //                            ; CODE XREF: sub_FF84ED40+F8j
 567 
 568         "MOV     R0, #3\n"
 569         "BL      sub_FF867DD4\n"
 570         "CMP     R4, #0\n"
 571         "BNE     loc_FF84EE98\n"
 572         "MOV     R6, #0\n"
 573         "MOV     R0, R8\n"
 574         "BL      sub_FF922E24\n"
 575         "MOV     R5, R0\n"
 576         "B       loc_FF84EE98\n"
 577  
 578 
 579 "loc_FF84EE84:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 580 
 581 
 582         "MOV     R5, #0x40\n"
 583         "B       loc_FF84EE98\n"
 584  
 585 
 586 "loc_FF84EE8C:\n" //                            ; CODE XREF: sub_FF84ED40+28j
 587 
 588 
 589         "MOV     R1, #0x374\n"
 590         "LDR     R0, =0xFF84ED34\n" // aMounter_c  ; "Mounter.c"\n"
 591         "BL      _DebugAssert\n"
 592 
 593 "loc_FF84EE98:\n" //                            ; CODE XREF: sub_FF84ED40+12Cj
 594 
 595         "STR     R6, [R7,#0x44]!\n"
 596         "MOV     R0, #1\n"
 597         "STR     R5, [R7,#4]\n"
 598         "LDMFD   SP!, {R4-R8,PC}\n"
 599 
 600         );
 601 }; //#fe
 602 
 603 // Extracted method: sub_FF842A44 + 240
 604 // Extracted method: sub_FF842C84
 605 void __attribute__((naked,noinline)) jogdial_task_my()
 606 {
 607         asm volatile (
 608                 "STMFD   SP!, {R3-R11,LR}\n"
 609                 "BL      sub_FF842e34\n" // LOCATION: JogDial.c:14
 610                 "LDR     R11, =0x80000B01\n"
 611                 "LDR     R8, =0xffab07d0\n"             // HL
 612                 "LDR     R7, =0xC0240000\n"             // HL
 613                 "LDR     R6, =0x22A0\n"                         // HL
 614                 "MOV     R9, #1\n"
 615                 "MOV     R10, #0\n"
 616 
 617                 "loc_FF842CA4:\n"
 618                 "LDR     R3, =0x1A1\n"                  // HL
 619                 "LDR     R0, [R6,#0xC]\n"
 620                 "LDR     R2, =0xFF842EDC\n" // HL?, "JogDial.c"
 621                 "MOV     R1, #0\n"
 622                 "BL      sub_FF81BBD8\n"                        // HL
 623                 //"MOV     R0, #40\n"
 624                 "MOV     R0, #40\n" // +
 625                 "BL      _SleepTask\n" // LOCATION: KerSys.c:0
 626 
 627                 //------------------  added code ---------------------
 628                 "labelA:\n"
 629                 "LDR     R0, =jogdial_stopped\n"
 630                 "LDR     R0, [R0]\n"
 631                 "CMP     R0, #1\n"
 632                 "BNE     labelB\n"
 633                 "MOV     R0, #40\n"
 634                 "BL      _SleepTask\n"
 635                 "B       labelA\n"
 636                 "labelB:\n"
 637                 //------------------  original code ------------------
 638 
 639                 "LDR     R0, [R7,#0x104]\n"
 640                 "MOV     R0, R0,ASR#16\n"
 641                 "STRH    R0, [R6]\n"
 642                 "LDRSH   R2, [R6,#2]\n"
 643                 "SUB     R1, R0, R2\n"
 644                 "CMP     R1, #0\n"
 645                 "BEQ     loc_FF842D68\n"
 646                 "MOV     R5, R1\n"
 647                 "RSBLT   R5, R5, #0\n"
 648                 "MOVLE   R4, #0\n"
 649                 "MOVGT   R4, #1\n"
 650                 "CMP     R5, #0xFF\n"
 651                 "BLS     loc_FF842D1C\n"
 652                 "CMP     R1, #0\n"
 653                 "RSBLE   R1, R2, #0xFF\n"
 654                 "ADDLE   R1, R1, #0x7F00\n"
 655                 "ADDLE   R0, R1, R0\n"
 656                 "RSBGT   R0, R0, #0xFF\n"
 657                 "ADDGT   R0, R0, #0x7F00\n"
 658                 "ADDGT   R0, R0, R2\n"
 659                 "ADD     R5, R0, #0x8000\n"
 660                 "ADD     R5, R5, #1\n"
 661                 "EOR     R4, R4, #1\n"
 662 
 663                 "loc_FF842D1C:\n"
 664                 "LDR     R0, [R6,#0x14]\n"
 665                 "CMP     R0, #0\n"
 666                 "BEQ     loc_FF842D60\n"
 667                 "LDR     R0, [R6,#0x1C]\n"
 668                 "CMP     R0, #0\n"
 669                 "BEQ     loc_FF842D48\n"
 670                 "LDR     R1, [R8,R4,LSL#2]\n"
 671                 "CMP     R1, R0\n"
 672                 "BEQ     loc_FF842D50\n"
 673                 "LDR     R0, =0xB01\n"
 674                 "BL      sub_FF875370\n"
 675 
 676                 "loc_FF842D48:\n"
 677                 "MOV     R0, R11\n"
 678                 "BL      sub_FF875370\n"
 679 
 680                 "loc_FF842D50:\n"
 681                 "LDR     R0, [R8,R4,LSL#2]\n"
 682                 "MOV     R1, R5\n"
 683                 "STR     R0, [R6,#0x1C]\n"
 684                 "BL      sub_FF8752b8\n"
 685 
 686                 "loc_FF842D60:\n"
 687                 "LDRH    R0, [R6]\n"
 688                 "STRH    R0, [R6,#2]\n"
 689 
 690                 "loc_FF842D68:\n"
 691                 "STR     R10, [R7,#0x100]\n"
 692                 "STR     R9, [R7,#0x108]\n"
 693                 "LDR     R0, [R6,#0x10]\n"
 694                 "CMP     R0, #0\n"
 695                 "BLNE    _SleepTask\n" // LOCATION: KerSys.c:0
 696                 "B       loc_FF842CA4\n"
 697                 );
 698 }
/* [<][>][^][v][top][bottom][index][help] */