Assembla home | Assembla project page

My Start Page

Context Navigation

source: trunk/platform/g9/sub/100d/boot.c @ 634

Revision 634, 63.8 KB checked in by reyalp, 4 years ago (diff)

+ allow user to override location of PRIMARY.BIN files. Set PRIMARY_ROOT to a tree that mirrors what is under platform, either on the make command line or in buildconf.inc

use automatic MEMISOSIZE on some new ports that didn't have it: g9, sd30, sd300/100j
clean up old commented MEMISOSIZE stuff

Property svn:eol-style set to native

Line
1	#include "lolevel.h"
2	#include "platform.h"
3	#include "core.h"
4	#include "stdlib.h"
5
6	//extern void draw_txt_string(int col, int row, const char *str, color cl);
7
8	const char * const new_sa = &_end;
9
10	/* Ours stuff */
11	extern long wrs_kernel_bss_start;
12	extern long wrs_kernel_bss_end;
13
14	// Forward declarations
15	void CreateTask_PhySw();
16	void CreateTask_spytask();
17
18
19	void CreateTask_blinker();
20	void task_blinker();
21	void dump_chdk();
22
23
24	void boot();
25
26
27	#define DPs (void*)0xC022006C // direct-print (blue)
28	#define LED_AF (void*)0xC0220094 //LED_AF
29	#define LED_ISO (void*)0xC02200B0 //LED_ISO
30	#define LED_PWR (void*)0xC0220068 //LED_PWR
31	#define LED_BLUE (void*)0xC022006C //LED_BLUE
32	#define DELAYs 3000000
33
34	void debug_my_blink_green()
35	{
36	volatile long p = (void)LED_AF; // turned off later, so assumed to be power
37	int counter;
38
39	// DEBUG: blink led
40	counter = DELAYs; *p = 0x46;
41	while (counter--) { asm("nop\n nop\n"); };
42	counter = DELAYs; *p = 0x44;
43	while (counter--) { asm("nop\n nop\n"); };
44	}
45
46	void debug_my_pause()
47	{
48	int counter;
49
50	// DEBUG: blink led
51	counter = DELAYs;
52	while (counter--) { asm("nop\n nop\n"); };
53	counter = DELAYs;
54	while (counter--) { asm("nop\n nop\n"); };
55	}
56
57	void debug_my_blink_blue()
58	{
59	volatile long p = (void)LED_BLUE; // turned off later, so assumed to be power
60	int counter;
61
62	// DEBUG: blink led
63	counter = DELAYs; *p = 0x46;
64	while (counter--) { asm("nop\n nop\n"); };
65	counter = DELAYs; *p = 0x44;
66	while (counter--) { asm("nop\n nop\n"); };
67	}
68
69
70
71
72	#define DP (void*)0xC0220068 // led_pwr DEBUG
73
74	#define DEBUG_LED 0xC022006C //ok //used iso blue, was 0xc02200C4 +++
75
76
77	#define DELAY 5000000 // DEBUG
78
79	void boot() { //#fs
80
81
82	long canon_data_src = (void)0xFFB2E384; // OK //canon_data_src!!! @FF810130
83	long canon_data_dst = (void)0x1900; // OK //MEMBASEADDR @FF810134
84	long canon_data_len = 0x140E4- 0x1900; // data_end - data_start
85	long canon_bss_start = (void)0x140e4; // just after data // OK //@FF810138
86	long canon_bss_len = 0xb0b68 - 0x140e4; // MEMISOSTART -
87
88	long i;
89
90
91	// Code taken from VxWorks CHDK. Changes CPU speed?
92	asm volatile (
93	"MRC p15, 0, R0,c1,c0\n"
94	"ORR R0, R0, #0x1000\n"
95	"ORR R0, R0, #4\n"
96	"ORR R0, R0, #1\n"
97	"MCR p15, 0, R0,c1,c0\n"
98	:::"r0");
99
100	for(i=0;i<canon_data_len/4;i++)
101	canon_data_dst[i]=canon_data_src[i];
102
103	for(i=0;i<canon_bss_len/4;i++)
104	canon_bss_start[i]=0;
105
106	/*
107	asm volatile (
108	"MRC p15, 0, R0,c1,c0\n"
109	"ORR R0, R0, #0x1000\n"
110	"BIC R0, R0, #4\n"
111	"ORR R0, R0, #1\n"
112	"MCR p15, 0, R0,c1,c0\n"
113	:::"r0");
114	*/
115
116	// jump to init-sequence that follows the data-copy-routine
117
118
119	asm volatile ("B sub_FF8101a4_my\n");
120	//asm volatile ("B sub_FF8101a4\n");
121
122	}; //#fe
123
124
125	// init //OK
126	void __attribute__((naked,noinline)) sub_FF8101a4_my() { //#fs OK
127
128
129	asm volatile (
130	"LDR R0, =0xFF81021C\n"
131	"MOV R1, #0\n"
132	"LDR R3, =0xFF810254\n"
133	"loc_FF8101B0:\n"
134	"CMP R0, R3\n"
135	"LDRCC R2, [R0],#4\n"
136	"STRCC R2, [R1],#4\n"
137	"BCC loc_FF8101B0\n"
138	"LDR R0, =0xFF810254\n"
139	"MOV R1, #0x4B0\n"
140	"LDR R3, =0xFF810468\n"
141	"loc_FF8101CC:\n"
142	"CMP R0, R3\n"
143	"LDRCC R2, [R0],#4\n"
144	"STRCC R2, [R1],#4\n"
145	"BCC loc_FF8101CC\n"
146	"MOV R0, #0xD2\n"
147	"MSR CPSR_cxsf, R0\n"
148	"MOV SP, #0x1000\n"
149	"MOV R0, #0xD3\n"
150	"MSR CPSR_cxsf, R0\n"
151	"MOV SP, #0x1000\n"
152	"LDR R0, =0x6C4\n"
153	"LDR R2, =0xEEEEEEEE\n"
154	"MOV R3, #0x1000\n"
155	"loc_FF810200:\n"
156	"CMP R0, R3\n"
157	"STRCC R2, [R0],#4\n"
158	"BCC loc_FF810200\n"
159	"BL sub_FF810FB8_my\n"
160	);
161
162	}; //#fe
163
164
165	//OK
166	void __attribute__((naked,noinline)) sub_FF810FB8_my() { //#fs OK h_usrKernelInit
167
168
169	asm volatile (
170	"STR LR, [SP,#-4]!\n"
171	"SUB SP, SP, #0x74\n"
172	"MOV R0, SP\n"
173	"MOV R1, #0x74\n"
174	"BL sub_FFABD388\n"
175	"MOV R0, #0x53000\n"
176	"STR R0, [SP,#0x74-0x70]\n"
177
178	);
179	//"LDR R0, =0xB0B68"
180	asm volatile (
181	"LDR R0, =new_sa\n"
182	"LDR R0, [R0]\n"
183	);
184	asm volatile (
185	"LDR R2, =0x2ABC00\n"
186	"LDR R1, =0x2A4968\n"
187	"STR R0, [SP,#0x74-0x6C]\n"
188	"SUB R0, R1, R0\n"
189	"ADD R3, SP, #0x74-0x68\n"
190	"STR R2, [SP,#0x74-0x74]\n"
191	"STMIA R3, {R0-R2}\n"
192	"MOV R0, #0x22\n"
193	"STR R0, [SP,#0x74-0x5C]\n"
194	"MOV R0, #0x68\n"
195	"STR R0, [SP,#0x74-0x58]\n"
196	"LDR R0, =0x19B\n"
197	"MOV R1, #0x64\n"
198	//"STRD R0, [SP,#0x74-0x54]\n" // "strd not supported by cpu" claims gcc
199	"STR R0, [SP,#0x74-0x54]\n" // split in two single-word STRs
200	"STR R1, [SP,#0x74-0x50]\n"
201	"MOV R0, #0x78\n"
202	//"STRD R0, [SP,#0x74-0x4C]\n" // "strd not supported by cpu" claims gcc
203	"STR R0, [SP,#0x74-0x4C]\n" // split in two single-word STRs
204	"STR R1, [SP,#0x74-0x48]\n"
205	"MOV R0, #0\n"
206	"STR R0, [SP,#0x74-0x44]\n"
207	"STR R0, [SP,#0x74-0x40]\n"
208	"MOV R0, #0x10\n"
209	"STR R0, [SP,#0x74-0x18]\n"
210	"MOV R0, #0x800\n"
211	"STR R0, [SP,#0x74-0x14]\n"
212	"MOV R0, #0xA0\n"
213	"STR R0, [SP,#0x74-0x10]\n"
214	"MOV R0, #0x280\n"
215	"STR R0, [SP,#0x74-0xC]\n"
216	//"LDR R1, =0xFF814DBC\n"
217	"LDR R1, =uHwSetup_my\n" //<---------------------------------------chdk
218	"MOV R0, SP\n"
219	"MOV R2, #0\n"
220	"BL sub_FF812D70\n"
221	"ADD SP, SP, #0x74\n"
222	"LDR PC, [SP],#4\n"
223	);
224
225	}; //#fe
226
227
228	//OK
229	void __attribute__((naked,noinline)) uHwSetup_my() { //#fs FF814DBC
230
231	asm volatile (
232	//debug ok
233
234	"STMFD SP!, {R4,LR}\n"
235	"BL sub_FF81095C\n"
236	"BL sub_FF819948\n"
237	"CMP R0, #0\n"
238	"LDRLT R0, =0xFF814ED0\n"
239	"BLLT sub_FF814EB0\n"
240	"BL sub_FF8149E0\n" // _termDriverInit
241	"CMP R0, #0\n"
242	"LDRLT R0, =0xFF814ED8\n" // aTermdriverinit
243	"BLLT sub_FF814EB0\n"
244	"LDR R0, =0xFF814EE8\n" // a_term
245
246	"BL sub_FF814ACC\n" // _termDeviceCreate
247	"CMP R0, #0\n"
248	"LDRLT R0, =0xFF814EF0\n" // aTermdevicecrea
249	"BLLT sub_FF814EB0\n"
250	"LDR R0, =0xFF814EE8\n" // a_term
251	"BL sub_FF81357C\n" // _stdioSetup
252	"CMP R0, #0\n"
253	"LDRLT R0, =0xFF814F04\n" // aStdiosetup
254	"BLLT sub_FF814EB0\n"
255	"BL sub_FF8194D0\n" // _stdlibSetup
256	"CMP R0, #0\n"
257	"LDRLT R0, =0xFF814F10\n" // aStdlibsetup
258	"BLLT sub_FF814EB0\n"
259	"BL sub_FF8114D0\n" // _armlib_setup
260	"CMP R0, #0\n"
261	"LDRLT R0, =0xFF814F1C\n" // aArmlib_setup
262	"BLLT sub_FF814EB0\n" // _err_init_task
263	"LDMFD SP!, {R4,LR}\n"
264	"B CreateTask_Startup_my\n" //<---------------------------------------chdk
265
266	);
267	}; //#fe
268
269
270	//OK
271	void __attribute__((naked,noinline)) CreateTask_Startup_my() { //#fs FF81DC0C
272
273	asm volatile (
274	"STMFD SP!, {R3,LR}\n"
275	//"BL nullsub_3\n"
276	"BL sub_FF82C8FC\n"
277	"CMP R0, #0\n"
278	"BNE loc_FF81DC4C\n"
279	"BL sub_FF824568\n"
280	"CMP R0, #0\n"
281	"LDREQ R2, =0xC0220000\n"
282	"LDREQ R0, [R2,#0xC0]\n"
283	"LDREQ R1, [R2,#0xC4]\n"
284	"ORREQ R0, R0, R1\n"
285	"TSTEQ R0, #1\n"
286	"BNE loc_FF81DC4C\n"
287	"MOV R0, #0x44\n"
288	"STR R0, [R2,#0x4C]\n"
289	"loc_FF81DC48:\n"
290	"B loc_FF81DC48\n"
291	"loc_FF81DC4C:\n"
292	"BL sub_FF822E10\n"
293	//"BL nullsub_4\n"
294	"BL sub_FF82A488\n"
295	"MOV R1, #0x300000\n"
296	"MOV R0, #0\n"
297	"BL sub_FF82A6D0\n"
298	"BL sub_FF82A67C\n"
299	"MOV R3, #0\n"
300	"STR R3, [SP,#8-0x08]\n"
301	"LDR R3, =task_Startup_my\n" // originally FF81DBB0 <---------------------------------------chdk
302	"MOV R2, #0\n"
303	"MOV R1, #0x19\n"
304	"LDR R0, =0xFF81DC90\n" //"Startup"
305	"BL sub_FF81BAF0\n"
306	"MOV R0, #0\n"
307	"LDMFD SP!, {R12,PC}\n"
308	);
309
310	//OK
311	}; //#fe
312
313
314
315
316
317	//OK
318	void __attribute__((naked,noinline)) task_Startup_my() { //#fs originally FF81DBB0
319
320	asm volatile (
321	"STMFD SP!, {R4,LR}\n"
322	"BL sub_FF81517C\n"
323	"BL sub_FF823FA0\n"
324	"BL sub_FF820E60\n"
325	//"BL j_nullsub_177\n"
326	"BL sub_FF82CADC\n"
327	//"BL sub_FF82C9C4\n" // skip diskboot
328	);
329	CreateTask_spytask(); // <------------
330	asm volatile (
331	"BL sub_FF82CCA4\n"
332	"BL sub_FF82CB2C\n"
333	"BL sub_FF8299CC\n"
334	"BL sub_FF82CCA8\n"
335	);
336	CreateTask_PhySw(); //<---------------
337	asm volatile (
338	//"BL sub_FF822DA8\n" // (taskcreate_PhySw)
339	//"BL sub_FF82629C\n"
340	"BL sub_FF82629C_my\n" // divert to intercept task_ShootSeqTask------------------------------>
341	"BL sub_FF82CCC0\n"
342	//"BL nullsub_2\n"
343	"BL sub_FF822130\n"
344	"BL sub_FF82C6A8\n" // taskcreate_Bye\n"
345	"BL sub_FF8228D4\n"
346	"BL sub_FF82203C\n" // taskcreate_TempCheck\n"
347	//"BL sub_FF82D720\n"
348	"BL sub_FF82D720_my\n" // divert for SDHC-bootdisk-support<---------------------------------
349	"BL sub_FF821FF8\n"
350	"LDMFD SP!, {R4,LR}\n"
351	"B sub_FF815088\n"
352	);
353
354	}; //#fe
355
356
357	void CreateTask_spytask() { //#fs
358	_CreateTask("SpyTask", 0x19, 0x2000, core_spytask, 0);
359
360	}; //#fe
361
362	void CreateTask_PhySw() { //#fs
363	_CreateTask("PhySw", 0x18, 0x800, mykbd_task, 0);
364	asm volatile (
365	"BL sub_FF84962C\n" //taskcreate_JogDial
366	);
367	}; //#fe
368
369
370	//OK
371	void __attribute__((naked,noinline)) sub_FF82629C_my() { //#fs
372
373	asm volatile (
374	"STMFD SP!, {R4,LR}\n"
375	"LDR R4, =0x1D38\n"
376	"MOV R0, #0\n"
377	"MOV R1, #4\n"
378	"STR R0, [R4,#0xC]\n"
379	"BL sub_FF81BE20\n"
380	"STR R0, [R4,#4]\n"
381	"MOV R0, #0\n"
382	"MOV R1, #1\n"
383	"BL sub_FF81BE44\n"
384	"STR R0, [R4,#8]\n"
385	"BL sub_FF864A14\n"
386	"BL sub_FF86383C\n"
387	"BL sub_FF8601A0_my\n" // divert this for ShootSeqTask <------------------
388	"BL sub_FF864CFC\n"
389	"LDR R0, [R4,#4]\n"
390	"LDMFD SP!, {R4,LR}\n"
391	"MOV R1, #0x1000\n"
392	"B sub_FF829D2C\n"
393	);
394	}; //#fe
395	//OK
396	void __attribute__((naked,noinline)) sub_FF8601A0_my() { //#fs
397
398	asm volatile (
399	"STMFD SP!, {R4,LR}\n"
400	"LDR R4, =0x57EC\n"
401	"LDR R0, [R4,#8]\n"
402	"CMP R0, #0\n"
403	"BNE loc_FF86020C\n"
404	//"BL nullsub_30\n"
405	"MOV R1, #1\n"
406	"MOV R0, #0\n"
407	"BL sub_FF81BE44\n"
408	"STR R0, [R4,#0x20]\n"
409	"MOV R0, #0\n"
410	"MOV R1, #0\n"
411	"BL sub_FF81BE20\n"
412	"STR R0,[R4,#0x24]\n"
413	"BL sub_FF860584\n"
414	"BL sub_FF860370\n"
415	"MOV R0, #0\n"
416	"STR R0, [R4,#0x1C]\n"
417	"ADD R0, R4, #0x28\n"
418	"MOV R1, #0\n"
419	"STR R1, [R0],#4\n"
420	"STR R1, [R0]\n"
421	"BL sub_FF86089C\n"
422	"BL sub_FF864EA8\n"
423	"BL sub_FF8631AC\n"
424	"BL sub_FF8614E8_my\n" // continue here for task_CaptSeqTask <----------------------------
425
426	"BL sub_FF862CA8\n"
427	"loc_FF86020C:\n"
428	"MOV R0, #1\n"
429	"STR R0, [R4,#8]\n"
430	"LDMFD SP!, {R4,PC}\n"
431	);
432	}; //#fe
433
434	//OK ****
435	void __attribute__((naked,noinline)) sub_FF8614E8_my() { //#fs
436	asm volatile (
437	"STMFD SP!, {R3-R5,LR}\n"
438	"LDR R2, =0x1E3C0\n"
439	"MOV R0, #0\n"
440	"MOV R1, #0\n"
441	"loc_FF8614F8:\n"
442	"ADD R3, R2, R0,LSL#4\n"
443	"ADD R0, R0, #1\n"
444	"CMP R0, #5\n"
445	"STR R1, [R3,#8]\n"
446	"BCC loc_FF8614F8\n"
447	"LDR R0, =0x1E410\n"
448	"STR R1, [R0,#8]\n"
449	"ADD R0, R0, #0x10\n"
450	"STR R1, [R0,#8]\n"
451	"BL sub_FF942928\n"
452	"BL sub_FF944F7C\n"
453	"MOV R1, #5\n"
454	"MOV R0, #0\n"
455	"BL sub_FF81BDFC\n"
456	"LDR R4, =0x583C\n"
457	"LDR R1, =0x1001FF\n"
458	"STR R0, [R4,#0x14]\n"
459	"MOV R0, #0\n"
460	"BL sub_FF81BE20\n"
461	"STR R0, [R4,#0x10]\n"
462	"MOV R3, #0\n"
463	// "STR R3, [SP,#0x10+var_10]\n"
464	"STR R3, [SP]\n"
465	// "LDR R3, =0xFF861210\n"
466	"LDR R3, =task_CaptSeqTask_my\n" // task_CaptSeqTask <-------------------------
467	"LDR R0, =0xFF861710\n" // aCaptseqtask ; "CaptSeqTask"
468	"MOV R2, #0x1000\n"
469	"MOV R1, #0x17\n"
470	"BL sub_FF81BDC8\n"
471	"LDMFD SP!, {R3-R5,PC}\n"
472	".ltorg\n"
473	);
474	}; //#fe
475
476
477
478	// -----------------
479	// SDHC-Boot-Support
480	// -----------------
481	// Required subs:
482	// Startup -> FFC1C6C4 -> FFC1C294 -> FFC5E6C0 -> uAC_Boot -> CreateTask_InitFileModules -> task_InitFileModules -> FFC5A4E8 -> FFC3F0CC -> FFC3EF08 -> FFC3EDA0
483	// \->FFC5F474 -> FFC5F410 ->/\|
484	// -> StartFactoryModeController =>\|\|
485	//
486	// uAC_Boot: FFC5E06C
487	// CreateTask_InitFileModules: FFC5F7A4
488	// task_InitFileModules: FFC5F754
489
490	//OK
491	void __attribute__((naked,noinline)) sub_FF82D720_my() { //#fs
492	asm volatile (
493	"STMFD SP!, {R4,LR}\n"
494	"BL sub_FF873F90\n"
495	"BL sub_FF824504\n" // IsFactoryMode"
496	"CMP R0, #1\n"
497	"BNE loc_FF82D740\n"
498	"BL sub_FF8773E0\n"
499	"LDMFD SP!, {R4,LR}\n"
500	"B sub_FF82457C\n" // StartFactoryModeController"
501	"loc_FF82D740:\n"
502	"BL sub_FF876264\n"
503	"LDR R4, =0x1E50\n"
504	"LDR R0, [R4,#4]\n"
505	"CMP R0, #0\n"
506	"LDMNEFD SP!, {R4,PC}\n"
507	"MOV R1, #0\n"
508	//"LDR R0, =0xFF82D250\n"
509	"LDR R0, =sub_FF82D250_my\n" // continue here for SDHC-boot-support <------------------
510	"BL sub_FF8709DC\n"
511	"STR R0, [R4,#4]\n"
512	"LDMFD SP!, {R4,PC}\n"
513	);
514	}; //#fe
515
516	//OK
517	void __attribute__((naked,noinline)) sub_FF82D250_my() { //#fs
518	asm volatile (
519
520	"STMFD SP!, {R3-R11,LR}\n"
521	"LDR R6, =0x1E50\n"
522	"MOV R5, R1\n"
523	"LDR R0, [R6,#0x14]\n"
524	"MOV R4, R3\n"
525	"CMP R0, #1\n"
526	"BNE loc_FF82D274\n"
527	"BL sub_FF87486C\n"
528	"B loc_FF82D65C\n"
529	"loc_FF82D274:\n"
530	"LDR R12, =0x1162\n"
531	"LDR R10, =0x1005\n"
532	"CMP R5, R12\n"
533	"MOV R7, #0\n"
534	"MOV R8, #1\n"
535	"BEQ loc_FF82D67C\n"
536	"BGT loc_FF82D3C8\n"
537	"LDR R12, =0x1062\n"
538	"CMP R5, R12\n"
539	"BEQ loc_FF82D718\n"
540	"BGT loc_FF82D33C\n"
541	"CMP R5, R10\n"
542	"BEQ loc_FF82D6A8\n"
543	"BGT loc_FF82D314\n"
544	"LDR R9, =0x9A3\n"
545	"CMP R5, R9\n"
546	"BEQ loc_FF82D63C\n"
547	"BGT loc_FF82D2F0\n"
548	"SUB R12, R5, #0x800\n"
549	"SUBS R12, R12, #3\n"
550	"BEQ loc_FF82D4D8\n"
551	"SUB R12, R5, #0x800\n"
552	"SUBS R12, R12, #0x158\n"
553	"BNE loc_FF82D66C\n"
554	"TST R4, #0x80000000\n"
555	"MOVNE R0, #1\n"
556	"BNE locret_FF82D534\n"
557	"BL sub_FF87DA3C\n"
558	"CMP R0, #0\n"
559	"BLEQ sub_FF829828\n"
560	"B loc_FF82D65C\n"
561	"loc_FF82D2F0:\n"
562	"SUB R12, R5, #0x900\n"
563	"SUBS R12, R12, #0xA5\n"
564	"BEQ loc_FF82D63C\n"
565	"SUB R12, R5, #0x1000\n"
566	"SUBS R12, R12, #3\n"
567	"BNE loc_FF82D66C\n"
568	"BL sub_FF82D1B4\n"
569	"MOV R1, R4\n"
570	"B loc_FF82D674\n"
571	"loc_FF82D314:\n"
572	"SUB R12, R5, #0x1000\n"
573	"SUBS R12, R12, #0x56\n"
574	"SUBNE R12, R5, #0x1000\n"
575	"SUBNES R12, R12, #0x5B\n"
576	"SUBNE R12, R5, #0x1000\n"
577	"SUBNES R12, R12, #0x5E\n"
578	"SUBNE R12, R5, #0x1000\n"
579	"SUBNES R12, R12, #0x61\n"
580	"BNE loc_FF82D66C\n"
581	"B loc_FF82D718\n"
582	"loc_FF82D33C:\n"
583	"LDR R12, =0x10AD\n"
584	"CMP R5, R12\n"
585	"BEQ loc_FF82D698\n"
586	"BGT loc_FF82D38C\n"
587	"SUB R12, R5, #0x1000\n"
588	"SUBS R12, R12, #0x63\n"
589	"SUBNE R12, R5, #0x1000\n"
590	"SUBNES R12, R12, #0x65\n"
591	"BEQ loc_FF82D718\n"
592	"SUB R12, R5, #0x1000\n"
593	"LDR R0, =0x10A3\n"
594	"SUBS R12, R12, #0xA9\n"
595	"BEQ loc_FF82D68C\n"
596	"SUB R12, R5, #0x1000\n"
597	"SUBS R12, R12, #0xAA\n"
598	"BNE loc_FF82D66C\n"
599	"BL sub_FF872EB8\n"
600	"CMP R0, #0\n"
601	"BEQ loc_FF82D6A4\n"
602	"B loc_FF82D65C\n"
603	"loc_FF82D38C:\n"
604	"SUB R12, R5, #0x1000\n"
605	"SUBS R12, R12, #0xAE\n"
606	"BEQ loc_FF82D6A4\n"
607	"SUB R12, R5, #0x1000\n"
608	"SUBS R12, R12, #0xAF\n"
609	"BEQ loc_FF82D698\n"
610	"SUB R12, R5, #0x1000\n"
611	"SUBS R12, R12, #0xB0\n"
612	"BEQ loc_FF82D6A4\n"
613	"SUB R12, R5, #0x1000\n"
614	"SUBS R12, R12, #0xB2\n"
615	"BNE loc_FF82D66C\n"
616	"LDR R0, =0x1008\n"
617	"MOV R1, R4\n"
618	"B loc_FF82D674\n"
619	"loc_FF82D3C8:\n"
620	"LDR R11, =0x201B\n"
621	"LDR R0, =0x1E50\n"
622	"CMP R5, R11\n"
623	"LDR R2, [R0,#0x10]!\n"
624	"LDR R1, [R0,#0x10]\n"
625	"SUB R9, R11, #0x17\n"
626	"BEQ loc_FF82D610\n"
627	"BGT loc_FF82D460\n"
628	"LDR R11, =0x116A\n"
629	"CMP R5, R11\n"
630	"BEQ loc_FF82D5FC\n"
631	"BGT loc_FF82D424\n"
632	"SUB R0, R5, #0x1100\n"
633	"SUB R0, R0, #0x63\n"
634	"CMP R0, #5\n"
635	"ADDLS PC, PC, R0,LSL#2\n"
636	"B loc_FF82D66C\n"
637	"loc_FF82D40C:\n"
638	"B loc_FF82D634\n"
639	"loc_FF82D410:\n"
640	"B loc_FF82D628\n"
641	"loc_FF82D414:\n"
642	"B loc_FF82D620\n"
643	"loc_FF82D418:\n"
644	"B loc_FF82D66C\n"
645	"loc_FF82D41C:\n"
646	"B loc_FF82D5BC\n"
647	"loc_FF82D420:\n"
648	"B loc_FF82D5BC\n"
649	"loc_FF82D424:\n"
650	"SUB R12, R5, #0x2000\n"
651	"SUBS R12, R12, #2\n"
652	"BEQ loc_FF82D6E4\n"
653	"CMP R5, R9\n"
654	"MOV R0, R9\n"
655	"BEQ loc_FF82D6F0\n"
656	"SUB R12, R5, #0x2000\n"
657	"SUBS R12, R12, #5\n"
658	"BEQ loc_FF82D6E4\n"
659	"SUB R12, R5, #0x2000\n"
660	"SUBS R12, R12, #0x19\n"
661	"BNE loc_FF82D66C\n"
662	"CMP R1, #0\n"
663	"BNE loc_FF82D6D0\n"
664	"B loc_FF82D65C\n"
665	"loc_FF82D460:\n"
666	"LDR R12, =0x3110\n"
667	"CMP R5, R12\n"
668	"BEQ loc_FF82D6A8\n"
669	"BGT loc_FF82D4A8\n"
670	"SUB R12, R5, #0x2000\n"
671	"SUBS R12, R12, #0x1D\n"
672	"BEQ loc_FF82D6E4\n"
673	"LDR R0, =0x2027\n"
674	"CMP R5, R0\n"
675	"BEQ loc_FF82D6B0\n"
676	"SUB R12, R5, #0x3000\n"
677	"SUBS R12, R12, #6\n"
678	"BEQ loc_FF82D6A8\n"
679	"SUB R12, R5, #0x3000\n"
680	"SUBS R12, R12, #0x10\n"
681	"BNE loc_FF82D66C\n"
682	"BL sub_FF893354\n"
683	"B loc_FF82D65C\n"
684	"loc_FF82D4A8:\n"
685	"SUB R12, R5, #0x3100\n"
686	"SUBS R12, R12, #0x11\n"
687	"BEQ loc_FF82D6A8\n"
688	"CMP R5, #0x3140\n"
689	"BEQ loc_FF82D70C\n"
690	"SUB R12, R5, #0x3200\n"
691	"SUBS R12, R12, #1\n"
692	"BEQ loc_FF82D66C\n"
693	"SUB R12, R5, #0x3200\n"
694	"SUBS R12, R12, #2\n"
695	"BNE loc_FF82D66C\n"
696	"B loc_FF82D6A8\n"
697	"loc_FF82D4D8:\n"
698	"MOV R4, #1\n"
699	"MOV R0, #2\n"
700	"BL sub_FF874024\n"
701	"CMP R0, #1\n"
702	"MOVEQ R4, #2\n"
703	"MOV R0, R4\n"
704	"BL sub_FF8224B0\n"
705	"CMP R0, #0\n"
706	"STRNE R8, [R6,#0x14]\n"
707	"BNE loc_FF82D530\n"
708	"BL sub_FF879F0C\n"
709	"BL sub_FF877D84\n"
710	"BL sub_FF8789D8\n"
711	"BL sub_FF877670\n"
712	"BL sub_FF878F88\n"
713	"CMP R0, #0\n"
714	"BEQ loc_FF82D59C\n"
715	"BL sub_FF82CF20\n"
716	"BL sub_FF878EEC\n"
717	"MOV R1, R0\n"
718	"LDR R0, =0x1167\n"
719	"BL sub_FF8711D8\n"
720	"loc_FF82D530:\n"
721	"MOV R0, R7\n"
722
723	"locret_FF82D534:\n"
724	"LDMFD SP!, {R3-R11,PC}\n"
725	"loc_FF82D59C:\n"
726	"BL sub_FF8268E8\n"
727	"CMP R0, #1\n"
728	"LDRNE R0, =0x310B\n"
729	"LDREQ R0, =0x310C\n"
730	"MOV R1, #0\n"
731	"BL sub_FF8711D8\n"
732	"BL sub_FF8770A8_my\n" // Continue here (possibility 1) for SDHC-boot //<------------------------------------------
733	"B loc_FF82D530\n"
734	"loc_FF82D5BC:\n"
735	"STR R8, [R6,#0x10]\n"
736	"LDR R6, =0x4508\n"
737	"LDR R4, =0x1168\n"
738	"CMP R1, #0\n"
739	"BEQ loc_FF82D5E4\n"
740	"BL sub_FF8748A0\n"
741	"B loc_FF82D5F0\n"
742	"loc_FF82D5D8:\n"
743	"MOV R0, R6\n"
744	"BL sub_FF85E5B0\n"
745	"B loc_FF82D65C\n"
746
747	"loc_FF82D5E4:\n"
748	"BL sub_FF8781CC\n"
749	"BL sub_FF877F94\n"
750	"BL sub_FF826590\n"
751	"loc_FF82D5F0:\n"
752	"CMP R5, R4\n"
753	"BEQ loc_FF82D5D8\n"
754	"B loc_FF82D65C\n"
755	"loc_FF82D5FC:\n"
756	"MOV R0, #1\n"
757	"BL sub_FF8749CC\n"
758	"MOV R1, R11\n"
759	"MOV R0, R10\n"
760	"B loc_FF82D674\n"
761	"loc_FF82D610:\n"
762	"CMP R2, #1\n"
763	"BNE loc_FF82D6A8\n"
764	"BL sub_FF8748A0\n"
765	"B loc_FF82D65C\n"
766	"loc_FF82D620:\n"
767	"MOV R0, #2\n"
768	"B loc_FF82D62C\n"
769	"loc_FF82D628:\n"
770	"MOV R0, #1\n"
771	"loc_FF82D62C:\n"
772	"BL sub_FF82DC30\n"
773	"B loc_FF82D65C\n"
774	"loc_FF82D634:\n"
775	"MOV R0, #0\n"
776	"B loc_FF82D62C\n"
777	"loc_FF82D63C:\n"
778	"LDR R0, [R6,#0xC]\n"
779	"SUB R12, R0, #0x8000\n"
780	"SUBS R12, R12, #2\n"
781	"BEQ loc_FF82D65C\n"
782	"LDR R0, =0x10A5\n"
783	"BL sub_FF872EB8\n" // eventproc_export_IsControlEventActive
784
785	"CMP R0, #0\n"
786	"BEQ loc_FF82D664\n"
787	"loc_FF82D65C:\n"
788	"MOV R0, #0\n"
789	"LDMFD SP!, {R3-R11,PC}\n"
790	"loc_FF82D664:\n"
791	"CMP R5, R9\n"
792	"STREQ R8, [R6,#0x30]\n"
793
794	"loc_FF82D66C:\n"
795	"MOV R1, #0\n"
796	"loc_FF82D670:\n"
797	"MOV R0, R5\n"
798
799	"loc_FF82D674:\n"
800	"BL sub_FF875F98_My\n" // Continue here (possibility 2) for SDHC-boot //<-----------------------------
801
802	"LDMFD SP!, {R3-R11,PC}\n"
803	"loc_FF82D67C:\n"
804	"BL sub_FF87C4A0\n"
805	"CMP R0, #0\n"
806	"BLNE sub_FF87B1FC\n"
807	"B loc_FF82D6A8\n"
808	"loc_FF82D68C:\n"
809	"BL sub_FF872EB8\n" //eventproc_export_IsControlEventActive
810	"CMP R0, #0\n"
811	"BNE loc_FF82D65C\n"
812
813	"loc_FF82D698:\n"
814	"MOV R0, R5\n"
815	"BL sub_FF82D040\n"
816	"LDMFD SP!, {R3-R11,PC}\n"
817	"loc_FF82D6A4:\n"
818	"BL sub_FF82DC00\n"
819	"loc_FF82D6A8:\n"
820	"MOV R1, R4\n"
821	"B loc_FF82D670\n"
822	"loc_FF82D6B0:\n"
823	"MOV R1, #0\n"
824	"BL sub_FF875F98_My\n" //Continue here (possibility 2) for SDHC-boot // <--------------------------------
825	"MOV R1, #0\n"
826	"MOV R0, R11\n"
827	"BL sub_FF875F98_My\n" // Continue here (possibility 2) for SDHC-boot // <----------------------------------
828	"MOV R1, #0\n"
829	"MOV R0, R9\n"
830	"B loc_FF82D6DC\n"
831	"loc_FF82D6D0:\n"
832	"CMP R2, #0\n"
833	"BNE loc_FF82D65C\n"
834	"loc_FF82D6D8:\n"
835	"MOV R1, #0\n"
836	"loc_FF82D6DC:\n"
837	"BL sub_FF875F98_My\n" //Continue here (possibility 2) for SDHC-boot // <------------------------------------
838	"B loc_FF82D65C\n"
839	"loc_FF82D6E4:\n"
840	"STR R7, [R6,#0x20]\n"
841	"BL sub_FF82D900\n"
842	"B loc_FF82D6A8\n"
843	"loc_FF82D6F0:\n"
844	"STR R7, [R6,#0x20]\n"
845	"BL sub_FF82D900\n"
846	"LDR R0, [R6,#0x10]\n"
847	"CMP R0, #1\n"
848	"BNE loc_FF82D6A8\n"
849	"BL sub_FF8748E4\n"
850	"B loc_FF82D65C\n"
851	"loc_FF82D70C:\n"
852	"CMP R1, #0\n"
853	"BLEQ sub_FF82D900\n"
854	"B loc_FF82D65C\n"
855	"loc_FF82D718:\n"
856	"LDR R0, =0xFFFFFFFF\n" // was MOVL tryed MVN provare pure LDR
857	"B loc_FF82D6D8\n"
858	);
859	}; //#fe
860
861
862	// Continue here (possibility 1) for SDHC-boot //OK
863	void __attribute__((naked,noinline)) sub_FF8770A8_my() { //#fs
864	asm volatile (
865	"STMFD SP!, {R4,LR}\n"
866	"BL sub_FF82D8CC\n"
867	"MOV R4, R0\n"
868	"BL sub_FF8771C4\n"
869	"MOV R0, R4\n"
870	"BL sub_FF876F5C\n"
871	"BL sub_FF82D8CC\n"
872	"MOV R4, R0\n"
873	"LDR R0, =0x60D8\n"
874	"LDR R0, [R0]\n"
875	"TST R0, #1\n"
876	"BEQ loc_FF8770E4\n"
877	"loc_FF8770D8:\n"
878	"MOV R1, R4\n"
879	"MOV R0, #2\n"
880	"B loc_FF87714C\n"
881	"loc_FF8770E4:\n"
882	"TST R0, #0x2000\n"
883	"BEQ loc_FF877100\n"
884	"TST R0, #0x200\n"
885	"LDREQ R1, =0x4004\n"
886	"LDRNE R1, =0x8002\n"
887	"MOV R0, #3\n"
888	"B loc_FF87714C\n"
889	"loc_FF877100:\n"
890	"TST R0, #0x10\n"
891	"BNE loc_FF8770D8\n"
892	"TST R0, #0x40\n"
893	"BEQ loc_FF87711C\n"
894	"loc_FF877110:\n"
895	"MOV R1, R4\n"
896	"MOV R0, #1\n"
897	"B loc_FF87714C\n"
898	"loc_FF87711C:\n"
899	"TST R0, #0x20\n"
900	"BEQ loc_FF877138\n"
901	"TST R0, #0x4000\n"
902	"BNE loc_FF877138\n"
903	"loc_FF87712C:\n"
904	"MOV R1, R4\n"
905	"MOV R0, #0\n"
906	"B loc_FF87714C\n"
907	"loc_FF877138:\n"
908	"LDR R1, =0x102\n"
909	"BICS R1, R1, R0\n"
910	"BNE loc_FF877154\n"
911	"MOV R1, R4\n"
912	"MOV R0, #6\n"
913	"loc_FF87714C:\n"
914	"LDMFD SP!, {R4,LR}\n"
915	"B sub_FF876EF8_my\n" // cont. for SDHC-boot <------------------------------------
916	"loc_FF877154:\n"
917	"TST R0, #0x100\n"
918	"BNE loc_FF8770D8\n"
919	"TST R0, #0x4000\n"
920	"TSTEQ R0, #0x400\n"
921	"BNE loc_FF877110\n"
922	"TST R0, #0x200\n"
923	"TSTEQ R0, #2\n"
924	"BNE loc_FF87712C\n"
925	"TST R0, #0x40000\n"
926	"BEQ loc_FF8770D8\n"
927	"TST R0, #0x200000\n"
928	"MOVEQ R1, R4\n"
929	"MOVEQ R0, #1\n"
930	"BLEQ sub_FF876EF8_my\n" // cont. for SDHC-boot <------------------------------------
931	"B loc_FF8770D8\n"
932	);
933	}; //#fe
934	//OK
935	void __attribute__((naked,noinline)) sub_FF876EF8_my() { //#fs
936	asm volatile (
937	"STMFD SP!, {R4-R6,LR}\n"
938	"MOVS R4, R0\n"
939	"MOV R0, #1\n"
940	"MOV R5, R1\n"
941	"BNE loc_FF876F38\n"
942	"MOV R1, #0\n"
943	"MOV R0, #0\n"
944	"BL sub_FF873FB4\n"
945	"BL sub_FF82D8CC\n"
946	"SUB R12, R0, #0x1000\n"
947	"SUBS R12, R12, #0x5B\n"
948	"BNE loc_FF876F30\n"
949	"loc_FF876F28:\n"
950	"BL sub_FF876E4C\n"
951	"B loc_FF876F40\n"
952	"loc_FF876F30:\n"
953	"BL sub_FF876E8C\n"
954	"B loc_FF876F40\n"
955	"loc_FF876F38:\n"
956	"CMP R4, #5\n"
957	"BEQ loc_FF876F28\n"
958	"loc_FF876F40:\n"
959	"CMP R0, #0\n"
960	"LDREQ R5, =0x1162\n"
961	"MOVEQ R4, #2\n"
962	"MOV R0, R4\n"
963	"MOV R1, R5\n"
964	"LDMFD SP!, {R4-R6,LR}\n"
965	"B sub_FF875F98_My\n" // Continue here (possibility 2) for SDHC-boot <-------------------------
966	);
967	}; //#fe
968
969
970	//NEW OK
971	void __attribute__((naked,noinline)) sub_FF875F98_My() { //#fs
972	asm volatile (
973	"STMFD SP!, {R4-R8,LR}\n"
974	"MOV R8, R1\n"
975	"MOV R4, R0\n"
976	"BL sub_FF878F88\n"
977	"CMP R0, #0\n"
978	"BNE loc_FF87625C\n"
979	"MOV R1, R8\n"
980	"MOV R0, R4\n"
981	"BL sub_FF874B90\n"
982	"LDR R5, =0x6008\n"
983	"MOV R7, #1\n"
984	"LDR R0, [R5,#0x10]\n"
985	"MOV R6, #0\n"
986	"CMP R0, #0x16\n"
987	"ADDLS PC, PC, R0,LSL#2\n"
988	"B loc_FF87625C\n"
989	"loc_FF875FD8:\n"
990	"B loc_FF876034\n"
991	"loc_FF875FDC:\n"
992	"B loc_FF87605C\n"
993	"loc_FF875FE0:\n"
994	"B loc_FF8760A0\n"
995	"loc_FF875FE4:\n"
996	"B loc_FF87611C\n"
997	"loc_FF875FE8:\n"
998	"B loc_FF87612C\n"
999	"loc_FF875FEC:\n"
1000	"B loc_FF87625C\n"
1001	"loc_FF875FF0:\n"
1002	"B loc_FF8761A8\n"
1003	"loc_FF875FF4:\n"
1004	"B loc_FF8761B8\n"
1005	"loc_FF875FF8:\n"
1006	"B loc_FF876044\n"
1007	"loc_FF875FFC:\n"
1008	"B loc_FF876050\n"
1009	"loc_FF876000:\n"
1010	"B loc_FF8761B8\n"
1011	"loc_FF876004:\n"
1012	"B loc_FF876094\n"
1013	"loc_FF876008:\n"
1014	"B loc_FF87625C\n"
1015	"loc_FF87600C:\n"
1016	"B loc_FF87625C\n"
1017	"loc_FF876010:\n"
1018	"B loc_FF8760AC\n"
1019	"loc_FF876014:\n"
1020	"B loc_FF8760B8\n"
1021	"loc_FF876018:\n"
1022	"B loc_FF8760F0\n"
1023	"loc_FF87601C:\n"
1024	"B loc_FF876068\n"
1025	"loc_FF876020:\n"
1026	"B loc_FF876244\n"
1027	"loc_FF876024:\n"
1028	"B loc_FF8761C4\n"
1029	"loc_FF876028:\n"
1030	"B loc_FF8761F4\n"
1031	"loc_FF87602C:\n"
1032	"B loc_FF8761F4\n"
1033	"loc_FF876030:\n"
1034	"B loc_FF876138\n"
1035	"loc_FF876034:\n"
1036	"MOV R1, R8\n"
1037	"MOV R0, R4\n"
1038	"LDMFD SP!, {R4-R8,LR}\n"
1039	"B sub_FF875648_my\n" // uAC_Boot // divert for <-------------------------
1040	"loc_FF876044:\n"
1041	"MOV R0, R4\n"
1042	"LDMFD SP!, {R4-R8,LR}\n"
1043	"B sub_FF8769B0\n"
1044	"loc_FF876050:\n"
1045	"MOV R0, R4\n"
1046	"LDMFD SP!, {R4-R8,LR}\n"
1047	"B sub_FF875B14\n"
1048	"loc_FF87605C:\n"
1049	"MOV R0, R4\n"
1050	"LDMFD SP!, {R4-R8,LR}\n"
1051	"B sub_FF87522C\n"
1052	"loc_FF876068:\n"
1053	"SUB R12, R4, #0x1000\n"
1054	"SUBS R12, R12, #0xA5\n"
1055	"STREQ R7, [R5,#0x88]\n"
1056	"BEQ loc_FF876254\n"
1057	"SUB R12, R4, #0x3000\n"
1058	"SUBS R12, R12, #6\n"
1059	"BNE loc_FF87625C\n"
1060	"MOV R0, #0\n"
1061	"BL sub_FF82CDA8\n"
1062	"BL sub_FF876890\n" // uAC_InitPB
1063	"B loc_FF876254\n"
1064	"loc_FF876094:\n"
1065	"MOV R0, R4\n"
1066	"LDMFD SP!, {R4-R8,LR}\n"
1067	"B sub_FF8768C8\n"
1068	"loc_FF8760A0:\n"
1069	"MOV R0, R4\n"
1070	"LDMFD SP!, {R4-R8,LR}\n"
1071	"B sub_FF875404\n"
1072	"loc_FF8760AC:\n"
1073	"MOV R0, R4\n"
1074	"LDMFD SP!, {R4-R8,LR}\n"
1075	"B sub_FF875CC0\n"
1076	"loc_FF8760B8:\n"
1077	"SUB R12, R4, #0x3200\n"
1078	"SUBS R12, R12, #2\n"
1079	"BNE loc_FF87625C\n"
1080	"MOV R0, #3\n"
1081	"BL sub_FF874A74\n" // uCameraConState
1082	"MOV R0, #8\n"
1083	"BL sub_FF82CD04\n"
1084	"MOV R1, #0\n"
1085	"MOV R0, #0x19\n"
1086	"BL sub_FF83EEE0\n"
1087	"BL sub_FF8781CC\n"
1088	"BL sub_FF878018\n"
1089	"BL sub_FF8776E0\n"
1090	"B loc_FF876254\n"
1091	"loc_FF8760F0:\n"
1092	"SUB R12, R4, #0x3300\n"
1093	"SUBS R12, R12, #1\n"
1094	"BNE loc_FF87625C\n"
1095	"LDR R0, =0x4010\n"
1096	"STR R6, [R5,#0x80]\n"
1097	"BL sub_FF82CD04\n"
1098	"BL sub_FF9A90CC\n"
1099	"BL sub_FF8776E0\n"
1100	"MOV R0, #4\n"
1101	"BL sub_FF874A74\n" // uCameraConState
1102	"B loc_FF876254\n"
1103	"loc_FF87611C:\n"
1104	"MOV R1, R8\n"
1105	"MOV R0, R4\n"
1106	"LDMFD SP!, {R4-R8,LR}\n"
1107	"B sub_FF875E1C\n"
1108	"loc_FF87612C:\n"
1109	"MOV R0, R4\n"
1110	"LDMFD SP!, {R4-R8,LR}\n"
1111	"B sub_FF876AF8\n"
1112	"loc_FF876138:\n"
1113	"LDR R8, =0x1182\n"
1114	"CMP R4, R8\n"
1115	"STREQ R7, [R5,#0xB8]\n"
1116	"BEQ loc_FF876254\n"
1117	"SUB R12, R4, #0x1000\n"
1118	"SUBS R12, R12, #0x1AC\n"
1119	"BEQ loc_FF876190\n"
1120	"SUB R12, R4, #0x3000\n"
1121	"SUBS R12, R12, #0x224\n"
1122	"BNE loc_FF87625C\n"
1123	"MOV R0, #8\n"
1124	"BL sub_FF82CD04\n"
1125	"MOV R0, #3\n"
1126	"BL sub_FF874A74\n" // uCameraConState
1127	"STR R6, [R5,#0xBC]\n"
1128	"LDR R0, [R5,#0xB8]\n"
1129	"CMP R0, #0\n"
1130	"MOVNE R1, #0\n"
1131	"MOVNE R0, R8\n"
1132	"STRNE R6, [R5,#0xB8]\n"
1133	"BLNE sub_FF875E1C\n"
1134	"B loc_FF876254\n"
1135	"loc_FF876190:\n"
1136	"LDR R0, [R5,#0xBC]\n"
1137	"CMP R0, #0\n"
1138	"BNE loc_FF876254\n"
1139	"BL sub_FF9A71E4\n"
1140	"STR R7, [R5,#0xBC]\n"
1141	"B loc_FF876254\n"
1142	"loc_FF8761A8:\n"
1143	"MOV R1, R8\n"
1144	"MOV R0, R4\n"
1145	"LDMFD SP!, {R4-R8,LR}\n"
1146	"B sub_FF876BD8\n"
1147	"loc_FF8761B8:\n"
1148	"MOV R0, R4\n"
1149	"LDMFD SP!, {R4-R8,LR}\n"
1150	//"B sub_FF875A0C\n"
1151	"B sub_FF875A0C_my\n" //----------> movies_rec.c
1152	"loc_FF8761C4:\n"
1153	"LDR R12, =0x10B0\n"
1154	"CMP R4, R12\n"
1155	"BEQ loc_FF8761F0\n"
1156	"BGT loc_FF8761FC\n"
1157	"CMP R4, #4\n"
1158	"BEQ loc_FF876224\n"
1159	"SUB R12, R4, #0x1000\n"
1160	"SUBS R12, R12, #0xAA\n"
1161	"SUBNE R12, R4, #0x1000\n"
1162	"SUBNES R12, R12, #0xAE\n"
1163	"BNE loc_FF87625C\n"
1164	"loc_FF8761F0:\n"
1165	"BL sub_FF874770\n"
1166	"loc_FF8761F4:\n"
1167	"MOV R0, R6\n"
1168	"LDMFD SP!, {R4-R8,PC}\n"
1169	"loc_FF8761FC: \n"
1170	"SUB R12, R4, #0x2000\n"
1171	"SUBS R12, R12, #4\n"
1172	"BEQ loc_FF87623C\n"
1173	"SUB R12, R4, #0x5000\n"
1174	"SUBS R12, R12, #1\n"
1175	"SUBNE R12, R4, #0x5000\n"
1176	"SUBNES R12, R12, #6\n"
1177	"BNE loc_FF87625C\n"
1178	"BL sub_FF8751CC\n"
1179	"B loc_FF876254\n"
1180	"loc_FF876224:\n"
1181	"LDR R0, [R5,#0x2C]\n"
1182	"CMP R0, #0\n"
1183	"BNE loc_FF87623C\n"
1184	"BL sub_FF87643C\n"
1185	"BL sub_FF826548\n"
1186	"B loc_FF876254\n"
1187	"loc_FF87623C:\n"
1188	"BL sub_FF8747AC\n"
1189	"B loc_FF876254\n"
1190	"loc_FF876244:\n"
1191	"SUB R12, R4, #0x3000\n"
1192	"SUBS R12, R12, #0x130\n"
1193	"BNE loc_FF87625C\n"
1194	"BL sub_FF87486C\n"
1195	"loc_FF876254:\n"
1196	"MOV R0, #0\n"
1197	"LDMFD SP!, {R4-R8,PC}\n"
1198	"loc_FF87625C:\n"
1199	"MOV R0, #1\n"
1200	"LDMFD SP!, {R4-R8,PC}\n"
1201	);
1202	}; //#fe
1203
1204
1205	//OK
1206	void __attribute__((naked,noinline)) sub_FF875648_my() { //#fs uAC_Boot
1207	asm volatile (
1208	"STMFD SP!, {R4-R8,LR}\n"
1209	"LDR R7, =0x8002\n"
1210	"LDR R4, =0x6008\n"
1211	"CMP R0, #3\n"
1212	"MOV R6, R1\n"
1213	"MOV R5, #1\n"
1214	"BEQ loc_FF8757BC\n"
1215	"BGT loc_FF875684\n"
1216	"CMP R0, #0\n"
1217	"BEQ loc_FF8756C8\n"
1218	"CMP R0, #1\n"
1219	"BEQ loc_FF87574C\n"
1220	"CMP R0, #2\n"
1221	"BNE loc_FF875844\n"
1222	"B loc_FF87569C\n"
1223	"loc_FF875684:\n"
1224	"CMP R0, #6\n"
1225	"STREQ R5, [R4,#0x28]\n"
1226	"BEQ loc_FF8757B4\n"
1227	"SUB R12, R0, #0x2000\n"
1228	"SUBS R12, R12, #4\n"
1229	"BNE loc_FF875844\n"
1230
1231	"loc_FF87569C:\n"
1232	"SUB R12, R6, #0x1100\n"
1233	"SUBS R12, R12, #0x62\n"
1234	"BNE loc_FF8756B8\n"
1235	"MOV R1, R7\n"
1236	"MOV R0, #0\n"
1237	"BL sub_FF878AB0\n"
1238	"STR R5, [R4,#0x60]\n"
1239
1240	"loc_FF8756B8:\n"
1241	"BL sub_FF8781CC\n"
1242	"BL sub_FF878018\n"
1243	"BL sub_FF875130\n"
1244	"B loc_FF87583C\n"
1245	"loc_FF8756C8:\n"
1246	"MOV R0, #7\n"
1247	"BL sub_FF874A74\n"
1248	"MOV R0, R7\n"
1249	"BL sub_FF82CD04\n"
1250	"BL sub_FF877310\n" // taskcreate_CommonDrivers
1251	"BL sub_FF877E68\n"
1252	"MOV R1, R7\n"
1253	"MOV R0, #0\n"
1254	"BL sub_FF878AB0\n"
1255	"LDR R1, =0xFF87587C\n"
1256	"MOV R0, #0x20\n"
1257	"STR R6, [R4,#0x18]\n"
1258	"BL sub_FF86DA00\n"
1259	"LDR R1, =0xFF875888\n"
1260	"MOV R0, #0x20\n"
1261	"BL sub_FF86DA00\n"
1262	"STR R5, [R4,#0x28]\n"
1263	"BL sub_FF82CE8C\n"
1264	"BL sub_FF82CDD0\n"
1265	"LDR R0, [R4,#0x1C]\n"
1266	"LDR R1, [R4,#0x20]\n"
1267	"ORRS R0, R0, R1\n"
1268	"BLNE sub_FF876418\n"
1269	"LDR R0, [R4,#0x68]\n"
1270	"CMP R0, #0\n"
1271	"BNE loc_FF875738\n"
1272	"BL sub_FF82CEFC\n" // taskcreate_StartupImage
1273	"B loc_FF875740\n"
1274	"loc_FF875738:\n"
1275	"BL sub_FF8262FC\n"
1276	"BL sub_FF82D864\n"
1277
1278	"loc_FF875740:\n"
1279	"BL sub_FF8772D4_my\n" // taskcreate_InitFileModules<----------------------
1280	"BL sub_FF87734C\n"
1281	"B loc_FF87583C\n"
1282	"loc_FF87574C:\n"
1283	"MOV R0, #8\n"
1284	"BL sub_FF874A74\n"
1285	"BL sub_FF877310\n"
1286	"BL sub_FF877E68\n"
1287	"LDR R5, =0x4004\n"
1288	"MOV R0, #0\n"
1289	"MOV R1, R5\n"
1290	"BL sub_FF878AB0\n"
1291	"LDR R1, =0xFF875898\n"
1292	"MOV R0, #0x20\n"
1293	"BL sub_FF86DA00\n"
1294
1295	"BL sub_FF8772D4_my\n" // taskcreate_InitFileModules ----------------------------->
1296
1297	"BL sub_FF8773E0\n"
1298	"BL sub_FF82D828\n"
1299	"MOV R0, R5\n"
1300	"BL sub_FF82CD04\n"
1301	"LDR R0, [R4,#0x68]\n"
1302	"CMP R0, #0\n"
1303	"BNE loc_FF8757A0\n"
1304	"BL sub_FF82CEFC\n" // taskcreate_StartupImage
1305	"B loc_FF8757A4\n"
1306	"loc_FF8757A0:\n"
1307	"BL sub_FF8262FC\n"
1308
1309	"loc_FF8757A4:\n"
1310	"BL sub_FF87737C\n"
1311	"LDR R0, [R4,#0x30]\n"
1312	"CMP R0, #0\n"
1313	"BEQ loc_FF87583C\n"
1314
1315	"loc_FF8757B4:\n"
1316	"BL sub_FF876460\n"
1317	"B loc_FF87583C\n"
1318	"loc_FF8757BC:\n"
1319	"MOV R1, R6\n"
1320	"MOV R0, #0\n"
1321	"BL sub_FF878AB0\n"
1322	"LDR R1, =0xFF8758A4\n"
1323	"MOV R0, #0x20\n"
1324	"BL sub_FF86DA00\n"
1325	"STR R5, [R4,#0x68]\n"
1326	"BL sub_FF8773E0\n"
1327	"BL sub_FF82D828\n"
1328	"BL sub_FF8763F4\n"
1329	"BL sub_FF82D8C0\n"
1330	"CMP R0, #0\n"
1331	"LDRNE R0, =0x804B\n"
1332	"MOVNE R1, #0\n"
1333	"BLNE sub_FF873C90\n" // eventproc_export_PTM_SetCurrentItem
1334	"BL sub_FF8788CC\n"
1335	"MOV R0, #0x80\n"
1336	"BL sub_FF82CD04\n"
1337	"BL sub_FF878310\n"
1338	"BL sub_FF895AD0\n" // eventproc_export_StartGUISystem
1339	"BL sub_FF957B60\n"
1340	"BL sub_FF9ABF4C\n"
1341	"BL sub_FF877B4C\n"
1342	"BL sub_FF878204\n"
1343	"MOV R0, #9\n"
1344	"BL sub_FF874A74\n"
1345	"LDR R0, =0x300E\n"
1346	"MOV R1, R6\n"
1347	"BL sub_FF8711D8\n"
1348	"MOV R1, #0\n"
1349	"MOV R0, #1\n"
1350	"BL sub_FF878AB0\n"
1351
1352	"loc_FF87583C:\n"
1353	"MOV R0, #0\n"
1354	"LDMFD SP!, {R4-R8,PC}\n"
1355	"loc_FF875844:\n"
1356	"MOV R0, #1\n"
1357	"LDMFD SP!, {R4-R8,PC}\n"
1358	);
1359	}; //#fe
1360
1361	//OK
1362	void __attribute__((naked,noinline)) sub_FF8772D4_my() { //#fs CreateTask_InitFileModules
1363	asm volatile (
1364	"LDR R0, =0x60E4\n"
1365	"STMFD SP!, {R3,LR}\n"
1366	"LDR R1, [R0,#4]\n"
1367	"CMP R1, #0\n"
1368	"BNE locret_FF87730C\n"
1369	"MOV R1, #1\n"
1370	"STR R1, [R0,#4]\n"
1371	"MOV R3, #0\n"
1372	"STR R3, [SP]\n"
1373
1374	"LDR R3, =task_InitFileModules_my\n" // continue for SDHC-boot (orig: FFC5F754)-g9 = FF877284 "LDR R3, =task_InitFileModules_my\n"
1375
1376	"MOV R1, #0x19\n"
1377	"LDR R0, =0xFF877438\n" // aInitfilemodule
1378	"MOV R2, #0x1000\n"
1379	"BL sub_FF81BAF0\n" // CreateTask
1380	"locret_FF87730C:\n"
1381	"LDMFD SP!, {R12,PC}\n"
1382	);
1383	}; //#fe
1384
1385	//OK
1386	void __attribute__((naked,noinline)) task_InitFileModules_my() { //#fs task_InitFileModules_my
1387	asm volatile (
1388	"STMFD SP!, {R4-R6,LR}\n"
1389	"BL sub_FF86FFF8\n"
1390	"LDR R5, =0x5006\n"
1391	"MOVS R4, R0\n"
1392	"MOVNE R1, #0\n"
1393	"MOVNE R0, R5\n"
1394	"BLNE sub_FF8711D8\n"
1395	"BL sub_FF870024_my\n" // continue to SDHC-hook here! was FFC5A4E8
1396
1397	"BL core_spytask_can_start\n" // CHDK: Set "it's-save-to-start"-Flag for spytask
1398
1399	"CMP R4, #0\n"
1400	"MOVEQ R0, R5\n"
1401	"LDMEQFD SP!, {R4-R6,LR}\n"
1402	"MOVEQ R1, #0\n"
1403	"BEQ sub_FF8711D8\n"
1404	"LDMFD SP!, {R4-R6,PC}\n"
1405	);
1406	}; //#fe
1407
1408	//OK
1409	void __attribute__((naked,noinline)) sub_FF870024_my() { //#fs
1410
1411	asm volatile (
1412	"STMFD SP!, {R4,LR}\n"
1413
1414	"BL sub_FF85235C_my\n" // continue to SDHC-hook here! was FFC3F0CC --------------------------------------->
1415
1416	"LDR R4, =0x5AC4\n"
1417	"LDR R0, [R4,#4]\n"
1418	"CMP R0, #0\n"
1419	"BNE loc_FF870054\n"
1420	"BL sub_FF87FD60\n"
1421	"BL sub_FF90B938\n"
1422	"BL sub_FF87FD60\n"
1423	"BL sub_FF91848C\n"
1424	"BL sub_FF87FD70\n"
1425	"BL sub_FF90B9E0\n"
1426	"loc_FF870054:\n"
1427	"MOV R0, #1\n"
1428	"STR R0, [R4]\n"
1429	"LDMFD SP!, {R4,PC}\n"
1430	);
1431	}; //#fe
1432	//OK
1433	void __attribute__((naked,noinline)) sub_FF85235C_my() { //#fs
1434
1435	asm volatile (
1436	"STMFD SP!, {R4-R6,LR}\n"
1437	"MOV R6, #0\n"
1438	"MOV R0, R6\n"
1439	"BL sub_FF851F2C\n"
1440	"LDR R4, =0x168D0\n"
1441	"MOV R5, #0\n"
1442	"LDR R0, [R4,#0x38]\n"
1443	"BL sub_FF8528F4\n"
1444	"CMP R0, #0\n"
1445	"LDREQ R0, =0x2D34\n"
1446	"STREQ R5, [R0,#0xC]\n"
1447	"STREQ R5, [R0,#0x10]\n"
1448	"STREQ R5, [R0,#0x14]\n"
1449	"MOV R0, R6\n"
1450	"BL sub_FF851F6C\n" // uMounter (u=unknown, just to prevent misunderstandings)
1451	"MOV R0, R6\n"
1452
1453	"BL sub_FF852198_my\n" // continue to SDHC-hook here! <---------------------
1454
1455	"MOV R5, R0\n"
1456	"MOV R0, R6\n"
1457	"BL sub_FF852204\n"
1458	"LDR R1, [R4,#0x3C]\n"
1459	"AND R2, R5, R0\n"
1460	"CMP R1, #0\n"
1461	"MOV R0, #0\n"
1462	"MOVEQ R0, #0x80000001\n"
1463	"BEQ loc_FF8523F0\n"
1464	"LDR R3, [R4,#0x2C]\n"
1465	"CMP R3, #2\n"
1466	"MOVEQ R0, #4\n"
1467	"CMP R1, #5\n"
1468	"ORRNE R0, R0, #1\n"
1469	"BICEQ R0, R0, #1\n"
1470	"CMP R2, #0\n"
1471	"BICEQ R0, R0, #2\n"
1472	"ORREQ R0, R0, #0x80000000\n"
1473	"BICNE R0, R0, #0x80000000\n"
1474	"ORRNE R0, R0, #2\n"
1475	"loc_FF8523F0:\n"
1476	"STR R0, [R4,#0x40]\n"
1477	"LDMFD SP!, {R4-R6,PC}\n"
1478	);
1479	}; //#fe
1480	//OK
1481	void __attribute__((naked,noinline)) sub_FF852198_my() { //#fs
1482	asm volatile (
1483	"STMFD SP!, {R4-R6,LR}\n"
1484	"LDR R5, =0x2D34\n"
1485	"MOV R6, R0\n"
1486	"LDR R0, [R5,#0x10]\n"
1487	"CMP R0, #0\n"
1488	"MOVNE R0, #1\n"
1489	"LDMNEFD SP!, {R4-R6,PC}\n"
1490	"MOV R0, #0x17\n"
1491	"MUL R1, R0, R6\n"
1492	"LDR R0, =0x168D0\n"
1493	"ADD R4, R0, R1,LSL#2\n"
1494	"LDR R0, [R4,#0x38]\n"
1495	"MOV R1, R6\n"
1496
1497	"BL sub_FF852030_my\n" // continue to SDHC-hook here! --------------------------------------------------->
1498
1499	"CMP R0, #0\n"
1500	"LDMEQFD SP!, {R4-R6,PC}\n"
1501	"LDR R0, [R4,#0x38]\n"
1502	"MOV R1, R6\n"
1503	"BL sub_FF852A0C\n"
1504	"CMP R0, #0\n"
1505	"LDMEQFD SP!, {R4-R6,PC}\n"
1506	"MOV R0, R6\n"
1507	"BL sub_FF851B4C\n"
1508	"CMP R0, #0\n"
1509	"MOVNE R1, #1\n"
1510	"STRNE R1, [R5,#0x10]\n"
1511	"LDMFD SP!, {R4-R6,PC}\n"
1512	);
1513	}; //#fe
1514
1515	//OK
1516	void __attribute__((naked,noinline)) sub_FF852030_my() { //#fs ; Partition table parse takes place here. => SDHC-boot
1517	asm volatile (
1518
1519	"STMFD SP!, {R4-R8,LR} \n"
1520	"MOV R8, R0\n"
1521	"MOV R0, #0x17\n"
1522	"MUL R1, R0, R1\n"
1523	"LDR R0, =0x168D0\n"
1524	"MOV R6, #0\n"
1525	"ADD R7, R0, R1,LSL#2\n"
1526	"LDR R0, [R7,#0x3C]\n"
1527	"MOV R5, #0\n"
1528	"CMP R0, #6\n"
1529	"ADDLS PC, PC, R0,LSL#2\n"
1530	"B loc_FF85217C\n"
1531	"loc_FF852060:\n"
1532	"B loc_FF852094\n"
1533	"loc_FF852064:\n"
1534	"B loc_FF85207C\n"
1535	"loc_FF852068:\n"
1536	"B loc_FF85207C\n"
1537	"loc_FF85206C:\n"
1538	"B loc_FF85207C\n"
1539	"loc_FF852070:\n"
1540	"B loc_FF85207C\n"
1541	"loc_FF852074:\n"
1542	"B loc_FF852174\n"
1543	"loc_FF852078:\n"
1544	"B loc_FF85207C\n"
1545	"loc_FF85207C:\n"
1546	"MOV R2, #0\n"
1547	"MOV R1, #0x200\n"
1548	"MOV R0, #3\n"
1549	"BL sub_FF86C4D0\n"
1550	"MOVS R4, R0\n"
1551	"BNE loc_FF85209C\n"
1552	"loc_FF852094:\n"
1553	"MOV R0, #0\n"
1554	"LDMFD SP!, {R4-R8,PC}\n"
1555	"loc_FF85209C:\n"
1556	"LDR R12, [R7,#0x4C]\n"
1557	"MOV R3, R4\n"
1558	"MOV R2, #1\n"
1559	"MOV R1, #0\n"
1560	"MOV R0, R8\n"
1561
1562	//"BLX R12\n" // !! Workaround !! attenzione
1563	//".long 0xE12FFF3C\n"
1564	"MOV LR, PC\n" // gcc won't compile "BLX R12" nor "BL R12".
1565	"MOV PC, R12\n" // workaround: make your own "BL" and hope we don't need the change to thumb-mode
1566
1567	"CMP R0, #1\n"
1568	"BNE loc_FF8520C8\n"
1569	"MOV R0, #3\n"
1570	"BL sub_FF86C610\n"
1571	"B loc_FF852094\n"
1572	"loc_FF8520C8:\n"
1573	"MOV R0, R8\n"
1574	"BL sub_FF929040\n" // Add FAT32 autodetect-code after this line\n"
1575
1576	// Start of DataGhost's FAT32 autodetection code
1577	// Policy: If there is a partition which has type W95 FAT32, use the first one of those for image storage
1578	// According to the code below, we can use R1, R2, R3 and R12.
1579	// LR wasn't really used anywhere but for storing a part of the partition signature. This is the only thing
1580	// that won't work with an offset, but since we can load from LR+offset into LR, we can use this to do that :)
1581	"MOV R12, R4\n" // Copy the MBR start address so we have something to work with
1582	"MOV LR, R4\n" // Save old offset for MBR signature
1583	"MOV R1, #1\n" // Note the current partition number
1584	"B dg_sd_fat32_enter\n" // We actually need to check the first partition as well, no increments yet!
1585	"dg_sd_fat32:\n"
1586	"CMP R1, #4\n" // Did we already see the 4th partition?
1587	"BEQ dg_sd_fat32_end\n" // Yes, break. We didn't find anything, so don't change anything.
1588	"ADD R12, R12, #0x10\n" // Second partition
1589	"ADD R1, R1, #1\n" // Second partition for the loop
1590	"dg_sd_fat32_enter:\n"
1591	"LDRB R2, [R12, #0x1BE]\n" // Partition status
1592	"LDRB R3, [R12, #0x1C2]\n" // Partition type (FAT32 = 0xB)
1593	"CMP R3, #0xB\n" // Is this a FAT32 partition?
1594	"CMPNE R3, #0xC\n" // Not 0xB, is it 0xC (FAT32 LBA) then?
1595	"BNE dg_sd_fat32\n" // No, it isn't.
1596	"CMP R2, #0x00\n" // It is, check the validity of the partition type
1597	"CMPNE R2, #0x80\n"
1598	"BNE dg_sd_fat32\n" // Invalid, go to next partition
1599	// This partition is valid, it's the first one, bingo!
1600	"MOV R4, R12\n" // Move the new MBR offset for the partition detection.
1601
1602	"dg_sd_fat32_end:\n"
1603	// End of DataGhost's FAT32 autodetection code
1604	"LDRB R1, [R4,#0x1C9]\n" // Continue with firmware
1605	"LDRB R3, [R4,#0x1C8]\n"
1606	"LDRB R12, [R4,#0x1CC]\n"
1607	"MOV R1, R1,LSL#24\n"
1608	"ORR R1, R1, R3,LSL#16\n"
1609	"LDRB R3, [R4,#0x1C7]\n"
1610	"LDRB R2, [R4,#0x1BE]\n"
1611	//"LDRB LR, [R4,#0x1FF]\n" // replaced, see below
1612	"ORR R1, R1, R3,LSL#8\n"
1613	"LDRB R3, [R4,#0x1C6]\n"
1614	"CMP R2, #0\n"
1615	"CMPNE R2, #0x80\n"
1616	"ORR R1, R1, R3\n"
1617	"LDRB R3, [R4,#0x1CD]\n"
1618	"MOV R3, R3,LSL#24\n"
1619	"ORR R3, R3, R12,LSL#16\n"
1620	"LDRB R12, [R4,#0x1CB]\n"
1621	"ORR R3, R3, R12,LSL#8\n"
1622	"LDRB R12, [R4,#0x1CA]\n"
1623	"ORR R3, R3, R12\n"
1624	//"LDRB R12, [R4,#0x1FE]\n" // replaced, see below
1625
1626	"LDRB R12, [LR,#0x1FE]\n" // New! First MBR signature byte (0x55)
1627	"LDRB LR, [LR,#0x1FF]\n" // Last MBR signature byte (0xAA)
1628
1629	"MOV R4, #0\n"
1630	"BNE loc_FF852150\n"
1631	"CMP R0, R1\n"
1632	"BCC loc_FF852150\n"
1633	"ADD R2, R1, R3\n"
1634	"CMP R2, R0\n"
1635	"CMPLS R12, #0x55\n"
1636	"CMPEQ LR, #0xAA\n"
1637	"MOVEQ R6, R1\n"
1638	"MOVEQ R5, R3\n"
1639	"MOVEQ R4, #1\n"
1640	"loc_FF852150:\n"
1641	"MOV R0, #3\n"
1642	"BL sub_FF86C610\n"
1643	"CMP R4, #0\n"
1644	"BNE loc_FF852188\n"
1645	"MOV R6, #0\n"
1646	"MOV R0, R8\n"
1647	"BL sub_FF929040\n"
1648	"MOV R5, R0\n"
1649	"B loc_FF852188\n"
1650	"loc_FF852174:\n"
1651	"MOV R5, #0x40\n"
1652	"B loc_FF852188\n"
1653	"loc_FF85217C:\n"
1654	"LDR R1, =0x365\n"
1655	"LDR R0, =0XFF852024\n" //aMounter_c ; "Mounter.c"
1656	"BL sub_FF81BFC8\n" //DebugAssert
1657	"loc_FF852188:\n"
1658	"STR R6, [R7,#0x44]!\n"
1659	"MOV R0, #1\n"
1660	"STR R5, [R7,#4]\n"
1661	"LDMFD SP!, {R4-R8,PC}\n"
1662	);
1663	}; //#fe
1664
1665
1666	//*********************************************
1667
1668	// I could not manually find this function in the S5IS firmware, possibly signatures
1669	// might find it. Until that moment, I hooked it here (copied from another camera)
1670	unsigned long __attribute__((naked,noinline)) _time(unsigned long *timer) {
1671	asm volatile (
1672	"STMFD SP!, {R3-R5,LR}\n"
1673	"MOV R4, R0\n"
1674	"MVN R0, #0\n"
1675	"STR R0, [SP,#0x10-0x10]\n"
1676	"MOV R0, SP\n"
1677	"BL sub_FF86BAEC\n" // _GetTimeOfSystem\n"
1678	"CMP R0, #0\n"
1679	"BNE loc_FFC55EC8\n"
1680	"CMP R4, #0\n"
1681	"LDRNE R0, [SP,#0x10-0x10]\n"
1682	"STRNE R0, [R4]\n"
1683
1684	"loc_FFC55EC8:\n"
1685	"LDR R0, [SP,#0x10-0x10]\n"
1686	"LDMFD SP!, {R3-R5,PC}\n"
1687	);
1688	}
1689
1690
1691
1692
1693
1694	void CreateTask_blinker() {
1695	_CreateTask("Blinker", 0x1, 0x200, task_blinker, 0);
1696	};
1697
1698
1699	void __attribute__((naked,noinline)) task_blinker() {
1700	int ledstate;
1701
1702	int counter = 0;
1703
1704	long led = (void) 0xC022006C; // AF led
1705
1706	long *anypointer; // multi-purpose pointer to poke around in memory
1707	long v1, v2, v3, v4; // multi-purpose vars
1708
1709	ledstate = 0; // init: led off
1710	*led = 0x46; // led on
1711
1712	while (1) {
1713	counter++;
1714
1715	if (ledstate == 1) { // toggle LED
1716	ledstate = 0;
1717	*led = 0x44; // LED off
1718	//core_test(1);
1719	} else {
1720	ledstate = 1;
1721	*led = 0x46; // LED on
1722	//core_test(0);
1723	}
1724
1725	if (counter == 2) {
1726	//dump_chdk();
1727	// gui_init();
1728	//_ExecuteEventProcedure("UIFS_WriteFirmInfoToFile");
1729	//_UIFS_WriteFirmInfoToFile(0);
1730	}
1731
1732	if (counter == 10) {
1733	// draw_txt_string(2, 2, "test");
1734	}
1735
1736	msleep(500);
1737	}
1738	};
1739
1740
1741	//extern long _Fopen_Fut(const char filename, const char mode);
1742	//extern void _Fclose_Fut(long file);
1743	//extern long _Fwrite_Fut(const void *buf, long elsize, long count, long f);
1744	//extern long Fread_Fut(void *buf, long elsize, long count, long f);
1745	//extern long Fseek_Fut(long file, long offset, long whence);
1746	//extern long _qDump(char* filename, long unused, long write_p2, long write_p3);
1747	void dump_chdk() { //#fs
1748	int fd;
1749	long dirnum;
1750
1751	volatile long led = (void) 0xC0220094; // yellow led
1752	volatile long led_blue = (void) 0xC022006c; // yellow led
1753
1754	*led = 0x46; //on
1755
1756	// _qDump("A/qdump", 0, (void*) 0x01900, 0xb0000);
1757	//_qDump("A/firmdump", 0, (void*) 0xFFC00000, 0x00400000);
1758	//_qDump("A/firmlower", 0, (void*) 0xff800000, 0x00400000); // identical to 0xfc000000
1759
1760	//started();
1761
1762	//dirnum = get_target_dir_num();
1763	//sprintf(fn, FN_RAWDIR, dirnum);
1764	//mkdir(fn);
1765
1766	//sprintf(fn, FN_RAWDIR "/" "DMP_%04d.JPG", dirnum, ++ramdump_num);
1767
1768	*led_blue = 0x46; //on
1769	*led_blue = 0x44; //off
1770	msleep(500);
1771	*led_blue = 0x46; //on
1772	fd = _Fopen_Fut("A/dump", "w");
1773	*led_blue = 0x44; //off
1774	if (fd >= 0) {
1775	*led_blue = 0x46; //on
1776	write(fd, (void*)0, 0x1900);
1777	*led_blue = 0x44; //off
1778	//write(fd, (void)0x1900, 321024*1024-0x1900);
1779	//_Fwrite_Fut((void*)0x9D000, 0x20000, 0x20000, fd);
1780	*led_blue = 0x46; //on
1781	_Fclose_Fut(fd);
1782	*led_blue = 0x44; //off
1783	}
1784	*led = 0x44; //off
1785	//finished();
1786	} //#fe
1787
1788
1789
1790	//*********************************************
1791

Note: See TracBrowser for help on using the repository browser.

Download in other formats: