Context Navigation

boot.c @ 1212

Revision 1212, 31.9 KB checked in by reyalp, 23 months ago (diff)
beta ixus200_sd980 101c support from waterwingz in http://chdk.setepontos.com/index.php?topic=650.msg69319#msg69319
Property svn:eol-style set to `native`

Line
1	#include "lolevel.h"
2	#include "platform.h"
3	#include "core.h"
4	#include "dryos31.h"
5
6	#define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER)
7
8	const char * const new_sa = &_end;
9
10	// Forward declarations
11	void CreateTask_PhySw();
12	void CreateTask_spytask();
13	extern volatile int jogdial_stopped;
14	void JogDial_task_my(void);
15
16	extern void task_CaptSeq();
17	extern void task_InitFileModules();
18	extern void task_RotaryEncoder();
19	extern void task_MovieRecord();
20	extern void task_ExpDrv();
21
22	void taskHook(context_t **context)
23	{
24	task_t tcb=(task_t)((char*)context-offsetof(task_t, context));
25
26	// Replace firmware task addresses with ours
27	if(tcb->entry == (void)task_CaptSeq) tcb->entry = (void)capt_seq_task;
28	if(tcb->entry == (void)task_InitFileModules) tcb->entry = (void)init_file_modules_task;
29	if(tcb->entry == (void)task_RotaryEncoder) tcb->entry = (void)JogDial_task_my;
30	if(tcb->entry == (void)task_MovieRecord) tcb->entry = (void)movie_record_task;
31	if(tcb->entry == (void)task_ExpDrv) tcb->entry = (void)exp_drv_task;
32	}
33
34	//** boot @ 0xFF81000C
35
36	void __attribute__((naked,noinline)) boot( ) {
37	asm volatile (
38
39	// LED Test
40	"LDR R1, =0xC0220134\n" // Orange LED
41	"MOV R0, #0x46\n"
42	"STR R0, [R1]\n"
43	"LDR R1, =0xC0223030\n" // AF LED
44	"MOV R0, #0x46\n"
45	"STR R0, [R1]\n"
46	"LDR R0, =0x40000 \n"
47	"loop1: \n"
48	"nop\n"
49	"SUBS R0,R0,#1 \n"
50	"BNE loop1 \n"
51	// End LED Test
52
53	" LDR R1, =0xC0410000 \n"
54	" MOV R0, #0 \n"
55	" STR R0, [R1] \n"
56	" MOV R1, #0x78 \n"
57	" MCR p15, 0, R1, c1, c0 \n"
58	" MOV R1, #0 \n"
59	" MCR p15, 0, R1, c7, c10, 4 \n"
60	" MCR p15, 0, R1, c7, c5 \n"
61	" MCR p15, 0, R1, c7, c6 \n"
62	" MOV R0, #0x3D \n"
63	" MCR p15, 0, R0, c6, c0 \n"
64	" MOV R0, #0xC000002F \n"
65	" MCR p15, 0, R0, c6, c1 \n"
66	" MOV R0, #0x33 \n"
67	" MCR p15, 0, R0, c6, c2 \n"
68	" MOV R0, #0x40000033 \n"
69	" MCR p15, 0, R0, c6, c3 \n"
70	" MOV R0, #0x80000017 \n"
71	" MCR p15, 0, R0, c6, c4 \n"
72	" LDR R0, =0xFF80002D \n"
73	" MCR p15, 0, R0, c6, c5 \n"
74	" MOV R0, #0x34 \n"
75	" MCR p15, 0, R0, c2, c0 \n"
76	" MOV R0, #0x34 \n"
77	" MCR p15, 0, R0, c2, c0, 1 \n"
78	" MOV R0, #0x34 \n"
79	" MCR p15, 0, R0, c3, c0 \n"
80	" LDR R0, =0x3333330 \n"
81	" MCR p15, 0, R0, c5, c0, 2 \n"
82	" LDR R0, =0x3333330 \n"
83	" MCR p15, 0, R0, c5, c0, 3 \n"
84	" MRC p15, 0, R0, c1, c0 \n"
85	" ORR R0, R0, #0x1000 \n"
86	" ORR R0, R0, #4 \n"
87	" ORR R0, R0, #1 \n"
88	" MCR p15, 0, R0, c1, c0 \n"
89	" MOV R1, #0x80000006 \n"
90	" MCR p15, 0, R1, c9, c1 \n"
91	" MOV R1, #6 \n"
92	" MCR p15, 0, R1, c9, c1, 1 \n"
93	" MRC p15, 0, R1, c1, c0 \n"
94	" ORR R1, R1, #0x50000 \n"
95	" MCR p15, 0, R1, c1, c0 \n"
96	" LDR R2, =0xC0200000 \n"
97	" MOV R1, #1 \n"
98	" STR R1, [R2, #0x10C] \n"
99	" MOV R1, #0xFF \n"
100	" STR R1, [R2, #0xC] \n"
101	" STR R1, [R2, #0x1C] \n"
102	" STR R1, [R2, #0x2C] \n"
103	" STR R1, [R2, #0x3C] \n"
104	" STR R1, [R2, #0x4C] \n"
105	" STR R1, [R2, #0x5C] \n"
106	" STR R1, [R2, #0x6C] \n"
107	" STR R1, [R2, #0x7C] \n"
108	" STR R1, [R2, #0x8C] \n"
109	" STR R1, [R2, #0x9C] \n"
110	" STR R1, [R2, #0xAC] \n"
111	" STR R1, [R2, #0xBC] \n"
112	" STR R1, [R2, #0xCC] \n"
113	" STR R1, [R2, #0xDC] \n"
114	" STR R1, [R2, #0xEC] \n"
115	" STR R1, [R2, #0xFC] \n"
116	" LDR R1, =0xC0400008 \n"
117	" LDR R2, =0x430005 \n"
118	" STR R2, [R1] \n"
119	" MOV R1, #1 \n"
120	" LDR R2, =0xC0243100 \n"
121	" STR R2, [R1] \n"
122	" LDR R2, =0xC0242010 \n"
123	" LDR R1, [R2] \n"
124	" ORR R1, R1, #1 \n"
125	" STR R1, [R2] \n"
126	" LDR R0, =0xFFC0282C \n"
127	" LDR R1, =0x1900 \n"
128	" LDR R3, =0x208F0 \n"
129	"loc_FF81013C:\n"
130	" CMP R1, R3 \n"
131	" LDRCC R2, [R0], #4 \n"
132	" STRCC R2, [R1], #4 \n"
133	" BCC loc_FF81013C \n"
134	" LDR R1, =0x153E84 \n"
135	" MOV R2, #0 \n"
136	"loc_FF810154:\n"
137	" CMP R3, R1 \n"
138	" STRCC R2, [R3], #4 \n"
139	" BCC loc_FF810154 \n"
140	" B sub_FF810354_my \n" //---------->
141	);
142	};
143
144	//** sub_FF810354_my @ 0xFF810354
145
146	void __attribute__((naked,noinline)) sub_FF810354_my( ) {
147	(int)0x1938=(int)taskHook;
148	(int)0x193C=(int)taskHook;
149
150	// "correct power on" is to start in record mode if the power button is held down, on cameras that can start with play or power button. Otherwise CHDK always starts in play mode.
151	// remove another line farther down too - see comments
152	//(int)(0x25BC+4)= ((int)0xC0220134)&1 ? 0x2000000 : 0x1000000; // replacement of sub_FF8218C8 for correct power-on.
153
154	asm volatile (
155	" LDR R0, =0xFF8103CC \n"
156	" MOV R1, #0 \n"
157	" LDR R3, =0xFF810404 \n"
158	"loc_FF810360:\n"
159	" CMP R0, R3 \n"
160	" LDRCC R2, [R0], #4 \n"
161	" STRCC R2, [R1], #4 \n"
162	" BCC loc_FF810360 \n"
163	" LDR R0, =0xFF810404 \n"
164	" MOV R1, #0x4B0 \n"
165	" LDR R3, =0xFF810618 \n"
166	"loc_FF81037C:\n"
167	" CMP R0, R3 \n"
168	" LDRCC R2, [R0], #4 \n"
169	" STRCC R2, [R1], #4 \n"
170	" BCC loc_FF81037C \n"
171	" MOV R0, #0xD2 \n"
172	" MSR CPSR_cxsf, R0 \n"
173	" MOV SP, #0x1000 \n"
174	" MOV R0, #0xD3 \n"
175	" MSR CPSR_cxsf, R0 \n"
176	" MOV SP, #0x1000 \n"
177	" LDR R0, =0x6C4 \n"
178	" LDR R2, =0xEEEEEEEE \n"
179	" MOV R3, #0x1000 \n"
180	"loc_FF8103B0:\n"
181	" CMP R0, R3 \n"
182	" STRCC R2, [R0], #4 \n"
183	" BCC loc_FF8103B0 \n"
184	" BL sub_FF811178_my \n" //------------>
185	);
186	}
187
188	//** sub_FF811178_my @ 0xFF811178
189
190	void __attribute__((naked,noinline)) sub_FF811178_my( ) {
191	asm volatile (
192	" STR LR, [SP, #-4]! \n"
193	" SUB SP, SP, #0x74 \n"
194	" MOV R0, SP \n"
195	" MOV R1, #0x74 \n"
196	" BL sub_FFB3A5E8 \n"
197	" MOV R0, #0x53000 \n"
198	" STR R0, [SP, #4] \n"
199	//" LDR R0, =0x153E84 \n"
200	" LDR R0, =new_sa\n" // +
201	" LDR R0, [R0]\n" // +
202	" LDR R2, =0x339C00 \n"
203	" LDR R1, =0x3324A8 \n"
204	" STR R0, [SP, #8] \n"
205	" SUB R0, R1, R0 \n"
206	" ADD R3, SP, #0xC \n"
207	" STR R2, [SP] \n"
208	" STMIA R3, {R0-R2} \n"
209	" MOV R0, #0x22 \n"
210	" STR R0, [SP, #0x18] \n"
211	" MOV R0, #0x68 \n"
212	" STR R0, [SP, #0x1C] \n"
213	" LDR R0, =0x19B \n"
214	" LDR R1, =sub_FF815E34_my\n" //------------>
215	" B sub_FF8111CC\n" // Continue in firmware
216	);
217	}
218
219	//** sub_FF815E34_my @ 0xFF815E34
220
221	void __attribute__((naked,noinline)) sub_FF815E34_my( ) {
222	asm volatile (
223	" STMFD SP!, {R4,LR} \n"
224	" BL sub_FF810B08 \n"
225	" BL sub_FF81A148 \n"
226	" CMP R0, #0 \n"
227	" LDRLT R0, =0xFF815F48 \n"
228	" BLLT sub_FF815F28 \n"
229	" BL sub_FF815A70 \n"
230	" CMP R0, #0 \n"
231	" LDRLT R0, =0xFF815F50 \n"
232	" BLLT sub_FF815F28 \n"
233	" LDR R0, =0xFF815F60 \n"
234	" BL sub_FF815B58 \n"
235	" CMP R0, #0 \n"
236	" LDRLT R0, =0xFF815F68 \n"
237	" BLLT sub_FF815F28 \n"
238	" LDR R0, =0xFF815F60 \n"
239	" BL sub_FF813BE0 \n"
240	" CMP R0, #0 \n"
241	" LDRLT R0, =0xFF815F7C \n"
242	" BLLT sub_FF815F28 \n"
243	" BL sub_FF819B5C \n"
244	" CMP R0, #0 \n"
245	" LDRLT R0, =0xFF815F88 \n"
246	" BLLT sub_FF815F28 \n"
247	" BL sub_FF81165C \n"
248	" CMP R0, #0 \n"
249	" LDRLT R0, =0xFF815F94 \n"
250	" BLLT sub_FF815F28 \n"
251	" LDMFD SP!, {R4,LR} \n"
252	" B taskcreate_Startup_my\n"
253	);
254	};
255
256
257	//** taskcreate_Startup_my
258
259	void __attribute__((naked,noinline)) taskcreate_Startup_my() {
260	asm volatile (
261	" STMFD SP!, {R3-R5,LR} \n"
262	//" BL sub_FF833344 \n"
263	" BL sub_FF83A224 \n"
264	" CMP R0, #0 \n"
265	" BNE loc_FF81F8B0 \n"
266	" LDR R4, =0xC0220000 \n"
267	" LDR R0, [R4, #0x12C] \n"
268	" TST R0, #1 \n"
269	" MOVEQ R0, #0x12C \n"
270	" BLEQ sub_FF83865C \n"
271	" BL sub_FF833340 \n"
272	" CMP R0, #0 \n"
273	" BNE loc_FF81F8B0 \n"
274	" BL sub_FF8329DC \n"
275	" MOV R0, #0x44 \n"
276	" STR R0, [R4, #0x1C] \n"
277	" BL sub_FF832BC8 \n"
278	"loc_FF81F8AC:\n"
279	" B loc_FF81F8AC \n"
280	"loc_FF81F8B0:\n"
281	" BL sub_FF83334C \n" // remove for correct power-on on 'on/off' button (see note above).
282	//" BL sub_FF833348 \n"
283	" BL sub_FF8384D4 \n"
284	" LDR R1, =0x38E000 \n"
285	" MOV R0, #0 \n"
286	" BL sub_FF83891C \n"
287	" BL sub_FF8386C8 \n"
288	" MOV R3, #0 \n"
289	" STR R3, [SP] \n"
290	" LDR R3, =task_Startup_my\n" // ->
291	" B sub_FF81F8D8\n" // Continue in firmware
292	);
293	}
294
295	//** task_Startup_my @ 0xFF81F804
296
297	void __attribute__((naked,noinline)) task_Startup_my( ) {
298	asm volatile (
299	" STMFD SP!, {R4,LR} \n"
300	" BL sub_FF816490 \n"
301	" BL sub_FF834440 \n"
302	" BL sub_FF832670 \n"
303	//" BL sub_FF83A264 \n"
304	" BL sub_FF83A448 \n"
305	//" BL sub_FF83A2F8 \n" // start diskboot.bin
306	" BL sub_FF83A5F0 \n"
307	" BL sub_FF83136C \n"
308	" BL sub_FF83A478 \n"
309	" BL sub_FF837C78 \n"
310	" BL sub_FF83A5F4 \n"
311	" BL CreateTask_spytask\n" // +
312	//" BL sub_FF833230 \n" // original taskcreate_PhySw
313	" BL taskcreate_PhySw_my\n" // +
314	" B sub_FF81F838\n" // Continue in firmware
315	);
316	}
317
318
319	//** taskcreatePhySw_my @ 0xFF833230
320
321	void __attribute__((naked,noinline)) taskcreate_PhySw_my( ) {
322	asm volatile (
323	" STMFD SP!, {R3-R5,LR} \n"
324	" LDR R4, =0x1C38 \n"
325	" LDR R0, [R4, #0x10] \n"
326	" CMP R0, #0 \n"
327	" BNE sub_FF833264 \n" // jump to firmware address
328	" MOV R3, #0 \n"
329	" STR R3, [SP] \n"
330	" LDR R3, =mykbd_task\n" // Changed
331	//" MOV R2, #0x800 \n"
332	" MOV R2, #0x2000\n" // + stack size for new task_PhySw so we don't have to do stack switch
333	" B sub_FF833254 \n" // Continue code
334	);
335	}
336
337	/*----------------------------------------------------------------------
338	spytask
339	-----------------------------------------------------------------------*/
340	void spytask(long ua, long ub, long uc, long ud, long ue, long uf)
341	{
342	core_spytask();
343	}
344
345	/*----------------------------------------------------------------------
346	CreateTask_spytask
347	-----------------------------------------------------------------------*/
348	void CreateTask_spytask() {
349	_CreateTask("SpyTask", 0x19, 0x2000, spytask, 0);
350	}
351
352	///*----------------------------------------------------------------------
353
354	//** init_file_modules_task @ 0xFF894500
355
356	void __attribute__((naked,noinline)) init_file_modules_task( ) {
357	asm volatile (
358	" STMFD SP!, {R4-R6,LR} \n"
359	" BL sub_FF8893E8 \n"
360	" LDR R5, =0x5006 \n"
361	" MOVS R4, R0 \n"
362	" MOVNE R1, #0 \n"
363	" MOVNE R0, R5 \n"
364	" BLNE sub_FF88E804 \n"
365	" BL sub_FF889414_my \n" //---------->
366	" BL core_spytask_can_start\n" // CHDK: Set "it's-save-to-start"-Flag for spytask
367	" B sub_FF894520\n" // Continue in firmware
368	);
369	}
370
371	//** sub_FF889414_my @ 0xFF889414
372
373	void __attribute__((naked,noinline)) sub_FF889414_my( ) {
374	asm volatile (
375	" STMFD SP!, {R4,LR} \n"
376	" MOV R0, #3 \n"
377	" BL sub_FF86B730_my \n" //---------->
378	" B sub_FF889420 \n" // Continue in firmware
379	);
380	}
381
382
383	//** sub_FF86B730_my @ 0xFF86B730
384
385	void __attribute__((naked,noinline)) sub_FF86B730_my( ) {
386	asm volatile (
387	" STMFD SP!, {R4-R8,LR} \n"
388	" MOV R8, R0 \n"
389	" BL sub_FF86B6B0 \n"
390	" LDR R1, =0x49160 \n"
391	" MOV R6, R0 \n"
392	" ADD R4, R1, R0, LSL #7 \n"
393	" LDR R0, [R4, #0x6C] \n"
394	" CMP R0, #4 \n"
395	" LDREQ R1, =0x804 \n"
396	" LDREQ R0, =0xFF86B1FC \n"
397	" BLEQ sub_FF81E88C \n"
398	" MOV R1, R8 \n"
399	" MOV R0, R6 \n"
400	" BL sub_FF86AF50 \n"
401	" LDR R0, [R4, #0x38] \n"
402	" BL sub_FF86BD4C \n"
403	" CMP R0, #0 \n"
404	" STREQ R0, [R4, #0x6C] \n"
405	" MOV R0, R6 \n"
406	" BL sub_FF86AFE0 \n"
407	" MOV R0, R6 \n"
408	" BL sub_FF86B364_my\n" //---------->
409	" B sub_FF86B788\n" // Continue in firmware
410	);
411	}
412
413
414	//** sub_FF86B364_my @ 0xFF86B364
415
416	void __attribute__((naked,noinline)) sub_FF86B364_my( ) {
417	asm volatile (
418	" STMFD SP!, {R4-R6,LR} \n"
419	" MOV R5, R0 \n"
420	" LDR R0, =0x49160 \n"
421	" ADD R4, R0, R5, LSL #7 \n"
422	" LDR R0, [R4, #0x6C] \n"
423	" TST R0, #2 \n"
424	" MOVNE R0, #1 \n"
425	" LDMNEFD SP!, {R4-R6,PC} \n"
426	" LDR R0, [R4, #0x38] \n"
427	" MOV R1, R5 \n"
428	" BL sub_FF86B060_my\n" //---------->
429	" B sub_FF86B390\n" // Continue in firmware
430	);
431	}
432
433
434	//** sub_FF86B060_my @ 0xFF86B060
435
436	void __attribute__((naked,noinline)) sub_FF86B060_my( ) {
437	asm volatile (
438	" STMFD SP!, {R4-R10,LR} \n"
439	" MOV R9, R0 \n"
440	" LDR R0, =0x49160 \n"
441	" MOV R8, #0 \n"
442	" ADD R5, R0, R1, LSL #7 \n"
443	" LDR R0, [R5, #0x3C] \n"
444	" MOV R7, #0 \n"
445	" CMP R0, #7 \n"
446	" MOV R6, #0 \n"
447	" ADDLS PC, PC, R0, LSL #2 \n"
448	" B loc_FF86B1B8 \n"
449	" B loc_FF86B0C4 \n"
450	" B loc_FF86B0AC \n"
451	" B loc_FF86B0AC \n"
452	" B loc_FF86B0AC \n"
453	" B loc_FF86B0AC \n"
454	" B loc_FF86B1B0 \n"
455	" B loc_FF86B0AC \n"
456	" B loc_FF86B0AC \n"
457	"loc_FF86B0AC:\n"
458	" MOV R2, #0 \n"
459	" MOV R1, #0x200 \n"
460	" MOV R0, #2 \n"
461	" BL sub_FF883468 \n"
462	" MOVS R4, R0 \n"
463	" BNE loc_FF86B0CC \n"
464	"loc_FF86B0C4:\n"
465	" MOV R0, #0 \n"
466	" LDMFD SP!, {R4-R10,PC} \n"
467	"loc_FF86B0CC:\n"
468	" LDR R12, [R5, #0x50] \n"
469	" MOV R3, R4 \n"
470	" MOV R2, #1 \n"
471	" MOV R1, #0 \n"
472	" MOV R0, R9 \n"
473	" BLX R12 \n"
474	" CMP R0, #1 \n"
475	" BNE loc_FF86B0F8 \n"
476	" MOV R0, #2 \n"
477	" BL sub_FF8835B4 \n"
478	" B loc_FF86B0C4 \n"
479	"loc_FF86B0F8:\n"
480	" LDR R1, [R5, #0x64] \n"
481	" MOV R0, R9 \n"
482	" BLX R1 \n"
483
484	"MOV R1, R4\n" // pointer to MBR in R1
485	"BL mbr_read_dryos\n" // total sectors count in R0 before and after call
486
487	// Start of DataGhost's FAT32 autodetection code
488	// Policy: If there is a partition which has type W95 FAT32, use the first one of those for image storage
489	// According to the code below, we can use R1, R2, R3 and R12.
490	// LR wasn't really used anywhere but for storing a part of the partition signature. This is the only thing
491	// that won't work with an offset, but since we can load from LR+offset into LR, we can use this to do that :)
492	"MOV R12, R4\n" // Copy the MBR start address so we have something to work with
493	"MOV LR, R4\n" // Save old offset for MBR signature
494	"MOV R1, #1\n" // Note the current partition number
495	"B dg_sd_fat32_enter\n" // We actually need to check the first partition as well, no increments yet!
496	"dg_sd_fat32:\n"
497	"CMP R1, #4\n" // Did we already see the 4th partition?
498	"BEQ dg_sd_fat32_end\n" // Yes, break. We didn't find anything, so don't change anything.
499	"ADD R12, R12, #0x10\n" // Second partition
500	"ADD R1, R1, #1\n" // Second partition for the loop
501	"dg_sd_fat32_enter:\n"
502	"LDRB R2, [R12, #0x1BE]\n" // Partition status
503	"LDRB R3, [R12, #0x1C2]\n" // Partition type (FAT32 = 0xB)
504	"CMP R3, #0xB\n" // Is this a FAT32 partition?
505	"CMPNE R3, #0xC\n" // Not 0xB, is it 0xC (FAT32 LBA) then?
506	"BNE dg_sd_fat32\n" // No, it isn't. Loop again.
507	"CMP R2, #0x00\n" // It is, check the validity of the partition type
508	"CMPNE R2, #0x80\n"
509	"BNE dg_sd_fat32\n" // Invalid, go to next partition
510	// This partition is valid, it's the first one, bingo!
511	"MOV R4, R12\n" // Move the new MBR offset for the partition detection.
512
513	"dg_sd_fat32_end:\n"
514	// End of DataGhost's FAT32 autodetection code
515
516	" LDRB R1, [R4, #0x1C9] \n"
517	" LDRB R3, [R4, #0x1C8] \n"
518	" LDRB R12, [R4, #0x1CC] \n"
519	" MOV R1, R1, LSL #0x18 \n"
520	" ORR R1, R1, R3, LSL #0x10 \n"
521	" LDRB R3, [R4, #0x1C7] \n"
522	" LDRB R2, [R4, #0x1BE] \n"
523	//" LDRB LR, [R4, #0x1FF] \n"
524	" ORR R1, R1, R3, LSL #8 \n"
525	" LDRB R3, [R4, #0x1C6] \n"
526	" CMP R2, #0 \n"
527	" CMPNE R2, #0x80 \n"
528	" ORR R1, R1, R3 \n"
529	" LDRB R3, [R4, #0x1CD] \n"
530	" MOV R3, R3, LSL #0x18 \n"
531	" ORR R3, R3, R12, LSL #0x10 \n"
532	" LDRB R12, [R4, #0x1CB] \n"
533	" ORR R3, R3, R12, LSL #8 \n"
534	" LDRB R12, [R4, #0x1CA] \n"
535	" ORR R3, R3, R12 \n"
536	//" LDRB R12, [R4, #0x1FE] \n" // -
537	" LDRB R12, [LR,#0x1FE]\n" // + First MBR signature byte (0x55), LR is original offset.
538	" LDRB LR, [LR,#0x1FF]\n" // + Last MBR signature byte (0xAA), LR is original offset.
539	" BNE loc_FF86B184 \n"
540	" CMP R0, R1 \n"
541	" BCC loc_FF86B184 \n"
542	" ADD R2, R1, R3 \n"
543	" CMP R2, R0 \n"
544	" CMPLS R12, #0x55 \n"
545	" CMPEQ LR, #0xAA \n"
546	" MOVEQ R7, R1 \n"
547	" MOVEQ R6, R3 \n"
548	" MOVEQ R4, #1 \n"
549	" BEQ loc_FF86B188 \n"
550	"loc_FF86B184:\n"
551	" MOV R4, R8 \n"
552	"loc_FF86B188:\n"
553	" MOV R0, #2 \n"
554	" BL sub_FF8835B4 \n"
555	" CMP R4, #0 \n"
556	" BNE loc_FF86B1C4 \n"
557	" LDR R1, [R5, #0x64] \n"
558	" MOV R7, #0 \n"
559	" MOV R0, R9 \n"
560	" BLX R1 \n"
561	" MOV R6, R0 \n"
562	" B loc_FF86B1C4 \n"
563	"loc_FF86B1B0:\n"
564	" MOV R6, #0x40 \n"
565	" B loc_FF86B1C4 \n"
566	"loc_FF86B1B8:\n"
567	" LDR R1, =0x568 \n"
568	" LDR R0, =0xFF86B1FC \n"
569	" BL sub_FF81E88C \n"
570	"loc_FF86B1C4:\n"
571	" STR R7, [R5, #0x44]! \n"
572	" STMIB R5, {R6,R8} \n"
573	" MOV R0, #1 \n"
574	" LDMFD SP!, {R4-R10,PC} \n"
575	);
576	}
577
578
579	//** JogDial_task_my @ 0xFF85AFB0
580
581	void __attribute__((naked,noinline)) JogDial_task_my( ) {
582	asm volatile (
583	" STMFD SP!, {R4-R11,LR} \n"
584	" SUB SP, SP, #0x2C \n"
585	" BL sub_FF85B358 \n"
586	" LDR R1, =0x23E4 \n"
587	" LDR R8, =0xFFB40574 \n"
588	" MOV R0, #0 \n"
589	" ADD R2, SP, #0x14 \n"
590	" ADD R3, SP, #0x18 \n"
591	" ADD R10, SP, #0xC \n"
592	" ADD R9, SP, #0x10 \n"
593	" MOV R7, #0 \n"
594	"loc_FF85AFDC:\n"
595	" ADD R3, SP, #0x18 \n"
596	" ADD R12, R3, R0, LSL #1 \n"
597	" ADD R2, SP, #0x14 \n"
598	" STRH R7, [R12] \n"
599	" ADD R12, R2, R0, LSL #1 \n"
600	" STRH R7, [R12] \n"
601	" STR R7, [R9, R0, LSL #2] \n"
602	" STR R7, [R10, R0, LSL #2] \n"
603	" ADD R0, R0, #1 \n"
604	" CMP R0, #1 \n"
605	" BLT loc_FF85AFDC \n"
606	"loc_FF85B008:\n"
607	" LDR R0, =0x23E4 \n"
608	" MOV R2, #0 \n"
609	" LDR R0, [R0, #8] \n"
610	" ADD R1, SP, #4 \n"
611	" BL sub_FF837F08 \n"
612	" TST R0, #1 \n"
613	" LDRNE R1, =0x226 \n"
614	" LDRNE R0, =0xFF85B28C \n"
615	" BLNE sub_FF81E88C \n"
616	" LDR R0, [SP, #4] \n"
617	" AND R4, R0, #0xFF \n"
618	" AND R0, R0, #0xFF00 \n"
619	" CMP R0, #0x100 \n"
620	" BEQ loc_FF85B08C \n"
621	" CMP R0, #0x200 \n"
622	" BEQ loc_FF85B0C4 \n"
623	" CMP R0, #0x300 \n"
624	" BEQ loc_FF85B2D8 \n"
625	" CMP R0, #0x400 \n"
626	" BNE loc_FF85B008 \n"
627	" CMP R4, #0 \n"
628	" LDRNE R1, =0x2CA \n"
629	" LDRNE R0, =0xFF85B28C \n"
630	" BLNE sub_FF81E88C \n"
631	" LDR R2, =0xFFB40560 \n"
632	" ADD R0, R4, R4, LSL #2 \n"
633	" LDR R1, [R2, R0, LSL #2] \n"
634	" STR R7, [R1] \n"
635	" MOV R1, #1 \n"
636	" ADD R0, R2, R0, LSL #2 \n"
637	"loc_FF85B080:\n"
638	" LDR R0, [R0, #8] \n"
639	" STR R1, [R0] \n"
640	" B loc_FF85B008 \n"
641	"loc_FF85B08C:\n"
642	//------------------ added code ---------------------
643	"labelA:\n"
644	"LDR R0, =jogdial_stopped\n"
645	"LDR R0, [R0]\n"
646	"CMP R0, #1\n"
647	"BNE labelB\n"
648	"MOV R0, #40\n"
649	"BL sub_FF83865C\n"//sleep
650	"B labelA\n"
651	"labelB:\n"
652	//------------------ original code ------------------
653	" LDR R5, =0x23F4 \n"
654	" LDR R0, [R5, R4, LSL #2] \n"
655	" BL sub_FF838EA0 \n"
656	" LDR R2, =0xFF85AF3C \n"
657	" ADD R1, R2, #0 \n"
658	" ORR R3, R4, #0x200 \n"
659	" MOV R0, #0x28 \n"
660	" BL sub_FF838DBC \n"
661	" TST R0, #1 \n"
662	" CMPNE R0, #0x15 \n"
663	" STR R0, [R10, R4, LSL #2] \n"
664	" BEQ loc_FF85B008 \n"
665	" LDR R1, =0x23B \n"
666	" B loc_FF85B27C \n"
667	"loc_FF85B0C4:\n"
668	" LDR R1, =0xFFB40560 \n"
669	" ADD R0, R4, R4, LSL #2 \n"
670	" STR R0, [SP, #0x28] \n"
671	" ADD R0, R1, R0, LSL #2 \n"
672	" STR R0, [SP, #0x24] \n"
673	" LDR R0, [R0, #4] \n"
674	" LDR R0, [R0] \n"
675	" MOV R2, R0, ASR #0x10 \n"
676	" ADD R0, SP, #0x18 \n"
677	" ADD R0, R0, R4, LSL #1 \n"
678	" STR R0, [SP, #0x20] \n"
679	" STRH R2, [R0] \n"
680	" ADD R0, SP, #0x14 \n"
681	" ADD R0, R0, R4, LSL #1 \n"
682	" STR R0, [SP, #0x1C] \n"
683	" LDRSH R3, [R0] \n"
684	" SUB R0, R2, R3 \n"
685	" CMP R0, #0 \n"
686	" BEQ loc_FF85B234 \n"
687	" MOV R1, R0 \n"
688	" RSBLT R0, R0, #0 \n"
689	" MOVLE R5, #0 \n"
690	" MOVGT R5, #1 \n"
691	" CMP R0, #0xFF \n"
692	" BLS loc_FF85B150 \n"
693	" CMP R1, #0 \n"
694	" RSBLE R0, R3, #0xFF \n"
695	" ADDLE R0, R0, #0x7F00 \n"
696	" ADDLE R0, R0, R2 \n"
697	" RSBGT R0, R2, #0xFF \n"
698	" ADDGT R0, R0, #0x7F00 \n"
699	" ADDGT R0, R0, R3 \n"
700	" ADD R0, R0, #0x8000 \n"
701	" ADD R0, R0, #1 \n"
702	" EOR R5, R5, #1 \n"
703	"loc_FF85B150:\n"
704	" STR R0, [SP, #8] \n"
705	" LDR R0, [R9, R4, LSL #2] \n"
706	" CMP R0, #0 \n"
707	" BEQ loc_FF85B1A0 \n"
708	" LDR R1, =0xFFB40558 \n"
709	" ADD R1, R1, R4, LSL #3 \n"
710	" LDR R1, [R1, R5, LSL #2] \n"
711	" CMP R1, R0 \n"
712	" BEQ loc_FF85B1BC \n"
713	" ADD R11, R4, R4, LSL #1 \n"
714	" ADD R6, R8, R11, LSL #2 \n"
715	" LDRB R0, [R6, #9] \n"
716	" CMP R0, #1 \n"
717	" LDREQ R0, [R6, #4] \n"
718	" BLEQ sub_FF890684 \n"
719	" LDRB R0, [R6, #8] \n"
720	" CMP R0, #1 \n"
721	" BNE loc_FF85B1BC \n"
722	" LDR R0, [R8, R11, LSL #2] \n"
723	" B loc_FF85B1B8 \n"
724	"loc_FF85B1A0:\n"
725	" ADD R0, R4, R4, LSL #1 \n"
726	" ADD R1, R8, R0, LSL #2 \n"
727	" LDRB R1, [R1, #8] \n"
728	" CMP R1, #1 \n"
729	" BNE loc_FF85B1BC \n"
730	" LDR R0, [R8, R0, LSL #2] \n"
731	"loc_FF85B1B8:\n"
732	" BL sub_FF890684 \n"
733	"loc_FF85B1BC:\n"
734	" LDR R0, =0xFFB40558 \n"
735	" LDR R1, [SP, #8] \n"
736	" ADD R6, R0, R4, LSL #3 \n"
737	" LDR R0, [R6, R5, LSL #2] \n"
738	" BL sub_FF890590 \n"
739	" LDR R0, [R6, R5, LSL #2] \n"
740	" STR R0, [R9, R4, LSL #2] \n"
741	" LDR R0, [SP, #0x20] \n"
742	" LDR R1, [SP, #0x1C] \n"
743	" LDRH R0, [R0] \n"
744	" STRH R0, [R1] \n"
745	" ADD R0, R4, R4, LSL #1 \n"
746	" ADD R0, R8, R0, LSL #2 \n"
747	" LDRB R0, [R0, #9] \n"
748	" CMP R0, #1 \n"
749	" BNE loc_FF85B234 \n"
750	" LDR R5, =0x23F4 \n"
751	" LDR R0, [R5, R4, LSL #2] \n"
752	" BL sub_FF838EA0 \n"
753	" LDR R2, =0xFF85AF48 \n"
754	" ADD R1, R2, #0 \n"
755	" ORR R3, R4, #0x300 \n"
756	" MOV R0, #0x1F4 \n"
757	" BL sub_FF838DBC \n"
758	" TST R0, #1 \n"
759	" CMPNE R0, #0x15 \n"
760	" STR R0, [R5, R4, LSL #2] \n"
761	" LDRNE R0, =0xFF85B28C \n"
762	" MOVNE R1, #0x2A4 \n"
763	" BLNE sub_FF81E88C \n"
764	"loc_FF85B234:\n"
765	" ADD R0, R4, R4, LSL #1 \n"
766	" ADD R0, R8, R0, LSL #2 \n"
767	" LDRB R0, [R0, #0xA] \n"
768	" CMP R0, #1 \n"
769	" BNE loc_FF85B2BC \n"
770	" LDR R0, =0x23E4 \n"
771	" LDR R0, [R0, #0xC] \n"
772	" CMP R0, #0 \n"
773	" BEQ loc_FF85B2BC \n"
774	" LDR R2, =0xFF85AF3C \n"
775	" ADD R1, R2, #0 \n"
776	" ORR R3, R4, #0x400 \n"
777	" BL sub_FF838DBC \n"
778	" TST R0, #1 \n"
779	" CMPNE R0, #0x15 \n"
780	" STR R0, [R10, R4, LSL #2] \n"
781	" BEQ loc_FF85B008 \n"
782	" LDR R1, =0x2AF \n"
783	"loc_FF85B27C:\n"
784	" LDR R0, =0xFF85B28C \n"
785	" BL sub_FF81E88C \n"
786	" B loc_FF85B008 \n"
787	"loc_FF85B2BC:\n"
788	" LDR R1, =0xFFB40560 \n"
789	" LDR R0, [SP, #0x28] \n"
790	" LDR R0, [R1, R0, LSL #2] \n"
791	" STR R7, [R0] \n"
792	" LDR R0, [SP, #0x24] \n"
793	" MOV R1, #1 \n"
794	" B loc_FF85B080 \n"
795	"loc_FF85B2D8:\n"
796	" LDR R0, [R9, R4, LSL #2] \n"
797	" CMP R0, #0 \n"
798	" MOVEQ R1, #0x2BC \n"
799	" LDREQ R0, =0xFF85B28C \n"
800	" BLEQ sub_FF81E88C \n"
801	" ADD R0, R4, R4, LSL #1 \n"
802	" ADD R0, R8, R0, LSL #2 \n"
803	" LDR R0, [R0, #4] \n"
804	" BL sub_FF890684 \n"
805	" STR R7, [R9, R4, LSL #2] \n"
806	" B loc_FF85B008 \n"
807	);
808	}

Note: See TracBrowser for help on using the repository browser.

chdk

Context Navigation

source: trunk/platform/ixus200_sd980/sub/101c/boot.c @ 1212

Download in other formats: