freecalypso-reveng: compal/boot/c118-dfboot.disasm comparison

comparison compal/boot/c118-dfboot.disasm @ 403:50c0fac9a4a8

compal/boot/c118-dfboot.disasm: new analysis

author	Mychaela Falconia <falcon@freecalypso.org>
date	Sun, 15 Jan 2023 00:54:33 +0000
parents
children

comparison

equal deleted inserted replaced

-:1b83d07576bf
+:50c0fac9a4a8
+; In 2023-01 Mother Mychaela received a rare C118 phone with North American
+; frequency bands; this phone features a 2 MiB flash chip, but the flash-
+; resident bootloader version is one which we haven't seen before.  The present
+; work is a disassembly analysis of this new-to-us Compal bootloader version
+; from fw version 2.2.84.N.
+;
+; Analysis result: this bootloader version is fatally hobbled: it NEVER offers
+; a serial download opportunity at all (the code is still there, but can never
+; be called), only the ftmtool flag mechanism.
+RESET entry and exception vectors:
+0:	ea000225	b	0x89c
+4:	ea000825	b	0x20a0
+8:	ea000825	b	0x20a4
+c:	ea000825	b	0x20a8
+10:	ea000825	b	0x20ac
+14:	ea000825	b	0x20b0
+18:	ea000825	b	0x20b4
+1c:	ea000825	b	0x20b8
+; magic words?
+20:	47033dc9
+24:	47033dca
+28:	47033df9
+2c:	47033dfa
+<30-7FF: all FFs>
+00000800:  42 4F 4F 54 2E 39 30 2E  30 34 00 00 00 00 00 00  BOOT.90.04......
+00000810:  31 30 30 33 01 03 00 00  FF FF FF FF FF FF FF FF  1003............
+00000820:  FF FF FF FF FF FF FF FF  FF FF FF FF FF FF FF FF  ................
+; serial.obj .const section, matches familiar versions
+830:	00000006
+834:	00000000
+838:	00000000
+83c:	00000048
+840:	00000044
+844:	00000052
+848:	0000001b
+84c:	00000005
+850:	00000000
+854:	00000000
+858:	00000000
+85c:	00000000
+860:	000000fa
+864:	ffff5800
+868:	ffff5000
+; bootloader.obj .text section, matches familiar versions
+86c:	fffffb00
+870:	02a102a1
+874:	028302a1
+878:	00c00281
+87c:	002a0040
+880:	00000040
+884:	fffffd00
+888:	ffff9800
+88c:	fffffb10
+890:	ffffff08
+894:	20061081
+898:	00000800
+_INT_Bootloader_Start:
+89c:	e51f1020	ldr	r1, =0xfffffd00	; via 0x884
+8a0:	e1d120b2	ldrh	r2, [r1, #2]
+8a4:	e51f002c	ldr	r0, =0x40	; via 0x880
+8a8:	e1800002	orr	r0, r0, r2
+8ac:	e1c100b2	strh	r0, [r1, #2]
+8b0:	e51f1030	ldr	r1, =0xffff9800	; via 0x888
+8b4:	e15f22b6	ldrh	r2, =0x2006	; via 0x896
+8b8:	e1c120b0	strh	r2, [r1]
+8bc:	e5912000	ldr	r2, [r1]
+8c0:	e2022001	and	r2, r2, #1
+8c4:	e3520001	cmp	r2, #1
+8c8:	0afffffb	beq	0x8bc
+8cc:	e51f1050	ldr	r1, =0xfffffd00	; via 0x884
+8d0:	e15f24b4	ldrh	r2, =0x1081	; via 0x894
+8d4:	e1c120b0	strh	r2, [r1]
+8d8:	e51f1054	ldr	r1, =0xfffffb10	; via 0x88c
+8dc:	e15f24bc	ldrh	r2, =0x800	; via 0x898
+8e0:	e1d100b0	ldrh	r0, [r1]
+8e4:	e1800002	orr	r0, r0, r2
+8e8:	e1c100b0	strh	r0, [r1]
+8ec:	e51f1064	ldr	r1, =0xffffff08	; via 0x890
+8f0:	e15f25be	ldrh	r2, =0x0	; via 0x89a
+8f4:	e1c120b0	strh	r2, [r1]
+8f8:	e51f1094	ldr	r1, =0xfffffb00	; via 0x86c
+8fc:	e15f29b4	ldrh	r2, =0x2a1	; via 0x870
+900:	e1c120b0	strh	r2, [r1]
+904:	e15f29ba	ldrh	r2, =0x2a1	; via 0x872
+908:	e1c120b2	strh	r2, [r1, #2]
+90c:	e15f2ab0	ldrh	r2, =0x2a1	; via 0x874
+910:	e1c120b4	strh	r2, [r1, #4]
+914:	e15f2ab6	ldrh	r2, =0x283	; via 0x876
+918:	e1c120b6	strh	r2, [r1, #6]
+91c:	e15f2abc	ldrh	r2, =0x281	; via 0x878
+920:	e1c120ba	strh	r2, [r1, #10]	; 0xa
+924:	e15f2bb2	ldrh	r2, =0xc0	; via 0x87a
+928:	e1c120bc	strh	r2, [r1, #12]	; 0xc
+92c:	e15f2bb8	ldrh	r2, =0x40	; via 0x87c
+930:	e1c120b8	strh	r2, [r1, #8]
+934:	e15f2bbe	ldrh	r2, =0x2a	; via 0x87e
+938:	e1c120be	strh	r2, [r1, #14]	; 0xe
+93c:	e59f0020	ldr	r0, =0x83e68c	; via 0x964
+940:	e3a01b01	mov	r1, #1024	; 0x400
+944:	e2411004	sub	r1, r1, #4
+948:	e0802001	add	r2, r0, r1
+94c:	e3c22003	bic	r2, r2, #3
+950:	e1a0d002	mov	sp, r2
+954:	e92d100f	stmdb	sp!, {r0, r1, r2, r3, r12}
+958:	eb00050c	bl	0x1d90	; _sta_select_application
+95c:	e8bd100f	ldmia	sp!, {r0, r1, r2, r3, r12}
+960:	ea0005e4	b	0x20f8	; _INT_Initialize
+964:	0083e68c
+; start.obj .text section, matches familiar versions
+968:	4961		ldr	r1, =0xfffffa08	; via 0xaf0
+96a:	4862		ldr	r0, =0xffff	; via 0xaf4
+96c:	8008		strh	r0, [r1, #0]
+96e:	4862		ldr	r0, =0xfffffa0a	; via 0xaf8
+970:	211f		mov	r1, #31	; 0x1f
+972:	8001		strh	r1, [r0, #0]
+974:	4861		ldr	r0, =0xfffff804	; via 0xafc
+976:	21f5		mov	r1, #245	; 0xf5
+978:	8001		strh	r1, [r0, #0]
+97a:	21a0		mov	r1, #160	; 0xa0
+97c:	8001		strh	r1, [r0, #0]
+97e:	4860		ldr	r0, =0xffff9800	; via 0xb00
+980:	4960		ldr	r1, =0x2002	; via 0xb04
+982:	8001		strh	r1, [r0, #0]
+984:	485e		ldr	r0, =0xffff9800	; via 0xb00
+986:	8800		ldrh	r0, [r0, #0]
+988:	0840		lsr	r0, r0, #1
+98a:	d2fb		bcs	0x984
+98c:	495e		ldr	r1, =0xfffffd00	; via 0xb08
+98e:	485f		ldr	r0, =0x1001	; via 0xb0c
+990:	8008		strh	r0, [r1, #0]
+992:	46f7		mov	pc, lr
+994:	b500		push	{lr}
+996:	b0ff		sub	sp, #508	; 0x1fc
+998:	b0ca		sub	sp, #296	; 0x128
+99a:	2000		mov	r0, #0
+99c:	9001		str	r0, [sp, #4]
+99e:	9801		ldr	r0, [sp, #4]
+9a0:	2800		cmp	r0, #0
+9a2:	d14e		bne	0xa42
+9a4:	a846		add	r0, sp, #280	; 0x118
+9a6:	2100		mov	r1, #0
+9a8:	f001 f81e	bl	0x19e8
+9ac:	a9c8		add	r1, sp, #800	; 0x320
+9ae:	7008		strb	r0, [r1, #0]
+9b0:	a846		add	r0, sp, #280	; 0x118
+9b2:	a902		add	r1, sp, #8
+9b4:	f000 fadc	bl	0xf70
+9b8:	9000		str	r0, [sp, #0]
+9ba:	9800		ldr	r0, [sp, #0]
+9bc:	2800		cmp	r0, #0
+9be:	d01b		beq	0x9f8
+9c0:	a924		add	r1, sp, #144	; 0x90
+9c2:	4668		mov	r0, sp
+9c4:	7a00		ldrb	r0, [r0, #8]
+9c6:	7008		strb	r0, [r1, #0]
+9c8:	2191		mov	r1, #145	; 0x91
+9ca:	466a		mov	r2, sp
+9cc:	4668		mov	r0, sp
+9ce:	7800		ldrb	r0, [r0, #0]
+9d0:	5488		strb	r0, [r1, r2]
+9d2:	e01b		b	0xa0c
+9d4:	a802		add	r0, sp, #8
+9d6:	a924		add	r1, sp, #144	; 0x90
+9d8:	f000 fdb8	bl	0x154c
+9dc:	e016		b	0xa0c
+9de:	a802		add	r0, sp, #8
+9e0:	a924		add	r1, sp, #144	; 0x90
+9e2:	aac8		add	r2, sp, #800	; 0x320
+9e4:	7812		ldrb	r2, [r2, #0]
+9e6:	f000 fdc5	bl	0x1574
+9ea:	e00f		b	0xa0c
+9ec:	a802		add	r0, sp, #8
+9ee:	a924		add	r1, sp, #144	; 0x90
+9f0:	f000 fdf7	bl	0x15e2
+9f4:	90c7		str	r0, [sp, #796]	; 0x31c
+9f6:	e009		b	0xa0c
+9f8:	4668		mov	r0, sp
+9fa:	7a00		ldrb	r0, [r0, #8]
+9fc:	2800		cmp	r0, #0
+9fe:	d0e9		beq	0x9d4
+a00:	3809		sub	r0, #9
+a02:	2800		cmp	r0, #0
+a04:	d0eb		beq	0x9de
+a06:	3801		sub	r0, #1
+a08:	2800		cmp	r0, #0
+a0a:	d0ef		beq	0x9ec
+a0c:	a824		add	r0, sp, #144	; 0x90
+a0e:	a986		add	r1, sp, #536	; 0x218
+a10:	f000 fb91	bl	0x1136
+a14:	2800		cmp	r0, #0
+a16:	d111		bne	0xa3c
+a18:	a886		add	r0, sp, #536	; 0x218
+a1a:	a9c8		add	r1, sp, #800	; 0x320
+a1c:	7809		ldrb	r1, [r1, #0]
+a1e:	f000 ffb8	bl	0x1992
+a22:	2800		cmp	r0, #0
+a24:	d00a		beq	0xa3c
+a26:	4668		mov	r0, sp
+a28:	7a00		ldrb	r0, [r0, #8]
+a2a:	280a		cmp	r0, #10	; 0xa
+a2c:	d106		bne	0xa3c
+a2e:	a8c8		add	r0, sp, #800	; 0x320
+a30:	7800		ldrb	r0, [r0, #0]
+a32:	f001 f909	bl	0x1c48
+a36:	98c7		ldr	r0, [sp, #796]	; 0x31c
+a38:	f000 fa98	bl	0xf6c
+a3c:	9801		ldr	r0, [sp, #4]
+a3e:	2800		cmp	r0, #0
+a40:	d0b0		beq	0x9a4
+a42:	b07f		add	sp, #508	; 0x1fc
+a44:	b04a		add	sp, #296	; 0x128
+a46:	bd00		pop	{pc}
+a48:	b500		push	{lr}
+a4a:	b0ff		sub	sp, #508	; 0x1fc
+a4c:	b0c8		sub	sp, #288	; 0x120
+a4e:	2000		mov	r0, #0
+a50:	9000		str	r0, [sp, #0]
+a52:	a846		add	r0, sp, #280	; 0x118
+a54:	2101		mov	r1, #1
+a56:	f000 ffc7	bl	0x19e8
+a5a:	a9c6		add	r1, sp, #792	; 0x318
+a5c:	7008		strb	r0, [r1, #0]
+a5e:	a8c6		add	r0, sp, #792	; 0x318
+a60:	7800		ldrb	r0, [r0, #0]
+a62:	28ff		cmp	r0, #255	; 0xff
+a64:	d031		beq	0xaca
+a66:	a846		add	r0, sp, #280	; 0x118
+a68:	a902		add	r1, sp, #8
+a6a:	f000 fa81	bl	0xf70
+a6e:	9001		str	r0, [sp, #4]
+a70:	9801		ldr	r0, [sp, #4]
+a72:	2800		cmp	r0, #0
+a74:	d014		beq	0xaa0
+a76:	a924		add	r1, sp, #144	; 0x90
+a78:	4668		mov	r0, sp
+a7a:	7a00		ldrb	r0, [r0, #8]
+a7c:	7008		strb	r0, [r1, #0]
+a7e:	2291		mov	r2, #145	; 0x91
+a80:	4668		mov	r0, sp
+a82:	4669		mov	r1, sp
+a84:	7909		ldrb	r1, [r1, #4]
+a86:	5411		strb	r1, [r2, r0]
+a88:	a824		add	r0, sp, #144	; 0x90
+a8a:	a986		add	r1, sp, #536	; 0x218
+a8c:	f000 fb53	bl	0x1136
+a90:	2800		cmp	r0, #0
+a92:	d11a		bne	0xaca
+a94:	a886		add	r0, sp, #536	; 0x218
+a96:	a9c6		add	r1, sp, #792	; 0x318
+a98:	7809		ldrb	r1, [r1, #0]
+a9a:	f000 ff7a	bl	0x1992
+a9e:	e014		b	0xaca
+aa0:	4668		mov	r0, sp
+aa2:	7a00		ldrb	r0, [r0, #8]
+aa4:	2800		cmp	r0, #0
+aa6:	d110		bne	0xaca
+aa8:	a802		add	r0, sp, #8
+aaa:	a924		add	r1, sp, #144	; 0x90
+aac:	f000 fd4e	bl	0x154c
+ab0:	a824		add	r0, sp, #144	; 0x90
+ab2:	a986		add	r1, sp, #536	; 0x218
+ab4:	f000 fb3f	bl	0x1136
+ab8:	2800		cmp	r0, #0
+aba:	d104		bne	0xac6
+abc:	a886		add	r0, sp, #536	; 0x218
+abe:	a9c6		add	r1, sp, #792	; 0x318
+ac0:	7809		ldrb	r1, [r1, #0]
+ac2:	f000 ff66	bl	0x1992
+ac6:	2001		mov	r0, #1
+ac8:	9000		str	r0, [sp, #0]
+aca:	9800		ldr	r0, [sp, #0]
+acc:	b07f		add	sp, #508	; 0x1fc
+ace:	b048		add	sp, #288	; 0x120
+ad0:	bd00		pop	{pc}
+$sta_select_application:
+ad2:	b500		push	{lr}
+ad4:	b082		sub	sp, #8
+ad6:	f7ff ff47	bl	0x968
+ada:	f001 f85d	bl	0x1b98	; $ser_initialize_serial_link
+ade:	f000 fd23	bl	0x1528	; $con_initialize_conversion
+ae2:	f000 f81f	bl	0xb24	; $fluid_bootloader
+ae6:	f000 f91a	bl	0xd1e	; $FTM_Tool_check
+aea:	b002		add	sp, #8
+aec:	bd00		pop	{pc}
+aee:	46c0		nop			(mov r8, r8)
+af0:	fffffa08
+af4:	0000ffff
+af8:	fffffa0a
+afc:	fffff804
+b00:	ffff9800
+b04:	00002002
+b08:	fffffd00
+b0c:	00001001
+; boot.obj .text section
+b10:	e3a0d502	mov	sp, #8388608	; 0x800000
+b14:	e28dd802	add	sp, sp, #131072	; 0x20000
+b18:	e28fe005	add	lr, pc, #5
+b1c:	e12fff1e	bx	lr
+b20:	e1a00000	mov	r0, r0
+; The fluid_bootloader() function is fatally hobbled: it initializes the UART
+; at 115200 baud, but then does a delay and returns - NO call to SeekMsg()!
+$fluid_bootloader:
+b24:	b500		push	{lr}
+b26:	b082		sub	sp, #8
+b28:	49f0		ldr	r1, =0x83ff00	; via 0xeec
+b2a:	48d5		ldr	r0, =0xffff5800	; via 0xe80
+b2c:	6008		str	r0, [r1, #0]
+b2e:	2000		mov	r0, #0
+b30:	2107		mov	r1, #7
+b32:	f000 f9a7	bl	0xe84	; $uart_init
+b36:	2000		mov	r0, #0
+b38:	9001		str	r0, [sp, #4]
+b3a:	9000		str	r0, [sp, #0]
+b3c:	9900		ldr	r1, [sp, #0]
+b3e:	2005		mov	r0, #5
+b40:	0400		lsl	r0, r0, #16
+b42:	4281		cmp	r1, r0
+b44:	d20a		bcs	0xb5c
+b46:	9801		ldr	r0, [sp, #4]
+b48:	3001		add	r0, #1
+b4a:	9001		str	r0, [sp, #4]
+b4c:	9800		ldr	r0, [sp, #0]
+b4e:	3001		add	r0, #1
+b50:	9000		str	r0, [sp, #0]
+b52:	9900		ldr	r1, [sp, #0]
+b54:	2005		mov	r0, #5
+b56:	0400		lsl	r0, r0, #16
+b58:	4281		cmp	r1, r0
+b5a:	d3f4		bcc	0xb46
+b5c:	b002		add	sp, #8
+b5e:	bd00		pop	{pc}
+$SeekMsg:
+b60:	b500		push	{lr}
+b62:	b086		sub	sp, #24	; 0x18
+b64:	48f4		ldr	r0, =0x800100	; via 0xf38
+b66:	9005		str	r0, [sp, #20]	; 0x14
+b68:	201b		mov	r0, #27	; 0x1b
+b6a:	f000 f935	bl	0xdd8
+b6e:	20f6		mov	r0, #246	; 0xf6
+b70:	f000 f932	bl	0xdd8
+b74:	2002		mov	r0, #2
+b76:	f000 f92f	bl	0xdd8
+b7a:	2000		mov	r0, #0
+b7c:	f000 f92c	bl	0xdd8
+b80:	2041		mov	r0, #65	; 0x41
+b82:	f000 f929	bl	0xdd8
+b86:	2001		mov	r0, #1
+b88:	f000 f926	bl	0xdd8
+b8c:	2040		mov	r0, #64	; 0x40
+b8e:	f000 f923	bl	0xdd8
+b92:	2001		mov	r0, #1
+b94:	0300		lsl	r0, r0, #12
+b96:	f000 f937	bl	0xe08
+b9a:	281b		cmp	r0, #27	; 0x1b
+b9c:	d000		beq	0xba0
+b9e:	e0bc		b	0xd1a
+ba0:	2001		mov	r0, #1
+ba2:	0300		lsl	r0, r0, #12
+ba4:	f000 f930	bl	0xe08
+ba8:	28f6		cmp	r0, #246	; 0xf6
+baa:	d000		beq	0xbae
+bac:	e0b5		b	0xd1a
+bae:	2001		mov	r0, #1
+bb0:	0300		lsl	r0, r0, #12
+bb2:	f000 f929	bl	0xe08
+bb6:	2802		cmp	r0, #2
+bb8:	d000		beq	0xbbc
+bba:	e0ae		b	0xd1a
+bbc:	2001		mov	r0, #1
+bbe:	0300		lsl	r0, r0, #12
+bc0:	f000 f922	bl	0xe08
+bc4:	2800		cmp	r0, #0
+bc6:	d000		beq	0xbca
+bc8:	e0a7		b	0xd1a
+bca:	2001		mov	r0, #1
+bcc:	0300		lsl	r0, r0, #12
+bce:	f000 f91b	bl	0xe08
+bd2:	2852		cmp	r0, #82	; 0x52
+bd4:	d000		beq	0xbd8
+bd6:	e0a0		b	0xd1a
+bd8:	2001		mov	r0, #1
+bda:	0300		lsl	r0, r0, #12
+bdc:	f000 f914	bl	0xe08
+be0:	2801		cmp	r0, #1
+be2:	d000		beq	0xbe6
+be4:	e099		b	0xd1a
+be6:	2001		mov	r0, #1
+be8:	0300		lsl	r0, r0, #12
+bea:	f000 f90d	bl	0xe08
+bee:	2853		cmp	r0, #83	; 0x53
+bf0:	d000		beq	0xbf4
+bf2:	e092		b	0xd1a
+bf4:	201b		mov	r0, #27	; 0x1b
+bf6:	f000 f8ef	bl	0xdd8
+bfa:	20f6		mov	r0, #246	; 0xf6
+bfc:	f000 f8ec	bl	0xdd8
+c00:	2002		mov	r0, #2
+c02:	f000 f8e9	bl	0xdd8
+c06:	2000		mov	r0, #0
+c08:	f000 f8e6	bl	0xdd8
+c0c:	2041		mov	r0, #65	; 0x41
+c0e:	f000 f8e3	bl	0xdd8
+c12:	2002		mov	r0, #2
+c14:	f000 f8e0	bl	0xdd8
+c18:	2043		mov	r0, #67	; 0x43
+c1a:	f000 f8dd	bl	0xdd8
+c1e:	2001		mov	r0, #1
+c20:	0300		lsl	r0, r0, #12
+c22:	f000 f8f1	bl	0xe08
+c26:	4669		mov	r1, sp
+c28:	7208		strb	r0, [r1, #8]
+c2a:	4668		mov	r0, sp
+c2c:	2102		mov	r1, #2
+c2e:	7441		strb	r1, [r0, #17]	; 0x11
+c30:	2000		mov	r0, #0
+c32:	9000		str	r0, [sp, #0]
+c34:	9800		ldr	r0, [sp, #0]
+c36:	2802		cmp	r0, #2
+c38:	d216		bcs	0xc68
+c3a:	2001		mov	r0, #1
+c3c:	0300		lsl	r0, r0, #12
+c3e:	f000 f8e3	bl	0xe08
+c42:	466a		mov	r2, sp
+c44:	9900		ldr	r1, [sp, #0]
+c46:	1a51		sub	r1, r2, r1
+c48:	7348		strb	r0, [r1, #13]	; 0xd
+c4a:	4668		mov	r0, sp
+c4c:	9900		ldr	r1, [sp, #0]
+c4e:	1a40		sub	r0, r0, r1
+c50:	7b40		ldrb	r0, [r0, #13]	; 0xd
+c52:	4669		mov	r1, sp
+c54:	7c49		ldrb	r1, [r1, #17]	; 0x11
+c56:	4048		eor	r0, r1
+c58:	4669		mov	r1, sp
+c5a:	7448		strb	r0, [r1, #17]	; 0x11
+c5c:	9800		ldr	r0, [sp, #0]
+c5e:	3001		add	r0, #1
+c60:	9000		str	r0, [sp, #0]
+c62:	9800		ldr	r0, [sp, #0]
+c64:	2802		cmp	r0, #2
+c66:	d3e8		bcc	0xc3a
+c68:	4668		mov	r0, sp
+c6a:	8980		ldrh	r0, [r0, #12]	; 0xc
+c6c:	466a		mov	r2, sp
+c6e:	1e41		sub	r1, r0, #1
+c70:	8191		strh	r1, [r2, #12]	; 0xc
+c72:	2800		cmp	r0, #0
+c74:	d016		beq	0xca4
+c76:	2001		mov	r0, #1
+c78:	0300		lsl	r0, r0, #12
+c7a:	f000 f8c5	bl	0xe08
+c7e:	9905		ldr	r1, [sp, #20]	; 0x14
+c80:	7008		strb	r0, [r1, #0]
+c82:	9805		ldr	r0, [sp, #20]	; 0x14
+c84:	7801		ldrb	r1, [r0, #0]
+c86:	4668		mov	r0, sp
+c88:	7c40		ldrb	r0, [r0, #17]	; 0x11
+c8a:	4041		eor	r1, r0
+c8c:	4668		mov	r0, sp
+c8e:	7441		strb	r1, [r0, #17]	; 0x11
+c90:	9805		ldr	r0, [sp, #20]	; 0x14
+c92:	3001		add	r0, #1
+c94:	9005		str	r0, [sp, #20]	; 0x14
+c96:	4668		mov	r0, sp
+c98:	8982		ldrh	r2, [r0, #12]	; 0xc
+c9a:	4669		mov	r1, sp
+c9c:	1e50		sub	r0, r2, #1
+c9e:	8188		strh	r0, [r1, #12]	; 0xc
+ca0:	2a00		cmp	r2, #0
+ca2:	d1e8		bne	0xc76
+ca4:	2001		mov	r0, #1
+ca6:	0300		lsl	r0, r0, #12
+ca8:	f000 f8ae	bl	0xe08
+cac:	4669		mov	r1, sp
+cae:	7408		strb	r0, [r1, #16]	; 0x10
+cb0:	4668		mov	r0, sp
+cb2:	7c01		ldrb	r1, [r0, #16]	; 0x10
+cb4:	7c40		ldrb	r0, [r0, #17]	; 0x11
+cb6:	4281		cmp	r1, r0
+cb8:	d015		beq	0xce6
+cba:	201b		mov	r0, #27	; 0x1b
+cbc:	f000 f88c	bl	0xdd8
+cc0:	20f6		mov	r0, #246	; 0xf6
+cc2:	f000 f889	bl	0xdd8
+cc6:	2002		mov	r0, #2
+cc8:	f000 f886	bl	0xdd8
+ccc:	2000		mov	r0, #0
+cce:	f000 f883	bl	0xdd8
+cd2:	2045		mov	r0, #69	; 0x45
+cd4:	f000 f880	bl	0xdd8
+cd8:	2053		mov	r0, #83	; 0x53
+cda:	f000 f87d	bl	0xdd8
+cde:	2016		mov	r0, #22	; 0x16
+ce0:	f000 f87a	bl	0xdd8
+ce4:	e019		b	0xd1a
+ce6:	201b		mov	r0, #27	; 0x1b
+ce8:	f000 f876	bl	0xdd8
+cec:	20f6		mov	r0, #246	; 0xf6
+cee:	f000 f873	bl	0xdd8
+cf2:	2002		mov	r0, #2
+cf4:	f000 f870	bl	0xdd8
+cf8:	2000		mov	r0, #0
+cfa:	f000 f86d	bl	0xdd8
+cfe:	2041		mov	r0, #65	; 0x41
+d00:	f000 f86a	bl	0xdd8
+d04:	2003		mov	r0, #3
+d06:	f000 f867	bl	0xdd8
+d0a:	2042		mov	r0, #66	; 0x42
+d0c:	f000 f864	bl	0xdd8
+d10:	4876		ldr	r0, =0x83ff00	; via 0xeec
+d12:	6800		ldr	r0, [r0, #0]
+d14:	4990		ldr	r1, =0x800100	; via 0xf58
+d16:	f000 f85e	bl	0xdd6
+d1a:	b006		add	sp, #24	; 0x18
+d1c:	bd00		pop	{pc}
+$FTM_Tool_check:
+d1e:	b500		push	{lr}
+d20:	b081		sub	sp, #4
+d22:	2066		mov	r0, #102	; 0x66
+d24:	f000 f858	bl	0xdd8
+d28:	2074		mov	r0, #116	; 0x74
+d2a:	f000 f855	bl	0xdd8
+d2e:	206d		mov	r0, #109	; 0x6d
+d30:	f000 f852	bl	0xdd8
+d34:	2074		mov	r0, #116	; 0x74
+d36:	f000 f84f	bl	0xdd8
+d3a:	206f		mov	r0, #111	; 0x6f
+d3c:	f000 f84c	bl	0xdd8
+d40:	206f		mov	r0, #111	; 0x6f
+d42:	f000 f849	bl	0xdd8
+d46:	206c		mov	r0, #108	; 0x6c
+d48:	f000 f846	bl	0xdd8
+d4c:	4983		ldr	r1, =0x83ff80	; via 0xf5c
+d4e:	2000		mov	r0, #0
+d50:	7008		strb	r0, [r1, #0]
+d52:	9000		str	r0, [sp, #0]
+d54:	9800		ldr	r0, [sp, #0]
+d56:	0c00		lsr	r0, r0, #16
+d58:	d105		bne	0xd66
+d5a:	9800		ldr	r0, [sp, #0]
+d5c:	3001		add	r0, #1
+d5e:	9000		str	r0, [sp, #0]
+d60:	9800		ldr	r0, [sp, #0]
+d62:	0c00		lsr	r0, r0, #16
+d64:	d0f9		beq	0xd5a
+d66:	2007		mov	r0, #7
+d68:	0400		lsl	r0, r0, #16
+d6a:	f000 f84d	bl	0xe08
+d6e:	2879		cmp	r0, #121	; 0x79
+d70:	d10e		bne	0xd90
+d72:	2001		mov	r0, #1
+d74:	0300		lsl	r0, r0, #12
+d76:	f000 f847	bl	0xe08
+d7a:	2865		cmp	r0, #101	; 0x65
+d7c:	d108		bne	0xd90
+d7e:	2001		mov	r0, #1
+d80:	0300		lsl	r0, r0, #12
+d82:	f000 f841	bl	0xe08
+d86:	2873		cmp	r0, #115	; 0x73
+d88:	d102		bne	0xd90
+d8a:	4874		ldr	r0, =0x83ff80	; via 0xf5c
+d8c:	2101		mov	r1, #1
+d8e:	7001		strb	r1, [r0, #0]
+d90:	f000 f8ce	bl	0xf30
+d94:	2800		cmp	r0, #0
+d96:	d00d		beq	0xdb4
+d98:	206d		mov	r0, #109	; 0x6d
+d9a:	f000 f81d	bl	0xdd8
+d9e:	206f		mov	r0, #111	; 0x6f
+da0:	f000 f81a	bl	0xdd8
+da4:	2064		mov	r0, #100	; 0x64
+da6:	f000 f817	bl	0xdd8
+daa:	2065		mov	r0, #101	; 0x65
+dac:	f000 f814	bl	0xdd8
+db0:	206d		mov	r0, #109	; 0x6d
+db2:	e00c		b	0xdce
+db4:	2065		mov	r0, #101	; 0x65
+db6:	f000 f80f	bl	0xdd8
+dba:	2072		mov	r0, #114	; 0x72
+dbc:	f000 f80c	bl	0xdd8
+dc0:	2072		mov	r0, #114	; 0x72
+dc2:	f000 f809	bl	0xdd8
+dc6:	206f		mov	r0, #111	; 0x6f
+dc8:	f000 f806	bl	0xdd8
+dcc:	2072		mov	r0, #114	; 0x72
+dce:	f000 f803	bl	0xdd8
+dd2:	b001		add	sp, #4
+dd4:	bd00		pop	{pc}
+$jump:
+dd6:	4708		bx	r1
+$putchar:	; static
+dd8:	b081		sub	sp, #4
+dda:	4669		mov	r1, sp
+ddc:	7008		strb	r0, [r1, #0]
+dde:	4843		ldr	r0, =0x83ff00	; via 0xeec
+de0:	6800		ldr	r0, [r0, #0]
+de2:	7940		ldrb	r0, [r0, #5]
+de4:	0980		lsr	r0, r0, #6
+de6:	d3fa		bcc	0xdde
+de8:	4840		ldr	r0, =0x83ff00	; via 0xeec
+dea:	6800		ldr	r0, [r0, #0]
+dec:	4669		mov	r1, sp
+dee:	7809		ldrb	r1, [r1, #0]
+df0:	7001		strb	r1, [r0, #0]
+df2:	b001		add	sp, #4
+df4:	46f7		mov	pc, lr
+$getchar:
+df6:	483d		ldr	r0, =0x83ff00	; via 0xeec
+df8:	6800		ldr	r0, [r0, #0]
+dfa:	7940		ldrb	r0, [r0, #5]
+dfc:	0840		lsr	r0, r0, #1
+dfe:	d3fa		bcc	0xdf6
+e00:	483a		ldr	r0, =0x83ff00	; via 0xeec
+e02:	6800		ldr	r0, [r0, #0]
+e04:	7800		ldrb	r0, [r0, #0]
+e06:	4770		bx	lr
+$getchar_timeout:
+e08:	b083		sub	sp, #12	; 0xc
+e0a:	9000		str	r0, [sp, #0]
+e0c:	9800		ldr	r0, [sp, #0]
+e0e:	9002		str	r0, [sp, #8]
+e10:	4836		ldr	r0, =0x83ff00	; via 0xeec
+e12:	6800		ldr	r0, [r0, #0]
+e14:	7940		ldrb	r0, [r0, #5]
+e16:	0840		lsr	r0, r0, #1
+e18:	d20c		bcs	0xe34
+e1a:	9802		ldr	r0, [sp, #8]
+e1c:	3801		sub	r0, #1
+e1e:	9002		str	r0, [sp, #8]
+e20:	9802		ldr	r0, [sp, #8]
+e22:	2800		cmp	r0, #0
+e24:	d101		bne	0xe2a
+e26:	20ff		mov	r0, #255	; 0xff
+e28:	e007		b	0xe3a
+e2a:	4830		ldr	r0, =0x83ff00	; via 0xeec
+e2c:	6800		ldr	r0, [r0, #0]
+e2e:	7940		ldrb	r0, [r0, #5]
+e30:	0840		lsr	r0, r0, #1
+e32:	d3f2		bcc	0xe1a
+e34:	482d		ldr	r0, =0x83ff00	; via 0xeec
+e36:	6800		ldr	r0, [r0, #0]
+e38:	7800		ldrb	r0, [r0, #0]
+e3a:	b003		add	sp, #12	; 0xc
+e3c:	4770		bx	lr
+$UartTimeout:
+e3e:	b081		sub	sp, #4
+e40:	e001		b	0xe46
+e42:	9800		ldr	r0, [sp, #0]
+e44:	3801		sub	r0, #1
+e46:	9000		str	r0, [sp, #0]
+e48:	4828		ldr	r0, =0x83ff00	; via 0xeec
+e4a:	6800		ldr	r0, [r0, #0]
+e4c:	7940		ldrb	r0, [r0, #5]
+e4e:	0840		lsr	r0, r0, #1
+e50:	d202		bcs	0xe58
+e52:	9800		ldr	r0, [sp, #0]
+e54:	2800		cmp	r0, #0
+e56:	dcf4		bgt	0xe42
+e58:	9800		ldr	r0, [sp, #0]
+e5a:	2800		cmp	r0, #0
+e5c:	dd01		ble	0xe62
+e5e:	2000		mov	r0, #0
+e60:	e000		b	0xe64
+e62:	2001		mov	r0, #1
+e64:	b001		add	sp, #4
+e66:	4770		bx	lr
+$hardware_init:
+e68:	b082		sub	sp, #8
+e6a:	9000		str	r0, [sp, #0]
+e6c:	4669		mov	r1, sp
+e6e:	2000		mov	r0, #0
+e70:	7188		strb	r0, [r1, #6]
+e72:	9900		ldr	r1, [sp, #0]
+e74:	483a		ldr	r0, =0xfffef000	; via 0xf60
+e76:	8800		ldrh	r0, [r0, #0]
+e78:	8008		strh	r0, [r1, #0]
+e7a:	b002		add	sp, #8
+e7c:	4770		bx	lr
+e7e:	46c0		nop			(mov r8, r8)
+<portion not analyzed yet>
+; start.obj .text:v$3 section, matches familiar versions
+_sta_select_application:
+1d90:	e92d4000	stmdb	sp!, {lr}
+1d94:	e28fe001	add	lr, pc, #1
+1d98:	e12fff1e	bx	lr
+1d9c:	f7fe fe99	bl	0xad2	; $sta_select_application
+1da0:	4778		bx	pc
+1da2:	46c0		nop			(mov r8, r8)
+1da4:	e8bd8000	ldmia	sp!, {pc}
+<1DA8-1EFF: all FFs>
+1f00:	00000001
+<1F04-end: all FFs>

FreeCalypso > hg > freecalypso-reveng

comparison compal/boot/c118-dfboot.disasm @ 403:50c0fac9a4a8