FreeCalypso > hg > freecalypso-reveng
changeset 258:61d8d70ca7b0
pirelli/fw-disasm: pwr_short_test_timer_process() analyzed
author | Mychaela Falconia <falcon@freecalypso.org> |
---|---|
date | Tue, 26 Dec 2017 04:12:06 +0000 |
parents | 01030ff953a2 |
children | ea66ce1a0d2e |
files | pirelli/fw-disasm |
diffstat | 1 files changed, 172 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/pirelli/fw-disasm Tue Dec 26 03:28:22 2017 +0000 +++ b/pirelli/fw-disasm Tue Dec 26 04:12:06 2017 +0000 @@ -786,6 +786,173 @@ 2e2434: bd00 pop {pc} 2e2436: 46c0 nop (mov r8, r8) +$pwr_short_test_timer_process: + 2e2468: b570 push {r4, r5, r6, lr} +; not in MV100: additional checks to see if the state is something other than +; CHARGE_STOPPED and that the charging power source is still there + 2e246a: b082 sub sp, #8 + 2e246c: f066 ff4e bl 0x34930c ; $ABB_Read_Status + 2e2470: 4955 ldr r1, =0x1774e70 ; via 0x2e25c8 + 2e2472: 6809 ldr r1, [r1, #0] + 2e2474: 6849 ldr r1, [r1, #4] + 2e2476: 2900 cmp r1, #0 + 2e2478: d100 bne 0x2e247c + 2e247a: e0a1 b 0x2e25c0 + 2e247c: 09c0 lsr r0, r0, #7 + 2e247e: d200 bcs 0x2e2482 + 2e2480: e09e b 0x2e25c0 +; trace + 2e2482: 4850 ldr r0, =0xa0020 ; via 0x2e25c4 + 2e2484: 9000 str r0, [sp, #0] + 2e2486: a0c8 add r0, pc, #800 ; 0x320 + 2e2488: 211f mov r1, #31 ; 0x1f + 2e248a: 2200 mov r2, #0 + 2e248c: 43d2 mvn r2, r2 + 2e248e: 2302 mov r3, #2 + 2e2490: f0f8 fbd0 bl 0x3dac34 + 2e2494: 2002 mov r0, #2 + 2e2496: f7cf fa02 bl 0x2b189e ; rvf_delay() + 2e249a: 2001 mov r0, #1 + 2e249c: 2122 mov r1, #34 ; 0x22 + 2e249e: 2200 mov r2, #0 + 2e24a0: f066 feb4 bl 0x34920c + 2e24a4: 2002 mov r0, #2 + 2e24a6: f7cf f9fa bl 0x2b189e +; read and trace-dump VBAT, VCHG and ICHG + 2e24aa: 2001 mov r0, #1 + 2e24ac: 211e mov r1, #30 ; 0x1e + 2e24ae: f066 fed4 bl 0x34925a + 2e24b2: 1c05 add r5, r0, #0 + 2e24b4: 4843 ldr r0, =0xa0020 ; via 0x2e25c4 + 2e24b6: 9000 str r0, [sp, #0] + 2e24b8: a0c3 add r0, pc, #780 ; 0x30c + 2e24ba: 2111 mov r1, #17 ; 0x11 + 2e24bc: 1c2a add r2, r5, #0 + 2e24be: 2302 mov r3, #2 + 2e24c0: f0f8 fbb8 bl 0x3dac34 + 2e24c4: 2001 mov r0, #1 + 2e24c6: 2120 mov r1, #32 ; 0x20 + 2e24c8: f066 fec7 bl 0x34925a + 2e24cc: 1c06 add r6, r0, #0 + 2e24ce: 483d ldr r0, =0xa0020 ; via 0x2e25c4 + 2e24d0: 9000 str r0, [sp, #0] + 2e24d2: a0c2 add r0, pc, #776 ; 0x308 + 2e24d4: 2111 mov r1, #17 ; 0x11 + 2e24d6: 1c32 add r2, r6, #0 + 2e24d8: 2302 mov r3, #2 + 2e24da: f0f8 fbab bl 0x3dac34 + 2e24de: 2001 mov r0, #1 + 2e24e0: 2122 mov r1, #34 ; 0x22 + 2e24e2: f066 feba bl 0x34925a + 2e24e6: 1c04 add r4, r0, #0 + 2e24e8: 4836 ldr r0, =0xa0020 ; via 0x2e25c4 + 2e24ea: 9000 str r0, [sp, #0] + 2e24ec: a0c0 add r0, pc, #768 ; 0x300 + 2e24ee: 211b mov r1, #27 ; 0x1b + 2e24f0: 1c22 add r2, r4, #0 + 2e24f2: 2305 mov r3, #5 + 2e24f4: f0f8 fb9e bl 0x3dac34 +; end of the read-and-dump + 2e24f8: f7ff fef9 bl 0x2e22ee ; $pwr_stop_charging + 2e24fc: 20ff mov r0, #255 ; 0xff + 2e24fe: 30b7 add r0, #183 ; 0xb7 + 2e2500: 4285 cmp r5, r0 + 2e2502: dd21 ble 0x2e2548 + 2e2504: 205f mov r0, #95 ; 0x5f + 2e2506: 00c0 lsl r0, r0, #3 + 2e2508: 4286 cmp r6, r0 + 2e250a: da1d bge 0x2e2548 +; "Battery OK" trace + 2e250c: 482d ldr r0, =0xa0020 ; via 0x2e25c4 + 2e250e: 9000 str r0, [sp, #0] + 2e2510: a0be add r0, pc, #760 ; 0x2f8 + 2e2512: 210a mov r1, #10 ; 0xa + 2e2514: 2200 mov r2, #0 + 2e2516: 43d2 mvn r2, r2 + 2e2518: 2305 mov r3, #5 + 2e251a: f0f8 fb8b bl 0x3dac34 + 2e251e: 4c2a ldr r4, =0x1774e70 ; via 0x2e25c8 + 2e2520: 6821 ldr r1, [r4, #0] +; setting the time limit for the overall charging process: 7200 s + 2e2522: 20e1 mov r0, #225 ; 0xe1 + 2e2524: 0140 lsl r0, r0, #5 + 2e2526: 8748 strh r0, [r1, #58] ; 0x3a +; elapsed time init to 0 + 2e2528: 6821 ldr r1, [r4, #0] + 2e252a: 2000 mov r0, #0 + 2e252c: 8788 strh r0, [r1, #60] ; 0x3c +; mystery var init + 2e252e: 48c0 ldr r0, =0x1775040 ; via 0x2e2830 + 2e2530: 2165 mov r1, #101 ; 0x65 + 2e2532: 7001 strb r1, [r0, #0] + 2e2534: f048 fc96 bl 0x32ae64 ; $rvf_get_tick_count + 2e2538: 49be ldr r1, =0x17749bc ; via 0x2e2834 + 2e253a: 6008 str r0, [r1, #0] +; pwr_env_ctrl_blk->charging_state = TESTING_BATTERY; + 2e253c: 6821 ldr r1, [r4, #0] + 2e253e: 2001 mov r0, #1 + 2e2540: 6048 str r0, [r1, #4] + 2e2542: f04b fb7d bl 0x32dc40 ; $pwr_get_battery_temperature + 2e2546: e03b b 0x2e25c0 ; return +; failure code path + 2e2548: 481e ldr r0, =0xa0020 ; via 0x2e25c4 + 2e254a: 9000 str r0, [sp, #0] + 2e254c: a0b2 add r0, pc, #712 ; 0x2c8 + 2e254e: 2117 mov r1, #23 ; 0x17 + 2e2550: 2200 mov r2, #0 + 2e2552: 43d2 mvn r2, r2 + 2e2554: 2302 mov r3, #2 + 2e2556: f0f8 fb6d bl 0x3dac34 + 2e255a: 20ff mov r0, #255 ; 0xff + 2e255c: 30b7 add r0, #183 ; 0xb7 + 2e255e: 4285 cmp r5, r0 + 2e2560: dd19 ble 0x2e2596 + 2e2562: 20a3 mov r0, #163 ; 0xa3 + 2e2564: 0080 lsl r0, r0, #2 + 2e2566: 4285 cmp r5, r0 + 2e2568: da13 bge 0x2e2592 + 2e256a: 2c46 cmp r4, #70 ; 0x46 + 2e256c: dd0f ble 0x2e258e + 2e256e: 205f mov r0, #95 ; 0x5f + 2e2570: 00c0 lsl r0, r0, #3 + 2e2572: 4286 cmp r6, r0 + 2e2574: da01 bge 0x2e257a + 2e2576: 2108 mov r1, #8 + 2e2578: e00e b 0x2e2598 + 2e257a: 4823 ldr r0, =0x1774b78 ; via 0x2e2608 + 2e257c: 210b mov r1, #11 ; 0xb + 2e257e: 43c9 mvn r1, r1 + 2e2580: 8001 strh r1, [r0, #0] + 2e2582: 2001 mov r0, #1 + 2e2584: 213a mov r1, #58 ; 0x3a + 2e2586: 2280 mov r2, #128 ; 0x80 + 2e2588: f066 fe40 bl 0x34920c + 2e258c: e007 b 0x2e259e + 2e258e: 2102 mov r1, #2 + 2e2590: e002 b 0x2e2598 + 2e2592: 2107 mov r1, #7 + 2e2594: e000 b 0x2e2598 + 2e2596: 2101 mov r1, #1 + 2e2598: 43c9 mvn r1, r1 + 2e259a: 481b ldr r0, =0x1774b78 ; via 0x2e2608 + 2e259c: 8001 strh r1, [r0, #0] + 2e259e: 2002 mov r0, #2 + 2e25a0: f0b2 fc8f bl 0x394ec2 + 2e25a4: 2032 mov r0, #50 ; 0x32 + 2e25a6: 493e ldr r1, =0x1774e38 ; via 0x2e26a0 + 2e25a8: 6809 ldr r1, [r1, #0] + 2e25aa: 5c40 ldrb r0, [r0, r1] + 2e25ac: 2800 cmp r0, #0 + 2e25ae: d105 bne 0x2e25bc + 2e25b0: 2001 mov r0, #1 + 2e25b2: 213c mov r1, #60 ; 0x3c + 2e25b4: 2201 mov r2, #1 + 2e25b6: f066 fe29 bl 0x34920c + 2e25ba: e001 b 0x2e25c0 + 2e25bc: f0d1 faf9 bl 0x3b3bb2 + 2e25c0: b002 add sp, #8 + 2e25c2: bd70 pop {r4, r5, r6, pc} + $l1_abb_power_on: 31c036: b510 push {r4, lr} 31c038: b084 sub sp, #16 ; 0x10 @@ -943,6 +1110,11 @@ 31c752: f0dc fccb bl 0x3f90ec ; $initialize_l1pvar 31c756: bd30 pop {r4, r5, pc} +$rvf_get_tick_count: + 32ae64: b500 push {lr} + 32ae66: f0ce fbb1 bl 0x3f95cc ; $TMT_Retrieve_Clock + 32ae6a: bd00 pop {pc} + $rvf_start_timer: 32ae78: b500 push {lr} 32ae7a: b085 sub sp, #20 ; 0x14