Magic Lantern Firmware Wiki
Register
Advertisement

Alex asked some information about State Objects in 550D, so I digged the firmware,

using information given for the 5dm2 by AJ here: http://magiclantern.wikia.com/wiki/2.0.4_StateObjects


here is the creation of FSS object (in 1.0.8) :

ROM:FF09F3D0 createStateObject_FSSState              ; CODE XREF: sub_FF021E60+68 p
ROM:FF09F3D0
ROM:FF09F3D0 var_8           = -8
ROM:FF09F3D0
ROM:FF09F3D0                 STMFD   SP!, {R3,LR}
ROM:FF09F3D4                 LDR     R2, =stateObject_FSSState
ROM:FF09F3D8                 MOV     R3, #1
ROM:FF09F3DC                 STR     R3, [SP,#8+var_8]           ;total states  [AJ: tip in IDA: Press 'S' on this line once to get a 'cleaner' ASM] 
ROM:FF09F3E0                 SUB     R0, R2, #4
ROM:FF09F3E4                 LDR     R0, [R0]
ROM:FF09F3E8                 MOV     R3, #0xB                    ;total inputs
ROM:FF09F3EC                 MOV     R1, #0                      ;initial state
ROM:FF09F3F0                 BL      CreateStateObject_maybe
ROM:FF09F3F4                 LDR     R1, =unk_41A0
ROM:FF09F3F8                 STR     R0, [R1]
ROM:FF09F3FC                 LDMFD   SP!, {R12,PC}
ROM:FF09F3FC ; End of function createStateObject_FSSState

and the related structure:

ROM:FF4AEC50                 DCD aFssstate           ; "FSSState"
ROM:FF4AEC54 stateObject_FSSState DCD 0              ; DATA XREF: createStateObject_FSSState+4 o
ROM:FF4AEC54                                         ; fssNotifyJob:off_FF09F700 o
ROM:FF4AEC58                 DCD fssPostDebugJob
ROM:FF4AEC5C                 DCD 0
ROM:FF4AEC60                 DCD fssDummyWrite
ROM:FF4AEC64                 DCD 0
ROM:FF4AEC68                 DCD fssNotifyJob
ROM:FF4AEC6C                 DCD 0
ROM:FF4AEC70                 DCD fssPostJob
ROM:FF4AEC74                 DCD 0
ROM:FF4AEC78                 DCD fssAvailable
ROM:FF4AEC7C                 DCD 0
ROM:FF4AEC80                 DCD fssCancel
ROM:FF4AEC84                 DCD 0
ROM:FF4AEC88                 DCD fssCompleteJob
ROM:FF4AEC8C                 DCD 0
ROM:FF4AEC90                 DCD fssSW1On
ROM:FF4AEC94                 DCD 0
ROM:FF4AEC98                 DCD fssSW2On
ROM:FF4AEC9C                 DCD 0
ROM:FF4AECA0                 DCD fssSW2Off
ROM:FF4AECA4                 DCD 0
ROM:FF4AECA8                 DCD fssRegister

about LvState and LvRecState objects studied in detail by AJ (see StateObjects_LVRecState and StateObjects_LVState)


in 550D creations are here:

ROM:FF0F40F4 createStateObject_LvState_LvRecState    ; CODE XREF: sub_FF0340B4+1CC�p
ROM:FF0F40F4
ROM:FF0F40F4 var_10          = -0x10
ROM:FF0F40F4
ROM:FF0F40F4                 STMFD   SP!, {R3-R5,LR}
ROM:FF0F40F8                 LDR     R2, =LVState_stateObject
ROM:FF0F40FC                 MOV     R3, #0xF        ; total states
ROM:FF0F4100                 STR     R3, [SP,#0x10+var_10]
ROM:FF0F4104                 SUB     R5, R2, #0x24
ROM:FF0F4108                 LDR     R0, [R5,#4]     ; LVState
ROM:FF0F410C                 MOV     R3, #0x1D       ; total inputs
ROM:FF0F4110                 MOV     R1, #0
ROM:FF0F4114                 BL      CreateStateObject_maybe
ROM:FF0F4118                 LDR     R4, =unk_4B4C
ROM:FF0F411C                 MOV     R3, #7          ; total states (and inputs)
ROM:FF0F4120                 STR     R0, [R4,#0x28]
ROM:FF0F4124                 STR     R3, [SP,#0x10+var_10]
ROM:FF0F4128                 LDR     R0, [R5,#8]     ; LVRecState
ROM:FF0F412C                 LDR     R2, =LVRecState_stateObject
ROM:FF0F4130                 MOV     R1, #0
ROM:FF0F4134                 BL      CreateStateObject_maybe
ROM:FF0F4138                 STR     R0, [R4,#0x2C]
ROM:FF0F413C                 LDR     R0, [R4,#0x28]
ROM:FF0F4140                 LDMFD   SP!, {R3-R5,PC}
ROM:FF0F4140 ; End of function createStateObject_LvState_LvRecState
Advertisement