From f2a0716a29fe4f0b40001e1b836a9a1c8420a2b1 Mon Sep 17 00:00:00 2001
From: Mariano Alvira <mar@devl.org>
Date: Wed, 8 Apr 2009 18:14:58 -0400
Subject: [PATCH] doesn't work. best guess so far.

---
 src/maca.c | 18 ++++++++++--
 ws.dis     | 80 ++++++++++++++++++++++++++++--------------------------
 2 files changed, 56 insertions(+), 42 deletions(-)

diff --git a/src/maca.c b/src/maca.c
index 51f608cfb..42a529cf9 100644
--- a/src/maca.c
+++ b/src/maca.c
@@ -2,9 +2,14 @@
 
 /* best format */
 #define MAX_DATA 43
-const uint32_t addr[MAX_DATA] = { 0x80004118,0x80009204,0x80009208,0x8000920c,0x80009210,0x80009300,0x80009304,0x80009308,0x8000930c,0x80009310,0x80009314,0x80009318,0x80009380,0x80009384,0x80009388,0x8000938c,0x80009390,0x80009394,0x8000a008,0x8000a018,0x8000a01c,0x80009424,0x80009434,0x80009438,0x8000943c,0x80009440,0x80009444,0x80009448,0x8000944c,0x80009450,0x80009460,0x80009464,0x8000947c,0x800094e0,0x800094e4,0x800094e8,0x800094ec,0x800094f0,0x800094f4,0x800094f8,0x80009470,0x8000981c,0x80009828 };
+const uint32_t addr_reg_rep[MAX_DATA] = { 0x80004118,0x80009204,0x80009208,0x8000920c,0x80009210,0x80009300,0x80009304,0x80009308,0x8000930c,0x80009310,0x80009314,0x80009318,0x80009380,0x80009384,0x80009388,0x8000938c,0x80009390,0x80009394,0x8000a008,0x8000a018,0x8000a01c,0x80009424,0x80009434,0x80009438,0x8000943c,0x80009440,0x80009444,0x80009448,0x8000944c,0x80009450,0x80009460,0x80009464,0x8000947c,0x800094e0,0x800094e4,0x800094e8,0x800094ec,0x800094f0,0x800094f4,0x800094f8,0x80009470,0x8000981c,0x80009828 };
 
-const uint32_t data[MAX_DATA] = { 0x00180012,0x00000605,0x00000504,0x00001111,0x0fc40000,0x20046000,0x4005580c,0x40075801,0x4005d801,0x5a45d800,0x4a45d800,0x40044000,0x00106000,0x00083806,0x00093807,0x0009b804,0x000db800,0x00093802,0x00000015,0x00000002,0x0000000f,0x0000aaa0,0x01002020,0x016800fe,0x8e578248,0x000000dd,0x00000946,0x0000035a,0x00100010,0x00000515,0x00397feb,0x00180358,0x00000455,0x00000001,0x00020003,0x00040014,0x00240034,0x00440144,0x02440344,0x04440544,0x0ee7fc00,0x00000082,0x0000002a };
+const uint32_t data_reg_rep[MAX_DATA] = { 0x00180012,0x00000605,0x00000504,0x00001111,0x0fc40000,0x20046000,0x4005580c,0x40075801,0x4005d801,0x5a45d800,0x4a45d800,0x40044000,0x00106000,0x00083806,0x00093807,0x0009b804,0x000db800,0x00093802,0x00000015,0x00000002,0x0000000f,0x0000aaa0,0x01002020,0x016800fe,0x8e578248,0x000000dd,0x00000946,0x0000035a,0x00100010,0x00000515,0x00397feb,0x00180358,0x00000455,0x00000001,0x00020003,0x00040014,0x00240034,0x00440144,0x02440344,0x04440544,0x0ee7fc00,0x00000082,0x0000002a };
+
+#define MAX_CAL3 22
+const uint32_t addr_cal3[MAX_CAL3] = { 0x80009400,0x80009a04,0x80009a00,0x00000000,0x80009a00,0x80009a00,0x00000000,0x80009a00,0x80009a00,0x00000000,0x80009a00 };
+
+const uint32_t data_cal3[MAX_CAL3] = {0x00020017,0x8185a0a4,0x8c900025,0x00011194,0x8c900021,0x8c900027,0x00011194,0x8c90002b,0x8c90002f,0x00011194,0x8c900000};
 
 void init_phy(void)
 {
@@ -83,8 +88,15 @@ void flyback_init(void) {
 
 void radio_init(void) {
 	uint32_t i;
+
+	/* cal 3 */
+	for(i=0; i<MAX_CAL3; i++) {
+		*(volatile uint32_t *)(addr_cal3[i]) = data_cal3[i];
+	}
+
+	/*reg replacment */
 	for(i=0; i<MAX_DATA; i++) {
-		*(volatile uint32_t *)(addr[i]) = data[i];
+		*(volatile uint32_t *)(addr_reg_rep[i]) = data_reg_rep[i];
 	}
 }
 
diff --git a/ws.dis b/ws.dis
index 59b5513f2..5a38c5cdd 100644
--- a/ws.dis
+++ b/ws.dis
@@ -5176,46 +5176,46 @@ Disassembly of section P2:
 
 00402fbc <RadioInit>:
   402fbc:	b5f8      	push	{r3, r4, r5, r6, r7, lr}
-  402fbe:	0006      	lsls	r6, r0, #0
-  402fc0:	000c      	lsls	r4, r1, #0
-  402fc2:	0015      	lsls	r5, r2, #0
+  402fbe:	0006      	lsls	r6, r0, #0  //maybe platform clock 24000000
+  402fc0:	000c      	lsls	r4, r1, #0  //maybe dig clock pn
+  402fc2:	0015      	lsls	r5, r2, #0  //maybe loop div
   402fc4:	4f39      	ldr	r7, [pc, #228]	(4030ac <RadioInit+0xf0>)       // set r7 to   *(4030ac: .word	0x004053f0) 004053f0 <gRadioTOCCal2_None24MHz_c>:
-  402fc6:	21fa      	movs	r1, #250
-  402fc8:	0089      	lsls	r1, r1, #2
+  402fc6:	21fa      	movs	r1, #250                                          // r1 gets 250
+  402fc8:	0089      	lsls	r1, r1, #2                                        // r1 is 0x1f4 (does this divide 24000000 by 500?)
   402fca:	f7fd fcc1 	bl	400950 <?Veneer (3) for __aeabi_uidivmod>
-  402fce:	65b8      	str	r0, [r7, #88]                                     // gRadioTOCCal2_N[88]
+  402fce:	65b8      	str	r0, [r7, #88]                                     // gRadioTOCCal2_N[88] 0x58
   402fd0:	4837      	ldr	r0, [pc, #220]	(4030b0 <RadioInit+0xf4>)         // r0 gets   4030b0:	016e3600 .word	0x016e3600 = 240000000
   402fd2:	4286      	cmp	r6, r0
-  402fd4:	d001      	beq.n	402fda <RadioInit+0x1e>                           // test for 24MHZ
-  402fd6:	617c      	str	r4, [r7, #20]                                     // gRadioTOCCal2_N[20]
-  402fd8:	61fd      	str	r5, [r7, #28]                                     // gRadioTOCCal2_N[28]
-  402fda:	4c36      	ldr	r4, [pc, #216]	(4030b4 <RadioInit+0xf8>)         //endif 4030b4:    .word	0x00402dcc buck_enable
+  402fd4:	d001      	beq.n	402fda <RadioInit+0x1e>                           // if 24 MHz test for 24MHZ
+  402fd6:	617c      	str	r4, [r7, #20]                                     // gRadioTOCCal2_N[20] 0x14
+  402fd8:	61fd      	str	r5, [r7, #28]                                     // gRadioTOCCal2_N[28] 0x1c
+  402fda:	4c36      	ldr	r4, [pc, #216]	(4030b4 <RadioInit+0xf8>)         // else endif 4030b4:    .word	0x00402dcc buck_enable
   402fdc:	4d70      	ldr	r5, [pc, #448]	(4031a0 <fill_ram_struct+0x18>)   // 0x0040544c ram_init_val
-  402fde:	7928      	ldrb	r0, [r5, #4]                                      // maybe this is a return 
-  402fe0:	2801      	cmp	r0, #1                                            // check if its true ?
-  402fe2:	d106      	bne.n	402ff2 <RadioInit+0x36>                           // and skip stuff (to 2ff2) assume skip we have 24MHz
+  402fde:	7928      	ldrb	r0, [r5, #4]                                      // load low byte
+  402fe0:	2801      	cmp	r0, #1                                            // check if its 1 (it's not)
+  402fe2:	d106      	bne.n	402ff2 <RadioInit+0x36>                           // and skip stuff (to 2ff2,HERE) assume skip we have 24MHz
   402fe4:	4834      	ldr	r0, [pc, #208]	(4030b8 <RadioInit+0xfc>)         // 4030b8:	.word	0x00000f7b
-  402fe6:	6378      	str	r0, [r7, #52]                                     // what's r7? put f7b into gRadioTOCCal2_None24Mhz_c[52]
+  402fe6:	6378      	str	r0, [r7, #52]                                     // what's r7? put f7b into gRadioTOCCal2_None24Mhz_c[52] 0x34
   402fe8:	3858      	subs	r0, #88
-  402fea:	6368      	str	r0, [r5, #52]                                     // what's r5? maybe ram_init_val[52]
+  402fea:	6368      	str	r0, [r5, #52]                                     // what's r5? maybe ram_init_val[52] 0x34
   402fec:	2110      	movs	r1, #16
   402fee:	0020      	lsls	r0, r4, #0
   402ff0:	e009      	b.n	403006 <RadioInit+0x4a>
-  402ff2:	7968      	ldrb	r0, [r5, #5]                                      // what's r5? looks like ram_init_val[5]
-  402ff4:	2801      	cmp	r0, #1                                            // another test.
-  402ff6:	d108      	bne.n	40300a <RadioInit+0x4e>                           // maybe skip to there
+  402ff2:	7968      	ldrb	r0, [r5, #5]                                      // HERE: what's r5? looks like ram_init_val[5] 0x05
+  402ff4:	2801      	cmp	r0, #1                                            // another test. not one. (it's 0x1e)
+  402ff6:	d108      	bne.n	40300a <RadioInit+0x4e>                           // maybe skip to THERE
   402ff8:	4830      	ldr	r0, [pc, #192]	(4030bc <RadioInit+0x100>)        //  4030bc:	00000f7c 	.word	0x00000f7c
-  402ffa:	6378      	str	r0, [r7, #52]                                     // put f7c into gRadioTOCCal2_None24Mhz_c[52]
+  402ffa:	6378      	str	r0, [r7, #52]                                     // put f7c into gRadioTOCCal2_None24Mhz_c[52] 0x34
   402ffc:	3878      	subs	r0, #120
-  402ffe:	6368      	str	r0, [r5, #52]                                     // subtract 120 and put it into ram_init_val[52]
+  402ffe:	6368      	str	r0, [r5, #52]                                     // subtract 120 and put it into ram_init_val[52] 0x34
   403000:	2120      	movs	r1, #32                                           
   403002:	0020      	lsls	r0, r4, #0
   403004:	3010      	adds	r0, #16
   403006:	f000 f96d 	bl	4032e4 <SMAC_InitFromMemory>                      // call InitFromMemory with setup vals? 32 bytes of buck_enable+16?
-  40300a:	2128      	movs	r1, #40                                           // chould have come from a skip
-  40300c:	0038      	lsls	r0, r7, #0
-  40300e:	3030      	adds	r0, #48
-  403010:	f000 f968 	bl	4032e4 <SMAC_InitFromMemory>                      // 40 bytes of gRadioTOCCal2_None24Mhz+48?
+  40300a:	2128      	movs	r1, #40                                           // THERE: chould have come from a skip r1 gets 40
+  40300c:	0038      	lsls	r0, r7, #0                                        // r0 is r7 (cal2)
+  40300e:	3030      	adds	r0, #48                                           // now its cal2+48 which is  0x405420 (increment by sizeof?)
+  403010:	f000 f968 	bl	4032e4 <SMAC_InitFromMemory>                      // 40 entries of gRadioTOCCal2_None24Mhz+48?//i think this bombs b/c zero...
   403014:	4826      	ldr	r0, [pc, #152]	(4030b0 <RadioInit+0xf4>)         //  4030b0:	016e3600 	.word	0x016e3600
   403016:	4286      	cmp	r6, r0                                            
   403018:	d103      	bne.n	403022 <RadioInit+0x66>                           // another test for 24MHz 
@@ -5225,27 +5225,27 @@ Disassembly of section P2:
   403020:	e001      	b.n	403026 <RadioInit+0x6a>                           // goto endif
   403022:	2130      	movs	r1, #48                                           // else, guissing else is for not 24MHz since r7 is involved
   403024:	0038      	lsls	r0, r7, #0
-  403026:	f000 f95d 	bl	4032e4 <SMAC_InitFromMemory>                      // endif, do InitFromMemory,  8 bytes from 
+  403026:	f000 f95d 	bl	4032e4 <SMAC_InitFromMemory>                      // endif, do InitFromMemory,  8 entries from 00402dfc <gRadioTOCCal2_24MHz_c>:
   40302a:	2158      	movs	r1, #88
   40302c:	0020      	lsls	r0, r4, #0
   40302e:	3038      	adds	r0, #56
-  403030:	f000 f958 	bl	4032e4 <SMAC_InitFromMemory>                      // do another
+  403030:	f000 f958 	bl	4032e4 <SMAC_InitFromMemory>                      // do another then do 88 entries from r4+56 0x2e14 (in cal 3)
   403034:	481e      	ldr	r0, [pc, #120]	(4030b0 <RadioInit+0xf4>)
   403036:	4286      	cmp	r6, r0                                            // check for 24MHZ
-  403038:	d004      	beq.n	403044 <RadioInit+0x88>
+  403038:	d004      	beq.n	403044 <RadioInit+0x88>                           // goto endif
   40303a:	2108      	movs	r1, #8
   40303c:	0020      	lsls	r0, r4, #0
   40303e:	3090      	adds	r0, #144
-  403040:	f000 f950 	bl	4032e4 <SMAC_InitFromMemory>                      // goto endif
-  403044:	2120      	movs	r1, #32                                           // else
+  403040:	f000 f950 	bl	4032e4 <SMAC_InitFromMemory>                      
+  403044:	2120      	movs	r1, #32                                           // endif
   403046:	0028      	lsls	r0, r5, #0
   403048:	3018      	adds	r0, #24
-  40304a:	f000 f94b 	bl	4032e4 <SMAC_InitFromMemory>                      // endif 
+  40304a:	f000 f94b 	bl	4032e4 <SMAC_InitFromMemory>                      // do 32 entries in r5+24 this might be zero...
   40304e:	21ac      	movs	r1, #172
-  403050:	0049      	lsls	r1, r1, #1
+  403050:	0049      	lsls	r1, r1, #1                                        // r1 gets 344
   403052:	0020      	lsls	r0, r4, #0
   403054:	3098      	adds	r0, #152
-  403056:	f000 f945 	bl	4032e4 <SMAC_InitFromMemory>                      // another
+  403056:	f000 f945 	bl	4032e4 <SMAC_InitFromMemory>                      // do 344 entries from r4+152 0x2e74 (in reg replacment)
   40305a:	20f8      	movs	r0, #248                                          // r0 gets 0xf8
   40305c:	0240      	lsls	r0, r0, #9                                        // r0 is now 0x1F000
   40305e:	f000 f8db 	bl	403218 <SMAC_InitFromFlash>                       // from flash --- this might be the regreplacment since that's in codespace...
@@ -5261,7 +5261,7 @@ Disassembly of section P2:
   403076:	2120      	movs	r1, #32
   403078:	3410      	adds	r4, #16
   40307a:	0020      	lsls	r0, r4, #0
-  40307c:	f000 f932 	bl	4032e4 <SMAC_InitFromMemory>
+  40307c:	f000 f932 	bl	4032e4 <SMAC_InitFromMemory>                      // do 32 entries but now from 0x2e74 + 16 0x2e84
   403080:	480f      	ldr	r0, [pc, #60]	(4030c0 <RadioInit+0x104>)
   403082:	f000 f881 	bl	403188 <fill_ram_struct>
   403086:	2400      	movs	r4, #0
@@ -5549,6 +5549,8 @@ Disassembly of section P2:
   4032dc:	00405448 	.word	0x00405448
   4032e0:	00000abc 	.word	0x00000abc
 
+// 000 entries exit initfrom memory
+
 004032e4 <SMAC_InitFromMemory>:
   4032e4:	b570      	push	{r4, r5, r6, lr}
   4032e6:	0005      	lsls	r5, r0, #0                        // r5 is first arg
@@ -5556,17 +5558,17 @@ Disassembly of section P2:
   4032ea:	2600      	movs	r6, #0                            // r6 gets 0
   4032ec:	2d00      	cmp	r5, #0                            // if r5 is zero
   4032ee:	d001      	beq.n	4032f4 <SMAC_InitFromMemory+0x10> // then branch to 1
-  4032f0:	0760      	lsls	r0, r4, #29                       // else r4<<29 what does this do to z? 
+  4032f0:	0760      	lsls	r0, r4, #29                       // else r4<<29 what does this do to z? some kind of bounds check? max size check? 
   4032f2:	d002      	beq.n	4032fa <SMAC_InitFromMemory+0x16> // branch to 2: if z is set 
   4032f4:	2000      	movs	r0, #0                            // 1: r0 get 0
   4032f6:	e00c      	b.n	403312 <SMAC_InitFromMemory+0x2e> // goto end:
   4032f8:	1836      	adds	r6, r6, r0                        // loop: r6 = r6 + r0
-  4032fa:	08a0      	lsrs	r0, r4, #2                        // 2: r0 = r4 >> 2
+  4032fa:	08a0      	lsrs	r0, r4, #2                        // 2: r0 = r4 >> 2 r0 has the size/4?
   4032fc:	4286      	cmp	r6, r0                            // compare r6 and r0
-  4032fe:	d207      	bcs.n	403310 <SMAC_InitFromMemory+0x2c> // branch to 3: if higher or same
-  403300:	00b0      	lsls	r0, r6, #2                        // r0 = r6 << 2
-  403302:	1828      	adds	r0, r5, r0                        // r0 = r5 + r0
-  403304:	f7ff ff4e 	bl	4031a4 <SMAC_InitExecuteEntry>    // call InitExecturEntry (maybe this does the copy?)
+  4032fe:	d207      	bcs.n	403310 <SMAC_InitFromMemory+0x2c> // branch to 3: if higher or same //another bounds check?
+  403300:	00b0      	lsls	r0, r6, #2                        // r0 = r6 << 2 //align check?
+  403302:	1828      	adds	r0, r5, r0                        // r0 = r5 + r0 //r0 has base plus current offset.. maybe
+  403304:	f7ff ff4e 	bl	4031a4 <SMAC_InitExecuteEntry>    // call InitExecturEntry (maybe this does the copy?) //do the entry
   403308:	2800      	cmp	r0, #0                            // compare r0 to 0
   40330a:	d1f5      	bne.n	4032f8 <SMAC_InitFromMemory+0x14> // if not 0 branch to loop: 
   40330c:	0030      	lsls	r0, r6, #0                        // r0 = r6