400D code is totaly 4byte. Is aligned for 4B and almost all data is aligned 4B (dword int's).
After analizing the 400D code I can say that it's the best way to start from begining, and go to functions calls until you get something like that:
LDR Rx, =sub_xxx1
LDR Ry, =aSomeString1
sub_eee
LDR Rx, =sub_xxx2
LDR Ry, =aSomeString2
sub_eee
LDR Rx, =sub_xxx3
LDR Ry, =aSomeString3
sub_eee
There you know you found the RegisterEvent or RegisterTask.
The main structure of the begining of the program is (function names from the vxWorks help:
romStart
{ here you have the adresses of the data segment to copy ,and the adres propably 1900 where to copy data. then it calls some wierd function which save's these adreses, then calls usrInit}
usrInit
{ it calls much functions to initialize hardwere and so. then calls usrKernelInit }
usrKernelInit
{ it calls more functions to initialize - this time mostly libreries then and the end calls:
kernelInit( usrRoot <= function, ...) - like in the manual }
usrRoot
{ Initialize more hardware (drivers and so), at the end calls AppInit }
AppInit
{ It's the canon-only part. So you have here canon's initializations (I didn't recognized much of them), and at the end it calls:
RegisterTask ("Startup", , , task_Startup <=function, )
}
And here at last you have:
task_Startup
{ lot of function calls. most of these functions register event procedures. It's like "SomethingFunction" registers all events with "Something". }
I hope it'll help.
