FreeCalypso > hg > freecalypso-reveng

comparison bootrom.disasm @ 14:3443b1b08af4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
boot ROM re: starting to unravel the serial command handling messed up earlier with some var locations: the darned offsets were decimal
author Michael Spacefalcon <msokolov@ivan.Harhan.ORG>
date Wed, 24 Apr 2013 23:49:39 +0000
parents e0ce45f043c0
children 2e3cecd6716c
comparison
equal deleted inserted replaced
13:e0ce45f043c0 14:3443b1b08af4
88 10c: e31c0040 tst r12, #64 ; 0x40 88 10c: e31c0040 tst r12, #64 ; 0x40
89 110: 0afffffc beq 0x108 89 110: 0afffffc beq 0x108
90 114: eb000513 bl 0x1568 ; IND_CALL 90 114: eb000513 bl 0x1568 ; IND_CALL
91 118: eafffffe b 0x118 91 118: eafffffe b 0x118
92 92
93 ; This routine handles the '<i' command - it initializes the vars
94 ; starting at 800518. It is called with R0=0x800518.
95
93 11c: e3a0c004 mov r12, #4 ; 0x4 96 11c: e3a0c004 mov r12, #4 ; 0x4
94 120: e5c0c000 strb r12, [r0] 97 120: e5c0c000 strb r12, [r0]
95 124: e3a0c000 mov r12, #0 ; 0x0 98 124: e3a0c000 mov r12, #0 ; 0x0
96 128: e1c0c0be strh r12, [r0, #14] 99 128: e1c0c0be strh r12, [r0, #14]
97 12c: e1c0c1b0 strh r12, [r0, #16] 100 12c: e1c0c1b0 strh r12, [r0, #16]
98 130: e580c014 str r12, [r0, #20] 101 130: e580c014 str r12, [r0, #20]
99 134: e5c0c018 strb r12, [r0, #24] 102 134: e5c0c018 strb r12, [r0, #24]
100 138: e12fff1e bx lr 103 138: e12fff1e bx lr
101 104
105 ; This routine at 0x13c apparently generates the serial response messages
106 ; back to the host, using the buffer at 80010C as its scratchpad.
107 ; The argument in R0 encodes what type of message to generate:
108
102 13c: e92d4000 stmdb sp!, {lr} 109 13c: e92d4000 stmdb sp!, {lr}
103 140: e1a0c000 mov r12, r0 110 140: e1a0c000 mov r12, r0
104 144: e59f0cc0 ldr r0, [pc, #3264] ; 0xe0c 111 144: e59f0cc0 ldr r0, =0x80010C ; via 0xe0c
105 148: e3a0103e mov r1, #62 ; 0x3e 112 148: e3a0103e mov r1, #62 ; 0x3e
106 14c: e5c01000 strb r1, [r0] 113 14c: e5c01000 strb r1, [r0]
107 150: e35c0009 cmp r12, #9 ; 0x9 114 150: e35c0009 cmp r12, #9 ; 0x9
108 154: 88bd8000 ldmhiia sp!, {pc} 115 154: 88bd8000 ldmhiia sp!, {pc}
109 158: e28f1000 add r1, pc, #0 ; 0x0 116 158: e28f1000 add r1, pc, #0 ; 0x0
110 15c: e791f10c ldr pc, [r1, r12, lsl #2] 117 15c: e791f10c ldr pc, [r1, r12, lsl #2]
111 160: 000002ac andeq r0, r0, r12, lsr #5 118 ; switch table, absolute addresses
112 164: 00000280 andeq r0, r0, r0, lsl #5 119 160: 000002ac
113 168: 00000264 andeq r0, r0, r4, ror #4 120 164: 00000280
114 16c: 00000248 andeq r0, r0, r8, asr #4 121 168: 00000264
115 170: 00000224 andeq r0, r0, r4, lsr #4 122 16c: 00000248
116 174: 00000200 andeq r0, r0, r0, lsl #4 123 170: 00000224
117 178: 000001dc ldreqd r0, [r0], -r12 124 174: 00000200
118 17c: 000001c0 andeq r0, r0, r0, asr #3 125 178: 000001dc
119 180: 000001a4 andeq r0, r0, r4, lsr #3 126 17c: 000001c0
120 184: 00000188 andeq r0, r0, r8, lsl #3 127 180: 000001a4
121 128 184: 00000188
122 188: e3a0c042 mov r12, #66 ; 0x42 129 ; case 9:
130 188: e3a0c042 mov r12, #66 ; 0x42 'B'
123 18c: e5c0c001 strb r12, [r0, #1] 131 18c: e5c0c001 strb r12, [r0, #1]
124 190: e3a01002 mov r1, #2 ; 0x2 132 190: e3a01002 mov r1, #2 ; 0x2
125 194: e59fcc74 ldr r12, [pc, #3188] ; 0xe10 133 194: e59fcc74 ldr r12, =0x800520 ; via 0xe10
126 198: e5dc2000 ldrb r2, [r12] 134 198: e5dc2000 ldrb r2, [r12]
127 19c: eb000458 bl 0x1304 135 19c: eb000458 bl 0x1304
128 1a0: e8bd8000 ldmia sp!, {pc} 136 1a0: e8bd8000 ldmia sp!, {pc}
129 137
130 1a4: e3a0c062 mov r12, #98 ; 0x62 138 1a4: e3a0c062 mov r12, #98 ; 0x62
223 ; *R0 return byte values: 231 ; *R0 return byte values:
224 ; 00 = got nothing (timeout) or an invalid/non-understood command 232 ; 00 = got nothing (timeout) or an invalid/non-understood command
225 ; 01 = got 'i' 233 ; 01 = got 'i'
226 ; 02 = got 'p', 9 additional bytes received, a bunch of vars filled 234 ; 02 = got 'p', 9 additional bytes received, a bunch of vars filled
227 ; 03 = got 'w', the rest of the command read into the buffer at 235 ; 03 = got 'w', the rest of the command read into the buffer at
228 ; 80010C, the flag at 80053C set 236 ; 80010C, the flag at 800530 set
229 ; 04 = got 'c', 1 additional byte received, extended to a half-word 237 ; 04 = got 'c', 1 additional byte received, extended to a half-word
230 ; and written to 80052C 238 ; and written to 800526
231 ; 05 = got 'a' 239 ; 05 = got 'a'
232 ; 06 = got 'b', 4 bytes written to 800538 240 ; 06 = got 'b', 4 bytes written to 80052C
233 241
234 2c8: e92d4ff0 stmdb sp!, {r4, r5, r6, r7, r8, r9, r10, r11, lr} 242 2c8: e92d4ff0 stmdb sp!, {r4, r5, r6, r7, r8, r9, r10, r11, lr}
235 2cc: e24dd004 sub sp, sp, #4 ; 0x4 243 2cc: e24dd004 sub sp, sp, #4 ; 0x4
236 2d0: e1a0b000 mov r11, r0 244 2d0: e1a0b000 mov r11, r0
237 2d4: e3a05000 mov r5, #0 ; 0x0 245 2d4: e3a05000 mov r5, #0 ; 0x0
256 320: e25cc007 subs r12, r12, #7 ; 0x7 'p' 264 320: e25cc007 subs r12, r12, #7 ; 0x7 'p'
257 324: 0a0000b8 beq 0x60c 265 324: 0a0000b8 beq 0x60c
258 328: e25cc007 subs r12, r12, #7 ; 0x7 'w' 266 328: e25cc007 subs r12, r12, #7 ; 0x7 'w'
259 32c: 1a0000fc bne 0x724 267 32c: 1a0000fc bne 0x724
260 ; got 'w' 268 ; got 'w'
261 ; R4=0x800518, byte at 80053C used for something, init to 0 269 ; R4=0x800518, byte at 800530 used for something, init to 0
262 330: e5c45018 strb r5, [r4, #24] 270 330: e5c45018 strb r5, [r4, #24]
263 334: e3a0a000 mov r10, #0 ; 0x0 271 334: e3a0a000 mov r10, #0 ; 0x0
264 338: e3a06000 mov r6, #0 ; 0x0 272 338: e3a06000 mov r6, #0 ; 0x0
265 33c: ea000015 b 0x398 273 33c: ea000015 b 0x398
266 ; more blocks 274 ; more blocks
633 ; The routine at 0x8b4 handles the command received by the 0x2c8 routine. 641 ; The routine at 0x8b4 handles the command received by the 0x2c8 routine.
634 ; The argument in R0 is the code produced by the latter. 642 ; The argument in R0 is the code produced by the latter.
635 643
636 8b4: e92d4070 stmdb sp!, {r4, r5, r6, lr} 644 8b4: e92d4070 stmdb sp!, {r4, r5, r6, lr}
637 8b8: e24dd008 sub sp, sp, #8 ; 0x8 645 8b8: e24dd008 sub sp, sp, #8 ; 0x8
638 8bc: e59f4560 ldr r4, [pc, #1376] ; 0xe24 646 8bc: e59f4560 ldr r4, =0x800108 ; via 0xe24
639 8c0: e5d4c000 ldrb r12, [r4] 647 8c0: e5d4c000 ldrb r12, [r4]
640 8c4: e25cc001 subs r12, r12, #1 ; 0x1 648 8c4: e25cc001 subs r12, r12, #1 ; 0x1
641 8c8: 0a000102 beq 0xcd8 649 8c8: 0a000102 beq 0xcd8
642 8cc: e25cc001 subs r12, r12, #1 ; 0x1 650 8cc: e25cc001 subs r12, r12, #1 ; 0x1
643 8d0: 0a00008a beq 0xb00 651 8d0: 0a00008a beq 0xb00
896 cc4: e3a00000 mov r0, #0 ; 0x0 904 cc4: e3a00000 mov r0, #0 ; 0x0
897 cc8: ebfffd1b bl 0x13c 905 cc8: ebfffd1b bl 0x13c
898 ccc: e3a0c002 mov r12, #2 ; 0x2 906 ccc: e3a0c002 mov r12, #2 ; 0x2
899 cd0: e5c4c000 strb r12, [r4] 907 cd0: e5c4c000 strb r12, [r4]
900 cd4: ea000048 b 0xdfc 908 cd4: ea000048 b 0xdfc
909 ; in the initial state, with [800108]==1, control comes here
901 cd8: e250c001 subs r12, r0, #1 ; 0x1 910 cd8: e250c001 subs r12, r0, #1 ; 0x1
902 cdc: 0a000040 beq 0xde4 911 cdc: 0a000040 beq 0xde4
903 ce0: e25cc001 subs r12, r12, #1 ; 0x1 912 ce0: e25cc001 subs r12, r12, #1 ; 0x1
904 ce4: 0a00000b beq 0xd18 913 ce4: 0a00000b beq 0xd18
905 ce8: e24cc001 sub r12, r12, #1 ; 0x1 914 ce8: e24cc001 sub r12, r12, #1 ; 0x1
963 dd0: e596c004 ldr r12, [r6, #4] 972 dd0: e596c004 ldr r12, [r6, #4]
964 dd4: e580c000 str r12, [r0] 973 dd4: e580c000 str r12, [r0]
965 dd8: e3a0c002 mov r12, #2 ; 0x2 974 dd8: e3a0c002 mov r12, #2 ; 0x2
966 ddc: e5c4c000 strb r12, [r4] 975 ddc: e5c4c000 strb r12, [r4]
967 de0: ea000005 b 0xdfc 976 de0: ea000005 b 0xdfc
968 de4: e59f0018 ldr r0, [pc, #24] ; 0xe04 977 ; response to '<i' is handled here
978 de4: e59f0018 ldr r0, =0x800518 ; via 0xe04
969 de8: ebfffccb bl 0x11c 979 de8: ebfffccb bl 0x11c
970 dec: e3a00000 mov r0, #0 ; 0x0 980 dec: e3a00000 mov r0, #0 ; 0x0
971 df0: ebfffcd1 bl 0x13c 981 df0: ebfffcd1 bl 0x13c
972 df4: e3a0c001 mov r12, #1 ; 0x1 982 df4: e3a0c001 mov r12, #1 ; 0x1
973 df8: e5c4c000 strb r12, [r4] 983 df8: e5c4c000 strb r12, [r4]