diff compal/c156-fw-disasm @ 285:e5b0164f6060

compal/c156-fw-disasm: first attempt
author Mychaela Falconia <falcon@freecalypso.org>
date Thu, 14 Mar 2019 09:06:43 +0000
parents
children 5259ce993e87
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/compal/c156-fw-disasm	Thu Mar 14 09:06:43 2019 +0000
@@ -0,0 +1,162 @@
+; This disassembly is an attempt at analyzing Mot C155/156 fw, specifically
+; the version published in c156-flashimg-r1.zip.  I was hoping to get to the
+; Init_Target() and AI_InitIOConfig() functions as easily as in the C11x and
+; C139 versions, but this fw has been hacked up pretty heavily.
+
+; Entry point from bootloader
+   200e0:	ea06105a	b	0x1a4250
+   200e4:	ea06105a	b	0x1a4254
+   200e8:	ea061059	b	0x1a4254
+   200ec:	ea061058	b	0x1a4254
+   200f0:	ea061057	b	0x1a4254
+   200f4:	ea06105a	b	0x1a4264
+   200f8:	ea06105a	b	0x1a4268
+   200fc:	ea06105e	b	0x1a427c
+
+; this code appears to be the counterpart to TI's _INT_Initialize
+  1a4034:	e51f1024	ldr	r1, =0xffff9800	; via 0x1a4018
+  1a4038:	e15f21ba	ldrh	r2, =0x2006	; via 0x1a4026
+  1a403c:	e1c120b0	strh	r2, [r1]
+  1a4040:	e5912000	ldr	r2, [r1]
+  1a4044:	e2022001	and	r2, r2, #1
+  1a4048:	e3520001	cmp	r2, #1
+  1a404c:	0afffffb	beq	0x1a4040
+  1a4050:	e51f1044	ldr	r1, =0xfffffd00	; via 0x1a4014
+  1a4054:	e15f23b8	ldrh	r2, =0x1081	; via 0x1a4024
+  1a4058:	e1c120b0	strh	r2, [r1]
+  1a405c:	e51f1048	ldr	r1, =0xfffffb10	; via 0x1a401c
+  1a4060:	e15f23be	ldrh	r2, =0xf7ff	; via 0x1a402a
+  1a4064:	e1d100b0	ldrh	r0, [r1]
+  1a4068:	e0000002	and	r0, r0, r2
+  1a406c:	e1c100b0	strh	r0, [r1]
+  1a4070:	e51f1058	ldr	r1, =0xffffff08	; via 0x1a4020
+  1a4074:	e15f25b0	ldrh	r2, =0x0	; via 0x1a402c
+  1a4078:	e1c120b0	strh	r2, [r1]
+  1a407c:	e51f1074	ldr	r1, =0xfffffb00	; via 0x1a4010
+  1a4080:	e15f28b8	ldrh	r2, =0x2a1	; via 0x1a4000
+  1a4084:	e1c120b0	strh	r2, [r1]
+  1a4088:	e15f28be	ldrh	r2, =0x2a1	; via 0x1a4002
+  1a408c:	e1c120b2	strh	r2, [r1, #2]
+  1a4090:	e15f29b4	ldrh	r2, =0x2a4	; via 0x1a4004
+  1a4094:	e1c120b4	strh	r2, [r1, #4]
+  1a4098:	e15f29ba	ldrh	r2, =0x2a3	; via 0x1a4006
+  1a409c:	e1c120b6	strh	r2, [r1, #6]
+  1a40a0:	e15f2ab0	ldrh	r2, =0xe85	; via 0x1a4008
+  1a40a4:	e1c120ba	strh	r2, [r1, #10]	; 0xa
+  1a40a8:	e15f2ab6	ldrh	r2, =0xc0	; via 0x1a400a
+  1a40ac:	e1c120bc	strh	r2, [r1, #12]	; 0xc
+  1a40b0:	e15f2abc	ldrh	r2, =0x40	; via 0x1a400c
+  1a40b4:	e1c120b8	strh	r2, [r1, #8]
+  1a40b8:	e15f2bb2	ldrh	r2, =0x2a	; via 0x1a400e
+  1a40bc:	e1c120be	strh	r2, [r1, #14]	; 0xe
+  1a40c0:	e10f0000	mrs	r0, CPSR
+  1a40c4:	e3c0001f	bic	r0, r0, #31	; 0x1f
+  1a40c8:	e3800013	orr	r0, r0, #19	; 0x13
+  1a40cc:	e38000c0	orr	r0, r0, #192	; 0xc0
+  1a40d0:	e129f000	msr	CPSR_fc, r0
+  1a40d4:	e3a00001	mov	r0, #1
+  1a40d8:	e59f12b8	ldr	r1, =0x11694f8	; via 0x1a4398
+  1a40dc:	e5810000	str	r0, [r1]
+  1a40e0:	e59f02a8	ldr	r0, =0x1169500	; via 0x1a4390
+  1a40e4:	e3a01010	mov	r1, #16	; 0x10
+  1a40e8:	e0800001	add	r0, r0, r1
+  1a40ec:	e3a01b01	mov	r1, #1024	; 0x400
+  1a40f0:	e2411004	sub	r1, r1, #4
+  1a40f4:	e0802001	add	r2, r0, r1
+  1a40f8:	e3c22003	bic	r2, r2, #3
+  1a40fc:	e1a0a000	mov	r10, r0
+  1a4100:	e59f3294	ldr	r3, =0x82e97c	; via 0x1a439c
+  1a4104:	e583a000	str	r10, [r3]
+  1a4108:	e1a0d002	mov	sp, r2
+  1a410c:	e59f328c	ldr	r3, =0x82eaa0	; via 0x1a43a0
+  1a4110:	e583d000	str	sp, [r3]
+  1a4114:	e3a01c01	mov	r1, #256	; 0x100
+  1a4118:	e0822001	add	r2, r2, r1
+  1a411c:	e3c22003	bic	r2, r2, #3
+  1a4120:	e10f0000	mrs	r0, CPSR
+  1a4124:	e3c0001f	bic	r0, r0, #31	; 0x1f
+  1a4128:	e3800012	orr	r0, r0, #18	; 0x12
+  1a412c:	e129f000	msr	CPSR_fc, r0
+  1a4130:	e1a0d002	mov	sp, r2
+  1a4134:	e3a01c02	mov	r1, #512	; 0x200
+  1a4138:	e0822001	add	r2, r2, r1
+  1a413c:	e3c22003	bic	r2, r2, #3
+  1a4140:	e10f0000	mrs	r0, CPSR
+  1a4144:	e3c0001f	bic	r0, r0, #31	; 0x1f
+  1a4148:	e3800011	orr	r0, r0, #17	; 0x11
+  1a414c:	e129f000	msr	CPSR_fc, r0
+  1a4150:	e1a0d002	mov	sp, r2
+  1a4154:	e10f0000	mrs	r0, CPSR
+  1a4158:	e3c0001f	bic	r0, r0, #31	; 0x1f
+  1a415c:	e3800013	orr	r0, r0, #19	; 0x13
+  1a4160:	e129f000	msr	CPSR_fc, r0
+  1a4164:	e59f3238	ldr	r3, =0x82e8e4	; via 0x1a43a4
+  1a4168:	e2822004	add	r2, r2, #4
+  1a416c:	e5832000	str	r2, [r3]
+  1a4170:	e3a01b01	mov	r1, #1024	; 0x400
+  1a4174:	e3c11003	bic	r1, r1, #3
+  1a4178:	e0822001	add	r2, r2, r1
+  1a417c:	e59f3224	ldr	r3, =0x82e968	; via 0x1a43a8
+  1a4180:	e5831000	str	r1, [r3]
+  1a4184:	e3a01002	mov	r1, #2
+  1a4188:	e59f321c	ldr	r3, =0x82e978	; via 0x1a43ac
+  1a418c:	e5831000	str	r1, [r3]
+  1a4190:	e1a04002	mov	r4, r2
+  1a4194:	eb0cd342	bl	0x4d8ea4
+  1a4198:	e1a02004	mov	r2, r4
+  1a419c:	e51f0174	ldr	r0, =0x3e79c	; via 0x1a4030
+  1a41a0:	e3700001	cmn	r0, #1
+  1a41a4:	1b000083	blne	0x1a43b8
+  1a41a8:	e1a00002	mov	r0, r2
+  1a41ac:	ea19d513	b	0x819600
+
+  1a4250:	ea0cc185	b	0x4d486c
+  1a4254:	eaf9efa9	b	0x20100
+  1a4258:	eafffffe	b	0x1a4258
+  1a425c:	eafffffe	b	0x1a425c
+  1a4260:	eafffffe	b	0x1a4260
+  1a4264:	eafffffe	b	0x1a4264
+
+; code looks like TI's bootloader.s, not int.s
+  4d486c:	e51f101c	ldr	r1, =0xffff9800	; via 0x4d4858
+  4d4870:	e15f21b2	ldrh	r2, =0x2006	; via 0x4d4866
+  4d4874:	e1c120b0	strh	r2, [r1]
+  4d4878:	e5912000	ldr	r2, [r1]
+  4d487c:	e2022001	and	r2, r2, #1
+  4d4880:	e3520001	cmp	r2, #1
+  4d4884:	0afffffb	beq	0x4d4878
+  4d4888:	e51f103c	ldr	r1, =0xfffffd00	; via 0x4d4854
+  4d488c:	e15f23b0	ldrh	r2, =0x1081	; via 0x4d4864
+  4d4890:	e1c120b0	strh	r2, [r1]
+  4d4894:	e51f1040	ldr	r1, =0xfffffb10	; via 0x4d485c
+  4d4898:	e15f23b8	ldrh	r2, =0x800	; via 0x4d4868
+  4d489c:	e1d100b0	ldrh	r0, [r1]
+  4d48a0:	e1800002	orr	r0, r0, r2
+  4d48a4:	e1c100b0	strh	r0, [r1]
+  4d48a8:	e51f1050	ldr	r1, =0xffffff08	; via 0x4d4860
+  4d48ac:	e15f24ba	ldrh	r2, =0x0	; via 0x4d486a
+  4d48b0:	e1c120b0	strh	r2, [r1]
+  4d48b4:	e51f107c	ldr	r1, =0xfffffb00	; via 0x4d4840
+  4d48b8:	e15f27bc	ldrh	r2, =0x2a1	; via 0x4d4844
+  4d48bc:	e1c120b0	strh	r2, [r1]
+  4d48c0:	e15f28b2	ldrh	r2, =0x2a1	; via 0x4d4846
+  4d48c4:	e1c120b2	strh	r2, [r1, #2]
+  4d48c8:	e15f28b8	ldrh	r2, =0x2a1	; via 0x4d4848
+  4d48cc:	e1c120b4	strh	r2, [r1, #4]
+  4d48d0:	e15f28be	ldrh	r2, =0x283	; via 0x4d484a
+  4d48d4:	e1c120b6	strh	r2, [r1, #6]
+  4d48d8:	e15f29b4	ldrh	r2, =0x281	; via 0x4d484c
+  4d48dc:	e1c120ba	strh	r2, [r1, #10]	; 0xa
+  4d48e0:	e15f29ba	ldrh	r2, =0xc0	; via 0x4d484e
+  4d48e4:	e1c120bc	strh	r2, [r1, #12]	; 0xc
+  4d48e8:	e15f2ab0	ldrh	r2, =0x40	; via 0x4d4850
+  4d48ec:	e1c120b8	strh	r2, [r1, #8]
+  4d48f0:	e15f2ab6	ldrh	r2, =0x2a	; via 0x4d4852
+  4d48f4:	e1c120be	strh	r2, [r1, #14]	; 0xe
+  4d48f8:	e59f0014	ldr	r0, =0x1195770	; via 0x4d4914
+  4d48fc:	e3a01b01	mov	r1, #1024	; 0x400
+  4d4900:	e2411004	sub	r1, r1, #4
+  4d4904:	e0802001	add	r2, r0, r1
+  4d4908:	e3c22003	bic	r2, r2, #3
+  4d490c:	e1a0d002	mov	sp, r2
+  4d4910:	eaf33dc7	b	0x1a4034