From 64fa62588669f725a55d823407120a7b74371d6a Mon Sep 17 00:00:00 2001 From: Lake <> Date: Thu, 27 Feb 2020 18:43:47 +0100 Subject: [PATCH] some syscalls and starting symbols --- asm/fx@3.10-%247.txt | 642 +++++++++++++++++++++++++++++++++++++ asm/fx@3.10-%ac9.txt | 45 +++ asm/fx@3.10-%aca.txt | 40 +++ asm/rtc-functions.txt | 228 +++++++++++++ asm/symbols-getkeywait.txt | 19 ++ {asm => asmtables}/sh3.txt | 0 {asm => asmtables}/sh4.txt | 0 symbols/fx@3.10/rtc.txt | 8 + 8 files changed, 982 insertions(+) create mode 100644 asm/fx@3.10-%247.txt create mode 100644 asm/fx@3.10-%ac9.txt create mode 100644 asm/fx@3.10-%aca.txt create mode 100644 asm/rtc-functions.txt create mode 100644 asm/symbols-getkeywait.txt rename {asm => asmtables}/sh3.txt (100%) rename {asm => asmtables}/sh4.txt (100%) create mode 100644 symbols/fx@3.10/rtc.txt diff --git a/asm/fx@3.10-%247.txt b/asm/fx@3.10-%247.txt new file mode 100644 index 0000000..3d276ae --- /dev/null +++ b/asm/fx@3.10-%247.txt @@ -0,0 +1,642 @@ +Syscall %247 GetKeyWait from Graph 35+E II OS 3.10 + +Disassembly objective: + Understand the return-to-menu mechanism and hidden functions of GetKey(). + +Discovered RAM memory: + 0x8801b62c "setjmp_buffers" (jmp_buf[2]) + A datable with two jump buffers of 80 bytes each. + 0x8801b6cc "setjmp_buffer_index" (u8) + Index into the jump buffer table at 0x8801b62c. + + 0x8801b6cd (u8) + Controls the setup of a setjmp() at the start of GetKeyWait_Main. + + 0x8801340c (i8[16]) + 0x8801341c (i8[16]) + Two arrays of 8-bit integers. Seen used with a common index. Value seen + tested >= 0 using cmp/pz. + 0x88013464 + An index into the two arrays above. + +Call graph: + ---------------------------------------------------------------------------- + %247 ==> <80056802> (reduction) + ---------------------------------------------------------------------------- + <80056802> GetKeyWait_Main + %aca setjmp (DONE) + <80089d8a> ? + <80055d48> ? probably enables the keyboard interrupt + <80057982> + <800578ba> + ---------------------------------------------------------------------------- + +<%247 Keyboard_GetKeyWait> + r4: Pointer to matrix code column (uint32_t *, output) + r5: Pointer to matrix code row (uint32_t *, output) + r6: Type of waiting: + 0 = KEYWAIT_HALTON_TIMEROFF + 1 = KEYWAIT_HALTOFF_TIMEROFF + 2 = KEYWAIT_HALTON_TIMERON + r7: Timeout delay in seconds (0..3600); used with KEYWAIT_HALTON_TIMERON. + +0: Zero to allow return to menu; not possible with KEYWAIT_HALTOFF_TIMEROFF. + +4: Pointer to keycode of the GetKey() numbering. Set if such a keycode was + previously injected using %910, otherwise set to 0. Injecting with %910 + cannot trigger special functions such as main menu, and %24f is used + instead in the return-to-menu scheme. (uint16_t *, output) + + Stack> (+4) (+0) || pr (x:u32) (&x) (+4) (+0) + + # Tail-call <80056802> with a [u32 *] as an extra parameter. (The u32 itself + # is uninitialized, so it's probably an output.) + 800567e4: 4f22 sts.l pr, @-r15 + 800567e6: 7ffc add #-4, r15 + 800567e8: 61f3 mov r15, r1 + 800567ea: 2f16 mov.l r1, @-r15 + 800567ec: 7ffc add #-4, r15 + 800567ee: 51f5 mov.l @(20,r15), r1 + 800567f0: 2f12 mov.l r1, @r15 + 800567f2: 7ffc add #-4, r15 + 800567f4: 52f5 mov.l @(20,r15), r2 + 800567f6: b004 bsr <80056802> + 800567f8: 2f22 mov.l r2, @r15 + 800567fa: 7f10 add #16, r15 + 800567fc: 4f26 lds.l @r15+, pr + 800567fe: 000b rts + 80056800: 0009 nop + +--- + + Stack> (&x) (+4) (+0) || r8 r9 r10 r11 r12 r13 r14 pr (timeout) (wait_type) + (row) (column) + + 80056802: 2f86 mov.l r8, @-r15 + 80056804: 2f96 mov.l r9, @-r15 + 80056806: 2fa6 mov.l r10, @-r15 + 80056808: 2fb6 mov.l r11, @-r15 + 8005680a: 2fc6 mov.l r12, @-r15 + 8005680c: 2fd6 mov.l r13, @-r15 + 8005680e: 2fe6 mov.l r14, @-r15 + 80056810: 4f22 sts.l pr, @-r15 + 80056812: 7ff0 add #-16, r15 + 80056814: d157 mov.l 0x8801b6cd, r1 + 80056816: 1f73 mov.l r7, @(12,r15) + 80056818: 1f62 mov.l r6, @(8,r15) + 8005681a: 1f51 mov.l r5, @(4,r15) + 8005681c: 2f42 mov.l r4, @r15 + 8005681e: 6210 mov.b @r1, r2 + 80056820: 2228 tst r2, r2 + 80056822: 8b0e bf <80056842> + + # If 0x8801b6cd (u8) is equal to 0, call setjmp() using the context number + # 0x8801b6cc (2 buffers are available, with index 0 and 1). + # Call <80089d8a> with the result, which is 0 when exiting from setjmp() and + # something else when exiting from longjmp(). + 80056824: d554 mov.l 0x8801b6cc, r5 + 80056826: d455 mov.l 0x8801b62c, r4 + 80056828: d855 mov.l %aca, r8 + 8005682a: d956 mov.l 0x80089d8a, r9 + 8005682c: 6650 mov.b @r5, r6 + 8005682e: 666c extu.b r6, r6 + 80056830: 6763 mov r6, r7 + 80056832: 4708 shll2 r7 + 80056834: 376c add r6, r7 + 80056836: 4708 shll2 r7 + 80056838: 4708 shll2 r7 + 8005683a: 480b jsr @r8 + 8005683c: 347c add r7, r4 + 8005683e: 490b jsr @r9 + 80056840: 6403 mov r0, r4 + + # Do <80055d48> only if the KEYSC interrupt is disabled. From the looks of it + # this function enables that interrupt. + # According to Yatis, UCNTREG contains two fields: interrupt enable (bit 15) + # and some interrupt mode (bits 1-0). The OS probably uses only one value of + # the mode. That UCNTREG is checked as a boolean (thus ignoring the non-zero + # settings of bits 1-0) suggests that the OS always sets bits 1-0 to 0. + 80056842: d651 mov.l 0xa44b000c KEYSC.UCNTREG, r6 + 80056844: 6261 mov.w @r6, r2 + 80056846: 2228 tst r2, r2 + 80056848: 8b02 bf <80056850> + 8005684a: d250 mov.l 0x80055d48, r2 + 8005684c: 420b jsr @r2 + 8005684e: 0009 nop + + # Jump over most of GetKeyWait_Main under the following conditions: + # 1. 0x8801345c is non-zero, AND + # 2. Value at index 0x88013464 (u32) of i8 table 0x8801340c is < 0, AND + # 3. Value at same index of i8 table 0x8801341c is < 0 + 80056850: de4f mov.l 0x8801345c, r14 + 80056852: 62e2 mov.l @r14, r2 + 80056854: 2228 tst r2, r2 + 80056856: 890b bt <80056870> + 80056858: d44e mov.l 0x88013464, r4 + 8005685a: d64f mov.l 0x8801340c, r6 + 8005685c: 6042 mov.l @r4, r0 + 8005685e: 026c mov.b @(r0,r6), r2 + 80056860: 4211 cmp/pz r2 + 80056862: 8905 bt <80056870> + 80056864: d64d mov.l 0x8801341c, r6 + 80056866: 026c mov.b @(r0,r6), r2 + 80056868: 4211 cmp/pz r2 + 8005686a: 8901 bt <80056870> + 8005686c: a123 bra <80056ab6> + 8005686e: 0009 nop + + # If waiting type is KEYWAIT_HALTON_TIMERON, adjust the timeout. + # -> The timeout cannot be more than 0xe10 = 3600 seconds. + # -> Multiply it by 2 and store it back. + 80056870: 50f2 mov.l @(8,r15), r0 + 80056872: 8802 cmp/eq #2, r0 + 80056874: 8b06 bf <80056884> + 80056876: 57f3 mov.l @(12,r15), r7 + 80056878: 9251 mov.w 0x00000e10, r2 + 8005687a: 3727 cmp/gt r2, r7 + 8005687c: 8b00 bf <80056880> + 8005687e: 6723 mov r2, r7 + 80056880: 4700 shll r7 + 80056882: 1f73 mov.l r7, @(12,r15) + + ## For waiting type == KEYWAIT_HALTOFF_TIMEROFF + + 80056884: 50f2 mov.l @(8,r15), r0 + 80056886: 8801 cmp/eq #1, r0 + 80056888: 8901 bt <8005688e> + 8005688a: a093 bra <800569b4> + 8005688c: 0009 nop + + # If <80057982>() < 0, give up to <80056b4e>. + 8005688e: d344 mov.l 0x80057982, r3 + 80056890: 430b jsr @r3 + 80056892: 0009 nop + 80056894: 4011 cmp/pz r0 + 80056896: 8901 bt <8005689c> + 80056898: a159 bra <80056b4e> + 8005689a: 0009 nop + + # If 0x880133e4 = 0, wait for 8 ms. If it's still 0 after that, return + # KEYREP_NOEVENT from GetKeyWait(). + 8005689c: d824 mov.l 0x880133e4, r8 + 8005689e: 6682 mov.l @r8, r6 + 800568a0: 2668 tst r6, r6 + 800568a2: 8b08 bf <800568b6> + 800568a4: d23f mov.l %420 OS_inner_Sleep, r2 + 800568a6: 420b jsr @r2 + 800568a8: e408 mov #8, r4 + 800568aa: 6682 mov.l @r8, r6 + 800568ac: 2668 tst r6, r6 + 800568ae: 8f02 bf.s <800568b6> + 800568b0: e000 mov #0, r0 + 800568b2: a1b9 bra <80056c28> + 800568b4: 0009 nop + + 800568b6: d53c mov.l 0x880133cc, r5 + 800568b8: 6df2 mov.l @r15, r13 + 800568ba: 5ef1 mov.l @(4,r15), r14 + 800568bc: d13b mov.l 0x880133fc, r1 + 800568be: 6a50 mov.b @r5, r10 + 800568c0: 6aac extu.b r10, r10 + 800568c2: 2da2 mov.l r10, @r13 + 800568c4: 8451 mov.b @(1,r5), r0 + 800568c6: 6b0c extu.b r0, r11 + 800568c8: 2eb2 mov.l r11, @r14 + 800568ca: 6c10 mov.b @r1, r12 + 800568cc: 60cc extu.b r12, r0 + 800568ce: 8802 cmp/eq #2, r0 + 800568d0: 8901 bt <800568d6> + 800568d2: 8812 cmp/eq #18, r0 + 800568d4: 8b02 bf <800568dc> + 800568d6: 56fe mov.l @(56,r15), r6 + 800568d8: a015 bra <80056906> + 800568da: e201 mov #1, r2 + 800568dc: 8803 cmp/eq #3, r0 + 800568de: 8901 bt <800568e4> + 800568e0: 8813 cmp/eq #19, r0 + 800568e2: 8b02 bf <800568ea> + 800568e4: 56fe mov.l @(56,r15), r6 + 800568e6: a00e bra <80056906> + 800568e8: e202 mov #2, r2 + 800568ea: 8811 cmp/eq #17, r0 + 800568ec: 8b02 bf <800568f4> + 800568ee: 56fe mov.l @(56,r15), r6 + 800568f0: a009 bra <80056906> + 800568f2: e203 mov #3, r2 + 800568f4: 8804 cmp/eq #4, r0 + 800568f6: 8901 bt <800568fc> + 800568f8: 8814 cmp/eq #20, r0 + 800568fa: 8b02 bf <80056902> + 800568fc: 56fe mov.l @(56,r15), r6 + 800568fe: a002 bra <80056906> + 80056900: e204 mov #4, r2 + 80056902: e200 mov #0, r2 + 80056904: 56fe mov.l @(56,r15), r6 + 80056906: 54fd mov.l @(52,r15), r4 + 80056908: e800 mov #0, r8 + 8005690a: d911 mov.l 0x8800c254, r9 + 8005690c: 2620 mov.b r2, @r6 + 8005690e: de11 mov.l 0x88013408, r14 + 80056910: d727 mov.l 0x8005a60a, r7 + 80056912: 2481 mov.w r8, @r4 + 80056914: 6592 mov.l @r9, r5 + 80056916: 470b jsr @r7 + 80056918: 2e52 mov.l r5, @r14 + 8005691a: a118 bra <80056b4e> + 8005691c: 0009 nop + + ### + + 800569b4: 56f2 mov.l @(8,r15), r6 + 800569b6: 2668 tst r6, r6 + 800569b8: 8b09 bf <800569ce> + 800569ba: d666 mov.l 0x8800d1b8, r6 + 800569bc: 6260 mov.b @r6, r2 + 800569be: 2228 tst r2, r2 + 800569c0: 8b05 bf <800569ce> + 800569c2: d665 mov.l 0x8800c254, r6 + 800569c4: de65 mov.l 0x88013408, r14 + 800569c6: db66 mov.l 0x8005a60a, r11 + 800569c8: 6a62 mov.l @r6, r10 + 800569ca: 4b0b jsr @r11 + 800569cc: 2ea2 mov.l r10, @r14 + 800569ce: b4b1 bsr %252 + 800569d0: 0009 nop + 800569d2: d264 mov.l 0x80053536, r2 + 800569d4: 420b jsr @r2 + 800569d6: 0009 nop + 800569d8: 2008 tst r0, r0 + 800569da: 891c bt <80056a16> + 800569dc: d662 mov.l 0x800854c2, r6 + 800569de: 460b jsr @r6 + 800569e0: 0009 nop + 800569e2: 8801 cmp/eq #1, r0 + 800569e4: 8b04 bf <800569f0> + 800569e6: d261 mov.l %11a Timer_Start, r2 + 800569e8: 420b jsr @r2 + 800569ea: e403 mov #3, r4 + 800569ec: a013 bra <80056a16> + 800569ee: 0009 nop + 800569f0: d65d mov.l 0x800854c2, r6 + 800569f2: 460b jsr @r6 + 800569f4: 0009 nop + 800569f6: 8802 cmp/eq #2, r0 + 800569f8: 8b03 bf <80056a02> + 800569fa: b75e bsr <800578ba> + 800569fc: 0009 nop + 800569fe: a00a bra <80056a16> + 80056a00: 0009 nop + 80056a02: d25b mov.l %48e GetAutoPowerOffFlag, r2 + 80056a04: 420b jsr @r2 + 80056a06: 0009 nop + 80056a08: 2008 tst r0, r0 + 80056a0a: 8b04 bf <80056a16> + 80056a0c: b246 bsr <80056e9c> + 80056a0e: 0009 nop + 80056a10: d258 mov.l %11b Timer_Stop, r2 + 80056a12: 420b jsr @r2 + 80056a14: e403 mov #3, r4 + 80056a16: ed80 mov #-128, r13 + 80056a18: da57 mov.l %3ed Interrupt_SetOrClrStatusFlags, r10 + 80056a1a: 6ddc extu.b r13, r13 + 80056a1c: db57 mov.l %3ef, r11 + 80056a1e: dc58 mov.l %3ee Interrupt_QueryStatusFlags, r12 + 80056a20: d858 mov.l 0x880133e4, r8 + 80056a22: d959 mov.l 0x88013480, r9 + 80056a24: 6682 mov.l @r8, r6 + 80056a26: 2668 tst r6, r6 + 80056a28: 8b01 bf <80056a2e> + 80056a2a: b194 bsr %241 Keyboard_ClrBuffer + 80056a2c: 0009 nop + 80056a2e: e500 mov #0, r5 + 80056a30: 4a0b jsr @r10 + 80056a32: 64d3 mov r13, r4 + 80056a34: 4b0b jsr @r11 + 80056a36: 0009 nop + 80056a38: e501 mov #1, r5 + 80056a3a: 4c0b jsr @r12 + 80056a3c: 64d3 mov r13, r4 + 80056a3e: 8801 cmp/eq #1, r0 + 80056a40: 8b2b bf <80056a9a> + 80056a42: d152 mov.l 0x8005a5f8, r1 + 80056a44: 410b jsr @r1 + 80056a46: ee00 mov #0, r14 + 80056a48: b494 bsr %254 + 80056a4a: 0009 nop + 80056a4c: b752 bsr <800578f4> + 80056a4e: 64e3 mov r14, r4 + 80056a50: d14f mov.l 0x8801b6e9, r1 + 80056a52: 6510 mov.b @r1, r5 + 80056a54: 2558 tst r5, r5 + 80056a56: 8b04 bf <80056a62> + 80056a58: d640 mov.l 0x88013408, r6 + 80056a5a: ee01 mov #1, r14 + 80056a5c: 6262 mov.l @r6, r2 + 80056a5e: 72ff add #-1, r2 + 80056a60: 2622 mov.l r2, @r6 + 80056a62: d14c mov.l 0x880133ec, r1 + 80056a64: 6212 mov.l @r1, r2 + 80056a66: 4215 cmp/pl r2 + 80056a68: 8b03 bf <80056a72> + 80056a6a: 6212 mov.l @r1, r2 + 80056a6c: 72ff add #-1, r2 + 80056a6e: a006 bra <80056a7e> + 80056a70: 2122 mov.l r2, @r1 + 80056a72: d149 mov.l 0x880133e8, r1 + 80056a74: 6010 mov.b @r1, r0 + 80056a76: 8810 cmp/eq #16, r0 + 80056a78: 8b01 bf <80056a7e> + 80056a7a: e200 mov #0, r2 + 80056a7c: 2120 mov.b r2, @r1 + 80056a7e: d247 mov.l 0x8005a63a, r2 + 80056a80: 420b jsr @r2 + 80056a82: 0009 nop + 80056a84: b3a6 bsr <800571d4> + 80056a86: 0009 nop + 80056a88: 60e3 mov r14, r0 + 80056a8a: 8801 cmp/eq #1, r0 + 80056a8c: 8b02 bf <80056a94> + 80056a8e: d244 mov.l %4e5, r2 + 80056a90: 420b jsr @r2 + 80056a92: 0009 nop + 80056a94: d243 mov.l 0x8008c990, r2 + 80056a96: 420b jsr @r2 + 80056a98: e400 mov #0, r4 + 80056a9a: de43 mov.l 0x8801345c, r14 + 80056a9c: 6791 mov.w @r9, r7 + 80056a9e: 7701 add #1, r7 + 80056aa0: 2971 mov.w r7, @r9 + 80056aa2: 61e2 mov.l @r14, r1 + 80056aa4: 2118 tst r1, r1 + 80056aa6: 8b01 bf <80056aac> + 80056aa8: a088 bra <80056bbc> + 80056aaa: 0009 nop + 80056aac: 64f2 mov.l @r15, r4 + 80056aae: b16c bsr <80056d8a> + 80056ab0: 55f1 mov.l @(4,r15), r5 + 80056ab2: b451 bsr %253 + 80056ab4: 0009 nop + 80056ab6: 64f2 mov.l @r15, r4 + 80056ab8: b167 bsr <80056d8a> + 80056aba: 55f1 mov.l @(4,r15), r5 + 80056abc: d43b mov.l 0x88013464, r4 + 80056abe: d63c mov.l 0x8801342c, r6 + 80056ac0: 6042 mov.l @r4, r0 + 80056ac2: 026c mov.b @(r0,r6), r2 + 80056ac4: 602c extu.b r2, r0 + 80056ac6: 8802 cmp/eq #2, r0 + 80056ac8: 8901 bt <80056ace> + 80056aca: 8812 cmp/eq #18, r0 + 80056acc: 8b02 bf <80056ad4> + 80056ace: 56fe mov.l @(56,r15), r6 + 80056ad0: a015 bra <80056afe> + 80056ad2: e201 mov #1, r2 + 80056ad4: 8803 cmp/eq #3, r0 + 80056ad6: 8901 bt <80056adc> + 80056ad8: 8813 cmp/eq #19, r0 + 80056ada: 8b02 bf <80056ae2> + 80056adc: 56fe mov.l @(56,r15), r6 + 80056ade: a00e bra <80056afe> + 80056ae0: e202 mov #2, r2 + 80056ae2: 8811 cmp/eq #17, r0 + 80056ae4: 8b02 bf <80056aec> + 80056ae6: 56fe mov.l @(56,r15), r6 + 80056ae8: a009 bra <80056afe> + 80056aea: e203 mov #3, r2 + 80056aec: 8804 cmp/eq #4, r0 + 80056aee: 8901 bt <80056af4> + 80056af0: 8814 cmp/eq #20, r0 + 80056af2: 8b02 bf <80056afa> + 80056af4: 56fe mov.l @(56,r15), r6 + 80056af6: a002 bra <80056afe> + 80056af8: e204 mov #4, r2 + 80056afa: e200 mov #0, r2 + 80056afc: 56fe mov.l @(56,r15), r6 + 80056afe: 67f2 mov.l @r15, r7 + 80056b00: 2620 mov.b r2, @r6 + 80056b02: 6572 mov.l @r7, r5 + 80056b04: 4511 cmp/pz r5 + 80056b06: 8908 bt <80056b1a> + 80056b08: 56f1 mov.l @(4,r15), r6 + 80056b0a: 6262 mov.l @r6, r2 + 80056b0c: 4211 cmp/pz r2 + 80056b0e: 8904 bt <80056b1a> + 80056b10: d528 mov.l 0x8801343c, r5 + 80056b12: 6042 mov.l @r4, r0 + 80056b14: 4000 shll r0 + 80056b16: a001 bra <80056b1c> + 80056b18: 065d mov.w @(r0,r5), r6 + 80056b1a: e600 mov #0, r6 + 80056b1c: 58fd mov.l @(52,r15), r8 + 80056b1e: eb10 mov #16, r11 + 80056b20: de21 mov.l 0x8801345c, r14 + 80056b22: 2861 mov.w r6, @r8 + 80056b24: 6a42 mov.l @r4, r10 + 80056b26: 69e2 mov.l @r14, r9 + 80056b28: 7a01 add #1, r10 + 80056b2a: 24a2 mov.l r10, @r4 + 80056b2c: 3ab3 cmp/ge r11, r10 + 80056b2e: 79ff add #-1, r9 + 80056b30: 8f02 bf.s <80056b38> + 80056b32: 2e92 mov.l r9, @r14 + 80056b34: e200 mov #0, r2 + 80056b36: 2422 mov.l r2, @r4 + 80056b38: 52fc mov.l @(48,r15), r2 + 80056b3a: 2228 tst r2, r2 + 80056b3c: 8b07 bf <80056b4e> + 80056b3e: d21e mov.l 0x8008a692, r2 + 80056b40: 64f2 mov.l @r15, r4 + 80056b42: 420b jsr @r2 + 80056b44: 55f1 mov.l @(4,r15), r5 + 80056b46: 2008 tst r0, r0 + 80056b48: 8b01 bf <80056b4e> + 80056b4a: ae9b bra <80056884> + 80056b4c: 0009 nop + 80056b4e: a06b bra <80056c28> + 80056b50: e001 mov #1, r0 + 80056bbc: de89 mov.l 0x88013408, r14 + 80056bbe: 62e2 mov.l @r14, r2 + 80056bc0: 4215 cmp/pl r2 + 80056bc2: 891e bt <80056c02> + 80056bc4: b03a bsr %250 + 80056bc6: 0009 nop + 80056bc8: 50f2 mov.l @(8,r15), r0 + 80056bca: 8802 cmp/eq #2, r0 + 80056bcc: 8919 bt <80056c02> + 80056bce: d286 mov.l %48e GetAutoPowerOffFlag, r2 + 80056bd0: 420b jsr @r2 + 80056bd2: 0009 nop + 80056bd4: 2008 tst r0, r0 + 80056bd6: 8b14 bf <80056c02> + 80056bd8: d184 mov.l 0x8801b6e9, r1 + 80056bda: 6210 mov.b @r1, r2 + 80056bdc: 2228 tst r2, r2 + 80056bde: 8b10 bf <80056c02> + 80056be0: de83 mov.l %3f4 PowerOff, r14 + 80056be2: 4e0b jsr @r14 + 80056be4: e401 mov #1, r4 + 80056be6: d183 mov.l %4e5, r1 + 80056be8: 410b jsr @r1 + 80056bea: 0009 nop + 80056bec: d582 mov.l %4b7, r5 + 80056bee: 450b jsr @r5 + 80056bf0: 0009 nop + 80056bf2: 2008 tst r0, r0 + 80056bf4: 8b02 bf <80056bfc> + 80056bf6: d281 mov.l 0x8008c990, r2 + 80056bf8: 420b jsr @r2 + 80056bfa: e401 mov #1, r4 + 80056bfc: d280 mov.l %028 Bdisp_PutDisp_DD, r2 + 80056bfe: 420b jsr @r2 + 80056c00: 0009 nop + 80056c02: 50f2 mov.l @(8,r15), r0 + 80056c04: 8802 cmp/eq #2, r0 + 80056c06: 8901 bt <80056c0c> + 80056c08: af0c bra <80056a24> + 80056c0a: 0009 nop + 80056c0c: 6682 mov.l @r8, r6 + 80056c0e: 2668 tst r6, r6 + 80056c10: 8901 bt <80056c16> + 80056c12: af07 bra <80056a24> + 80056c14: 0009 nop + 80056c16: 57f3 mov.l @(12,r15), r7 + 80056c18: 4715 cmp/pl r7 + 80056c1a: 8b02 bf <80056c22> + 80056c1c: 77ff add #-1, r7 + 80056c1e: af01 bra <80056a24> + 80056c20: 1f73 mov.l r7, @(12,r15) + 80056c22: b399 bsr %253 + 80056c24: 0009 nop + 80056c26: e002 mov #2, r0 + + + 80056c28: 7f10 add #16, r15 + 80056c2a: 4f26 lds.l @r15+, pr + 80056c2c: 6ef6 mov.l @r15+, r14 + 80056c2e: 6df6 mov.l @r15+, r13 + 80056c30: 6cf6 mov.l @r15+, r12 + 80056c32: 6bf6 mov.l @r15+, r11 + 80056c34: 6af6 mov.l @r15+, r10 + 80056c36: 69f6 mov.l @r15+, r9 + 80056c38: 000b rts + 80056c3a: 68f6 mov.l @r15+, r8 + + +--- + +<80057982> + + 80057982: 4f22 sts.l pr, @-r15 + 80057984: 4f12 sts.l macl, @-r15 + 80057986: 4f02 sts.l mach, @-r15 + 80057988: d636 mov.l 0x800854c2, r6 + 8005798a: 460b jsr @r6 + 8005798c: 0009 nop + 8005798e: 8801 cmp/eq #1, r0 + 80057990: 8b3b bf <80057a0a> + + # RTC_TimeCategorySinceReset() + 80057992: bf92 bsr <800578ba> + 80057994: 0009 nop + 80057996: 2008 tst r0, r0 + 80057998: 8901 bt <8005799e> + 8005799a: 8801 cmp/eq #1, r0 + 8005799c: 8b0d bf <800579ba> + + # If it returns 0 or 1... + 8005799e: d12f mov.l %03b RTC_GetTicks, r1 + 800579a0: 410b jsr @r1 + 800579a2: 0009 nop + 800579a4: 4011 cmp/pz r0 + 800579a6: 8d01 bt.s <800579ac> + 800579a8: 6203 mov r0, r2 + 800579aa: 723f add #63, r2 + 800579ac: e6fa mov #-6, r6 + 800579ae: 426c shad r6, r2 + 800579b0: 6023 mov r2, r0 + 800579b2: c801 tst #1, r0 + 800579b4: 891f bt <800579f6> + 800579b6: a022 bra <800579fe> + 800579b8: 0009 nop + + # If it returns something else... + 800579ba: 8802 cmp/eq #2, r0 + 800579bc: 8901 bt <800579c2> + 800579be: 8803 cmp/eq #3, r0 + 800579c0: 8b5c bf <80057a7c> + 800579c2: d226 mov.l %03b RTC_GetTicks, r2 + 800579c4: 420b jsr @r2 + 800579c6: 0009 nop + 800579c8: 4011 cmp/pz r0 + 800579ca: 8d01 bt.s <800579d0> + 800579cc: 6503 mov r0, r5 + 800579ce: 753f add #63, r5 + 800579d0: e7fa mov #-6, r7 + 800579d2: d128 mov.l 0x2aaaaaab, r1 + 800579d4: 457c shad r7, r5 + 800579d6: 315d dmuls.l r5, r1 + 800579d8: 060a sts mach, r6 + 800579da: 6063 mov r6, r0 + 800579dc: 4004 rotl r0 + 800579de: c901 and #1, r0 + 800579e0: 360c add r0, r6 + 800579e2: 6463 mov r6, r4 + 800579e4: 4600 shll r6 + 800579e6: 364c add r4, r6 + 800579e8: 4600 shll r6 + 800579ea: 3568 sub r6, r5 + 800579ec: 6053 mov r5, r0 + 800579ee: 8804 cmp/eq #4, r0 + 800579f0: 8905 bt <800579fe> + 800579f2: 8805 cmp/eq #5, r0 + 800579f4: 8903 bt <800579fe> + + 800579f6: b06d bsr <80057ad4> + 800579f8: 0009 nop + 800579fa: a03d bra <80057a78> + 800579fc: 0009 nop + + 800579fe: b06f bsr <80057ae0> + 80057a00: 0009 nop + 80057a02: a039 bra <80057a78> + 80057a04: 0009 nop + + 80057a0a: d616 mov.l 0x800854c2, r6 + 80057a0c: 460b jsr @r6 + 80057a0e: 0009 nop + 80057a10: 8802 cmp/eq #2, r0 + 80057a12: 8b33 bf <80057a7c> + 80057a14: bf51 bsr <800578ba> + 80057a16: 0009 nop + 80057a18: 2008 tst r0, r0 + 80057a1a: 892d bt <80057a78> + 80057a1c: 8801 cmp/eq #1, r0 + 80057a1e: 8903 bt <80057a28> + 80057a20: 8802 cmp/eq #2, r0 + 80057a22: 8901 bt <80057a28> + 80057a24: 8803 cmp/eq #3, r0 + 80057a26: 8b29 bf <80057a7c> + 80057a28: b06c bsr <80057b04> + 80057a2a: 0009 nop + 80057a2c: 2008 tst r0, r0 + 80057a2e: 8b23 bf <80057a78> + 80057a30: b06b bsr <80057b0a> + 80057a32: e401 mov #1, r4 + 80057a34: d50d mov.l 0x8008547c, r5 + 80057a36: 450b jsr @r5 + 80057a38: e400 mov #0, r4 + 80057a3a: d60d mov.l 0x8005a8a0, r6 + 80057a3c: 460b jsr @r6 + 80057a3e: 0009 nop + 80057a40: 2008 tst r0, r0 + 80057a42: 8901 bt <80057a48> + 80057a44: ba2a bsr <80056e9c> + 80057a46: 0009 nop + 80057a48: a019 bra <80057a7e> + 80057a4a: e0ff mov #-1, r0 + 80057a78: a001 bra <80057a7e> + 80057a7a: e001 mov #1, r0 + 80057a7c: 0029 movt r0 + 80057a7e: 4f06 lds.l @r15+, mach + 80057a80: 4f16 lds.l @r15+, macl + 80057a82: 4f26 lds.l @r15+, pr + 80057a84: 000b rts + 80057a86: 0009 nop diff --git a/asm/fx@3.10-%ac9.txt b/asm/fx@3.10-%ac9.txt new file mode 100644 index 0000000..b645152 --- /dev/null +++ b/asm/fx@3.10-%ac9.txt @@ -0,0 +1,45 @@ +Syscall %ac9 longjmp() from Graph 35+E II OS 3.10 + +Restores the whole jump buffer, except for r0 which is the return code anyway. +Performs rts to the saved value of pr, effectively jumping to the setjmp() call +site. + +Discovered RAM memory: + 0x880287e4 Temporary storage for the return code of longjmp() + +<%ac9> + 801e3e7c: d011 mov.l 0x880287e4, r0 + 801e3e7e: 2052 mov.l r5, @r0 + 801e3e80: 7434 add #52, r4 + 801e3e82: 5046 mov.l @(24,r4), r0 + 801e3e84: 401e ldc r0, gbr + 801e3e86: 5045 mov.l @(20,r4), r0 + 801e3e88: 401a lds r0, macl + 801e3e8a: 5044 mov.l @(16,r4), r0 + 801e3e8c: 400a lds r0, mach + 801e3e8e: 5142 mov.l @(8,r4), r1 + 801e3e90: 5241 mov.l @(4,r4), r2 + 801e3e92: 6342 mov.l @r4, r3 + 801e3e94: 74cc add #-52, r4 + 801e3e96: 554b mov.l @(44,r4), r5 + 801e3e98: 564a mov.l @(40,r4), r6 + 801e3e9a: 5749 mov.l @(36,r4), r7 + 801e3e9c: 5848 mov.l @(32,r4), r8 + 801e3e9e: 5947 mov.l @(28,r4), r9 + 801e3ea0: 5a46 mov.l @(24,r4), r10 + 801e3ea2: 5b45 mov.l @(20,r4), r11 + 801e3ea4: 5c44 mov.l @(16,r4), r12 + 801e3ea6: 5d43 mov.l @(12,r4), r13 + 801e3ea8: 5e41 mov.l @(4,r4), r14 + 801e3eaa: 6043 mov r4, r0 + 801e3eac: 540c mov.l @(48,r0), r4 + 801e3eae: 6f02 mov.l @r0, r15 + 801e3eb0: 5002 mov.l @(8,r0), r0 + 801e3eb2: 402a lds r0, pr + 801e3eb4: d003 mov.l 0x880287e4, r0 + 801e3eb6: 6002 mov.l @r0, r0 + 801e3eb8: 8800 cmp/eq #0, r0 + 801e3eba: 8b00 bf <801e3ebe> + 801e3ebc: e001 mov #1, r0 + 801e3ebe: 000b rts + 801e3ec0: 0009 nop diff --git a/asm/fx@3.10-%aca.txt b/asm/fx@3.10-%aca.txt new file mode 100644 index 0000000..c89aec1 --- /dev/null +++ b/asm/fx@3.10-%aca.txt @@ -0,0 +1,40 @@ +Syscall %aca setjmp() from Graph 35+E II OS 3.10 + +An implementation of setjmp() using an 80-byte CPU context buffer. The +corresponding longjump() function is %ac9. + +Shape of the CPU context structure: + (+0) r15 r14 pr r13 r12 r11 r10 r9 r8 r7 r6 r5 + (+48) r4 r3 r2 r1 r0 mach macl gbr + Total size: 80 bytes + +<%aca> + 801e3ec8: 24f2 mov.l r15, @r4 + 801e3eca: 14e1 mov.l r14, @(4,r4) + 801e3ecc: 0e2a sts pr, r14 + 801e3ece: 14e2 mov.l r14, @(8,r4) + 801e3ed0: 5e41 mov.l @(4,r4), r14 + 801e3ed2: 14d3 mov.l r13, @(12,r4) + 801e3ed4: 14c4 mov.l r12, @(16,r4) + 801e3ed6: 14b5 mov.l r11, @(20,r4) + 801e3ed8: 14a6 mov.l r10, @(24,r4) + 801e3eda: 1497 mov.l r9, @(28,r4) + 801e3edc: 1488 mov.l r8, @(32,r4) + 801e3ede: 1479 mov.l r7, @(36,r4) + 801e3ee0: 146a mov.l r6, @(40,r4) + 801e3ee2: 145b mov.l r5, @(44,r4) + 801e3ee4: 144c mov.l r4, @(48,r4) + 801e3ee6: 7430 add #48, r4 + 801e3ee8: 1431 mov.l r3, @(4,r4) + 801e3eea: 1422 mov.l r2, @(8,r4) + 801e3eec: 1413 mov.l r1, @(12,r4) + 801e3eee: 1404 mov.l r0, @(16,r4) + 801e3ef0: 000a sts mach, r0 + 801e3ef2: 1405 mov.l r0, @(20,r4) + 801e3ef4: 001a sts macl, r0 + 801e3ef6: 1406 mov.l r0, @(24,r4) + 801e3ef8: 0012 stc gbr, r0 + 801e3efa: 1407 mov.l r0, @(28,r4) + 801e3efc: 6442 mov.l @r4, r4 + 801e3efe: 000b rts + 801e3f00: e000 mov #0, r0 diff --git a/asm/rtc-functions.txt b/asm/rtc-functions.txt new file mode 100644 index 0000000..d5988f6 --- /dev/null +++ b/asm/rtc-functions.txt @@ -0,0 +1,228 @@ +RTC functions from Graph 35+E II OS 3.10 + +<%03b RTC_GetTicks> + Returns the number of 128-Hz ticks elapsed since midnight. + r0: Number of ticks (between 0 and 11059200) + + 80013c80: 2f86 mov.l r8, @-r15 + 80013c82: 2f96 mov.l r9, @-r15 + 80013c84: 2fa6 mov.l r10, @-r15 + 80013c86: 2fb6 mov.l r11, @-r15 + 80013c88: 2fc6 mov.l r12, @-r15 + 80013c8a: 2fd6 mov.l r13, @-r15 + 80013c8c: 4f12 sts.l macl, @-r15 + + # r9 is 128*60*60, ie. the number of ticks per hour + 80013c8e: db79 mov.l 0xa413fedc RTC.RCR1, r11 + 80013c90: ecfc mov #-4, r12 + 80013c92: e807 mov #7, r8 + 80013c94: d978 mov.l 0x00070800, r9 + 80013c96: 6db3 mov r11, r13 + 80013c98: 7de4 add #-28, r13 + + # Clear the carry flag and carry interrupt in RCR1 + 80013c9a: 67b0 mov.b @r11, r7 + 80013c9c: 6073 mov r7, r0 + 80013c9e: c909 and #9, r0 + 80013ca0: 6a03 mov r0, r10 + 80013ca2: 2ba0 mov.b r10, @r11 + + # r5 = RSECCNT (binary) * 128 + R64CNT + 80013ca4: 61d0 mov.b @r13, r1 + 80013ca6: 84d2 mov.b @(2,r13), r0 + 80013ca8: 631c extu.b r1, r3 + 80013caa: 6403 mov r0, r4 + 80013cac: c970 and #112, r0 + 80013cae: 40cc shad r12, r0 + 80013cb0: 6503 mov r0, r5 + 80013cb2: 4508 shll2 r5 + 80013cb4: 350c add r0, r5 + 80013cb6: 6043 mov r4, r0 + 80013cb8: 4500 shll r5 + 80013cba: c90f and #15, r0 + 80013cbc: 350c add r0, r5 + 80013cbe: 84d4 mov.b @(4,r13), r0 + 80013cc0: 458d shld r8, r5 + 80013cc2: 353c add r3, r5 + + # r6 = RMINCNT (binary) + 80013cc4: 6603 mov r0, r6 + 80013cc6: 6203 mov r0, r2 + 80013cc8: 84d6 mov.b @(6,r13), r0 + 80013cca: 6103 mov r0, r1 + 80013ccc: 6063 mov r6, r0 + 80013cce: c970 and #112, r0 + 80013cd0: 40cc shad r12, r0 + 80013cd2: 6603 mov r0, r6 + 80013cd4: 4608 shll2 r6 + 80013cd6: 360c add r0, r6 + 80013cd8: 6023 mov r2, r0 + 80013cda: 4600 shll r6 + 80013cdc: c90f and #15, r0 + 80013cde: 360c add r0, r6 + + # r2 = RHRCNT (binary), r4 = r6 * (60*128) + 80013ce0: 6013 mov r1, r0 + 80013ce2: c930 and #48, r0 + 80013ce4: 6463 mov r6, r4 + 80013ce6: 40cc shad r12, r0 + 80013ce8: 4408 shll2 r4 + 80013cea: 4408 shll2 r4 + 80013cec: 6203 mov r0, r2 + 80013cee: 3468 sub r6, r4 + 80013cf0: 4208 shll2 r2 + 80013cf2: 4418 shll8 r4 + 80013cf4: 320c add r0, r2 + 80013cf6: 6013 mov r1, r0 + 80013cf8: 4400 shll r4 + 80013cfa: 4200 shll r2 + 80013cfc: c90f and #15, r0 + 80013cfe: 320c add r0, r2 + + # Combine these together to form the number of ticks elapsed since midnight: + # r4 = 60*60*128*RHRCNT + 60*128*RMINCNT + 128*RSECCNT + R64CNT (binary) + # Restart if the carry is set. + 80013d00: 60b0 mov.b @r11, r0 + 80013d02: 0927 mul.l r2, r9 + 80013d04: c880 tst #-128, r0 + 80013d06: 345c add r5, r4 + 80013d08: 051a sts macl, r5 + 80013d0a: 8fca bf.s <80013ca2> + 80013d0c: 345c add r5, r4 + 80013d0e: 2b70 mov.b r7, @r11 + + 80013d10: 6043 mov r4, r0 + 80013d12: 4f16 lds.l @r15+, macl + 80013d14: 6df6 mov.l @r15+, r13 + 80013d16: 6cf6 mov.l @r15+, r12 + 80013d18: 6bf6 mov.l @r15+, r11 + 80013d1a: 6af6 mov.l @r15+, r10 + 80013d1c: 69f6 mov.l @r15+, r9 + 80013d1e: 000b rts + 80013d20: 68f6 mov.l @r15+, r8 + +... + +<80054456 RTC_GetRawTime> + Gets the time into a structure of the following form, where all objects are + written in BCD notation. + + struct RTC_RawTime { + uint16_t YEAR; + uint8_t MONTH; + uint8_t DAY; + uint8_t HOURS; + uint8_t MINUTES; + uint8_t SECONDS; + uint8_t zero; + }; /* 8 bytes */ + + r4: Pointer to [struct RTC_RawTime] + + 80054456: d510 mov.l 0xa413fec2 RTC.RSECCNT, r5 + 80054458: e1f8 mov #-8, r1 + 8005445a: 8556 mov.w @(12,r5), r0 + 8005445c: 620d extu.w r0, r2 + 8005445e: 421c shad r1, r2 + 80054460: 2420 mov.b r2, @r4 + 80054462: 8041 mov.b r0, @(1,r4) + 80054464: 845a mov.b @(10,r5), r0 + 80054466: 8042 mov.b r0, @(2,r4) + 80054468: 8458 mov.b @(8,r5), r0 + 8005446a: 8043 mov.b r0, @(3,r4) + 8005446c: 8454 mov.b @(4,r5), r0 + 8005446e: 8044 mov.b r0, @(4,r4) + 80054470: 8452 mov.b @(2,r5), r0 + 80054472: 8045 mov.b r0, @(5,r4) + 80054474: 6050 mov.b @r5, r0 + 80054476: 8046 mov.b r0, @(6,r4) + 80054478: e000 mov #0, r0 + 8005447a: 000b rts + 8005447c: 8047 mov.b r0, @(7,r4) + +... + +<8005788c RTC_IsInitialized> + Checks whether the RTC is initialized by comparing the current date with the + (probably default) date of 2019-01-01. (Note: this OS 3.10 was compiled in + 2019 so this choice makes sense, even if the default has long been 2012.) + + r0: 1 if the RTC is initialized, 0 otherwise. + + # Get current time in BCD format + 8005788c: 4f22 sts.l pr, @-r15 + 8005788e: 7ff8 add #-8, r15 + 80057890: d271 mov.l 0x80054456 RTC_GetRawTime, r2 + 80057892: 420b jsr @r2 + 80057894: 64f3 mov r15, r4 + + # Return 1 if the current date is not 2019-01-01 + 80057896: 60f0 mov.b @r15, r0 + 80057898: 8820 cmp/eq #32, r0 + 8005789a: 8b09 bf <800578b0> + 8005789c: 84f1 mov.b @(1,r15), r0 + 8005789e: 8819 cmp/eq #25, r0 + 800578a0: 8b06 bf <800578b0> + 800578a2: 84f2 mov.b @(2,r15), r0 + 800578a4: 8801 cmp/eq #1, r0 + 800578a6: 8b03 bf <800578b0> + 800578a8: 84f3 mov.b @(3,r15), r0 + 800578aa: 8801 cmp/eq #1, r0 + + # Return 0 otherwise + 800578ac: 8d01 bt.s <800578b2> + 800578ae: e000 mov #0, r0 + 800578b0: e001 mov #1, r0 + 800578b2: 7f08 add #8, r15 + 800578b4: 4f26 lds.l @r15+, pr + 800578b6: 000b rts + 800578b8: 0009 nop + +<800578ba RTC_TimeCategorySinceReset> + Returns a broad categorization of the time spent since last RTC reset. The + category is computed by comparing the current time to the default time of + RTC_IsInitialized (2019-01-01). The categories are defined by the following + ranges of time spent since last RTC reset: + + 3: More than 12 hours + 2: Between 15 minutes and 12 hours + 1: Between 10 minutes and 15 minutes + 0: Less than 10 minutes + + # Get tick-based time, divide by 128 to get second-based time and round to 0 + # (adding 127 to a negative tick-time rounds near 0, but is useless here). + 800578ba: 2fe6 mov.l r14, @-r15 + 800578bc: 4f22 sts.l pr, @-r15 + 800578be: d267 mov.l %03b RTC_GetTicks, r2 + 800578c0: 420b jsr @r2 + 800578c2: 0009 nop + 800578c4: 4011 cmp/pz r0 + 800578c6: 8d01 bt.s <800578cc> + 800578c8: 6e03 mov r0, r14 + 800578ca: 7e7f add #127, r14 + 800578cc: e2f9 mov #-7, r2 + + # Return: + # -> 3 if current date is after 2019-01-01 12:00 + # -> 2 if it's before that but still after 00:15 + # -> 1 if it's before that but still after 00:10 + # -> 0 if it's before 00:10 + 800578ce: bfdd bsr <8005788c RTC_IsInitialized> + 800578d0: 4e2c shad r2, r14 + 800578d2: 8801 cmp/eq #1, r0 + 800578d4: 890a bt <800578ec> + 800578d6: d262 mov.l 0x0000a8c0, r2 + 800578d8: 3e23 cmp/ge r2, r14 + 800578da: 8907 bt <800578ec> + 800578dc: 9293 mov.w 0x00000384, r2 + 800578de: 3e23 cmp/ge r2, r14 + 800578e0: 8d05 bt.s <800578ee> + 800578e2: e002 mov #2, r0 + 800578e4: 9290 mov.w 0x00000258, r2 + 800578e6: 3e23 cmp/ge r2, r14 + 800578e8: a001 bra <800578ee> + 800578ea: 0029 movt r0 + 800578ec: e003 mov #3, r0 + 800578ee: 4f26 lds.l @r15+, pr + 800578f0: 000b rts + 800578f2: 6ef6 mov.l @r15+, r14 diff --git a/asm/symbols-getkeywait.txt b/asm/symbols-getkeywait.txt new file mode 100644 index 0000000..188d235 --- /dev/null +++ b/asm/symbols-getkeywait.txt @@ -0,0 +1,19 @@ +type: symbols +target: fx@3.10 +--- + +# GetKeyWait() functions +80056802 GetKeyWait_Main + +# Variables +8801b62c GetKeyWait.jmpbuf_array +8801b6cc GetKeyWait.jmpbuf_id + +#--- +# An implementation of long jumps +#--- + +%ac9 longjmp +%aca setjmp + +880287e4 longjmp.retcode diff --git a/asm/sh3.txt b/asmtables/sh3.txt similarity index 100% rename from asm/sh3.txt rename to asmtables/sh3.txt diff --git a/asm/sh4.txt b/asmtables/sh4.txt similarity index 100% rename from asm/sh4.txt rename to asmtables/sh4.txt diff --git a/symbols/fx@3.10/rtc.txt b/symbols/fx@3.10/rtc.txt new file mode 100644 index 0000000..6ea0857 --- /dev/null +++ b/symbols/fx@3.10/rtc.txt @@ -0,0 +1,8 @@ +name: RTC +type: symbols +target: fx@3.10 +--- + +80054456 RTC_GetRawTime +8005788c RTC_IsInitialized +800578ba RTC_TimeCategorySinceReset