REM > $.arm_debug.break_169 ver$ = "169" REM DIM Code% 48056 DIM Code% 60000 FOR instantiation% = 0 TO 0 I$ = STR$(instantiation%) IF (I$ = "0") THEN I$ = "" ENDIF out_file$ = "$.!Arm_Debug" + I$ + ".breakRPi" + I$ REM Original ARM file => ADFS::Quantum.$.!Arm_Debug.BreakSA REM Source file generated by !Dissi v2.04M REM tidied comments to Ba500% (not final comments though) REM 2. Started converting to 32-bit RGPB 2024 REM 4. Made module 32-bit module format REM 5. Started converting TEQP PC,#0 to 26/32 neutral REM 6. All the TEQP PC,#0's converted REM 7. Removed ^ from LDM with PC etc. REM 8. New ticker routine no longer crashes ! Cannot change REM screen mode. REM 9. Started on fixing conditionals REM 10. Updated fixed RAM addresses for RISCOS 5 RPi REM 14. break PC now #60, break PSR #64 - needs more work !! ?? REM 15. Stop acquiring the abort vector. Ba245% commented out. REM 16. Commented out all #&FC000003 instructions. REM 17. Trying to stop instructions running through to end. REM 18. Finally got CMP R2,#5 to appear on the screen :-) REM 19. Changed &3FFFFFFC to &FFFFFFFF. Then commented out 9C38. REM 20. Fixed some of my 32-bitting errors. REM 21. Crashing with no dump ?? Fixed PC address on screen. REM 22. Fixed Ba245 memory location with EQUDs. R7 now corrupt? REM 23. Creates crash dump using corrupt R14. BrkPointSet +8c0 REM 24. Working on getting a mode(s) working. REM 25. First working version with ARMBE (no IRQs). REM 26. R7 corrupt at +3350. Missing top bit REM 27. Steps through to &00000000+8. REM 28. Commented all occurances of #132 = &FFFFFFFF REM 29. Started work (again) on getting mode change to work. REM 30. Started changing colours 16 -> 256 - total pain ! REM 31. More text colours. Fixed zero page write at 65DC. REM 32. TEQP on *step removed. *step xxxxxxxx now working. REM 33. Found keyboard shortcuts 50522 gives code references ! REM 34. Added crashes at Hex8s to find where regs are = 50138. REM 35. Fixed colours in VDU18 calls. What is colour &FF ?? REM 36. Temp commented out some of the BL Ba25 sprite calls. REM 37. Started Cameron's suggestion. Reverted spites and plots. REM 38. Sent 37 to Rick. Need to convert sprite coordinates ?? REM 39. Contains code for sprite scaling SpriteOp 52 REM 40. Reverted to 37. Updated sprite 'value'. Reg blanking :-) REM 41. Single step code is at Ba59%. REM 42. Readded BIC for top bit of R7 for test. Crash at 12542 REM 43. Created single step store for PSR at #220. REM 44. Single step instruction is at Da40% REM 45. Removed ORRs on PC at #60. BL working better. ;'test' REM 46. Started adding PSR code for instruction sandbox. REM 47. Changed #136 to #&88 (one). R7 corrupt aborts v47. REM 48. Added code for #220, but R15 is getting corrupted. REM 49. Fixed corrupt R15. Took ages to find. Line 7318. REM 50. Not jumping at first BL when #64 and #220 updated ? REM 51. Changed PSR to PSR in comments REM 52. Added aborts to read registers for CMP Rx,#&0F PSR REM 53. Test added BIC to mask out top bit of PSR 'rgpb temp' REM 54. Re-used spare PC plot routine for break PSR. Ba51. REM 55. 224 used for temp reg field on display showing PC. REM 56. #220 being written to by #60 somewhere. Captured by 224. REM 57. Changed to 2200 as 224 was being overwritten. REM 58. Ba51_dup - need to get this working. Spare reg field. REM 59. Got PSR working for SUBS. But not taking branch in BNE. REM 60. Updated labels PCR-> PSR REM 61. Version used for memory dumps. REM 62. ABT is being set when an SWI is run. REM 63. Fixed ORR inst 14698 corrupting the PSR for SWIs. REM 64. Sandbox stops working when 'S' flag is set 10846 REM 65. Looking for bug.. REM 66. Found code that skips sandboxes. Ba623. Now to find why? REM 67. Ba623 red herring. ;ADD PC,PC,R1,LSL #2 was required REM 68. Working :-) REM 69. Removed Ba51%_dup for now. Disabled abort handler Ba245%. REM 70. #420 should be PC type address not PSR. Fixed. REM 71. Looking for why ArmBE doesn't go through on mstep REM 72. Started checking through PSR code. REM 73. Ba315% still needs work. Added test code to contain R7. REM 74. Found ArmBE reason - ADD PC,R5,#&4C, R5 = FC1B2E7C REM 75. ARMBE not completing because memory map incomplete. REM 76. Manually added BASIC ROM area to the map. REM 77. Continued investigation why jump to BASIC rom not working REM 78. Fixed background colour on record text boxes. Now yellow! REM 79. Had removed LDR R7,Da144% in Ba319 in error. REM 80. Commented out LDR R0,[R12,#60] at 5726 Ba62. REM 81. R7 was getting corrupted at 48482. Fixed. REM 82. R7 commented out. LDMIA R13!,{PC} not working. REM 83. Fixed several bugs using 'process of inspection'. REM 84. Added fix for ADD PC,Rx,Ry in Ba199%. Removed LDR #60. REM 85. Goes through to OS_ReadC on ARMBE i.e. same as RISCPC :-) REM 86. Ba414% now uses LS and HI for R7 memory range check. REM 87. Started fixing HI and LS at Ba319% for memory addresses REM 88. Fixed ORR Rx,Rx,#3 being added to address (visual only) REM 89. Investigating bug 15. R13_usr coming from wrong module ? REM 90. TEQP PC,#0 code at Ba122 re-used for MSR CPSR_c,#&10 REM 91. Fixed missing HI/LS Ba323 on. ARMBE jump finally working! REM 92. Re-enabled abort handlers at Ba245. REM 93. Fixed Bug021 LDR PC,[R13],#4 not incrementing R13. REM 94. Fixed cosmetic bug Bug019 by reverting code in Ba340. REM 95. Fixed cosmetic bug Bug018 by adding extra byte to file. REM 96. Fixed Bug018 by reverting code change for Bug019. Why? REM 97. Fixed Bug019 sort memory into order. Added instantiation. REM 98. Tidied up some formatting and comments. REM 99. Converted some EQUDs to code. REM 100. Fixed invalid instruction on SWI break functionality. REM 101. Testing on !CloneDisc application at &8000. Interesting. REM 102. Fixed Bug016 in Ba490. R15 changed to PCR in file. REM 103. Removed 'S' from MOVNES, MOVEQS instructions. REM 104. Investigating why RPi1 memory map looks to be corrupt ? REM 105. Fixed Bug025. Removed duplicate addresses in mem map. REM 106. Commented out Ba315 memory check due to new bug 026. REM 107. Started adding text record format for registers. Ba483a. REM 108. Temp reverted Ba315 fixes. Running OK on RPi2 again. REM 109. Added registers to text format record file in Ba488a. REM 110. Tidied up code to make addr_mnemo text work again. REM 111. Removed Ba315 and associated memory checks (again). REM 112. added #228 R7 memory checks enabled = 1 for Ba315 REM 113. Ba337 reinstated - seems to be needed. Stable version. REM 114. Investigating Bug030. REM 115. Reverted Ba315 changes. SWI trap working for Dissi. REM 116. Added SWI OS_DebugBreak for application space breaks REM 117. Fixed Bug036. Added debug_break label for auto offset. REM 118. Commented out BL315 again to work on RPi2. REM 119. Changed Mode=User or SVC to show CPSR. Ba484a. REM 120. Fixed Bug36 at Ba117. MRS instr using the R15 sandbox. REM 121. Bug37 due to mode=USR, should be SVC. Da6. Not fixed. REM 122. Removed complex TEQP R15,R0 code using {R6,R10} et al. REM 123. Added I$ variable and code for easier instantiation. REM 124. Fixed MRS R0,CPSR by emulating MRS instruction. Ba120. REM 125. Fixed Bug35/38 in Ba337. Removed memory map checks. REM 126. Fixed Bug37/39 in Ba129. MSR CPSR,#&10 now working. REM 127. Added instantiation% to trap REM 128. Added incarnation number to main screen. Now removed. REM 129. Ba21 conditional break. Removed instruction. REM 130. Fixed Bug40 by forcing DebugBreak to always use USR mode. REM 131. Fixed B044 by reading R10,R11,R12 from the SVC stack. REM 132. Added code for application break to work in SVC mode. REM 133. Set default output file size to 0k = unlimited size. REM 134. Closed the log file when exception occurs. Da72. BL Ba468 REM 135. Set default log file type to text at #1336 = 06 REM 136. Fixed B048. Created separate code for application_break. REM 137. Forgot to set return mode back to SVC in Ba599. REM 138. Fixed B050. MRS R14,CPSR not loading PSR into R14. Ba117. REM 139. Removed commented out RGPB memory check and flag #228. REM 140. Fixed B053. Code error Ba194. Reverted to Theo's code:-) REM 141. Theo's code correct setting R14=PC for SWIs in SVC. REM 142. Fixed B049. CTL-SHFT-minus now works on RO5.30 REM 143 Moved CPSR box on the main screen to be above R4. Ba51. REM 144. Fixed B056 first find bug due to missing skip_r7_check. REM 153. Reverted to 144 as 152 aborts. B063 R7 corrupt Ba100. REM 154. Turn mouse pointer 'ON' when 'R' key is pressed. REM 155. Re-implemented B060 fixed. Ba171, Ba181 et al. REM 156. RO530 advancing slowly. MSR CPSR_cf not changing mode. REM 157. Fixed B067 by setting #396 to 1 in Ba62. REM 158. Fixed B068 Da42. Chocks now loads to screen in ARM_Debug. REM 159. Continued tidying up comments for source code release. REM 160. Fixed B069. #396 not set correctly through Ba122. REM 161. B070 LDRCC PC,[PC,R11,LSL #2] not woking. REM 162. Fixed B072 LDR PC,&203A38E0. Ba127. REM 163. Fixed B073. Reverted B072. Fixed B075. Reverted B BICNE. REM 164. Fixing stuck LDRCC PC,[PC,R11,LSL #2] 399FF10B REM 165. REM 166. Fixing B077 with some new code. Need to test. Ba100. REM 167. Removed close log Ba468 from error handlers. REM 168. Fixed B079. R10/R11 now correct on application break. REM 169. Fixed branch B R7 code using code from DeepSeek. B075/7. REM REM current bugs REM f=fixed, ?=prob fixed, r=reopened, d=duplicate,n=nulled REM e=enhancement, x=code removed, r=reverted code (not done) REM bug15 prolly root cause of bugs7/9/11/12/13 REM f 1. R14 getting corrupted on BL with bit30 set REM f 2. PC not incrementing correctly in BL subroutine REM f 3. Multi-step screen keys causing crash. REM f 4. Need to write back PSR from #220 into m-step. REM f 5. #220 is being written to by the PC somewhere. REM f 6. status change caused all following instructions to fail. REM ? 7. R7 rolling all the way back to &00000000 and abort. REM ? 8. Processor modes not correct in embedded x2. REM ? 9. R7 BASIC ROM jump going to 31323032>32333133>33333233 ? REM f 10.Colours need fixing on the RECORD option. REM f 11.R13 corrupt on exit LDMIA R13!,{R1-R12,PC} in Ba238 REM f 12.LDMIA R13!,{PC} not working. REM ? 13.Record fails on LDR PC,[R12,#384]. M-Step does OK. REM f 14.Ba132% has an ORR #3 on #60 REM f 15.Sbox CPSR_c,#&10 not correctly restoring R13_usr,R14_usr REM f 16.Cosmetic. Trace registers shows Mode=User when Mode=SVC. REM f 17.Ba340 CMP R6,R4 needs LT to work ?? REM f 18.Cosmetic. Record file text format needs top address char REM f 19.Cosmetic. First 5 lines of display box wrong addresses. REM 20.Misses many key presses. Might be a RO5 bug on Pi ?? REM f 21.New ARMBE LDR PC,[R13],#4 not incrementing R13. REM f 22.After fix to Bug18, gets 'stuck' again at LDR PC,R5,#&4C REM f 23.Invalid instruction on SWI break. Bad bit in PSR write. REM 24.CloneDisc gets stuck at FC1A7AB0 on STREX mutex read ?? REM f 25.ARMBE break aborts on RPi1 since memcheck re-added. REM x 26.Aborts on RPi2 due to dynamic address 0-3A257000 REM 27.Aborts on LDMFD R13!,{PC} (LDMIA) in Ba483. See 'Info'. REM f 28. no longer works at all on 5.30 ?? REM 29. not returning to code on 5.28. REM f 30.E16FF00E MSR SPSR_cxsf,R14 instruction not known REM x 31.Ba315 memory sort - use lower address of pairs (Bug026). REM 32.1908 to 0F is MODE 15. Almost works ! Sort this out. REM f 33.SWI trap works but single step aborts with R7=0. REM f 34.SWI trap works but single step just hangs debugger. REM f 35.Application breakpoint address wrong - causes crash. REM f 36.E10F0000 MRS R0,CPSR instruction not working. Ba117. REM f 37.MSR CPSR_c,#&10 setting R13 to 80000000 ! Wrong mode. REM f 38.Ba337 memory check was stopping Dissi debug working REM d 39.MSR CPSR_cf,#val not changing mode when = &10. Dup B37? REM f 40.SWI_DebugBreak entering in SVC mode not USR. Ba6. REM f 41.SWI_DebugBreak enters using R13_SVC and R14_SVC. REM 42.Processor mode changing by itself in DebugBreak code?? REM f 43.SWI_DebugBreak mode showing wrong address on screen. REM f 44.SWI_DebugBreak has R12 wrong. is 30003E3C rt 00011A50. REM e 45.Close output file log in the abort handler. REM f 46.Record to file type not toggling back from text any more REM f 47.Text or data toggle not working when 1,2,3 all selected. REM f 48.Application break changes stopped module break working. REM d 49.CTL-SHFT-minus causing abort on RO5.30. Dup B028. REM f 50.E10FE000 MRS R14,CPSR not loading PSR into R14. Ba117. REM 51.SWI trigger code needs to re-set the selected SWI. REM 52.Need to add support for MSR/MRS with SPSR for SVC/USR. REM f 53.STMIA R0,{R1,R2} aborting in Clib. Wrong mode. Ba194. REM 54.MOVVS R0,#0 not working with flags=NzcV. REM 55.CTL-SHFT-minus causing abort on RO5.31 REM f 56.Doing 'Find' on module control screen generates an abort REM 57.Second 'Find' bug takes much longer to crash. REM fr58.Find not advancing R7 each iteration. REM r59.Find 'FRED' causes abort due to no end stop on search. REM f 60.RO530 crash reading stack R2=fa207fe0. Ba171. REM f 61.RO530 crash reading stack R4=fa207fe8. Ba55. REM r62.Abort +1F1C R1=fa207fc4 on LDR R0,[R1,#4] REM f 63.R7 corrupt on B &010D7980. Add BIC at Ba100 for bit 04x. REM d 64.Abort on LDMIA R13!,{R1-R6,PC) at Ba171. B060. REM f 65 cannot change the mode to SVC when in USR on RO5.30 REM 66 MSR CPSR_cf not changing mode correctly. Ba. REM f 67 Ctrl-Shft-minus break reverting to USR (from SVC). REM f 68 Locks up on ADR R1,&203FCB94. Return to USR required. REM f 69 Mode wrong on TST R14,#&1C. #396 mot set. REM 70 LDRCC PC,[PC,R11,LSL #2] not woking due to mode. Ba135. REM n 71 MultiStep (Trace Off) option 1 no longer working. REM r 72 LDR PC,&203A38E0 not working. Using R1 not R0. Ba127. REM f 73 MOV PC,R14 is undefined instruction. Da45. Ba132. REM f 74 LDR PC,[R13],#4 corrupting stack. Reverted B072. Ba127. REM f 75 B &FC1CB3EC to F81CB3EC. Removed my BIC instruction. REM 76 FAFF33F4 LDRCC PC,[PC,R11,LSL #2] 399FF10B stuck. REM 77 MOV PC,R14 gets stuck in endless loop. Ba198. REM f 78 Need BIC on some branches. Going lower ? B075. Ba100. REM f 79 R10 corrupt on application break on Dissi ? REM REM enhancements c=completed , n=rejected REM n 01.Cosmetic. Add PSR and R15 to register on new line. REM c 02.Add option for register file to be a text file. REM REM register usage REM R0 - R6 nothing special REM R7 address of current target instruction (mostly) REM R8 REM R9 used in instruction decode REM R10 - R12 no special usage REM REM RGPB notes. REM REM 1. Commented out the extensive RAM check called at Ba315. REM This was failing on the RPi2 because a dynamic area REM was being read as range 00000000-3A257000 ??. Can REM dynamic areas overlap ? If not then this might be an REM RO5 operating system bug ? REM REM Whatever. Running all the Ba315 code for every instruction REM is a massive amount of unnecessary clock ticks - even REM on a RPi4 (where clock ticks and RAM are basically 'free'). REM So leaving Ba315 commented out unless actually required. REM REM 2. Mode 15 almost works when tried for the first time. REM Need to get Mode 15 working as default on RPi. REM REM 3. If ABORTs are being caused by ARM_Debug internally, then REM need to comment out the Ba245 call that suppresses REM the ABORT. Much better to generate a crash dump as this REM now shows the exact ARM_Debug instruction that aborted. REM Usually aborts when R7=0 due to dynamic areas overlapping REM (see '1' above). REM REM 4. [CTL][SHFT]keypad minus used for instantiation 0 REM [CTL][SHFT]Enter used for instantiation 1 REM [CTL][SHFT]Insert used for instantiation 2 REM REM 5. SHFT-F2 brings up dialogue to clear the SWI break config. REM SWI break on OS_GetEnv useful for applications. REM REM 6. Reverted to 144 for 153. So 145-152 changes need to be REM re-implemented snd debugged. REM REM 7. Commented out BL413 calls - stopping MOV PC,R14 working ! REM REM 8. Removed Ba468 from abort handlers as this has never closed REM the files. And probably is the reason that I never see the REM undefined instruction error message when Ba245 is enabled. REM Subsequest note - I now get Undefined Instruction errors. REM : PRINT "Assembling :" FOR Pass% = 4 TO 6 STEP 2 O%=Code%:P%=&00000000 [OPT Pass% .Start% EQUD Ba355% ; offset to start code EQUD Ba584% ; offset to initialisation code EQUD Ba600% ; offset to finalisation code EQUD &00000000 ; offset to service handler EQUD Da1% ; title string offset EQUD Da2% ; help string offset EQUD Da3% ; help and command keyword table offset EQUD &00055700 + (instantiation% * &100) EQUD Ba1% ; SWI handler code offset EQUD Da5% ; SWI decoding table offset EQUD &00000000 ; SWI decoding code offset EQUD &00000000 ; messageTrans file EQUD flags_offset ; module Flags .Da1% EQUS "BrkPointSet" + I$ EQUB &00 .Da2% EQUS "BreakPointSet_RPi " + I$ EQUB &09 EQUS "1.99 (14Sep2025) ver" + ver$ EQUW &0000 ALIGN .Da3% EQUS "Step" + I$ ; instantiation was not working for step ALIGN ; added ALIGN for variable length string EQUD &00000000 EQUD Ba236% EQUD &00010000 EQUD &00000000 EQUD Da4% EQUD &00000000 .Da4% EQUS "Singlestepper" EQUB &0D EQUS "Syntax : *step" + I$ + "
" EQUW &0000 .Da5% EQUS "OS" EQUB &00 EQUS "BreakAddress" + I$ EQUB &00 EQUS "ReadBreakPoint" + I$ EQUB &00 EQUS "SetBreakPoint" + I$ EQUB &00 EQUS "ReadHandleBreakPoint" + I$ EQUB &00 EQUS "SetSingleStepMode" + I$ EQUB &00 EQUS "SetSWIBreak" + I$ EQUB &00 EQUS "StoreOldVectorAddress" + I$ EQUB &00 EQUS "ReadSwiCondition" + I$ EQUB &00 EQUS "DebugBreak" + I$ EQUW &0000 ALIGN .flags_offset EQUD &00000001 ; 32-bit .Ba1% ADD PC,PC,R11,LSL #2 MOV R0,R0 ; is this NOP required ? B Ba308% ; OS_BreakAddress B Ba2% ; OS_ReadBreakPoint B Ba21% ; OS_SetBreakPoint B Ba4% ; OS_ReadHandleBreakPoint B Ba3% ; OS_SetSingleStepMod B Ba574% ; OS_SetSWIBreak MOV PC,R14 ; OS_StoreOldVectorAddress B Ba585% ; OS_ReadSwiCondition ;B debug_break% ; OS_DebugBreak RGPB test branch B application_break ; OS_DebugBreak switched in V127 .Ba2% STMFD R13!,{R12,R14} BL Ba651% ; this reloads module base R12 LDR R0,[R12,#204] LDMFD R13!,{R12,PC} .Ba3% STMFD R13!,{R12,R14} BL Ba651% ; sets R12 to EQUD block at end of module STR R0,[R12,#1908] ; store mode LDMFD R13!,{R12,PC} .Ba4% ; SWI OS_ReadHandleBreakPoint ; Functionality changed in v117 as this was driving me crazy ; v117 just returns the actual branch adress not the offset at Da6 ;LDR R0,Da6% ; loads hardcoded offset ADR R0,module_break ; use real branch address v117 MOV PC,R14 .Da6% EQUD &000001DC ; offset v117 no longer used ;there was no branch label here so this code not originally used ? ;whatever is does it changes the R13 stack pointer in Ba385 ?? STMFD R13,{R12,R14} ; save R12 and R14 on stack BL Ba651% ; reset R12 to point at EQUD block STMIA R12,{R0-R11,R13} ; store break registers on stack SUB R13,R13,#8 LDMFD R13,{R0} STR R0,[R12,#48] ; save R12 break LDMED R13,{R14} STR R14,[R12,#56] ; save R13 break ;STR PC,[R12,#60] ; PC this is saving flags MRS R0,CPSR ; copy CPSR into R0 ;STR PC,[R12,#64] STR R0,[R12,#64] ; PSR save flags here instead ;AND R0,PC,#3 AND R0,R0,#&1F ; save lower 5 bits of PSR STR R0,[R12,#1732]; save PSR status bits (not used?) ;CMP R0,#3 CMP R0,#&13 ; check for SVC32 mode MOVNE R1,#2 BNE Ba5% ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; return to 32bit USR mode MOV R0,R0 ; NOP filler to maintain offset BL Ba385% ; reduces R13 stack pointer by 0x200 MOV R3,#1 STR R3,[R12,#912] MOV R1,#2 ; break and escape effect OS_Byte_200 B Ba5% ;added PSR_break1 for RPi as we need somewhere to save the PSR .PSR_break1 EQUD &00000000 ; PSR .Da7% EQUD &00000000 ; R12 .Da8% EQUD &00000000 ; R14 ;module break enters here .module_break STR R12,Da7% ; <- entry for module break STR R14,Da8% ; save break R14 MRS R14,CPSR ; read PSR STR R14,PSR_break1; save break PSR BL Ba651% ; reset our R12 to point at EQUD block STMIA R12,{R0-R11} ; save R0-R11 break STR R13,[R12,#52] ; save R13 break LDR R0,Da7% STR R0,[R12,#48] ; save R12 break LDR R14,Da8% STR R14,[R12,#56] ; save R14 break LDR R0,PSR_break1 STR R0,[R12,#64] ; save PSR break to #64 ;STR PC,[R12,#60] ; save current PC (for flags) ;STR PC,[R12,#64] ; original code - used for flags too ?? MOV R1,#0 ; normal escape/normal reset B Ba5% ; application break enters here - new block of code in v136 .application_break ; <- entry for application break ; R10,R11,R12,R14 and the CPSR are recovered from the SVC stack BL Ba651% ; reset our R12 to point at EQUD block STMIA R12,{R0-R9} ; save R0-R9 break STR R13,[R12,#52] ; save R13 break ; read missing registers R10, R11, R12 from SVC stack ; data taken from Jeffries new crash dump - very impressive !! ; fa207fe8 60000110 - PSR? ; fa207fec 00055708 | SWI OS_DebugBreak ; fa207ff0 00011240 | R14 00011240 ; | = +9240 in application memory ; fa207ff4 00000010 | R10 ; fa207ff8 00000270 | R11 ; fa207ffc 00011a50 | R12 <- missing window ID ! ; PSRbreak is read from the SVC stack ; R10 break is read from the SVC stack ; R11 break is read from the SVC stack ; R12 break is read from the SVC stack ; R14 break is read from the SVC stack LDMIA R13!,{R0-R5} ; read SVC stack data STR R0,[R12,#64] ; save PSR break STR R2,[R12,#56] ; save R14 break STR R3,[R12,#40] ; v168 save R10 break STR R4,[R12,#44] ; v168 save R11 break STR R5,[R12,#48] ; save R12 break AND R1,R0,#3 ; mask USR_32 and SVC_32 mode bits CMP R1,#0 ; are we in USR mode ? BNE skip_R13_R14 ; restore R13_USR and R14_USR MSR CPSR_c,#%10000; switch to 32bit USR mode STR R13,[R12,#52] ; save R13_USR STR R14,[R12,#56] ; save R14_USR MSR CPSR_c,#%10011; switch to 32bit SVC mode .skip_R13_R14 MOV R1,#0 ; normal escape/normal reset .Ba5% STR R1,[R12,#68] ; break and escape effect OS_Byte_200 MOV R0,#0 STR R0,[R12,#72] ;LDR R0,[R12,#60] ; PC LDR R1,[R12,#76] ; load original break address ;AND R0,R0,#&FC000003 ;ADD R0,R0,R1 ; add PC flags back into break PC ;ADD R0,R0,#8 ; PC is 2 instructions forward ADD R1,R1,#8 ; v87 added - I'd missed this ! ;STR R0,[R12,#60] STR R1,[R12,#60] ; save break PC - this is for restart LDR R0,[R12,#200] ; rpi1=0, rpi2=2, rpc=2 ?? CMP R0,#2 BNE Ba22% ; .Ba6% LDR R0,[R12,#64] ; break PSR - original code AND R0,R0,#3 ; original code ;AND R0,PC,#&1F ; save lower 5 bits of PSR CMP R0,#3 ; original code ;CMP R0,#&13 ; check for SVC32 mode MOVEQ R0,#1 BEQ Ba406% ; saves out PSR and enters user mode .Ba7% ; process next instruction ?? LDR R13,[R12,#84] ; base address of stack LDR R1,[R12,#88] ; load original break instruction STR R1,[R12,#92] ; keep copy of the break instruction LDR R0,[R12,#76] ; load address of break instruction STR R1,[R0,#0] ; restore break instruction at address ; the memory map is used to check that R7 is a valid address ;BL Ba315% ; builds memory map for RPi LDR R1,[R12,#68] ; read OS_Byte_200 status .Ba8% ; break comes here CMP R1,#1 ; escape disabled SWIEQ "OS_EnterOS" ; exit with registers preserved LDREQ R1,[R7,#0] ; load first instruction of break ? STREQ R1,[R12,#92] ; save first instruction of break ; not 32bit ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; return to 32bit USR mode MOV R0,#1 ; read current screen mode call SWI "OS_ScreenMode" ADR R0,Da9% ADR R3,Da10% CMP R1,#&FF ; R1 = mode STRLE R1,[R0,#0] MVNLE R1,#0 STRLE R1,[R0,#8] BLE Ba10% .Ba9% ; scaling for mode ?? LDR R2,[R1],#4 STR R2,[R0],#4 CMN R2,#1 CMPNE R0,R3 BNE Ba9% .Ba10% ; preparing to draw screen MOV R0,#4 STRB R0,[R12,#100] MOV R0,#&15 ;ADD R1,R12,#&64 ADD R1,R12,#&60 ; break PC SWI "OS_Word" BL Ba231% ; disbles m-step BL Ba62% ; sets up sandbox ; comment out to get a proper 'Jeffery' RO crash dump BL Ba245% ; enable/disable local module abort handlers BL Ba646% .Ba11% ; draws screen BL Ba43% ; this inits the screen and sets mode etc BL Ba635% ; this plots the registers etc SWI &000104 SWI "OS_RemoveCursors" BL Ba248% ; select pointer - activate mouse LDR R0,[R12,#68] ; break and escape state OS_Byte_200 CMP R0,#1 ; is escape disabled ? LDRNE R7,[R12,#76] ; address of break instruction LDREQ R7,[R12,#116] BL Ba26% .Ba12% ; update instructions on screen LDR R0,[R12,#120] CMP R0,#0 BEQ Ba13% ; quits out of screen plotting if MS BL Ba41% ; checks mode and starts screen plot SWI &000111 ; VDU 17 setting screen colours LDR R0,[R12,#120] ; 32 bit m-step trace enabled = 1 CMP R0,#0 ; 32 bit ;MOVNE R0,#&95 ; dark grey background ;MOVEQ R0,#&83 ; light grey background ;MOVNE R0,#%10000100 ; dark grey background ;MOVEQ R0,#%10010100 ; light grey background MOV R0,#&84 ; single green - looks 'greyish' SWI "OS_WriteC" SWI &000111 ;MOV R0,#0 ; white MOV R0,#%00111111 ; white SWI "OS_WriteC" SWI &00010C BL Ba27% ; print 20 lines of code on the screen MOV R0,#0 BL Ba364% ; plot sprites for CPSR flags BL Ba467% ; lots of OS_Plot instructions ; v128 write incarantion number onto the main screen ; need to work out screen positioning - getting overwritten ;SWI &00011F ; position text cursor ;MOV R0,#0 ;SWI "OS_WriteC" ;MOV R0,#0 ;SWI "OS_WriteC" ;MOV R9,#0 ;MOV R0,#48 + instantiation% ; prints incarnation number ;SWI "OS_WriteC" .Ba13% ; in the single-stepping path from Ba12 LDR R0,[R12,#468] ; m-step enabled = 1 MOVS R0,R0 ; sets Z flag if zero BLNE Ba227% ; checks for escape key depressed BNE Ba59% ; instruction decode for R7 .Ba14% B Ba249% ; check mouse .Da9% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Ba15% .Da10% LDR R1,[R12,#208] ADD R1,R1,#1 STR R1,[R12,#208] BL Ba27% ; print 20 lines of code on the screen B Ba13% .Ba16% LDR R1,[R12,#208] SUB R1,R1,#1 STR R1,[R12,#208] BL Ba27% ; print 20 lines of code on the screen B Ba13% .Ba17% LDR R1,[R12,#2680] CMP R1,#1 BEQ Ba20% ; single stepping via Ba59 MOV R1,#0 STR R1,[R12,#2684] BL Ba231% ; disbles m-step BL Ba468% ; close log file BL Ba246% ; this has mouse, screen text ect ADR R0,Da11% ; Break$Opt ADR R1,Da14% ; XXXX MOV R2,#4 ; length MOV R3,#0 ; name pointer MOV R4,#0 ; variable type = string SWI "OS_SetVarVal" ; write value to a system variable ADR R1,Da9% LDR R0,[R1,#8] CMN R0,#1 LDREQ R1,[R1,#0] MOV R1,#31 ; temp mode number MOV R0,#0 SWI "XOS_ScreenMode" LDR R1,[R12,#68] ; break and escape state OS_Byte_200 CMP R1,#1 ; escape disabled BEQ Ba238% CMP R1,#3 ; escape disabled/power on reset BEQ Ba599% ; return to caller after C-S-minus LDR R0,[R12,#100] BIC R0,R0,#&0F ADD R0,R0,#3 STR R0,[R12,#100] MOV R0,#&15 ADD R1,R12,#&60 ; break PC SWI "OS_Word" ; PC value at break LDR R0,[R12,#68] ; break and escape state OS_Byte_200 CMP R0,#2 ; power on reset ADR R0,Da11% ; Break$Opt ADREQ R1,Da13% ; XXX ADRNE R1,Da12% ; XX MOV R2,#2 MOV R3,#0 MOV R4,#0 SWI "OS_SetVarVal" .Ba18% BL Ba596% BL Ba407% LDR R0,[R12,#64] ; PSR value at break ;AND R0,R0,#&FC000000 ;ADD R0,R0,#3 ;TEQP PC,R0 ;MOVNV R0,R0 MSR CPSR_cf,R0 ; return to PSR mode and flags at break LDR R0,[R12,#60] ; PC SUB R0,R0,#8 ; change PC to point at correct instruction STR R0,[R12,#60] LDMIA R12,{R0-PC} ; reload break registers and GO ! .Da11% EQUD &61657242 EQUD &704F246B EQUD &00000074 .Da12% EQUD &00005858 .Da13% EQUD &00585858 .Da14% EQUD &58585858 EQUD &00000000 .Ba19% STMFD R13!,{R14} ;LDR R6,[R12,#60] ; #60 is the PC now with no status flags ;EOR R6,R6,R0 ; commented out in ver62 ;STR R6,[R12,#60] ;STR R6,[R12,#196] LDR R6,[R12,#64] ; load PSR BL Ba51% ; now writes PSR (was PC) to register field LDMFD R13!,{PC} .Ba20% ; single stepping STR R1,[R12,#2684] MOV R1,#0 STR R0,[R12,#120] ; m-step trace enabled = 1 B Ba59% ; R7 instruction decode .Ba21% ; OS_SetBreakPoint ; R0 = break instruction ; R1 = address of break instruction ; R2 = conditional register number (if enabled) ; R3 = conditional register value (if enabled) ; R4 = 2 = break always, 4 = conditional break on reg value STMFD R13!,{R12,R14} BL Ba651% ; sets R12 to EQUD block at end of module STR R4,[R12,#200]; 2=always break, 4=Rx and YY ; commented out as this is stopping conditional break working ? ;MOV R4,#1 MOV R4,#1 ; re-added for on-screen address correct B041 STR R4,[R12,#204] ; controls on-screen address offset STR R0,[R12,#88] ; break instruction STR R1,[R12,#76] ; address of break instruction CMP R4,#2 ; 2 = always break, 4 = conditional break LDMEQFD R13!,{R12,PC}; return STR R2,[R12,#212] ; conditional register number Rx STR R3,[R12,#216] ; conditional register value YY LDMFD R13!,{R12,PC}; return to SWI handler in kernel .Ba22% ; OS_SetBreakPoint set with R4 <> 2 comes here i.e. #200 <> 2 LDR R0,[R12,#212] ; conditional register number Rx LDR R1,[R12,#216] ; conditional register value YY LDR R3,[R12,R0,LSL #2] ; read break register value CMP R3,R1 ; compare to target value BEQ Ba6% ; process break LDR R0,[R12,#64] ; break PSR (original code!) AND R0,R0,#3 ; lower two bits CMP R0,#3 ; SVC26 (also SVC32) MOVEQ R0,#2 BEQ Ba406% ; saves out R13_svc and R14_svc .Ba23% LDR R13,[R12,#84]; base address of stack BL Ba231% ; disables multi-step BL Ba62% MOV R0,#1 STR R0,[R12,#72] ; LDR R1,[R12,#88] ; break instruction STR R1,[R12,#92] ; copy of break instruction LDR R7,[R12,#60] ; break PC SUB R7,R7,#8 ; reload break address ;LDR R2,[R12,#132]; valid bits for PC address 3FFFFFFC ;AND R7,R7,R2 ; B Ba59% ; R7 instruction decode .Ba24% LDMFD R13!,{R0-R2} SWI "OS_Plot" ADD R1,R1,#&41 STMFD R13!,{R0-R2} MOV R0,#&011C LDR R1,[R12,#112] MOV R5,#0 MOV PC,R14 .Ba25% ; draw a sprite on screen MOV R0,#&011C ; put sprite on screen LDR R1,[R12,#112] MOV R5,#0 ; original SWI "OS_SpriteOp" MOV PC,R14 .Ba26% LDR R10,[R12,#208] CMP R10,#9 MOVGT R10,#5 STRGT R10,[R12,#208] MOV PC,R14 .Ba27% ; there are two almost identical routines for printing screen ; this one is for mode 31 - the other for mode 15 LDR R0,[R12,#1908] ; load current mode CMP R0,#&1F ; mode 31 BEQ Ba34% ; print break screen - only called here STMFD R13!,{R8,R14} SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" MOV R9,#0 LDR R10,[R12,#208] CMP R10,#0 ADDLT R10,R10,#1 STRLT R10,[R12,#208] CMP R10,#9 SUBGT R10,R10,#1 STRGT R10,[R12,#208] SUB R7,R7,R10,LSL #2 ; set up array of R7 addresses for screen printing BL Ba323% ; v126 re-added - had been deleted ! SWI "OS_EnterOS" .Ba28% LDR R8,[R12,#848] ADD R8,R12,R8 LDR R7,[R3],#4 ; .Ba29% LDR R4,[R8],#4 CMP R4,R7 BEQ Ba30% MOVS R4,R4 BNE Ba29% .Ba30% SWI &000111 CMP R9,R10 ;MOVEQ R0,#8 ; blue ;MOVNE R0,#0 ; white MOVEQ R0,#%00110000 ; blue MOVNE R0,#%00111111 ; white CMP R4,#0 BEQ Ba31% CMP R4,R7 ;MOVEQ R0,#7 ; black text MOVEQ R0,#%00000000 ; black text .Ba31% SWI "OS_WriteC" LDR R0,[R12,#204] CMP R0,#1 SUBGT R0,R7,R0 ADDGT R0,R0,#&8000 MOVLE R0,R7 ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" CMP R9,R10 SWI &000111 CMP R9,R10 ; 32 bit ;MOVEQ R0,#8 ; blue ;MOVNE R0,#0 ; white MOVEQ R0,#%00110000 ; blue MOVNE R0,#%00111111 ; white SWI "OS_WriteC" SWI &000120 ;Character SWI &000120 ;Character LDR R0,[R7,#0] ; R7 memory location for instrs to disass. ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" SWI &000120 ;Character SWI &000120 ;Character MOV R1,R7 ; address to disassemble relative to LDR R0,[R1,#0] ; instruction to disassemble SWI "Debugger_Disassemble" CMP R2,#&1E ADDGT R2,R1,#&1E MOVGT R0,#0 STRGTB R0,[R2,#0] MOVGT R2,#&1E MOV R0,R1 SWI "OS_Write0" .Ba32% SWI &000120 ;Character CMP R2,#&30 ADDNE R2,R2,#1 BNE Ba32% SWI &000120 ;Character MOV R4,#4 .Ba33% LDRB R0,[R7],#1 CMP R0,#&21 MOVLT R0,#&2E CMP R0,#&7F MOVEQ R0,#&2E SWI "OS_WriteC" SUBS R4,R4,#1 BNE Ba33% ADDS R9,R9,#1 CMP R9,#&0A SWINE "OS_NewLine" CMP R9,#&0A ; 32 bit BNE Ba28% SUB R3,R3,#&28 LDR R7,[R3,R10,LSL #2] BL Ba305% ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; return to 32bit USR mode ;MRS R0,CPSR ;BIC R0,R0,#%1111 ; Sets 26/32 usermode ;MSR CPSR_c,R0 LDMFD R13!,{R8,PC} .Ba34% ; prints break screen for mode 31 ; R7 contains the address of the current instruction STMFD R13!,{R8,R14} ; entry point to print break code SWI &00011F ; moves text cursor MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" MOV R9,#0 LDR R10,[R12,#208] CMP R10,#0 ADDLT R10,R10,#1 STRLT R10,[R12,#208] CMP R10,#&13 SUBGT R10,R10,#1 STRGT R10,[R12,#208] SUB R7,R7,R10,LSL #2 ; go back BL Ba337% ; returns base address of screen RAM in R3 SWI "OS_EnterOS" .Ba35% LDR R8,[R12,#848] ADD R8,R12,R8 LDR R7,[R3],#4 ; next instruction to view on screen .Ba36% LDR R4,[R8],#4 CMP R4,R7 BEQ Ba37% MOVS R4,R4 BNE Ba36% .Ba37% SWI &000111 CMP R9,R10 ;MOVEQ R0,#&0A ; green ;MOVNE R0,#7 ; black MOVEQ R0,#%00001100 ; green MOVNE R0,#%00000000 ; black CMP R4,#0 BEQ Ba38% CMP R4,R7 ;MOVEQ R0,#&0B ; red MOVEQ R0,#%00000011 ; red .Ba38% SWI "OS_WriteC" LDR R0,[R12,#204] ; 0 = R7 has absolute address CMP R0,#1 ; <-- type 1 = module?, >1 = 8000 absolute ? SUBGT R0,R7,R0 ADDGT R0,R0,#&8000 MOVLE R0,R7 ADD R1,R12,#&0168 ; #0168 = pointer to buffer for string MOV R2,#&10 ; size of buffer SWI "OS_ConvertHex8" SWI "OS_Write0" ; assembler addresses on screen CMP R9,R10 ; R10 is -ve offset from break instruction? = 5 SWI &000111 CMP R9,R10 ; 32 bit ;MOVEQ R0,#&0A ; green ;MOVNE R0,#7 ; black MOVEQ R0,#%00001100 ; green MOVNE R0,#%00000000 ; temp black text - this works ! SWI "OS_WriteC" SWI &000120 ;Character SWI &000120 ;Character LDR R0,[R7,#0] ; R7 = address of 1st instruction on screen ADD R1,R12,#&0168 MOV R2,#&10 ; size of buffer SWI "OS_ConvertHex8" SWI "OS_Write0" ; assembler addresses on screen SWI &000120 ;Character SWI &000120 ;Character MOV R1,R7 ; R7 base address of code to view LDR R0,[R1,#0] SWI "Debugger_Disassemble" CMP R2,#&30 ADDGT R2,R1,#&30 MOVGT R0,#0 STRGTB R0,[R2,#0] MOVGT R2,#&30 MOV R0,R1 SWI "OS_Write0" .Ba39% SWI &000120 ;Character CMP R2,#&30 ADDNE R2,R2,#1 BNE Ba39% SWI &000120 ;Character MOV R4,#4 ; 4 characters at the end of the line .Ba40% LDRB R0,[R7],#1 CMP R0,#&21 ; exclamation mark MOVLT R0,#&2E ; dot CMP R0,#&7F ; hard space MOVEQ R0,#&2E ; dot SWI "OS_WriteC" ; write the 4 chars at the end of line SUBS R4,R4,#1 BNE Ba40% ADDS R9,R9,#1 ; line number ! CMP R9,#&14 ; number of lines = 20 SWINE "OS_NewLine" CMP R9,#&14 ; 32 bit BNE Ba35% ; next line of code to print to screen SUB R3,R3,#&50 LDR R7,[R3,R10,LSL #2] BL Ba305% ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; return to 32bit USR mode LDMFD R13!,{R8,PC} ; return to caller .Ba41% LDR R0,[R12,#1908] CMP R0,#&1F BEQ Ba42% MOV R0,#&1C SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R0,#&0B SWI "OS_WriteC" MOV R0,#&4C SWI "OS_WriteC" MOV R0,#2 SWI "OS_WriteC" MOV PC,R14 .Ba42% MOV R0,#&1C SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R0,#&22 SWI "OS_WriteC" MOV R0,#&4C SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV PC,R14 .Ba43% ; initialises screen for module break LDR R0,[R12,#1908] CMP R0,#&1F ; mode in block BEQ Ba44% ; sets mode using mode selector block MOV R0,#2 SWI "OS_ReadDynamicArea" MOV R2,#&00028000 CMP R1,R2 SUB R1,R2,R1 MOV R0,#2 ; ***************************** 32bit to do ?? SWILT "OS_ChangeDynamicArea" ; should be LS (+ BEQ) not LT ; ***************************** SWI &000116 ; selects screen mode MOV R0,#&0F ; mode 15 640*225 in 256 colours ?? SWI "OS_WriteC" SWI &000113 ; defines logical colour MOV R0,#0 SWI "OS_WriteC" MOV R0,#&18 ; flash palette SWI "OS_WriteC" MOV R0,#&78 SWI "OS_WriteC" MOV R0,#&78 SWI "OS_WriteC" MOV R0,#&78 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&95 ; dark grey background MOV R0,#%00000100 ; light grey background SWI "OS_WriteC" SWI &000117 MOV R0,#&11 SWI "OS_WriteC" MOV R0,#1 SWI "OS_WriteC" MOV R0,#&C0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" SWI &00010C SWI &000105 MOV PC,R14 ; mode selector block ; note - this no longer works as mode 31 is not supported on RO5 .Da15% EQUD &00000001 ; mode selector flags EQUD &00000320 ; x resolution = 800 EQUD &00000258 ; y resolution = 600 ;EQUD &00000500 ; x resolution = 1280 ;EQUD &00000400 ; y resolution = 1024 EQUD &00000002 ; log2bpp value ;EQUD &00000048 ; frame rate EQUD &0000003C ; frame rate = 60 EQUD &FFFFFFFF ; list terminator ;uses mode selector block to set mode (not working yet) .Ba44% MOV R0,#0 ADR R1,Da15% MOV R1,#31 ; set screen mode to 31 temporarily SWI "XOS_ScreenMode" BVS Ba46% ; can't change screen mode error message SWI &000114 ; restores logical default colours LDR R9,[R12,#1912] ADD R9,R9,R12 .Ba45% SWI &000113 LDR R0,[R9],#4 SWI "OS_WriteC" MOV R0,#&10 ; mode = 16 RGB to follow SWI "OS_WriteC" LDR R0,[R9],#4 SWI "OS_WriteC" LDR R0,[R9],#4 SWI "OS_WriteC" LDR R0,[R9],#4 SWI "OS_WriteC" CMP R0,#&BB BNE Ba45% SWI &000111 ; VDU 17 ;MOV R0,#&83 ; light grey background MOV R0,#%10000100 ; light grey background SWI "OS_WriteC" SWI &00010C ; clear screen SWI &000105 ; join text and graphic cursors ;SWI &000112 ; VDU 18 ;MOV R0,#&00 ; overwrite colour on screen ;SWI "OS_WriteC" ;MOV R0,#&07 ; temp ;SWI "OS_WriteC" MOV PC,R14 .Ba46% ADR R0,Da16% MOV R1,#0 ADR R2,Da17% SWI "Wimp_ReportError" SWI "OS_Exit" .Da16% ;mode change error message EQUD &00000000 EQUD &276E6143 ;"Can\'t change to 800*600 screen mode. EQUD &68632074 ; To avoid this message, please change EQUD &65676E61 ; to mode 15 in the options menu" EQUD &206F7420 EQUD &2A303038 EQUD &20303036 EQUD &65726373 EQUD &6D206E65 EQUD &2E65646F EQUD &54202020 EQUD &7661206F EQUD &2064696F EQUD &73696874 EQUD &73656D20 EQUD &65676173 EQUD &6C70202C EQUD &65736165 EQUD &61686320 EQUD &2065676E EQUD &6D206F74 EQUD &2065646F EQUD &69203531 EQUD &6874206E EQUD &706F2065 EQUD &6E6F6974 EQUD &656D2073 EQUD &0000756E .Da17% EQUD &5F6D7241 ; "Arm_Debug" EQUD &75626544 EQUD &00000067 ;***no label - is this code used ? .Ba46a% ; label added manually but not referenced ?? MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV R0,#8 SWI "OS_WriteC" MOV R0,#&32 SWI "OS_WriteC" MOV R0,#4 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white MOV R0,#%10111111 ; white SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#7 SWI "OS_WriteC" MOV R0,#&31 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" SWI &000111 MOV R0,#&FF ; SWI "OS_WriteC" SWI &00010C SWI &000111 ;MOV R0,#&20 ; MOV R0,#&20 SWI "OS_WriteC" SWI "OS_NewLine" SWI "OS_NewLine" MOV PC,R14 .Ba47% .Da18% BL Ba618% ADR R0,Da19% SWI "OS_Write0" SWI "OS_RestoreCursors" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADD R0,R12,#&0168 MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% SWI "OS_RemoveCursors" CMP R1,#0 BEQ Ba12% ; update instructions on screen MOV R0,#&10 ADD R1,R12,#&0168 MOV R2,#&FF SWI "XOS_ReadUnsigned" ADRVS R1,Da18% STMVSFD R13!,{R1} BVS Ba630% ;BIC R2,R2,#3 ; clears the lower 2 address bits of R7. ;BIC R2,R2,#&80000000 MOV R7,R2 B Ba12% ; update instructions on screen .Da19% EQUD &654E2020 EQUD &64412077 EQUD &73657264 EQUD &26203A73 EQUD &00000000 .Ba48% SWI "OS_RemoveCursors" B Ba12% ; update instructions on screen .Ba49% .Da20% BL Ba618% SWI &00010B ADR R0,Da21% SWI "OS_Write0" SWI "OS_RestoreCursors" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADD R0,R12,#&0168 MOV R1,#2 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 BEQ Ba48% MOV R0,#&0A ADD R1,R12,#&0168 MOV R2,#&FF SWI "XOS_ReadUnsigned" ADRVS R1,Da20% STMVSFD R13!,{R1} BVS Ba630% CMP R2,#&10 ADR R14,Da20% BGE Ba363% MOV R6,R2 SWI "OS_NewLine" .Ba50% ADR R0,Da22% ; " Old value = &" SWI "OS_Write0" LDR R0,[R12,R6,LSL #2] ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" SWI "OS_NewLine" ADR R0,Da23% ; " Enter new value &" SWI "OS_Write0" ADD R0,R12,#&0168 MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% SWI "OS_RemoveCursors" CMP R1,#0 BEQ Ba12% ; update instructions on screen MOV R0,#&10 ADD R1,R12,#&0168 MOV R2,#&FF SWI "XOS_ReadUnsigned" MOVVS R1,#1 BVS Ba630% CMP R6,#&0F MOVEQ R0,R2 BEQ Ba192% STR R2,[R12,R6,LSL #2] ADD R0,R12,#&88 ; base address for sandbox registers STR R2,[R0,R6,LSL #2] BL Ba477% BL Ba78% B Ba12% ; update instructions on screen .Da21% EQUD &746E4520 EQUD &72207265 EQUD &73696765 EQUD &3A726574 EQUD &00005220 .Da22% EQUD &646C4F20 EQUD &6C617620 EQUD &3D206575 EQUD &00002620 .Da23% EQUD &746E4520 EQUD &6E207265 EQUD &76207765 EQUD &65756C61 EQUD &0000263A .Ba51% ; this was over-writing R15 in the register field - why ?? ; re-used to write PSR to screen ;LDR R0,[R12,#120] ;CMP R0,#0 ;MOVEQ PC,R14 SWI &000105 ; join text and graphics cursors MOV R0,#4 ; move absolute ;MOV R1,#&03E8 ;MOV R1,#&0500 ; new PSR field to the right of R15 MOV R1,#&03E8 ; new PSR field above R4 ADD R1,R1,#&1E LDR R2,[R12,#1908] ; mode 31 or mode 15 ? CMP R2,#&1F ; mode 31 MOVEQ R2,#&2E ; mode 31 MOVNE R2,#&2C ; mode 15 ADD R2,R2,#&148 ; new PSR field above R4 SWI "OS_Plot" MOV R0,#&011C LDR R1,[R12,#112] ADR R2,Da24% ; "Value\r" MOV R5,#0 SWI "OS_SpriteOp" MOV R0,#4 ;MOV R1,#&03E8 ;MOV R1,#&0500 ; new PSR field to the right of R15 MOV R1,#&03E8 ; new PSR field above R4 ADD R1,R1,#&40 LDR R2,[R12,#1908] ; 32 bit CMP R2,#&1F ; 32 bit MOVEQ R2,#&4A MOVNE R2,#&54 ADD R2,R2,#&148 ; new PSR field above R4 SWI "OS_Plot" LDR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R0,#1 ;LDR R0,[R12,#60] ; break PC LDR R0,[R12,#64] ; load break PSR instead ORREQ R0,R0,#3 ; cludges the mode for graphic ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" SWI &000104 LDMFD R13!,{PC} .Da24% EQUD &756C6156 ; "Value" EQUD &00000D65 .Ba52% LDR R0,[R12,#68] ; break and escape state OS_Byte_200 CMP R0,#1 ; escape disabled BEQ Ba13% BL Ba618% LDR R0,[R12,#204] CMP R0,#0 ADREQ R0,Da25% ; " BreakPoint is already cleared" ADRNE R0,Da26% ; " Clear BreakPoint (Y/N)" SWI "OS_Write0" SWI "OS_RestoreCursors" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" SWI "OS_ReadC" LDR R0,[R12,#204] ; 32 bit CMP R0,#0 ; 32 bit BNE r1 ;SWIEQ "OS_RemoveCursors" ;BEQ Ba12% SWI "OS_RemoveCursors" B Ba12% ; update instructions on screen .r1 AND R0,R0,#&5F CMP R0,#&59 MOVNE R0,#&4E SWI "OS_WriteC" BNE Ba12% ; check whether flags are affected by SWI ?? MOV R0,#0 STR R0,[R12,#204] B Ba12% ; update instructions on screen .Da25% EQUD &65724220 EQUD &6F506B61 EQUD &20746E69 EQUD &61207369 EQUD &6165726C EQUD &63207964 EQUD &7261656C EQUD &00006465 .Da26% EQUD &656C4320 EQUD &42207261 EQUD &6B616572 EQUD &6E696F50 EQUD &59282074 EQUD &00294E2F .Ba53% LDR R0,[R12,#68] ; break and escape state OS_Byte_200 CMP R0,#0 ; normal escape / normal reset BNE Ba13% BL Ba618% LDR R0,[R12,#2404] ; swi break function code CMP R0,#0 ADREQ R0,Da27% ; " SWI BreakPoint is already cleared" ADRNE R0,Da28% ; " Clear SWI BreakPoint (Y/N)" SWI "OS_Write0" SWI "OS_RestoreCursors" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" SWI "OS_ReadC" LDR R0,[R12,#2404] ; 32 bit swi break function code CMP R0,#0 ; 32 bit BNE r2 ;SWIEQ "OS_RemoveCursors" ;BEQ Ba12% SWI "OS_RemoveCursors" B Ba12% ; update instructions on screen .r2 AND R0,R0,#&5F CMP R0,#&59 MOVNE R0,#&4E SWI "OS_WriteC" BNE Ba12% ; ; update instructions on screen MOV R0,#0 STR R0,[R12,#2404] ; swi break function code B Ba12% ; update instructions on screen .Da27% EQUD &49575320 EQUD &65724220 EQUD &6F506B61 EQUD &20746E69 EQUD &61207369 EQUD &6165726C EQUD &63207964 EQUD &7261656C EQUD &00006465 .Da28% EQUD &656C4320 EQUD &53207261 EQUD &42204957 EQUD &6B616572 EQUD &6E696F50 EQUD &59282074 EQUD &00294E2F .Ba54% BL Ba57% ; sets colours ADR R0,Da29% SWI "OS_Write0" MOV R3,#8 LDR R4,[R12,#52] .Ba55% SWI "OS_NewLine" MOV R0,#&20 SWI "OS_WriteC" MOV R0,#&26 SWI "OS_WriteC" ; 32bit - RO530 read the SVC stack in SVC mode to avoid an abort SWI "OS_EnterOS" ; read SVC stack needs SVC mode RO5.30 LDR R0,[R4],#4 MSR CPSR_c,#%10000 ; return to 32bit USR mode ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" SUBS R3,R3,#1 BNE Ba55% BL Ba632% .Ba56% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&FF BNE r3 ; 32 bit ;SWIEQ "OS_Mouse" ;CMPEQ R2,#0 ;BEQ Ba56% SWI "OS_Mouse" ; 32 bit CMP R2,#0 ; 32 bit B Ba56% ; 32 bit .r3 B Ba12% ; update instructions on screen .Ba57% LDR R0,[R12,#1908] CMP R0,#&1F BEQ Ba58% MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&1E SWI "OS_WriteC" MOV R0,#&0B SWI "OS_WriteC" MOV R0,#&28 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white background MOV R0,#%10111111 ; white background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&1D SWI "OS_WriteC" MOV R0,#&0A SWI "OS_WriteC" MOV R0,#&27 SWI "OS_WriteC" MOV R0,#2 SWI "OS_WriteC" SWI &000111 MOV R0,#&FF ; SWI "OS_WriteC" SWI &00010C SWI &000111 MOV R0,#&20 ; SWI "OS_WriteC" MOV PC,R14 .Ba58% MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&1E SWI "OS_WriteC" MOV R0,#&1F SWI "OS_WriteC" MOV R0,#&28 SWI "OS_WriteC" MOV R0,#&17 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&87 ; black background MOV R0,#%10000000 ; black background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&1D SWI "OS_WriteC" MOV R0,#&1E SWI "OS_WriteC" MOV R0,#&27 SWI "OS_WriteC" MOV R0,#&16 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white background MOV R0,#%10111111 ; white background SWI "OS_WriteC" SWI &00010C SWI &000111 ;MOV R0,#8 ; blue MOV R0,#%00110000 ; blue SWI "OS_WriteC" MOV PC,R14 .Da29% EQUD &53202020 EQUD &6B636174 EQUD &00000000 .Ba59% ; break offset +10b0 ; ARM instruction decode then 'run' instruction in sandbox ; same register values and PSR, just runs at a different address ! ; S-step comes here from Ba645 ADD R7,R7,#4 ; current break PC STR R7,[R12,#448] ; save current break PC STR R13,[R12,#380]; save current break R13 BL Ba623% ; load R0,R1 Da306/7 based upon Da309<>0 MOV R9,#0 STR R9,[R12,#2680] LDR R0,[R12,#92] ; load next sandbox instruction ; R0 is maintained for several labels until the sandbox runs LDR R1,[R12,#60] ; break PC ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 ; does nothing now SUB R1,R1,#8 STR R1,[R12,#376] ; save PC-8 without PSR bits MOV R2,R12 BL Ba486% ; outputs single instruction to data/text file ; more instruction decode logic TST R0,#&08000000 ; bit27 BNE Ba61% TST R0,#&04000000 ; bit26 BNE Ba60% TST R0,#&02000000 ; bit25 BNE Ba102% ; branch or arithmetic with opcodes TST R0,#&01000000 ; bit24 TSTNE R0,#&10 ; bit28 TSTNE R0,#&80 ; bit31 BNE Ba66% ; TST R0,#&10 ; TSTNE R0,#&80 ; BNE Ba191% ; B Ba102% ; instruction decode .Ba60% ;load store ; LDMIA R13!,{R0-R2,R9,PC} E8BD8207 comes through here TST R0,#&02000000 TSTNE R0,#&10 BNE Ba398% ; B Ba141% ; E8BD8207 comes through here .Ba61% ;bit 27 set TST R0,#&04000000 ; bit26 BNE Ba63% ; 11xx coproc or swi TST R0,#&02000000 ; bit25 BNE Ba100% ; 101x branch instruction B Ba142% ; 100x block data transfer .Ba62% ; copy break registers to sandbox ; ctrl-shft-minus comes through here from Ba8 Ba10 STR R13,[R12,#380] STR R14,[R12,#384] MOV R0,R12 LDMIA R0,{R0-R11} ; load break R0 - R11 STR R0,[R12,#&88] ; base offset for single step registers ADD R0,R12,#&88 ; base offset for single step registers STMIB R0,{R1-R11} ; save break R1 - R11 in SStep store LDR R0,[R12,#48] ; break R12 STR R0,[R12,#184] ; single step R12 LDR R0,[R12,#52] ; break R13 STR R0,[R12,#188] ; single step R13 LDR R0,[R12,#56] ; break R14 STR R0,[R12,#192] ; single step R14 LDR R0,[R12,#68] ; break and escape state OS_Byte_200 CMP R0,#1 ; escape disabled LDRNE R0,[R12,#76] ; address of break instruction LDREQ R0,[R12,#116] ;LDR R1,[R12,#60] ; break PC <- was in v45 ;AND R1,R1,#&FC000003 ; <- flags needs work ;ADD R0,R0,R1 ; <-- adding in just the PC flags .Ba62a% ;added missing label from undefined instruction code ADD R0,R0,#8 STR R0,[R12,#196] ; sandbox PC STR R0,[R12,#60] ; break PC ; added for 32bit LDR R0,[R12,#64] ; break PSR STR R0,[R12,#220] ; sandbox PSR ; B067 fix AND R0,R0,#3 ; B067 get the SVC mode bits CMP R0,#3 ; B067 SVC mode ? MOVEQ R0,#1 ; B067 MOVNE R0,#0 STR R0,[R12,#396] ; B067 required for Ba193 LDR R13,[R12,#380] LDR PC,[R12,#384] ; v83 still failing here .Ba63% ;11xx coproc or swi decode BL Ba82% ; checks R7 vs. #60 and beeps if different ! BNE Ba12% ; updates screen if R7 <> #60 BL Ba84% AND R1,R0,#&0F000000 ; swi instruction CMP R1,#&0C000000 ; coproc data transfer CMPNE R1,#&0D000000 ; coproc data transfer with P set STREQ R0,Da30% BEQ Ba643% CMP R1,#&0F000000 ; swi instruction STRNE R0,Da30% BNE Ba64% ; SWI instruction processing ORR R0,R0,#&00020000 STR R0,Da30% LDR R1,[R12,#120] ; m-step trace enabled = 1 CMP R1,#0 BEQ Ba67% MOV R3,R0 BIC R3,R3,#&00020000 BIC R3,R3,#&FF000000 CMP R3,#0 CMPNE R3,#2 BEQ Ba197% ; single step LDR R1,[R12,#388] AND R2,R3,R1 CMP R2,#0 BNE Ba67% TST R3,#&0100 BNE Ba197% ; single step B Ba67% .Ba64% ; run SWI in sandbox e.g. SWI OS_GetEnv ADR R1,Da30% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" ;LDR R0,[R12,#60] LDR R0,[R12,#64] ; break PSR ;AND R0,R0,#&FC000003 ; get flags ;TEQP PC,R0 ;NOP missing in original code MSR CPSR_cf,R0 ; return to mode at break LDMIA R12,{R0-R14} ; load break registers .Da30% ;swi instruction is run here ; e.g. OS_GetEnv ;***************************************************************** ANDEQ R0,R0,R0 ; <-- sandbox instruction for s/m-step ;***************************************************************** STR R12,Da31%; STR R14,Da32% ; added for 32bit MRS R14,CPSR ; read PSR STR R14,psr_3 ; save sandbox PSR BL Ba651% ; this reloads module base R12 ADD R14,R12,#&88 ; base offset for single step registers STMIA R14,{R0-R11} ; save sandbox registers R0-R11 STR R13,[R12,#188];R13 LDR R14,Da31% STR R14,[R12,#184];R12 LDR R14,Da32% STR R14,[R12,#192];R14 ; 32bit - save PSR to location #220 LDR R0,psr_3 ; load sandbox PSR reading PC ?? ;MRS R0,CPSR ; ;STR PC,[R12,#196] ; save PC for flags STR R0,[R12,#220] ; sandbox PSR ;LDR R0,[R12,#196] ; reload sandbox PC for flags ;AND R0,R0,#&FC000003 ;LDR R1,[R12,#60] ; break PC ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 ; getting 26bit address ;ADD R0,R0,R1 ; adding in the flags ;STR R0,[R12,#60] ; break PC STR R0,[R12,#64] ; break PSR LDR R7,[R12,#448] ; load current break PC LDR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R0,#1 ; MOV R2,R7 ;ORR R2,R2,#3 ; 32bit #192 is R14. Do below. ; B055 corrupting R14_SVC here ; B055 nulled - this is how RISC OS works for SWIs in SVC mode STREQ R2,[R12,#192] ; R14 PC return address for BL etc. LDR R2,[R12,#220] ; sandbox PCR ORR R2,R2,#3 ; set SVC mode in sandbox PCR STR R2,[R12,#220] ; sandbox PCR LDR R13,[R12,#380]; reload Ba59 decode routine start R13 BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba65% ;return from running sandbox instruction STR R12,Da31% STR R14,Da32% MRS R14,CPSR ; read PSR STR R14,psr_3 ; save sandbox PSR BL Ba651% ; sets R12 to EQUD block ADD R14,R12,#&88 ; base address for sandbox registers STMIA R14,{R0-R11} ; save sandbox registers R0-R11 STR R13,[R12,#188]; R13 LDR R14,Da31% ; STR R14,[R12,#184]; R12 LDR R14,Da32% STR R14,[R12,#192];R14 ;STR PC,[R12,#196] ; save PC (saves PC flags) ; 32bit - save PSR to location #220 and #64 ; ';;' cause sandbox instruction not to run LDR R1,psr_3 ; load sandbox PSR ;MRS R1,CPSR ; load CPSR instead as PC just loaded STR R1,[R12,#64] ; update break PSR STR R1,[R12,#220]; update sandbox PSR ;merge the flags from #196 with the address in #60 ;this does nothing to #60 now ;LDR R0,[R12,#196] ; load sandbox PC for flags ;AND R0,R0,#&FC000003 ;LDR R1,[R12,#60] ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 ; get PC address ;ADD R0,R0,R1 ; add address to flags ;STR R0,[R12,#60] ; break PC LDR R7,[R12,#448] LDR R13,[R12,#380] BL Ba73% ; plots stuff on screen (registers?) B Ba12% ; update screen .psr_3 EQUD &00000000 .Da31% EQUD &00000000 .Da32% EQUD &00000000 .Ba66% BL Ba82% BNE Ba12% ; update screen BL Ba84% B Ba122% ; load instruction into sandbox .Ba67% ; swi processing comes here MOV R1,#&EF000000 ADD R1,R1,#1 BIC R0,R0,#&00020000 CMP R0,R1 BEQ Ba68% ; SWI &1 what is this ? B Ba311% .Ba68% ADR R1,Da33% .Ba69% LDRB R2,[R7],#1 STRB R2,[R1],#1 CMP R2,#0 BNE Ba69% TST R1,#3 ADDNE R1,R1,#4 BICNE R1,R1,#3 ADDNE R7,R7,#4 BICNE R7,R7,#3 LDR R0,[R12,#392] STR R0,[R1,#0] MOV R0,#0 SWI "XOS_SynchroniseCodeAreas" BL Ba70% MOV R0,R7 B Ba192% ; increments PC without running anything ? .Ba70% SWI "OS_WriteS" .Da33% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Ba71% ; SWI decode comes here BIC R0,R0,#&00020000 ADR R2,Da34% .Ba72% ; traps SWIs that will exit ; SWI "Wimp_Initialise" ; SWI "OS_Exit" LDR R1,[R2],#4 CMP R1,#0 BEQ Ba402% CMP R1,R0 BNE Ba72% BL Ba618% SWI &00010B SWI &00010B MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADR R0,Da35% ; "The next instruction will probably ; hang your computer" ; "Execute (Y/N)" ;*** added text comments from ARMalyser output to here for now *** SWI "OS_Write0" BL Ba632% SWI &000107 MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" SWI "OS_Confirm" CMP R0,#&79 BL Ba231% ; disables multi-step BEQ Ba64% ; Ba231 does not set condition flags BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Da34% SWI "Wimp_Initialise" SWI "OS_Exit" EQUD &00000000 .Da35% EQUD &20202020 EQUD &20202020 EQUD &2D2D2D2D EQUD &41572D2D EQUD &4E494E52 EQUD &2D2D2D47 EQUD &0D2D2D2D EQUD &6854200A EQUD &656E2065 EQUD &69207478 EQUD &7274736E EQUD &69746375 EQUD &77206E6F EQUD &206C6C69 EQUD &626F7270 EQUD &796C6261 EQUD &200A0D20 EQUD &20202020 EQUD &20202020 EQUD &6E616820 EQUD &6F792067 EQUD &63207275 EQUD &75706D6F EQUD &0D726574 EQUD &2020200A EQUD &20202020 EQUD &20202020 EQUD &78452020 EQUD &74756365 EQUD &59282065 EQUD &0D294E2F EQUD &0000000A .Ba73% ; plots registers on screen ADD R11,R12,#&88 ; base address for sandbox registers LDR R3,[R12,#72] ; break and escape effect CMP R3,#0 MOVNE R7,#0 BLNE Ba77% ; increment PC + 4 CMP R3,#0 BNE Ba83% LDR R3,[R12,#120] ; m-step trace enabled = 1 CMP R3,#0 BEQ Ba232% LDR R0,[R12,#1908] CMP R0,#&1F BEQ Ba75% SWI &000105 STMFD R13!,{R14} MOV R6,R12 ADR R4,Da36% BL Ba634% STMFD R13!,{R0-R2} .Ba74% LDMFD R13,{R0-R2} ADD R1,R1,#&50 SWI "OS_Plot" ADR R2,Da37% BL Ba25% LDMFD R13,{R0-R2} ADD R1,R1,#&72 ADD R2,R2,#&28 SWI "OS_Plot" LDR R0,[R11],#4 LDR R10,[R6,#0] ADD R1,R12,#&3C CMP R6,R1 BLEQ Ba77% CMP R0,R10 ADDEQ R6,R6,#4 STRNE R0,[R6,#0] SWINE &000112 MOVNE R0,#0 SWINE "OS_WriteC" ;MOVNE R0,#7 ; black MOVNE R0,#%00000000 ; black SWINE "OS_WriteC" LDRNE R0,[R6],#4 ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" SWINE &000112 MOVNE R0,#0 SWINE "OS_WriteC" ;MOVNE R0,#0 ; white MOVNE R0,#%00111111 ; white SWINE "OS_WriteC" LDMFD R13!,{R0-R2} ADD R1,R1,#&012C CMP R1,#&03E8 STMLTFD R13!,{R0-R2} SWILT "OS_Plot" BLT Ba74% MOV R1,#&32 CMP R2,#&3C SUBGT R2,R2,#&5A SWIGT "OS_Plot" STMFD R13!,{R0-R2} BGT Ba74% SWI &000104 LDMFD R13!,{R0-R2,PC} .Ba75% SWI &000105 STMFD R13!,{R14} MOV R6,R12 ADR R4,Da36% BL Ba634% STMFD R13!,{R0-R2} .Ba76% LDMFD R13,{R0-R2} ADD R1,R1,#&50 SWI "OS_Plot" ADR R2,Da37% BL Ba25% LDMFD R13,{R0-R2} ADD R1,R1,#&72 ADD R2,R2,#&1C SWI "OS_Plot" LDR R0,[R11],#4 LDR R10,[R6,#0] ADD R1,R12,#&3C CMP R6,R1 BLEQ Ba77% ; called for first sandbox instruction CMP R0,R10 ADDEQ R6,R6,#4 STRNE R0,[R6,#0] SWINE &000112 MOVNE R0,#0 SWINE "OS_WriteC" MOVNE R0,#&0B SWINE "OS_WriteC" LDRNE R0,[R6],#4 ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" SWINE &000112 MOVNE R0,#0 SWINE "OS_WriteC" MOVNE R0,#7 SWINE "OS_WriteC" LDMFD R13!,{R0-R2} ADD R1,R1,#&012C CMP R1,#&03E8 STMLTFD R13!,{R0-R2} SWILT "OS_Plot" BLT Ba76% MOV R1,#&32 CMP R2,#&3C SUBGT R2,R2,#&5A SWIGT "OS_Plot" STMFD R13!,{R0-R2} BGT Ba76% SWI &000104 LDMFD R13!,{R0-R2,PC} .Ba77% ;reads current sandbox instruction at address R7 ;increments PC =+ 4 STMFD R13!,{R14} SWI "OS_EnterOS" LDR R1,[R7,#0] ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; return to 32bit USR mode STR R1,[R12,#92] LDR R1,[R12,#60] ; PC ADD R1,R1,#4 ; increment PC STR R1,[R12,#60] ; PC STR R1,[R12,#196] ; added for 32bit - this was R1 originally ; and caused corruption of the PC LDR R0,[R12,#64] ; break PSR STR R0,[R12,#220] ; sandbox PSR LDR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R0,#1 ;ORREQ R1,R1,#3 ; 32bit R1 is PC so do below MOV R0,R1 LDR R1,[R12,#64] ; break PSR ORREQ R1,R1,#3 ; USR26 and USR32 STR R1,[R12,#64] ; break PSR LDMFD R13!,{PC} .Ba78% LDR R0,[R12,#1908] CMP R0,#&1F BEQ Ba80% SWI &000105 STMFD R13!,{R14} MOV R6,R12 ADD R11,R12,#&88 ; base address for sandbox registers ADR R4,Da36% BL Ba634% STMFD R13!,{R0-R2} .Ba79% LDMFD R13,{R0-R2} ADD R1,R1,#&50 SWI "OS_Plot" ADR R2,Da37% BL Ba25% LDMFD R13,{R0-R2} ADD R1,R1,#&72 ADD R2,R2,#&28 SWI "OS_Plot" LDR R0,[R11],#4 LDR R10,[R6,#0] ADD R1,R12,#&3C CMP R6,R1 CMPNE R0,R10 ADDEQ R6,R6,#4 STRNE R0,[R6,#0] SWINE &000112 MOVNE R0,#0 SWINE "OS_WriteC" ;MOVNE R0,#7 ; black MOVNE R0,#%00000000 ; black SWINE "OS_WriteC" LDRNE R0,[R6],#4 ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" SWINE &000112 MOVNE R0,#0 SWINE "OS_WriteC" ;MOVNE R0,#0 ; white MOVNE R0,#%00111111 ; white SWINE "OS_WriteC" LDMFD R13!,{R0-R2} ADD R1,R1,#&012C CMP R1,#&03E8 STMLTFD R13!,{R0-R2} SWILT "OS_Plot" BLT Ba79% MOV R1,#&32 CMP R2,#&3C SUBGT R2,R2,#&5A SWIGT "OS_Plot" STMFD R13!,{R0-R2} BGT Ba79% SWI &000104 LDMFD R13!,{R0-R2,PC} .Ba80% SWI &000105 STMFD R13!,{R14} MOV R6,R12 ADD R11,R12,#&88 ; base address for sandbox registers ADR R4,Da36% BL Ba634% STMFD R13!,{R0-R2} .Ba81% LDMFD R13,{R0-R2} ADD R1,R1,#&50 SWI "OS_Plot" ADR R2,Da37% BL Ba25% LDMFD R13,{R0-R2} ADD R1,R1,#&72 ADD R2,R2,#&1C SWI "OS_Plot" LDR R0,[R11],#4 LDR R10,[R6,#0] ADD R1,R12,#&3C CMP R6,R1 CMPNE R0,R10 ADDEQ R6,R6,#4 STRNE R0,[R6,#0] SWINE &000112 MOVNE R0,#0 SWINE "OS_WriteC" MOVNE R0,#&0B SWINE "OS_WriteC" LDRNE R0,[R6],#4 ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" SWINE &000112 MOVNE R0,#0 SWINE "OS_WriteC" MOVNE R0,#7 SWINE "OS_WriteC" LDMFD R13!,{R0-R2} ADD R1,R1,#&012C CMP R1,#&03E8 STMLTFD R13!,{R0-R2} SWILT "OS_Plot" BLT Ba81% MOV R1,#&32 CMP R2,#&3C SUBGT R2,R2,#&5A SWIGT "OS_Plot" STMFD R13!,{R0-R2} BGT Ba81% SWI &000104 LDMFD R13!,{R0-R2,PC} .Ba82% ; used in instruction decode ; checks address then beeps LDR R6,[R12,#72] ; break and escape effect flag CMP R6,#1 MOVEQ PC,R14 LDR R8,[R12,#376] ; saved #60 in Ba59% ADD R8,R8,#4 CMP R8,R7 SWINE &000107 ; beep ! SUBNE R7,R8,#4 ; break address pointer MOV PC,R14 .Da36% EQUD &00000004 EQUD &00000032 EQUD &0000013C .Da37% EQUD &756C6156 EQUD &00000D65 .Ba83% ADD R0,R12,#&88 ; base address for sandbox registers LDMIA R0,{R0-R11} ; read sandbox registers MOV R14,R12 STMIA R14,{R0-R11} ; write break registers LDR R0,[R12,#184] STR R0,[R12,#48] LDR R0,[R12,#188] STR R0,[R12,#52] LDR R0,[R12,#192] STR R0,[R12,#56] B Ba18% .Ba84% ; this processes the conditional bits in the instruction AND R1,R0,#&F0000000 ; PSR flags only MOV R1,R1,LSR #28 ; move to bottom 4 bits ;LDR R2,[R12,#60] LDR R2,[R12,#64] ; break PSR AND R2,R2,#&F0000000 ; PSR flags only ADD PC,PC,R1,LSL #2 ; MOV R0,R0 B Ba86% ; 0 EQ B Ba87% ; 1 NE B Ba88% ; 2 CS B Ba89% ; 3 CC B Ba90% ; 4 MI B Ba91% ; 5 PL B Ba92% ; 6 VS B Ba93% ; 7 VC B Ba94% ; 8 HI B Ba95% ; 9 LS B Ba96% ; 10 GE B Ba97% ; 11 LT B Ba98% ; 12 GT B Ba99% ; 13 LE MOV PC,R14; 14 AL B Ba85% ; 15 NV .Ba85% ; instruction not processed due to condition not valid ; so load the next instruction BL Ba73% ; plots registers on screen SWI "OS_EnterOS" LDR R1,[R7,#0] ; load break instruction ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; return to 32bit USR mode STR R1,[R12,#92] ; save break instruction B Ba12% ; show new instruction on the screen .Ba86% ; EQ - Z set TST R2,#&40000000 ; Z MOVNE PC,R14 B Ba85% .Ba87% TST R2,#&40000000 MOVEQ PC,R14 B Ba85% .Ba88% TST R2,#&20000000 MOVNE PC,R14 B Ba85% .Ba89% TST R2,#&20000000 MOVEQ PC,R14 B Ba85% .Ba90% TST R2,#&80000000 MOVNE PC,R14 ; B Ba85% .Ba91% TST R2,#&80000000 MOVEQ PC,R14 ; B Ba85% .Ba92% TST R2,#&10000000 MOVNE PC,R14 B Ba85% .Ba93% TST R2,#&10000000 ; V MOVEQ PC,R14 B Ba85% .Ba94% ; HI - C set and Z clear TST R2,#&20000000 ; C BEQ Ba85% TST R2,#&40000000 ; Z BNE Ba85% MOV PC,R14 .Ba95% ; LS - C clear or Z set TST R2,#&40000000 ; Z MOVNE PC,R14 TST R2,#&20000000 ; C MOVEQ PC,R14 BNE Ba85% .Ba96% AND R2,R2,#&90000000 CMP R2,#&90000000 MOVEQ PC,R14 CMP R2,#0 MOVEQ PC,R14 B Ba85% .Ba97% AND R2,R2,#&90000000 CMP R2,#&80000000 MOVEQ PC,R14 ; CMP R2,#&10000000 MOVEQ PC,R14 B Ba85% .Ba98% ANDS R2,R2,#&D0000000 MOVEQ PC,R14 CMP R2,#&90000000 MOVEQ PC,R14 B Ba85% .Ba99% TST R2,#&40000000 MOVNE PC,R14 AND R2,R2,#&90000000 CMP R2,#&80000000 MOVEQ PC,R14 ; CMP R2,#&10000000 MOVEQ PC,R14 B Ba85% .Ba100% ;101x branch instruction ;calculates new value for R7 which should point at the jump addr. BL Ba82% ; checks #72 <> 1, and then checks #376 BNE Ba12% ; updates screen BL Ba84% ; processes PSR flags SUB R7,R7,#4 MOV R8,R7 ; save R7 into R8 ; Theo's original code commented out v169 ;LDR R1,[R12,#400] ; &00FF0000 pre set ;AND R2,R0,R1 ;CMP R2,R1 ;MOV R0,R0,LSL #8 ;MOVNE R0,R0,LSR #6 ;ADDNE R0,R0,#8 ;BLEQ Ba101% ;SUBEQ R7,R7,R0 ; check R7 is correct here for 32bit ?? ;ADDNE R7,R7,R0 ; R7 corrupting here as not 32bit address ?? LDR R1,[R12,#400] ; v169 &00FFFFFF pre set ; v169 replaced with code from DeepSeek - easier to understand ? ; Compact version (DeepSeek comments) ;LDR R0, =0xEAFECAE5 ;AND R1,R0,#&00FFFFFF ; Get offset AND R1,R0,R1 ; Get offset R1 = 0x00FFFFFF TST R1,#&00800000 ; Check sign ORRNE R1,R1,#&FF000000 ; Sign extend if negative MOV R1,R1,LSL #2 ; Multiply by 4 ADD R7,R7,#8 ; PC + 8 ADD R7,R7,R1 ; Final target ; added by trial and error - need to understand this further ?? ; B075 reverted this change as not required on RO530 on ARMBE ; B077 reverted the revert - required for EAFED58A ;CMP R7,R8 ; has R7 decreased ? ;BICNE R7,R7,#&04000000 ; 32bit - corrects branch address ;BICLS R7,R7,#&04000000 ; 32bit B077 corrects branch address ;LDR R0,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R7,R7,R0 ; just address of R7 - no flags ; v164 ; BL Ba413% ; sets R7 to 0 if not within defined mem map ;LDR R0,[R12,#60] ;AND R0,R0,#&FC000003 ; just flags ; 32bit LDR R1,[R12,#64] ; read break PSR ; swapped over R0 and R1 - not sure if required ?? LDR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R0,#1 ;MOV R1,R0 ORREQ R1,R1,#3 ; SVC26 (SVC32) mode STREQ R1,[R12,#64] ; 32bit update break PSR (#196 below) STR R1,[R12,#220] ; 32bit update sandbox PSR (#196 below) ;ADD R0,R0,R7 ; add PC flags to R7 MOV R0,R7 ; added for 32bit ADD R0,R0,#4 STR R0,[R12,#60] ; update break PC STR R0,[R12,#196] ; update sandbox PC LDR R0,[R12,#92] ; copy of branch instruction TST R0,#&01000000 ; bit24 - check for BL instruction ADDNE R0,R8,#4 ;ORRNE R0,R0,R1 ; 32bit fix for BL bug_1 STRNE R0,[R12,#192] ; PC return address for BL BL Ba73% ; plots registers on screen SWI "OS_EnterOS" LDR R1,[R7,#0] ; load instruction at break location ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000; return to 32bit USR mode STR R1,[R12,#92] ; save break instruction B Ba12% ; update instructions on screen .Ba101% ;twos complement conversion for B instruction address MOV R0,R0,LSR #8 MVN R1,#0 MOV R1,R1,LSR #8 SUB R0,R1,R0 MOV R0,R0,LSL #2 SUB R0,R0,#4 MOV PC,R14 .Ba102% ;decoding for branch or arithmetic (with opcodes) instructions ;E10F0000 MRS CRSP,R0 comes here BL Ba82% ; beeps if something not = R7 BNE Ba12% ; update instructions on screen BL Ba84% ; processes status flags TST R0,#&02000000 ; I bit = immediate ; 0 = Operand 2 is a register ; 1 = Operand 2 is an immediate value BNE Ba121% ; arithmetic instructions with I bit ;non immediate - lower 4 bits are Rm TST R0,#&01000000 ; bit 24 first bit of opcode ANDNE R2,R0,#&01E00000; get the four opcode bits CMPNE R2,#&01800000 ; 1100 ORR CMPNE R2,#&01C00000 ; 1110 BIC CMPNE R2,#&01A00000 ; 1101(0) MOV CMPNE R2,#&01E00000 ; 1111 MVN BEQ Ba131% ; data processing instruction decode ANDS R1,R0,#&0FF0 TSTNE R0,#&10 BEQ Ba116% ; MRS branches here e.g. E10F0000 MOV R5,#0 MOV R6,#0 MOV R10,#1 AND R2,R0,#&0F ORR R5,R5,R10,LSL R2 AND R2,R0,#&0F00 MOV R2,R2,LSR #8 ORR R5,R5,R10,LSL R2 AND R2,R0,#&000F0000 ; <- Rd = R15, TEQP, MSR MOV R2,R2,LSR #16 ORR R5,R5,R10,LSL R2 MOV R4,#1 AND R1,R0,#&0F CMP R1,#&0F BNE Ba104% .Ba103% TST R5,R4 ADDNE R6,R6,#1 MOVNE R4,R4,LSL #1 BNE Ba103% EOR R0,R0,#&0F ADD R0,R0,R6 ORR R9,R9,#8 ; what is R9 ? LDR R10,[R12,#60] ; PC ; this is missing the two instructions to remove flags - as below? ; STMFD R13!,{R6,R10} ; R6,R10 used in jump table at Ba109 ADD R6,R6,#1 MOV R4,R4,LSL #1 .Ba104% ; E13FF000 TEQP PC,R0 would come to here AND R1,R0,#&0F00 CMP R1,#&0F00 BNE Ba106% .Ba105% TST R4,R5 ADDNE R6,R6,#1 MOVNE R4,R4,LSL #1 BNE Ba105% EOR R0,R0,#&0F00 ADD R0,R0,R6,LSL #8 EOR R9,R9,#4 LDR R10,[R12,#60] ; PC ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R10,R10,R2 ; does nothing now ; v122 commented out the {R6,R10} code ; STMFD R13!,{R6,R10} ; R6,R10 used in jump table at Ba109 ADD R6,R6,#1 MOV R4,R4,LSL #1 .Ba106% AND R1,R0,#&000F0000 CMP R1,#&000F0000 BNE Ba108% .Ba107% TST R4,R5 ADDNE R6,R6,#1 MOVNE R4,R4,LSL #1 BNE Ba107% EOR R0,R0,#&000F0000 ADD R0,R0,R6,LSL #16 EOR R9,R9,#2 LDR R10,[R12,#60] ; PC ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R10,R10,R2 ; v122 commented out the {R6,R10} code ;STMFD R13!,{R6,R10}; R6,R10 used in jump table at Ba109 .Ba108% CMP R9,#0 ; check instruction type to run sandbox? BEQ Ba122% STR R0,Da38% ; load instruction into sandbox ADR R1,Da38% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" LDMIA R12,{R0-R5} TST R9,#2 BLNE Ba109% TST R9,#4 BLNE Ba109% TST R9,#8 BLNE Ba109% LDR R9,[R12,#64] ; PSR ;TEQP PC,R9 ; no NOP ?? MSR CPSR_cf,R9 ADD R6,R12,#&18 LDMIA R6,{R6-R14} .Da38% ;***************************************************************** ANDEQ R0,R0,R0 ; sandbox instruction placed here ;***************************************************************** BL Ba651% ; sets R12 to EQUD block at end of module ;MOV R0,PC ; reading the PC flags, so do this with PSR ;AND R0,R0,#&FC000003 ;LDR R1,[R12,#60] ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 ;ORR R0,R0,R1 ;STR R0,[R12,#60] ; 32bit MRS R1,CPSR STR R1,[R12,#64] ; PSR LDR R7,[R12,#448] LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba109% MOV PC,R14 ; added for v122 - removes jump table ; jump table on R6 - no idea what this does on TEQP PC,R0 ?? ; jump table not working, jumping from B7C to BC0 with R6 = &0F ; jump table just happened to jump straight to a MOV PC,R14 ! LDMFD R13,{R6,R10} ADD PC,PC,R6,LSL #2 MOV R0,R0 B Ba110% B Ba111% B Ba112% B Ba113% B Ba114% B Ba115% .Ba110% MOV R0,R10 MOV PC,R14 .Ba111% MOV R1,R10 MOV PC,R14 .Ba112% MOV R2,R10 MOV PC,R14 .Ba113% MOV R3,R10 MOV PC,R14 .Ba114% MOV R4,R10 MOV PC,R14 .Ba115% MOV R5,R10 MOV PC,R14 .Ba116% ; MRS R0,CPSR E10F0000 comes here AND R1,R0,#&0F CMP R1,#&0F BNE Ba117% ; MRS R0,CPSR E10F0000 branches here EOR R0,R0,#&0F ORR R9,R9,#8 ANDS R1,R0,#&000F0000 ADDEQ R0,R0,#1 .Ba117% ; MRS R0,CPSR E10F0000 instruction comes here AND R1,R0,#&000F0000 ; MRS instruction has these bits set CMP R1,#&000F0000 ; BNE Ba118% ; Need to check what this does 32bit? ; EOR R0,R0,#&000F0000 ; blank out R15 source reg ?? ORR R9,R9,#2 ; set if MSR instruction ; not sure what this original 26bit code was for ? ;ANDS R1,R0,#&0F ;ADDEQ R0,R0,#&00010000 ; E1000000-> E1010000 ; 32bit v124 added code to run MRS Rx,CPSR here directly ; get destination register from instruction AND R1,R0,#&0000F000 ; extract destination register ;MOV R1,R1,ROR #12 ; get register number ;MOV R1,R1,ROL #2 ; calculate memory offset MOV R1,R1,ROR #10 ; register memory offset ADD R1,R1,#136 ; offset for sandbox registers LDR R0,[R12,#64] ; read CPSR register STR R0,[R12,R1] ; write to destination register ; copied from below - update screen with new registers etc LDR R7,[R12,#448] LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba118% ;R9 = #2 when destination register R15 26bit, MRS 32bit CMP R9,#0 ; not MRS instruction 32bit BEQ Ba122% ; sandbox no longer used for MRS instruction execution ; we now simply copy the CPSR (#64) into the correct register ;STR R0,Da39% ; load instruction into sandbox AND R1,R0,#&F000 ; get destination register CMP R1,#&F000 ; checks control flags in reg for MSR CPSR_c,Rx ?? BLEQ Ba411% ; destination register is R15 - special case TST R9,#2 ; MRS instruction BEQ Ba119% ; branch if not #2 LDR R3,[R12,#60] ; PC ;LDR R4,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R3,R3,R4 AND R1,R0,#&000F0000 ; get source register ? MOV R1,R1,ROR #16 STMFD R13!,{R1,R3} .Ba119% TST R9,#8 ; check instruction type to run sandbox? BEQ Ba120% AND R1,R0,#&0F LDR R3,[R12,#60] ; PC STMFD R13!,{R1,R3} .Ba120% B Ba120a% ; jump directly to new code MRS Rx,CPSR ; sandbox code is no longer used v124 ADR R1,Da39% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" LDMIA R12,{R0-R5} TST R9,#8 BLNE Ba109% TST R9,#2 BLNE Ba109% ;LDR R9,[R12,#60] LDR R9,[R12,#64] ; PSR ;TEQP PC,R9 ; missing NOP ?? MSR CPSR_cf,R9 ADD R6,R12,#&18 LDMIA R6,{R6-R14} .Da39% ; sandbox for MRS R0,CPSR E10F0000 also TEQP PC,Rx for 26bit ; v120 re-witten - was totally wrong for 32bit ; if output register in sandbox is R0, then ; R0 is being overwitten below before being saved ; this sandbox only saved R15 ANDEQ R0,R0,R0 ;<- instruction sandbox ;***************************************************************** BL Ba651% ; sets R12 to EQUD block at end of module ;MOV R0,PC MRS R0,CPSR ; 32bit ;AND R0,R0,#&FC000003 ; R0 = PC flags ;LDR R1,[R12,#60] ; loads PC adress ;LDR R2,[R12,#132] ; 3FFFFFFC ;AND R1,R1,R2 ; moves PC address into R1 ;ORR R0,R0,R1 ; recombines PC addr with status ;STR R0,[R12,#60] STR R0,[R12,#64] ; 32bit udate PSR .Ba120a% ; LDR R7,[R12,#448] LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba121% ; arithmetic instructions with opcodes ; on entry R0 must contain instruction to run in sandbox TST R0,#&01000000 ; single data swap or ANDNE R2,R0,#&01E00000 CMPNE R2,#&01800000 ; TST CMPNE R2,#&01C00000 ; ORR BEQ Ba124% CMP R2,#&01A00000 ; CMP CMPNE R2,#&01E00000 ; BIC BEQ Ba123% ; TEQP PC,#0 comes here - but no longer valid for 32bit ;AND R1,R0,#&000F0000 ; ;CMP R1,#&000F0000 ; this was used to detect TEQP PC,x ; 32bit AND R1,R0,#&0001F000 ; mask MSR CPSR_c bit CMP R1,#&0001F000 ; changing processor mode to USR ? ANDEQ R1,R0,#&00400000 ; source PSR bit, 0=CPSR, 1=SPSR TSTEQ R1,#&00400000 ; must be CPSR to change mode now BEQ Ba128% .Ba122% STR R0,Da40% ; B069 belt and braces fix for for #396 not being set correctly LDR R0,[R12,#64] ; break PSR AND R0,R0,#3 ; get the SVC mode bits CMP R0,#3 ; SVC mode ? MOVEQ R0,#1 ; SVC mode flag MOVNE R0,#0 ; USR mode flag STR R0,[R12,#396] ; required for Ba193 ADR R1,Da40% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" BL Ba193% ; reload PSR for USR or SVC mode LDMIA R12,{R0-R14} ; load sandbox registers and go .Da40% ; sandbox used for certain instructions ; STMFD R13!,{R14} comes through here (fails with R13 = 0 v126??) ; MOVVS R0,#0 not working ?? V flag changing after LDMIA above ?? ANDEQ R0,R0,R0 ;<- sandbox instructions run here **** B Ba195% .Ba123% ; destination register R15 e.g. ADD PC,R5,#&4C AND R1,R0,#&F000 CMP R1,#&F000 BNE Ba122% BIC R0,R0,#&F000 STR R0,Da41% ADR R1,Da41% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" LDR R9,[R12,#64] ; break PSR ;TEQP PC,R9 ; missing NOP SWI "OS_EnterOS" ; B066 MOV R0,R0 ; B066 MSR CPSR_cf,R9 ; set mode to current stored mode .Da41% ;sandbox for ?? ;***************************************************************** ANDEQ R0,R0,R0 ;***************************************************************** STR R9,[R12,#64] ; B066 update PSR STR R0,[R12,#444] ; ?? B Ba130% ; reloads R7 from #444 .Ba124% ; ADD PC,R5,#&4C jumps through here BIC R1,R0,#&F000 BIC R1,R1,#&000F0000 ORR R1,R1,#&00010000 STR R1,Da42% STR R0,[R12,#440] AND R2,R0,#&F000 ; Rd destination register MOV R2,R2,ROR #12 LDR R2,[R12,R2,LSL #2] STR R2,[R12,#420] ; Rd moved to lowest nibble AND R2,R0,#&000F0000 ; MOV R2,R2,ROR #16 LDR R2,[R12,R2,LSL #2] STR R2,[R12,#424] ; Rn moved to lowest nibble AND R1,R0,#&F000 CMP R1,#&F000 ; R15 = Rd BNE Ba125% ORR R9,R9,#1 LDR R1,[R12,#60] ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;TST R9,#&20 ; <-- what is R9 ?? ;ANDEQ R1,R1,R2 LDR R2,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R2,#1 ;ORREQ R1,R1,#3 ; SVC so must be PSR STR R1,[R12,#420] ; first register (e.g. R1) ;32bit LDREQ R2,[R12,#64] ; update PSR ORREQ R2,R2,#3 ; SVC mode STREQ R2,[R12,#64] ; update PSR .Ba125% AND R1,R0,#&000F0000 CMP R1,#&000F0000 BNE Ba126% ORR R9,R9,#2 ; what is R9 ? LDR R1,[R12,#60] ; load PC ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 STR R1,[R12,#424] ; destination register / address .Ba126% STR R9,[R12,#408] BIC R9,R9,#&20 CMP R9,#0 BEQ Ba122% ADR R1,Da42% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" LDR R0,[R12,#420] ; first register (e.g. R1) LDR R1,[R12,#424] ; destination register / address LDR R2,[R12,#64] ; break PSR ;TEQP PC,R2 ; B065 cannot change the mode to SVC when in USR on RO5.30 SWI "OS_EnterOS" ; change mode to SVC MOV R0,R0 ; without the NOP we get a lock-up MSR CPSR_cf,R2 ; returns break PSR mode and flags .Da42% ; sandbox for LDR PC,[R13],#4 etc ; also for ADR R1,&203FCB94 (not working on v157) ;***************************************************************** ANDEQ R0,R0,R0 ;***************************************************************** MRS R4,CPSR ; 32bit save CPSR ;STR PC,[R12,#436] ; 1B4 ; change back to USR mode for plotting screen etc MSR CPSR_c,#%10000 ; B067 return to 32bit USR mode STR R4,[R12,#436] ; save PSR TST R9,#1 ; is R15 if Rd flag set ? BNE Ba127% LDR R4,[R12,#440] ; 1B8 = E8AD4001 last instruction AND R4,R4,#&F000 MOV R4,R4,LSR #12 ; get destination register number ADD R3,R12,#&88 ; base address for sandbox registers STR R0,[R3,R4,LSL #2] ; save address in destination reg ;LDR R3,[R12,#132] ; valid bits for PC address 3FFFFFFC ;LDR R2,[R12,#60] ;AND R2,R2,R3 ; gets PC address - removes flags ;LDR R3,[R12,#436] ; flags/control so PSR LDR R2,[R12,#436] ; flags/control so PSR - fixed in v81 ;AND R3,R3,#&FC000003 ;ORR R2,R2,R3 ;STR R2,[R12,#60] STR R2,[R12,#64] ; PSR LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba127% ; LDR PC,[R13],#4 comes here, R1 contains new R13 value, R0 = PC ; LDR PC,&00002E2C comes here B070 STR R0,[R12,#444] ; saves result of sandbox instruction LDR R4,[R12,#440] ; reload encodes instruction AND R4,R4,#&000F0000 ; get base register MOV R4,R4,LSR #16 ADD R3,R12,#&88 ; base address for sandbox registers ; Bug072 new PC value is in R0 and not R1 ; reverted change as R1=R13 for LDR PC,[R13],#4 STR R1,[R3,R4,LSL #2] ; update other register (e.g. R13) ;STR R0,[R3,R4,LSL #2] ; update other register (e.g. R13) ; Bug021 - this was actually a 26bit bug on the RPC too ! LDR R9,[R12,#408] ; 26/32bit moved down from above TST R9,#&20 ; 26/32bit moved down from above BEQ Ba199% ; 26/32bit moved down from above BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba128% ; destination register R15 = &F000, also set for MSR AND R1,R0,#&F000 CMP R1,#&F000 BEQ Ba129% ; BUG#37 MSR CPSR,#val jumping here in SVC mode EOR R0,R0,#&000F0000 STR R0,Da43% ADR R1,Da43% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" ;LDR R1,[R12,#60] LDR R1,[R12,#64] ; PSR ;TEQP PC,R1 ; missing NOP in original code MSR CPSR_cf,R1 ; restore PSR control and flag bits .Da43% ; sandbox for ? ;***************************************************************** ANDEQ R0,R0,R0 ;***************************************************************** ;MOV R0,#&FC000003 ;AND R0,R0,PC MRS R0,CPSR ; v82 added ;LDR R1,[R12,#60] ;LDR R3,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R3 ; does nothing now ;ORR R0,R0,R1 ; commented out in ver62 ;STR R0,[R12,#60] ; update flags STR R0,[R12,#64] ; update PSR BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba129% ; TEQP PC,#0 came here via Ba59/102/121/128/129 ; TEQP no longer supported - replaced by MSR CPSR_c,#value etc BL Ba410% ; restore R13/4_usr, saves out R13/4_svc STR R0,Da44% ADR R1,Da44% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" ; v126 set CPSR to correct mode before writing to it again ! LDR R0,[R12,#64] ; read break PSR MSR CPSR_cxsf,R0 ; write all bits to real ARM PSR MOV R0,R0 ; not sure NOP required for anything ?? .Da44% ; sandbox for MRS CPSR,#value in USER mode ;***************************************************************** ANDEQ R0,R0,R0 ;***************************************************************** ;MOV R0,#&FC000003 ;AND R0,R0,PC MRS R0,CPSR ; 32bit read actual status register (was PC) ;LDR R1,[R12,#60] ;LDR R3,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R3 ; does nothing now ;ORR R0,R0,R1 ;STR R0,[R12,#60] ; update flags STR R0,[R12,#64] ; update break PSR STR R0,[R12,#220] ; update sandbox PSR BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba130% ; reading saved R7 break PC address LDR R0,[R12,#444] ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R0,R0,R2 ; remove flags MOV R7,R0 ; uncommented in v81 LDR R13,[R12,#380] ; v164 commented out ;BL Ba413% ; sets R7 to 0 if not within defined mem map ;MOV R0,R7 STR R7,[R12,#448] ;LDR R1,[R12,#60] ; PC ;AND R3,R1,#&FC000003 ; get PC flags ;ORR R0,R0,R3 ; update PC flags with R0 ADD R0,R0,#4 STR R0,[R12,#60] ; update break PC with R7 + 4 LDR R7,[R12,#448] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba131% TST R0,#&10 BNE Ba137% .Ba132% ; MOV PC,R14 comes here E1A0F00E ; R0 contains original instruction ; STRB Rd,[Rn,Rm] comes here BIC R1,R0,#&F000 BIC R1,R1,#&000F0000 ; B073 Rd destination needs to be R0 and not illegal instruction AND R2,R0,#&1A00000 ; RGPB added to check for MOV PC,R14 CMP R2,#&1A00000 ; RGPB added to check for MOV PC,R14 ORRNE R1,R1,#&00010000; RGPB NE added for MOV PC,R14 BIC R1,R1,#&0F ; replace eg R14 with R2 ORR R1,R1,#2 ; Rm = R2 ; B073 writes E1A10002 undefined inst to Da45 . Make E1A01002 ; This appears to be an original bug in Theo's code ?? ; Perhaps it worked on earlier ARMs for some reason ?? STR R1,Da45% STR R0,[R12,#440] ; save original instr code eg E1A0F00E AND R2,R0,#&F000 MOV R2,R2,ROR #12 LDR R2,[R12,R2,LSL #2] STR R2,[R12,#420] ; Rd destination register AND R2,R0,#&000F0000 MOV R2,R2,ROR #16 LDR R2,[R12,R2,LSL #2] STR R2,[R12,#424] ; Rn first operand register AND R2,R0,#&0F LDR R2,[R12,R2,LSL #2] STR R2,[R12,#428] ; Rm second operand register ? AND R1,R0,#&F000 CMP R1,#&F000 BNE Ba133% ; SUBS branches here ORR R9,R9,#1 LDR R1,[R12,#60] ; PC ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC TST R9,#&20 ; <-- what is this doing ?? ;ANDEQ R1,R1,R2 ADDNE R1,R1,#4 ; this is in the PC address space ?? LDR R2,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R2,#1 ;ORREQ R1,R1,#3 STR R1,[R12,#420] ; <- need to understand this ?? ; 32bit LDREQ R2,[R12,#64] ; PSR ORREQ R2,R2,#3 ; SVC mode STREQ R2,[R12,#64] ; PSR .Ba133% ;SUBS never arrives here AND R1,R0,#&000F0000 CMP R1,#&000F0000 BNE Ba134% ; SUBS branches again here ORR R9,R9,#2 ; what is R9 ? LDR R1,[R12,#60] ; PC ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 STR R1,[R12,#424] .Ba134% AND R1,R0,#&0F CMP R1,#&0F BNE Ba135% ; SUBS branches ORR R9,R9,#8 LDR R1,[R12,#60] LDR R2,[R12,#396]; sandbox running in 0=USR, 1=SVC CMP R2,#1 ;ORREQ R1,R1,#3 STR R1,[R12,#428] ; 32bit LDR R2,[R12,#64] ; PSR ORREQ R2,R2,#3 ; SVC LDR R2,[R12,#64] ; PSR .Ba135% ; STR R9,[R12,#408] CMP R9,#0 BEQ Ba122% ADR R1,Da45% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" LDR R0,[R12,#420] LDR R1,[R12,#424] LDR R2,[R12,#428] ;LDR R3,[R12,#60] LDR R3,[R12,#64] ; PSR ;TEQP PC,R3 ; missing NOP ? ; B070 cannot change the mode to SVC when in USR on RO5.30 SWI "OS_EnterOS" ; change mode to SVC MOV R0,R0 ; without the NOP we get a lock-up MSR CPSR_cf,R3 ; restore PSR control and flag bits .Da45% ; sandbox for MOV PC,R14 which is run as MOV R0,R2 ; R9=1 for MOV PC,R14 takes Ba136 ;***************************************************************** ANDEQ R0,R0,R0 ; <- another sandbox ;***************************************************************** ;STR PC,[R12,#436] ; this is used on RPC (saves flags) MRS R1,CPSR ; save PSR control and flag bits STR R1,[R12,#436] ; save sandbox PSR STR R0,[R12,#444] TST R9,#1 BNE Ba136% LDR R1,[R12,#440] ; original instruction eg E1A0F00E AND R1,R1,#&F000 ; get destination register eg R15 MOV R1,R1,LSR #12 ; convert to register number 0-15 ADD R2,R12,#&88 ; base address for sandbox registers STR R0,[R2,R1,LSL #2] ; save destination register value ;LDR R1,[R12,#132] ; valid bits for PC address 3FFFFFFC ;LDR R2,[R12,#60] ;AND R2,R2,R1 LDR R2,[R12,#436] ;AND R1,R1,#&FC000003 ;ORR R2,R2,R1 ;STR R2,[R12,#60] STR R2,[R12,#64] ; update PSR LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba136% ; MOV PC,R14 comes through here from Da45 TST R9,#&20 SUBNE R0,R0,#8 ; R0 = PC STR R0,[R12,#444] ; save new PC B Ba198% .Ba137% BIC R1,R0,#&F000 BIC R1,R1,#&000F0000 ORR R1,R1,#&00010000 BIC R1,R1,#&0F ORR R1,R1,#2 BIC R1,R1,#&0F00 ORR R1,R1,#&0300 STR R1,Da46% STR R1,[R12,#440] AND R2,R0,#&F000 MOV R2,R2,ROR #12 LDR R2,[R12,R2,LSL #2] STR R2,[R12,#420] AND R2,R0,#&000F0000 MOV R2,R2,ROR #16 LDR R2,[R12,R2,LSL #2] STR R2,[R12,#424] AND R2,R0,#&0F LDR R2,[R12,R2,LSL #2] STR R2,[R12,#428] AND R2,R0,#&0F00 LDR R2,[R12,R2,LSL #2] STR R2,[R12,#432] AND R1,R0,#&F000 CMP R1,#&F000 BNE Ba138% ORR R9,R9,#1 LDR R1,[R12,#60] ;LDR R1,[R12,#64] ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 STR R1,[R12,#420] .Ba138% AND R1,R0,#&000F0000 CMP R1,#&000F0000 BNE Ba139% ORR R9,R9,#2 LDR R1,[R12,#60] ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 STR R1,[R12,#424] ; break PC .Ba139% AND R1,R0,#&0F CMP R1,#&0F BNE Ba140% ORR R9,R9,#8 LDR R1,[R12,#60] ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R1,R1,R2 STR R1,[R12,#428] ; break PC .Ba140% CMP R9,#0 BEQ Ba122% ADR R1,Da46% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" LDR R0,[R12,#420] ; break PC LDR R1,[R12,#424] ; break PC LDR R2,[R12,#428] ; break PC LDR R3,[R12,#432] ;LDR R4,[R12,#60] LDR R4,[R12,#64] ; PSR ;TEQP PC,R4 MSR CPSR_cf,R4 ; restore PSR control and flag bits .Da46% ; sandbox for ?? ;***************************************************************** ANDEQ R0,R0,R0 ; <- another sandbox ;***************************************************************** ;STR PC,[R12,#436] ; this is used on RPC (saves flags) ;ver 65 this MRS was an MSR - wrong way around !! MRS R1,CPSR ; save PSR control and flag bits STR R1,[R12,#436] ; save sandbox PSR STR R0,[R12,#444] TST R9,#1 BNE Ba130% ; reloads R7 from #444 LDR R1,[R12,#440] AND R1,R1,#&F000 MOV R1,R1,LSR #12 STR R0,[R12,R1,LSL #2] ;LDR R1,[R12,#132] ; valid bits for PC address 3FFFFFFC ;LDR R2,[R12,#60] ;AND R2,R2,R1 LDR R2,[R12,#436] ; load sandbox PSR ;AND R1,R1,#&FC000003 ;ORR R2,R2,R1 ;STR R2,[R12,#60] STR R2,[R12,#64] ; update PSR LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba141% BL Ba82% ; beeps if instruction address not aligned BNE Ba12% ; update instructions on screen BL Ba84% ; processes status flags TST R0,#&00100000 ; 'S' bit ORREQ R9,R9,#&20 TST R0,#&02000000 ; data processing with opcodes BNE Ba132% B Ba124% .Ba142% ; block data transfer - eg LDM BL Ba82% ; beeps if instruction address not aligned BNE Ba12% ; NE not set when coming from Ba61 - eg LDM BL Ba84% ; check processes status flags STR R0,[R12,#440] ; save instruction code at #440 TST R0,#&8000 ; R15 in register list BEQ Ba122% TST R0,#&00100000 BNE Ba167% TST R0,#&00800000 BNE Ba143% B Ba147% .Ba143% TST R0,#&01000000 BNE Ba155% TST R0,#&00200000 BNE Ba145% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R1,[R12,R1,LSL #2] MOV R2,#0 MOV R9,#1 .Ba144% TST R0,R9 LDRNE R3,[R12,R2,LSL #2] ; loading break registers STRNE R3,[R1],#4 MOV R9,R9,LSL #1 ADD R2,R2,#1 CMP R2,#&0F BNE Ba144% LDR R3,[R12,#60] ; break PC STR R3,[R1,#0] LDR R3,[R12,#64] ; 32bit STR R3,[R1,#4] ; 32bit should this be 220 or where ?? LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba145% MOV R3,#1 MOV R4,#1 MOV R5,#0 MOV R6,#0 MOV R1,R0,LSR #16 AND R1,R1,#&0F STR R1,[R12,#452] LDR R2,[R12,R1,LSL #2] STR R2,[R12,#456] TST R0,R3,LSL R1 BLNE Ba163% BLEQ Ba165% MOV R3,#0 MOV R9,#1 ADD R5,R12,#&88 ; base address for sandbox registers .Ba146% TST R0,R9 LDRNE R4,[R5,R3,LSL #2] STRNE R4,[R2],#4 MOV R9,R9,LSL #1 ADD R3,R3,#1 CMP R3,#&0F BNE Ba146% LDR R3,[R12,#60] ; break PC STR R3,[R2,#0] LDR R3,[R12,#64] ; 32bit STR R3,[R2,#4] ; 32bit should this be 220 or where ? LDR R1,[R12,#452] ADD R4,R12,#&88 ; base address for sandbox registers LDR R3,[R12,#460] STR R3,[R4,R1,LSL #2] LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba147% TST R0,#&01000000 BNE Ba151% TST R0,#&00200000 BNE Ba149% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R1,[R12,R1,LSL #2] MOV R2,#&0E MOV R9,#&4000 LDR R3,[R12,#60] ; PC ?? STR R3,[R1],#-4 .Ba148% TST R0,R9 LDRNE R3,[R12,R2,LSL #2] STRNE R3,[R1],#-4 MOV R9,R9,LSR #1 SUBS R2,R2,#1 BCS Ba148% LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba149% MOV R3,#1 MOV R4,#1 MOV R5,#0 MOV R6,#0 MOV R1,R0,LSR #16 AND R1,R1,#&0F STR R1,[R12,#452] LDR R2,[R12,R1,LSL #2] STR R2,[R12,#456] TST R0,R3,LSL R1 BLNE Ba159% BLEQ Ba161% LDR R3,[R12,#60] ; PC ?? STR R3,[R2],#-4 MOV R3,#&0E MOV R9,#&4000 ADD R5,R12,#&88 ; base address for sandbox registers .Ba150% TST R0,R9 LDRNE R4,[R5,R3,LSL #2] STRNE R4,[R2],#-4 MOV R9,R9,LSR #1 SUBS R3,R3,#1 BCS Ba150% LDR R1,[R12,#452] ADD R4,R12,#&88 ; base address for sandbox registers LDR R3,[R12,#460] STR R3,[R4,R1,LSL #2] LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba151% TST R0,#&00200000 BNE Ba153% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R1,[R12,R1,LSL #2] SUB R1,R1,#4 MOV R2,#&0E MOV R9,#&4000 LDR R3,[R12,#60] ; PC ?? STR R3,[R1],#-4 .Ba152% TST R0,R9 LDRNE R3,[R12,R2,LSL #2] STRNE R3,[R1],#-4 MOV R9,R9,LSR #1 SUBS R2,R2,#1 BCS Ba152% LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba153% MOV R3,#1 MOV R4,#1 MOV R5,#0 MOV R6,#0 MOV R1,R0,LSR #16 AND R1,R1,#&0F STR R1,[R12,#452] LDR R2,[R12,R1,LSL #2] STR R2,[R12,#456] TST R0,R3,LSL R1 BLNE Ba159% BLEQ Ba161% SUB R2,R2,#4 LDR R3,[R12,#60] LDR R9,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R9,#1 ;ORREQ R3,R3,#3 STR R3,[R2],#-4 ; MOV R3,#&0E MOV R9,#&4000 ADD R5,R12,#&88 ; base address for sandbox registers ; 32bit LDREQ R1,[R12,#64] ; PSR ?? ORREQ R1,R1,#3 ; SVC STREQ R1,[R12,#64] ; PSR ?? .Ba154% TST R0,R9 LDRNE R4,[R5,R3,LSL #2] STRNE R4,[R2],#-4 MOV R9,R9,LSR #1 SUBS R3,R3,#1 BCS Ba154% LDR R1,[R12,#452] ADD R4,R12,#&88 ; base address for sandbox registers LDR R3,[R12,#460] STR R3,[R4,R1,LSL #2] LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba155% TST R0,#&00200000 BNE Ba157% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R1,[R12,R1,LSL #2] ADD R1,R1,#4 MOV R2,#0 MOV R9,#1 .Ba156% TST R0,R9 LDRNE R3,[R12,R2,LSL #2] STRNE R3,[R1],#4 MOV R9,R9,LSL #1 ADD R2,R2,#1 CMP R2,#&0F BNE Ba156% LDR R3,[R12,#60] STR R3,[R1,#0] LDR R3,[R12,#64] ; 32bit STR R3,[R1,#4] ; 32bit should this be 220 or where ? LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba157% MOV R3,#1 MOV R4,#1 MOV R5,#0 MOV R6,#0 MOV R1,R0,LSR #16 AND R1,R1,#&0F STR R1,[R12,#452] LDR R2,[R12,R1,LSL #2] STR R2,[R12,#456] TST R0,R3,LSL R1 BLNE Ba163% BLEQ Ba165% ADD R2,R2,#4 MOV R3,#0 MOV R9,#1 ADD R5,R12,#&88 ; base address for sandbox registers .Ba158% TST R0,R9 LDRNE R4,[R5,R3,LSL #2] STRNE R4,[R2],#4 MOV R9,R9,LSL #1 ADD R3,R3,#1 CMP R3,#&0F BNE Ba158% LDR R3,[R12,#60] ; PC or PSR ?? ; moved from below #64 STR R3,[R2,#4] ; 32bit should this be 220 or where ? LDR R3,[R12,#64] ; 32bit STREQ R3,[R12,#220]; 32bit sandbox PSR LDR R1,[R12,#452] ADD R4,R12,#&88 ; base address for sandbox registers LDR R3,[R12,#460] STR R3,[R4,R1,LSL #2] LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba159% MOV R3,R4,LSL R1 .Ba160% MOV R3,R3,LSR #1 TST R0,R3 MOVNE R6,#1 CMP R3,#0 BNE Ba160% MOV R3,#&10 .Ba161% MOV R3,#&10 .Ba162% TST R0,R4 ADDNE R5,R5,#1 MOV R4,R4,LSL #1 SUBS R3,R3,#1 BNE Ba162% CMP R6,#1 SUB R3,R2,R5,LSL #2 ADD R4,R12,#&88 ; base address for sandbox registers STREQ R3,[R4,R1,LSL #2] STR R3,[R12,#460] MOV PC,R14 .Ba163% MOV R3,R4,LSL R1 .Ba164% MOV R3,R3,LSR #1 TST R0,R3 MOVNE R6,#1 CMP R3,#0 BNE Ba164% MOV R3,#&10 .Ba165% MOV R3,#&10 .Ba166% TST R0,R4 ADDNE R5,R5,#1 MOV R4,R4,LSL #1 SUBS R3,R3,#1 BNE Ba166% CMP R6,#1 ADD R3,R2,R5,LSL #2 ADD R4,R12,#&88 ; base address for sandbox registers STREQ R3,[R4,R1,LSL #2] STR R3,[R12,#460] MOV PC,R14 ; S removed .Ba167% TST R0,#&00800000 BNE Ba168% B Ba172% .Ba168% TST R0,#&01000000 BNE Ba180% TST R0,#&00200000 BNE Ba170% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R1,[R12,R1,LSL #2] MOV R2,#0 MOV R9,#1 ADD R10,R12,#&88 ; base address for sandbox registers .Ba169% TST R0,R9 LDRNE R3,[R1],#4 STRNE R3,[R10,R2,LSL #2] MOV R9,R9,LSL #1 ADD R2,R2,#1 CMP R2,#&0F BNE Ba169% LDR R3,[R12,#64] ; 32bit STREQ R3,[R12,#220]; 32bit sandbox PSR LDR R3,[R1,#0] TST R0,#&00400000 ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R0,R3,R2 ;MOV R7,R0 MOV R7,R3 ; 32bit ;ADD R3,R3,#4 ADDNE R3,R3,#4 ; 32bit - otherwise R3 incremented twice BLNE Ba188% STRNE R3,[R12,#60] ; PC ;LDR R1,[R12,#60] ;AND R3,R1,#&FC000003 ; just flags ;ORR R0,R0,R3 ;ADD R0,R0,#4 ADD R0,R3,#4 STREQ R0,[R12,#60] ; PC LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba170% ; LDMIA R13!,{R0-R2,R9,PC} E8BD8207 comes through here MOV R1,R0,LSR #16 AND R1,R1,#&0F ; R1 = &0D LDR R2,[R12,R1,LSL #2] MOV R3,#1 TST R0,R3,LSL R1 BLEQ Ba184% MOV R3,#0 MOV R9,#1 ADD R5,R12,#&88 ; base address for sandbox registers .Ba171% ; LDMIA R13!,{R0-R2,R9,PC} E8BD8207 comes through here ; reading SVC stack and moving values back into registers TST R0,R9 ; checking bits of instruction R0=E8BD807E SWI "OS_EnterOS" ; read SVC stack RO5.30 B060 SVC mode LDRNE R4,[R2],#4 ; reads SVC stack MSR CPSR_c,#%10000 ; return to 32bit USR mode STRNE R4,[R5,R3,LSL #2] MOV R9,R9,LSL #1 ADD R3,R3,#1 CMP R3,#&0F BNE Ba171% LDREQ R3,[R12,#64] ; 32bit STREQ R3,[R12,#220]; 32bit sandbox PSR SWI "OS_EnterOS" ; read SVC stack needs SVC mode RO5.30 LDR R4,[R2,#0] ;<- v144 abort here R2 = fa207fe0. B060. MSR CPSR_c,#%10000 ; return to 32bit USR mode TST R0,#&00400000 BLNE Ba189% ;LDR R1,[R12,#132] ; valid bits for PC address 3FFFFFFC ;LDREQ R0,[R12,#60] ; PSR or PC or both ?? ;ANDEQ R3,R0,#&FC000000 ;ANDEQ R4,R4,R1 ;ORREQ R4,R4,R3 ; ;AND R7,R4,R1 ; no longer does anything ; causing abort on LDMIA R13!,{R0-R2,R9,PC} with R4 = E59C022C ?? MOV R7,R4 ; v82 added for 32-bit ADD R4,R4,#4 STR R4,[R12,#60] ; PSR or PC or both ?? LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba172% TST R0,#&01000000 BNE Ba176% TST R0,#&00200000 BNE Ba174% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R1,[R12,R1,LSL #2] LDR R3,[R1],#-4 ;LDR R4,[R12,#132] ; valid bits for PC address 3FFFFFFC MOV R7,R3 ; v82 added for 32-bit ;AND R7,R3,R4 TST R0,#&00400000 BLNE Ba188% ;LDREQ R5,[R12,#60] ; PSR or PC or both ?? ;ANDEQ R5,R5,#&FC000000 ;ORREQ R3,R5,R7 ADD R3,R3,#4 STR R3,[R12,#60] ; PSR or PC or both ?? MOV R2,#&0E MOV R9,#&4000 ADD R10,R12,#&88 ; base address for sandbox registers .Ba173% TST R0,R9 SWI "OS_EnterOS" ; read SVC stack RO5.30 B060 SVC mode LDRNE R3,[R1],#-4 MSR CPSR_c,#%10000 ; return to 32bit USR mode STRNE R3,[R10,R2,LSL #2] MOV R9,R9,LSR #1 SUBS R2,R2,#1 BCS Ba173% LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba174% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R2,[R12,R1,LSL #2] MOV R3,#1 TST R0,R3,LSL R1 BLEQ Ba186% LDR R3,[R2],#-4 ;LDR R4,[R12,#132] ; valid bits for PC address 3FFFFFFC MOV R7,R3 ; 32bit ;AND R7,R3,R4 TST R0,#&00400000 BLNE Ba188% ;LDREQ R5,[R12,#60] ; PSR or PC or both ?? ;ANDEQ R5,R5,#&FC000000 ;ORREQ R3,R5,R7 ADD R3,R3,#4 STR R3,[R12,#60] ; PSR or PC or both ?? MOV R3,#&0E MOV R9,#&4000 ADD R5,R12,#&88 ; base address for sandbox registers .Ba175% TST R0,R9 SWI "OS_EnterOS" ; read SVC stack RO5.30 B060 SVC mode LDRNE R4,[R2],#-4 MSR CPSR_c,#%10000 ; return to 32bit USR mode STRNE R4,[R5,R3,LSL #2] MOV R9,R9,LSR #1 SUBS R3,R3,#1 BCS Ba175% LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba176% TST R0,#&00200000 BNE Ba178% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R1,[R12,R1,LSL #2] SUB R1,R1,#4 LDR R3,[R1],#-4 ;LDR R4,[R12,#132] ; valid bits for PC address 3FFFFFFC MOV R7,R3 ; 32bit ;AND R7,R3,R4 TST R0,#&00400000 BLNE Ba188% ;LDREQ R5,[R12,#60] ; PSR or PC or both ?? ;ANDEQ R5,R5,#&FC000000 ;ORREQ R3,R5,R7 ADD R3,R3,#4 STR R3,[R12,#60] ; PSR or PC or both ?? MOV R2,#&0E MOV R9,#&4000 ADD R10,R12,#&88 ; base address for sandbox registers .Ba177% TST R0,R9 SWI "OS_EnterOS" ; read SVC stack RO5.30 B060 SVC mode LDRNE R3,[R1],#-4 MSR CPSR_c,#%10000 ; return to 32bit USR mode STRNE R3,[R10,R2,LSL #2] MOV R9,R9,LSR #1 SUBS R2,R2,#1 BCS Ba177% LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba178% MOV R1,R0,LSR #16 AND R1,R1,#&0F ; number of registers ? Add PSR ? LDR R2,[R12,R1,LSL #2] MOV R3,#1 TST R0,R3,LSL R1 BLEQ Ba186% SUB R2,R2,#4 LDR R3,[R2],#-4 ;LDR R4,[R12,#132] ; valid bits for PC address 3FFFFFFC MOV R7,R3 ; 32bit ;AND R7,R3,R4 ; does nothing TST R0,#&00400000 BLNE Ba188% ;LDREQ R5,[R12,#60] ; PSR or PC or both ?? ;ANDEQ R5,R5,#&FC000000 ;ORREQ R3,R5,R7 ADD R3,R3,#4 STR R3,[R12,#60] ; PSR or PC or both ?? MOV R3,#&0E MOV R9,#&4000 ADD R5,R12,#&88 ; base address for sandbox registers .Ba179% TST R0,R9 SWI "OS_EnterOS" ; read SVC stack RO5.30 B060 SVC mode LDRNE R4,[R2],#-4 MSR CPSR_c,#%10000 ; return to 32bit USR mode STRNE R4,[R5,R3,LSL #2] MOV R9,R9,LSR #1 SUBS R3,R3,#1 BCS Ba179% LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba180% TST R0,#&00200000 BNE Ba182% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R1,[R12,R1,LSL #2] ADD R1,R1,#4 MOV R2,#0 MOV R9,#1 ADD R10,R12,#&88 ; base address for sandbox registers .Ba181% TST R0,R9 SWI "OS_EnterOS" ; read SVC stack RO5.30 B060 SVC mode LDRNE R3,[R1],#4 MSR CPSR_c,#%10000 ; return to 32bit USR mode STRNE R3,[R10,R2,LSL #2] MOV R9,R9,LSL #1 ADD R2,R2,#1 CMP R2,#&0F BNE Ba181% LDR R3,[R1,#0] TST R0,#&00400000 BLNE Ba188% ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R0,R3,R2 MOV R0,R3 ; 32bit MOV R7,R0 ADD R3,R3,#4 STRNE R3,[R12,#60] ; PC ;LDR R1,[R12,#60] ; PSR or PC or both ?? ;LDR R3,[R12,#60] ; PSR or PC or both ?? ;AND R3,R1,#&FC000003 ;ORR R0,R0,R3 ADDEQ R0,R0,#4 STREQ R0,[R12,#60] ; PSR or PC or both ?? LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba182% MOV R1,R0,LSR #16 AND R1,R1,#&0F LDR R2,[R12,R1,LSL #2] MOV R3,#1 TST R0,R3,LSL R1 BLEQ Ba184% ADD R2,R2,#4 MOV R3,#0 MOV R9,#1 ADD R5,R12,#&88 ; base address for sandbox registers .Ba183% TST R0,R9 SWI "OS_EnterOS" ; read SVC stack RO5.30 B060 SVC mode LDRNE R4,[R2],#4 MSR CPSR_c,#%10000 ; return to 32bit USR mode STRNE R4,[R5,R3,LSL #2] MOV R9,R9,LSL #1 ADD R3,R3,#1 CMP R3,#&0F BNE Ba183% SWI "OS_EnterOS" ; read SVC stack RO5.30 B060 SVC mode LDR R4,[R2,#0] MSR CPSR_c,#%10000 ; return to 32bit USR mode TST R0,#&00400000 BLNE Ba189% ;LDR R1,[R12,#132] ; valid bits for PC address 3FFFFFFC ;LDREQ R4,[R12,#60] ; PSR or PC or both ?? ;ANDEQ R3,R0,#&FC000000 ;ANDEQ R4,R4,R1 ;ORREQ R4,R4,R3 MOV R7,R4 ; 32bit ;AND R7,R4,R1 ADD R4,R4,#4 STR R4,[R12,#60] ; PC ?? LDR R13,[R12,#380] BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba184% MOV R3,#&10 MOV R4,#1 MOV R5,#0 .Ba185% ; LDMIA R13!,{R0-R2,R9,PC} E8BD8207 comes through here TST R0,R4 ADDNE R5,R5,#1 MOV R4,R4,LSL #1 SUBS R3,R3,#1 BNE Ba185% ADD R3,R2,R5,LSL #2 ADD R4,R12,#&88 ; base address for sandbox registers STR R3,[R4,R1,LSL #2] MOV PC,R14 .Ba186% MOV R3,#&10 MOV R4,#1 MOV R5,#0 .Ba187% TST R0,R4 ADDNE R5,R5,#1 MOV R4,R4,LSL #1 SUBS R3,R3,#1 BNE Ba187% SUB R3,R2,R5,LSL #2 ADD R4,R12,#&88 ; base address for sandbox registers STR R3,[R4,R1,LSL #2] MOV PC,R14 .Da47% EQUD &00000000 .Ba188% ; sandbox switching back from SVC to USR mode ; R13_usr and R14_usr are restored to sandbox registers ; uses R3 on entry STR R1,Da47% AND R1,R3,#3 CMP R1,#0 LDRNE R1,Da47% ;MOVNES PC,R14 MOVNE PC,R14 ; 32bit LDR R1,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R1,#0 LDREQ R1,Da47% ;MOVEQS PC,R14 MOVEQ PC,R14 ; 32bit LDR R1,[R12,#52] ; break R13 STR R1,[R12,#924] ; SVC R13 LDR R1,[R12,#56] ; break R14 STR R1,[R12,#928] ; SVC R14 LDR R1,[R12,#916] ; USR R13 STR R1,[R12,#188] ; sandbox R13 LDR R1,[R12,#920] ; USR R14 STR R1,[R12,#192] ; sandbox R14 MOV R1,#0 STR R1,[R12,#396] ; sandbox running in 0=USR, 1=SVC LDR R1,Da47% MOV PC,R14 ; S removed .Ba189% ; sandbox switching back from SVC to USR mode ; R13_usr and R14_usr are restored to sandbox registers ; uses R4 on entry STR R1,Da47% ; PC (R4) no longer has the mode bits LDR R4,[R12,#64] ; 32bit load break PSR ; AND R1,R4,#3 ; 26bit ?? R1=CPSR, R4=PC AND R1,R4,#3 ; 32bit CMP R1,#0 ; check for USR mode ? LDRNE R1,Da47% ;MOVNES PC,R14 MOVNE PC,R14 ; 32bit LDR R1,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R1,#0 LDREQ R1,Da47% ;MOVEQS PC,R14 MOVEQ PC,R14 ; 32bit LDR R1,[R12,#52] ; break R13 STR R1,[R12,#924] ; SVC R13 LDR R1,[R12,#56] ; break R14 STR R1,[R12,#928] ; SVC R14 LDR R1,[R12,#916] ; R13_usr STR R1,[R12,#188] ; sandbox R13 LDR R1,[R12,#920] ; R14_usr STR R1,[R12,#192] ; sandbox R14 MOV R1,#0 STR R1,[R12,#396] ; sandbox running in 0=USR, 1=SVC LDR R1,Da47% MOV PC,R14 ; S removed .Ba190% ; sandbox switching back from SVC to USR mode ; R13_usr and R14_usr are restored to sandbox registers STR R1,Da47% ; PC (R4) no longer has the mode bits LDR R4,[R12,#64] ; 32bit load break PSR ; AND R1,R4,#3 ; 26bit ?? R1=CPSR, R4=PC AND R1,R4,#3 ; 32bit CMP R1,#0 ; check for USR mode ? LDRNE R1,Da47% ;MOVNES PC,R14 MOVNE PC,R14 ; 32bit LDR R1,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R1,#0 LDREQ R1,Da47% ;MOVEQS PC,R14 MOVEQ PC,R14 ; 32bit LDR R1,[R12,#52] STR R1,[R12,#924] ; break R13 LDR R1,[R12,#56] ; SVC R13 STR R1,[R12,#928] ; break R14 LDR R1,[R12,#916] ; SVC R14 STR R1,[R12,#188] ; sandbox R13 LDR R1,[R12,#920] ; R14_usr STR R1,[R12,#192] ; sandbox R14 MOV R1,#0 STR R1,[R12,#396] ; sandbox running in 0=USR, 1=SVC LDR R1,Da47% MOV PC,R14 ; S removed .Ba191% BL Ba82% BNE Ba12% ; update instructions on screen BL Ba84% ; processes status flags B Ba132% .Ba192% ; this appears to be used to 'run' a SWI instruction ?? ; upon entry R0 = address of break PC ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R0,R0,R2 MOV R7,R0 ; R7 = break PC address ; v164 commented out ;BL Ba413% ; sets R7 to 0 if not within defined mem map ;MOV R0,R7 ;LDR R1,[R12,#60] ; PSR or PC or both ?? ;AND R3,R1,#&FC000003 LDR R1,[R12,#64] ; break PSR ;ORR R0,R0,R3 ; STR R1,[R12,#64] ; break PSR ADD R0,R0,#4 STR R0,[R12,#60] ; PSR or PC or both ?? BL Ba73% ; plots registers on screen B Ba12% ; updates screen .Ba193% ; called just before sandbox is run at Da40% ; USR mode sandbox set-up ? LDR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R0,#1 ; sandbox in SVC mode ; B067 ctrl-shift-minus in SVC mode arrives here with #396 = 0 ; B067 fixed in Ba62 BEQ Ba194% ;LDR R0,[R12,#60] ; reload break PC (not used?) LDR R1,[R12,#64] ; reload break PSR ;TEQP PC,R0 ;MOV PC,R14 MSR CPSR_cf,R1 ; restore PSR control and flag bits MOV PC,R14 .Ba194% ; SVC mode sandbox set-up? ;LDR R0,[R12,#60] ; reload break PC (not used) ;TEQP PC,R0 MOV R0,R14 ; R14 is fed to the PC at the end ; we're running sandbox in SVC mode so USR mode not required ?? ; v140 uncommented this code again. B053 LDR R1,[R12,#64] ; break PSR SWI "OS_EnterOS" ; B066 MOV R0,R0 ; B066 NOP MSR CPSR_cf,R1 ; restore PSR control and flag bits ;commented out original OS_EnterOS in B066 ;SWI "OS_EnterOS" STR R13,Da48% ; save R13_SVC ; 32bit - reload the PSR in SVC mode ; v140 code was in the wrong place ? B053 ;LDR R1,[R12,#64] ; break PSR ;MSR CPSR_cf,R1 ; restore break PSR control and flag bits MOV PC,R0 ; R0 comes from R14 above .Ba195% ; jump from running sandbox instruction on ARM processor STR R0,Da49% ; save sandbox R0 temp to free up register STR R12,Da50% STR R14,Da52% ;STR PC,Da53% ; this was to save sandbox PC flags ; added for 32bit MRS R0,CPSR ; read break PSR STR R0,psr_2 ; save sandbox PSR BL Ba651% ; reloads module R12 LDR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R0,#1 BEQ Ba196% LDR R12,Da50% .Ba195a% ; label added 'manually' for undefined instruction code LDR R14,Da52% ;LDR R0,Da53% ; Da53% must just be used for PC flags ? ;TEQP PC,R0 ;MOV R0,R0 LDR R0,psr_2 MSR CPSR_cf,R0 ;<- this code is strange ? LDR R0,Da49% ; reload R0 B Ba65% .Ba196% ; sandbox running in SVC mode ; CPSR_c,#&10 run from sandbox comes through here ; R13_usr and R14_usr are not restored to correct values STR R13,Da51% ; save R13_SVC LDR R13,Da48% ;TEQP PC,#0 ;NOP missing MSR CPSR_c,#%10000 ; return to 32bit USR mode LDR R12,Da50% LDR R13,Da51% LDR R14,Da52% ;LDR R0,Da53%; Da53% must just be used for PC flags ? LDR R0,psr_2 ;TEQP PC,R0 ;MOV R0,R0 ;MSR CPSR_c,#%10000 ; return to 32bit USR mode (wrong?) MSR CPSR_cf,R0 ; return to 32bit USR mode with flags LDR R0,Da49% ; reload R0 B Ba65% .psr_2 EQUD &00000000 ; PSR from sandbox .Da48% EQUD &00000000 ; R13_usr ? .Da49% EQUD &00000000 ; R0 from single step .Da50% EQUD &00000000 ; R12_user? from sandbox .Da51% EQUD &00000000 ; R13_svc from sandbox .Da52% EQUD &00000000 ; R14_user? from sandbox .Da53% EQUD &00000000 ; PC from sandbox ;'S' key comes here .Ba197% LDR R0,[R12,#60] ; break PC SUB R0,R0,#4 ; address of next instruction ! B Ba192% .Ba198% ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R0,R0,R2 MOV R7,R0 ; move new PC value back into R7 ; v164 commented out ;BL Ba413% ; sets R7 to 0 if not within defined mem map ;MOV R0,R7 LDR R4,[R12,#440] TST R4,#&00100000 LDR R4,[R12,#444] ;LDR R1,[R12,#60] ; must be flags here ;AND R3,R1,#&FC000003 ;AND R5,R4,#&FC000003 ;ORREQ R0,R0,R3 ; must be status flags ? R0 is R7 ;ORRNE R0,R0,R5 ; must be status flags ? R0 is R7 BLNE Ba190% ADD R0,R0,#4 ; 4 locks - whereas 8 gives abort ?? STR R0,[R12,#60] ; updates instruction destination PC BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba199% ; ADD PC,R5,#&4C comes here to write R0 to #60 ; R0 was not being written to #60 - part of bug ;LDR R2,[R12,#132] ; valid bits for PC address 3FFFFFFC ;AND R0,R0,R2 MOV R7,R0 ; v164 commented out ; BL Ba413% ; sets R7 to 0 if not within defined mem map ; MOV R0,R7 LDR R4,[R12,#440] TST R4,#&00100000 LDR R4,[R12,#444] ;LDR R1,[R12,#60] ;AND R3,R1,#&FC000003 ;AND R5,R4,#&FC000003 ;ORREQ R0,R0,R3 ;ORRNE R0,R0,R4 ADD R0,R0,#4 STR R0,[R12,#60] ; updates instruction destination PC BL Ba73% ; plots registers on screen B Ba12% ; update instructions on screen .Ba200% ; 'R' refresh key comes here ;BL Ba248% ; activates mouse - added v154 BL Ba43% BL Ba635% SWI &000104 BL Ba248% SWI "OS_RemoveCursors" B Ba12% ; update instructions on screen .Ba201% BL Ba618% SWI &00010B SWI &00010B ADR R0,Da56% SWI "OS_Write0" ADR R0,Da57% SWI "OS_Write0" .Ba202% MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" B Ba294% .Ba203% BL Ba384% BNE Ba202% .Ba204% CMP R1,#&31 BEQ Ba205% CMP R1,#&32 BEQ Ba209% CMP R1,#&33 BEQ Ba214% B Ba12% ; update instructions on screen .Ba205% BL Ba618% LDR R9,[R12,#464] CMP R9,#5 BEQ Ba218% ADR R0,Da58% SWI "OS_Write0" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" SWI "OS_NewLine" MOV R0,#&20 SWI "OS_WriteC" MOV R0,#&26 SWI "OS_WriteC" SWI "OS_RestoreCursors" ADD R0,R12,#&0168 MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% SWI "OS_RemoveCursors" CMP R1,#0 BEQ Ba12% ; update instructions on screen MOV R0,#&10 ADD R1,R12,#&0168 MOV R2,#&FF SWI "XOS_ReadUnsigned" MOVVS R1,#1 BVS Ba630% .Ba206% LDR R9,[R12,#464] CMP R9,#5 BEQ Ba218% BIC R2,R2,#3 MOV R1,#0 LDR R0,[R12,#848] ADD R0,R0,R12 .Ba207% LDR R3,[R0,R1,LSL #2] CMP R2,R3 BEQ Ba208% ADD R1,R1,#1 CMP R1,#6 BNE Ba207% STR R2,[R0,R9,LSL #2] ADD R9,R9,#1 STR R9,[R12,#464] B Ba12% ; update instructions on screen .Ba208% BL Ba618% ADR R0,Da54% SWI "OS_Write0" B Ba219% .Da54% EQUD &72422020 EQUD &706B6165 EQUD &746E696F EQUD &726C6120 EQUD &79646165 EQUD &74657320 EQUD &00000000 .Ba209% BL Ba618% BL Ba212% CMP R9,R10 BEQ Ba12% ; update instructions on screen B Ba219% .Da55% EQUD &20202020 EQUD &6F4E2020 EQUD &65726220 EQUD &6F706B61 EQUD &73746E69 EQUD &74657320 EQUD &0D0A0D0A EQUD &72502020 EQUD &20737365 EQUD &43415053 EQUD &726F2045 EQUD &696C6320 EQUD &6D206B63 EQUD &6573756F EQUD &00000000 .Ba210% ADD R10,R10,#4 CMP R9,R10 LDMNEFD R13!,{PC} ADR R0,Da55% SWI "OS_NewLine" SWI "OS_NewLine" SWI "OS_Write0" BL Ba632% .Ba211% SWI "OS_Mouse" CMP R2,#0 LDMNEFD R13!,{PC} BL Ba384% BNE Ba211% LDMFD R13!,{PC} .Ba212% STMFD R13!,{R14} LDR R0,[R12,#1908] CMP R0,#&1F MOV R0,#&20 ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI &000111 SWI "OS_WriteC" SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" MOV R3,#&31 LDR R9,[R12,#848] ADD R9,R9,R12 MOV R10,R9 .Ba213% LDR R0,[R9],#4 MOVS R0,R0 BEQ Ba210% MOV R1,R0 SWI &000120 ;Character MOV R0,R3 SWI "OS_WriteC" ADD R3,R3,#1 MOV R0,#&20 SWI "OS_WriteC" MOV R0,#&26 SWI "OS_WriteC" MOV R0,R1 ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" LDR R0,[R9,#0] MOVS R0,R0 SWINE "OS_NewLine" B Ba213% .Da56% EQUD &20202020 EQUD &20202020 EQUD &422D2D20 EQUD &6B616572 EQUD &6E696F50 EQUD &0A2D2D74 EQUD &0000000D .Ba214% BL Ba618% BL Ba212% CMP R9,R10 BEQ Ba12% ; update instructions on screen SWI &00011F ; position text cursor MOV R0,#&12 SWI "OS_WriteC" MOV R0,#2 SWI "OS_WriteC" MOV R5,#0 ADR R0,Da59% SWI "OS_Write0" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" BL Ba632% .Ba215% LDR R9,[R12,#848] ADD R9,R9,R12 SWI "OS_Mouse" BL Ba300% BL Ba384% BNE Ba215% MOV R10,#0 MOV R2,R1 .Ba216% CMP R2,#&31 BLT Ba12% ; update instructions on screen CMP R2,#&36 BGE Ba12% ; update instructions on screen SUB R0,R2,#&30 MOV R1,R0 SUB R1,R1,#1 LDR R9,[R12,#848] ADD R9,R9,R12 LDR R2,[R9,R1,LSL #2] MOVS R2,R2 BEQ Ba12% ; update instructions on screen .Ba217% LDR R2,[R9,R0,LSL #2] STR R2,[R9,R1,LSL #2] ADD R9,R9,#4 MOVS R2,R2 BNE Ba217% LDR R9,[R12,#464] SUB R9,R9,#1 STR R9,[R12,#464] CMP R10,#0 BNE Ba214% B Ba12% ; update instructions on screen .Ba218% BL Ba618% ADR R0,Da60% SWI "OS_Write0" B Ba219% .Ba219% BL Ba632% .Ba220% SWI "OS_Mouse" CMP R2,#0 BNE Ba12% ; update instructions on screen BL Ba384% BNE Ba220% B Ba12% .Da57% EQUD &53203120 EQUD &42207465 EQUD &6B616572 EQUD &6E696F70 EQUD &200A0D74 EQUD &68532032 EQUD &4220776F EQUD &6B616572 EQUD &6E696F70 EQUD &0A0D7374 EQUD &43203320 EQUD &7261656C EQUD &65724220 EQUD &6F706B61 EQUD &00746E69 .Da58% EQUD &74655320 EQUD &65724220 EQUD &6F706B61 EQUD &00746E69 .Da59% EQUD &65766947 EQUD &6D756E20 EQUD &00726562 .Da60% EQUD &65726C41 EQUD &20796461 EQUD &20746573 EQUD &72622035 EQUD &736B6165 EQUD &00000000 .Ba221% BL Ba618% SWI &00010B SWI &00010B ADR R0,Da61% SWI "OS_Write0" ADR R0,Da62% SWI "OS_Write0" ADR R0,Da63% SWI "OS_Write0" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" .Ba222% B Ba290% ; prints m-step menu .Ba223% BL Ba384% ; read key BNE Ba222% MOV R2,R1 .Ba224% ;m-step options 1-5 SWI "OS_RestoreCursors" CMP R2,#&31 ; key 1 until break or escape (trace off) BLEQ Ba226% CMP R2,#&32 ; key 2 until break or escape (trace on) BLEQ Ba225% CMP R2,#&33 ; key 3 until register = value (trace off) BLEQ Ba234% CMP R2,#&34 ; key 4 until register = value (trace on) BLEQ Ba235% CMP R2,#&35 ; key 5 until address = hex BLEQ Ba619% SWI "OS_RemoveCursors" B Ba12% .Da61% EQUD &20202020 EQUD &20202020 EQUD &2D202020 EQUD &6C754D2D EQUD &74536974 EQUD &2D2D7065 EQUD &20310A0D EQUD &69746E75 EQUD &7262206C EQUD &206B6165 EQUD &6520726F EQUD &70616373 EQUD &54282065 EQUD &65636172 EQUD &66666F20 EQUD &320A0D29 EQUD &746E7520 EQUD &62206C69 EQUD &6B616572 EQUD &20726F20 EQUD &61637365 EQUD &28206570 EQUD &63617254 EQUD &6E6F2065 EQUD &000A0D29 .Da62% EQUD &6E552033 EQUD &206C6974 EQUD &3E2E3C52 EQUD &3C203D20 EQUD &203E2E2E EQUD &61725428 EQUD &6F206563 EQUD &0D296666 EQUD &5520340A EQUD &6C69746E EQUD &2E3C5220 EQUD &203D203E EQUD &3E2E2E3C EQUD &72542820 EQUD &20656361 EQUD &0D296E6F EQUD &0000000A .Da63% EQUD &6E552035 EQUD &206C6974 EQUD &64413C21 EQUD &73657264 EQUD &3D203E73 EQUD &2E2E3C20 EQUD &0000003E .Ba225% ;m-step trace on MOV R0,#1 STR R0,[R12,#468] ; m-step enabled = 1 STR R0,[R12,#120] ; m-step trace 0=off, 1=on B Ba386% .Ba226% ; m-step trace off SWI &00011A ; restore text+graphic windows to full screen MOV R0,#1 STR R0,[R12,#468] ; m-step enabled = 1 MOV R0,#0 STR R0,[R12,#120] ; m-step trace 0=off, 1=on B Ba386% ; process m-step option 1 .Ba227% ;checks for escape depressed during single stepping LDR R5,[R12,#848] ADD R5,R5,R12 .Ba228% LDR R4,[R5],#4 CMP R4,R7 BEQ Ba230% MOVS R4,R4 BNE Ba228% LDR R4,[R12,#472] MOVS R4,R4 BNE Ba229% MOV R0,#&81 ; check for key depressed MOV R1,#0 ; time limit MOV R2,#0 SWI "OS_Byte" CMP R1,#&1B ; MOVEQ R0,#&7C SWIEQ "OS_Byte" BEQ Ba230% MOV PC,R14 ; S removed .Ba229% ; another routine to check for key depressed LDR R0,[R12,#476] LDR R1,[R12,#480] LDR R3,[R12,R0,LSL #2] CMP R3,R1 BEQ Ba230% MOV R0,#&81 MOV R1,#0 MOV R2,#0 SWI "OS_Byte" MOVEQ R0,#&7C SWIEQ "OS_Byte" CMP R1,#&1B BEQ Ba230% MOV PC,R14 ; 32bit S removed .escape .Ba230% ; when escape key depressed then come here BL Ba231% ; disables multi-step BL Ba477% BL Ba78% BL Ba624% B Ba12% .Ba231% ; disables multi step MOV R0,#0 STR R0,[R12,#468] ; m-step enabled = 1 STR R0,[R12,#472] MOV R0,#1 STR R0,[R12,#120] ; m-step trace enabled = 1 MOV PC,R14 .Ba232% MOV R6,R12 ADD R11,R12,#&88 ; base address for sandbox registers MOV R3,#&0F ; number of ARM registers .Ba233% LDR R0,[R11],#4 ; read 15 registers at R12,#88 + counter STR R0,[R6],#4 ; copy register into break regs at R12 SUBS R3,R3,#1 ; decrement register number BNE Ba233% SWI "OS_EnterOS" ;load break instruction LDR R1,[R7,#0] ; ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; return to 32bit USR mode STR R1,[R12,#92] ; save break instruction LDR R1,[R12,#60] ; load break PC ADD R1,R1,#4 STR R1,[R12,#60] ; increment break PC to next instruction MOV PC,R14 .Ba234% .Da64% STMFD R13!,{R14} BL Ba618% SWI &00010B SWI &00010B ADR R0,Da66% SWI "OS_Write0" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADD R0,R12,#&0168 MOV R1,#2 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 LDMEQFD R13!,{PC} MOV R0,#&0A ADD R1,R12,#&0168 MOV R2,#&FF SWI "XOS_ReadUnsigned" MOVVS R1,#&FF BVS Ba630% CMP R2,#&10 ADRGE R14,Da64% BGE Ba363% STR R2,[R12,#476] SWI "OS_NewLine" ADR R0,Da67% SWI "OS_Write0" ADD R0,R12,#&0168 MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 LDMEQFD R13!,{PC} MOV R0,#&10 ADD R1,R12,#&0168 MOV R2,#&FF SWI "XOS_ReadUnsigned" MOVVS R1,#&FF BVS Ba630% STR R2,[R12,#480] MOV R0,#1 STR R0,[R12,#472] MOV R0,#1 STR R0,[R12,#468] ; m-step enabled = 1 MOV R0,#0 STR R0,[R12,#120] ; m-step trace enabled = 1 SWI &00011A B Ba387% .Da65% EQUD &472D2D20 EQUD &6E75206F EQUD &206C6974 EQUD &3E2E3C52 EQUD &2E2E3C3D EQUD &5428203E EQUD &65636172 EQUD &296E6F20 EQUD &0D0A2D2D EQUD &6E450D0A EQUD &20726574 EQUD &69676552 EQUD &72657473 EQUD &0052203A .Da66% EQUD &472D2D20 EQUD &6E75206F EQUD &206C6974 EQUD &3E2E3C52 EQUD &2E2E3C3D EQUD &5428203E EQUD &65636172 EQUD &66666F20 EQUD &0A2D2D29 EQUD &450D0A0D EQUD &7265746E EQUD &67655220 EQUD &65747369 EQUD &52203A72 EQUD &00000000 .Da67% EQUD &65746E45 EQUD &61562072 EQUD &3A65756C EQUD &00000000 .Ba235% .Da68% STMFD R13!,{R14} BL Ba618% SWI &00010B SWI &00010B ADR R0,Da65% SWI "OS_Write0" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADD R0,R12,#&0168 MOV R1,#2 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 LDMEQFD R13!,{PC} MOV R0,#&0A ADD R1,R12,#&0168 MOV R2,#&FF SWI "XOS_ReadUnsigned" MOVVS R1,#&FF BVS Ba630% CMP R2,#&10 ADRGE R14,Da68% BGE Ba363% STR R2,[R12,#476] SWI "OS_NewLine" ADR R0,Da67% SWI "OS_Write0" ADD R0,R12,#&0168 MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 LDMEQFD R13!,{PC} MOV R0,#&10 ADD R1,R12,#&0168 MOV R2,#&FF SWI "XOS_ReadUnsigned" MOVVS R1,#&FF BVS Ba630% STR R2,[R12,#480] MOV R0,#1 STR R0,[R12,#472] MOV R0,#1 STR R0,[R12,#468] ; m-step enabled = 1 STR R0,[R12,#120] ; m-step trace enabled = 1 B Ba387% .Ba236% ;entry point for *step command STMFD R13!,{R1-R12,R14} ;MOV R1,PC MRS R1,CPSR BIC R1,R1,#3 ; clear S1 and S0 - so USR mode ;TEQP PC,R1 MSR CPSR_cf,R1 ; set PSR control and flag bits MOV R1,R0 MOV R0,#&10 MOV R2,#&FF SWI "XOS_ReadUnsigned" MOVVS R2,#&8000 CMP R2,#&0234 BEQ Ba354% BIC R2,R2,#3 MOV R7,R2 MOV R2,#&FF .Ba237% BL Ba651% ; resets R12 to point at EQUD block STR R2,[R12,#484] BL Ba231% ; disables multi-step ;BL Ba315% ; builds a memory map of RPi at &990 onwards STR R7,[R12,#116] ; saves *step
in R7 ADD R8,R7,#8 STR R8,[R12,#60] ; break PC MOV R0,R12 LDR R2,[R12,#84] ; base address of stack STR R2,[R12,#52] ; break R13 MOV R0,#&C8 MOV R1,#1 MOV R2,#0 SWI "OS_Byte" STR R1,[R12,#488] MOV R1,#1 STR R1,[R12,#68] ; break and escape state OS_Byte_200 B Ba8% .Ba238% MOV R2,#0 STR R2,[R12,#68] ; break and escape state OS_Byte_200 LDR R1,[R12,#484] CMP R1,#1 LDREQ R2,[R12,#488] BEQ Ba361% MOV R0,#&C8 LDR R1,[R12,#488] MOV R2,#0 SWI "OS_Byte" LDR R0,[R12,#904] MOV R1,#0 STR R1,[R12,#904] CMP R0,#1 BEQ Ba310% ;LDR R0,[R12,#60] LDR R0,[R12,#64] ; PSR ;AND R0,R0,#&FC000000 ;TEQP PC,R0 MSR CPSR_cf,R0 ; restore PSR control and flag bits SWI "XOS_EnterOS" ; permanently commented out for 32bit ;MOV R0,PC ;ORR R0,R0,#&08000000 ; read 'I' interrupt bit ;TEQP R0,#0 ; set the 'I' bit ; not sure why we're setting the 'I' bit here ?? MRS R0,CPSR ; read PSR register ORR R0,R0,#&00000080 ; set the I bit MSR CPSR_c,R0 ; write PSR control bits LDMFD R13!,{R1-R12,PC} .Ba239% SWI &00011A SWI &00010C ADR R0,Da71% SWI "OS_Write0" .Ba240% SWI "OS_RestoreCursors" SWI &00012A ;Character * MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADD R0,R12,#&0168 MOV R1,#&40 MOV R2,#&20 MOV R3,#&7B BL Ba377% SWI "OS_NewLine" SWI "OS_RemoveCursors" CMP R1,#0 BEQ Ba200% ADD R4,R12,#&0168 .Ba241% LDRB R1,[R4,#0] CMP R1,#&0D BEQ Ba200% CMP R1,#&20 CMPNE R1,#&2A ADDEQ R4,R4,#1 BEQ Ba241% ADR R2,Da69% .Ba242% LDRB R1,[R4],#1 CMP R1,#&0D CMPNE R1,#&20 BEQ Ba243% LDRB R3,[R2],#1 AND R1,R1,#&5F CMP R1,R3 BEQ Ba242% SWI "XOS_CLI" BVS Ba244% B Ba240% .Da69% EQUD &50455453 EQUD &00000000 .Ba243% ADR R0,Da70% SWI "OS_Write0" SWI &000107 SWI "OS_ReadC" B Ba239% .Da70% EQUD &532D2D20 EQUD &20504554 EQUD &6D6D6F63 EQUD &6F646E61 EQUD &20736920 EQUD &65726C61 EQUD &20796461 EQUD &69746361 EQUD &2D2D6576 EQUD &00000000 .Ba244% ADD R0,R0,#4 SWI "OS_Write0" SWI &000107 SWI "OS_ReadC" B Ba239% .Da71% EQUD &20202020 EQUD &20202020 EQUD &2D202020 EQUD &746E452D EQUD &43207265 EQUD &616D6D6F EQUD &2D2D646E EQUD &00000A0D .Ba245% ;claim data abort and address exception vectors LDR R6,[R12,#852] ADD R6,R6,R12 ADR R1,Da72% MOV R0,#1 ; undefined instruction MOV R2,#0 MOV R3,#0 SWI "OS_ChangeEnvironment" STR R1,[R6],#4 ADR R1,Da73% MOV R0,#2 ; prefetch abort MOV R2,#0 MOV R3,#0 SWI "OS_ChangeEnvironment" STR R1,[R6],#4 ADR R1,Da74% MOV R0,#3 ; data abort MOV R2,#0 MOV R3,#0 SWI "OS_ChangeEnvironment" STR R1,[R6],#4 ADR R1,Da75% MOV R0,#4 ; address exception MOV R2,#0 MOV R3,#0 SWI "OS_ChangeEnvironment" STR R1,[R6,#0] MOV PC,R14 .Da72% ; exception handlers ;MOV R1,PC ;BIC R1,R1,#&08000003 ; clear IRQ, set USR mode ;TEQP PC,R1 ;MOV R0,R0 ; clear flags and go to USR mode MRS R1,CPSR ; read PSR register BIC R1,R1,#&0000008F ; clear I, UND, ABT flags and M0,M1 MSR CPSR_c,R1 ; must be in user mode BL Ba651% ; sets R12 to EQUD block at end of module ;BL Ba468% ; close log file (v134) BL Ba618% ; plot screen SWI &000107 ADR R0,Da79% ; undefined instruction SWI "OS_Write0" BL Ba400% LDR R13,[R12,#380] LDR R7,[R12,#448] SUB R7,R7,#4 B Ba230% .Da73% ; commented out in v92 ! (missed this TEQP earlier) ;MOV R1,PC ;BIC R1,R1,#&08000003 ;TEQP PC,R1 ;MOV R0,R0 ; clear flags and go to USR mode MRS R1,CPSR ; read PSR register BIC R1,R1,#&0000008F ; clear I, UND, ABT flags and M0,M1 MSR CPSR_c,R1 ; must be in user mode BL Ba651% ; sets R12 to EQUD block at end of module ;BL Ba468% ; close log file (v134) BL Ba618% ; plot screen SWI &000107 ADR R0,Da76% ; Abort on instruction fetch SWI "OS_Write0" BL Ba400% ; read mouse LDR R13,[R12,#380] LDR R7,[R12,#448] SUB R7,R7,#4 B Ba230% .Da74% ; commented out in v92 ! (missed this TEQP earlier) ;MOV R1,PC ;BIC R1,R1,#&08000003 ;TEQP PC,R1 ;MOV R0,R0 ; clear flags and go to USR mode MRS R1,CPSR ; read PSR register BIC R1,R1,#&0000008F ; clear I, UND, ABT flags and M0,M1 MSR CPSR_c,R1 ; must be in user mode BL Ba651% ; sets R12 to EQUD block at end of module ;BL Ba468% ; close log file (v134) BL Ba618% ; plot screen SWI &000107 ADR R0,Da77% ; Abort on data transfer SWI "OS_Write0" BL Ba400% ; read mouse LDR R13,[R12,#380] LDR R7,[R12,#448] SUB R7,R7,#4 B Ba230% .Da75% ; commented out in v92 ! (missed this TEQP earlier) ;MOV R1,PC ;BIC R1,R1,#&08000003 ;TEQP PC,R1 ; original - missing NOP here ; clear flags and go to USR mode MRS R1,CPSR ; read PSR register BIC R1,R1,#&0000008F ; clear I, UND, ABT flags and M0,M1 MSR CPSR_c,R1 ; must be in user mode BL Ba651% ; sets R12 to EQUD block at end of module ;BL Ba468% ; close log file (v134) BL Ba618% ; plot screen SWI &000107 ADR R0,Da78% ; Address exception SWI "OS_Write0" BL Ba400% ; read mouse LDR R13,[R12,#380] LDR R7,[R12,#448] SUB R7,R7,#4 B Ba230% ; escape .Da76% EQUS " Abort on instruction fetch" EQUB &00 .Da77% EQUS " Abort on data transfer" EQUB &00 .Da78% EQUS " Address exception" EQUW &0000:EQUB &00 .Da79% ;EQUS " undefined instruction " EQUS " Undefined instruction " EQUW &0000 .Ba246% LDR R6,[R12,#852] ADD R6,R6,R12 MOV R0,#1 .Ba247% LDR R1,[R6],#4 MOV R2,#0 MOV R3,#0 SWI "OS_ChangeEnvironment" ADD R0,R0,#1 CMP R0,#5 BNE Ba247% B Ba591% MOV PC,R14 .Da80% SWILS &020C03 ; currently unknown SWI number .Ba248% MOV R0,#&6A ; select point - activate mouse MOV R1,#1 SWI "OS_Byte" ADR R1,Da80% MOV R0,#&15 SWI "OS_Word" MOV PC,R14 .Ba249% ; check mouse during single step SWI "OS_Mouse" ; X = R0,Y = R1 CMP R2,#0 ; no buttons pressed BEQ Ba289% MOV R4,#0 STR R4,[R12,#512] STR R4,[R12,#516] CMP R1,#&0190 ; near bottom of screen BGE Ba255% .Ba250% CMP R1,#&0170 BGT Ba277% CMPLE R1,#&0140 BGE Ba251% CMP R1,#&0114 BGT Ba277% CMP R1,#&E4 BGE Ba252% CMP R1,#&BC BGT Ba277% CMP R1,#&90 BGE Ba253% CMP R1,#&60 BGT Ba277% CMP R1,#&30 BGE Ba254% B Ba277% .Ba251% CMP R0,#&87 BLT Ba277% LDR R4,Da81% ; R4 must be the register number here CMP R0,R4 MOVLE R4,#0 ; register R0 (as there's 16 of them here) BLE Ba258% LDR R4,Da82% CMP R0,R4 BLT Ba277% LDR R4,Da83% CMP R0,R4 MOVLE R4,#1 BLE Ba258% LDR R4,Da84% CMP R0,R4 BLT Ba277% LDR R4,Da85% CMP R0,R4 MOVLE R4,#2 BLE Ba258% LDR R4,Da86% CMP R0,R4 BLT Ba277% LDR R4,Da87% CMP R0,R4 MOVLE R4,#3 BLE Ba258% B Ba277% .Ba252% CMP R0,#&87 BLT Ba277% LDR R4,Da81% CMP R0,R4 MOVLE R4,#4 BLE Ba258% LDR R4,Da82% CMP R0,R4 BLT Ba277% LDR R4,Da83% CMP R0,R4 MOVLE R4,#5 BLE Ba258% LDR R4,Da84% CMP R0,R4 BLT Ba277% LDR R4,Da85% CMP R0,R4 MOVLE R4,#6 BLE Ba258% LDR R4,Da86% CMP R0,R4 BLT Ba277% LDR R4,Da87% CMP R0,R4 MOVLE R4,#7 BLE Ba258% B Ba277% .Ba253% CMP R0,#&87 BLT Ba277% LDR R4,Da81% CMP R0,R4 MOVLE R4,#8 BLE Ba258% LDR R4,Da82% CMP R0,R4 BLT Ba277% LDR R4,Da83% CMP R0,R4 MOVLE R4,#9 BLE Ba258% LDR R4,Da84% CMP R0,R4 BLT Ba277% LDR R4,Da85% CMP R0,R4 MOVLE R4,#&0A BLE Ba258% LDR R4,Da86% CMP R0,R4 BLT Ba277% LDR R4,Da87% CMP R0,R4 MOVLE R4,#&0B BLE Ba258% B Ba277% .Ba254% CMP R0,#&87 BLT Ba277% LDR R4,Da81% CMP R0,R4 MOVLE R4,#&0C BLE Ba258% LDR R4,Da82% CMP R0,R4 BLT Ba277% LDR R4,Da83% CMP R0,R4 MOVLE R4,#&0D BLE Ba258% LDR R4,Da84% CMP R0,R4 BLT Ba277% LDR R4,Da85% CMP R0,R4 MOVLE R4,#&0E BLE Ba258% LDR R4,Da86% CMP R0,R4 BLT Ba277% LDR R4,Da87% CMP R0,R4 MOVLE R4,#&0F BLE Ba258% B Ba277% .Da81% EQUD &0000012B .Da82% EQUD &000001B3 .Da83% EQUD &0000025B .Da84% EQUD &000002DF .Da85% EQUD &00000383 .Da86% EQUD &0000040B .Da87% EQUD &000004B3 .Ba255% ;checking mouse coordinates on screen CMP R1,#&0258 ; flags and tools buttons BLE Ba415% CMP R1,#&03C0 ; instructions window BGE Ba469% CMP R0,#&B0 CMPLE R1,#&03B8 BLE Ba266% BGT Ba365% BL Ba632% B Ba644% .Ba256% ; toggles 'C' flag CMP R0,#&D8 MOVLE R0,#&20000000 ; C flag in PSR (and R15) BLLE Ba364% BLLE Ba632% CMP R0,#&F4 BGE Ba257% B Ba644% .Ba257% CMP R0,#&0118 BGT Ba282% ; these are the tools mouse buttons MOVLE R0,#&10000000 ; V flag in PSR (and R15) BLLE Ba364% BLLE Ba632% B Ba644% .Ba258% LDR R6,[R12,#516] CMP R6,#1 BEQ Ba276% CMP R2,#1 BEQ Ba265% LDR R3,[R12,#512] CMP R3,#&FF BEQ Ba376% MOV R9,#0 MOV R10,R0 MOV R11,R1 LDR R3,[R12,#512] ADD R3,R3,#1 STR R3,[R12,#512] CMP R3,#2 STRNE R4,[R12,#520] BEQ Ba264% STMFD R13!,{R7} ADR R3,Da89% LDR R6,[R3,R4,LSL #3]! LDR R7,[R3,#4] MOV R4,R0 MOV R5,R1 SWI "OS_WriteS" EQUD &00010312 MOV R2,R10 MOV R3,R11 BL Ba262% .Ba259% SWI "OS_Mouse" SUB R0,R0,R4 SUB R1,R1,R5 ADD R0,R0,R6 ADD R1,R1,R7 STMFD R13!,{R2} BIC R0,R0,#1 BIC R1,R1,#3 CMP R0,R10 BNE Ba260% CMP R1,R11 BNE Ba260% CMP R9,#0 SUBNE R9,R9,#1 BNE Ba261% MOV R9,#&0190 MOV R2,R10 MOV R3,R11 BL Ba262% ADD R8,R8,#1 AND R8,R8,#7 BL Ba262% MOV R0,#&13 SWI "OS_Byte" B Ba261% .Ba260% MOV R2,R10 MOV R3,R11 BL Ba262% MOV R10,R0 MOV R11,R1 ADD R8,R8,#1 AND R8,R8,#7 MOV R2,R10 MOV R3,R11 BL Ba262% .Ba261% LDMFD R13!,{R2} TST R2,#4 BNE Ba259% MOV R2,R10 MOV R3,R11 BL Ba262% LDR R0,[R12,#1908] CMP R0,#&1F SWI &000112 MOV R0,#0 SWI "OS_WriteC" MOVNE R0,#0 ;MOVEQ R0,#7 ; black MOVEQ R0,#%00000000 ; black SWI "OS_WriteC" LDMFD R13!,{R7} SWI "OS_Mouse" B Ba250% .Da88% EQUD &3F3F3F3F .Ba262% STMFD R13!,{R0-R2,R14} SWI "OS_WriteS" EQUD &00000617 LDR R0,Da88% MOV R0,R0,ROR R8 SWI "OS_WriteC" MOV R1,#9 .Ba263% SWI &000100 SUBS R1,R1,#1 BNE Ba263% MOV R0,#4 MOV R1,R2 MOV R2,R3 SWI "OS_Plot" LDR R0,[R12,#1908] CMP R0,#&1F MOV R0,#&15 ADD R1,R1,#&A8 SWI "OS_Plot" ADDNE R2,R2,#&30 ADDEQ R2,R2,#&24 SWI "OS_Plot" SUB R1,R1,#&A8 SWI "OS_Plot" SUBNE R2,R2,#&30 SUBEQ R2,R2,#&24 SWI "OS_Plot" LDMFD R13!,{R0-R2,PC} .Da89% EQUD &00000087 EQUD &00000140 EQUD &000001B3 EQUD &00000140 EQUD &000002DF EQUD &00000140 EQUD &0000040B EQUD &00000140 EQUD &00000087 EQUD &000000E4 EQUD &000001B3 EQUD &000000E4 EQUD &000002DF EQUD &000000E4 EQUD &0000040B EQUD &000000E4 EQUD &00000087 EQUD &00000090 EQUD &000001B3 EQUD &00000090 EQUD &000002DF EQUD &00000090 EQUD &0000040B EQUD &00000090 EQUD &00000087 EQUD &00000030 EQUD &000001B3 EQUD &00000030 EQUD &000002DF EQUD &00000030 EQUD &0000040B EQUD &00000030 .Ba264% LDR R6,[R12,#520] ; load register number (0 in RPC) CMP R6,#&0F LDR R0,[R12,R6,LSL #2] SUBEQ R0,R0,#8 ; R15 then R15=R15-8 CMP R4,#&0F BEQ Ba192% STR R0,[R12,R4,LSL #2] ADD R2,R12,#&88 ; base address for sandbox registers STR R0,[R2,R4,LSL #2] BL Ba477% BL Ba78% B Ba644% .Ba265% BL Ba618% SWI &00010B SWI "OS_RestoreCursors" MOV R6,R4 B Ba50% .Ba266% CMP R0,#&30 CMPGE R1,#&0280 BGE Ba267% BL Ba632% B Ba644% .Ba267% LDR R9,[R12,#1908] CMP R9,#&1F ADDNE R3,R12,#&0120 ADDEQ R3,R12,#&0860 ; base address of screen addresses SUB R6,R1,#&0280 MOVNE R6,R6,LSR #5 MOVEQ R6,R6,LSR #4 STR R6,[R12,#524] CMP R2,#1 BEQ Ba273% STMFD R13!,{R7} LDR R7,[R12,#1908] CMP R7,#&1F ; mode 31 MOVNE R3,#&20 MOVEQ R3,#&10 MOV R8,#&8000 MOV R9,#0 MUL R7,R6,R3 ADD R7,R7,#&0280 MOV R6,#&30 MOV R4,R0 MOV R5,R1 MOV R10,R0 MOV R11,R1 SWI "OS_WriteS" EQUD &00010312 MOV R2,R10 MOV R3,R11 BL Ba271% .Ba268% SWI "OS_Mouse" SUB R0,R0,R4 SUB R1,R1,R5 ADD R0,R0,R6 ADD R1,R1,R7 STMFD R13!,{R2} BIC R0,R0,#1 BIC R1,R1,#3 CMP R0,R10 BNE Ba269% CMP R1,R11 BNE Ba269% CMP R9,#0 SUBNE R9,R9,#1 BNE Ba270% MOV R9,#&0190 MOV R2,R10 MOV R3,R11 BL Ba271% ADD R8,R8,#1 AND R8,R8,#7 BL Ba271% MOV R0,#&13 SWI "OS_Byte" B Ba270% .Ba269% MOV R2,R10 MOV R3,R11 BL Ba271% MOV R10,R0 MOV R11,R1 ADD R8,R8,#1 AND R8,R8,#7 MOV R2,R10 MOV R3,R11 BL Ba271% .Ba270% LDMFD R13!,{R2} TST R2,#4 BNE Ba268% MOV R2,R10 MOV R3,R11 BL Ba271% LDR R0,[R12,#1908] CMP R0,#&1F SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOVNE R0,#0 ; white ;MOVEQ R0,#7 ; black MOVNE R0,#%00111111 ; white MOVEQ R0,#%00000000 ; black SWI "OS_WriteC" LDMFD R13!,{R7} MOV R0,#1 STR R0,[R12,#516] SWI "OS_Mouse" B Ba274% .Da90% EQUD &3F3F3F3F .Ba271% STMFD R13!,{R0-R2,R14} SWI "OS_WriteS" EQUD &00000617 LDR R0,Da90% MOV R0,R0,ROR R8 SWI "OS_WriteC" MOV R1,#8 .Ba272% SWI &000100 SUBS R1,R1,#1 BNE Ba272% MOV R0,#4 MOV R1,R2 MOV R2,R3 SWI "OS_Plot" MOV R0,#&15 ADD R1,R1,#&7E SWI "OS_Plot" LDR R0,[R12,#1908] CMP R0,#&1F MOV R0,#&15 ADDNE R2,R2,#&1C ADDEQ R2,R2,#&10 SWI "OS_Plot" SUB R1,R1,#&7E SWI "OS_Plot" SUBNE R2,R2,#&1C SUBEQ R2,R2,#&10 SWI "OS_Plot" LDMFD R13!,{R0-R2,PC} .Ba273% LDR R2,[R12,#1908] CMP R2,#&1F LDR R2,[R12,#208] MOVNE R1,#9 MOVEQ R1,#&13 SUB R1,R1,R2 CMP R6,R1 BEQ Ba47% B Ba644% .Ba274% LDR R8,[R12,#872] ADD R8,R8,R12 LDR R9,[R8],#4 CMP R0,R9 LDR R9,[R8],#4 CMPGE R1,R9 BLT Ba275% LDR R9,[R8],#4 CMP R0,R9 LDR R9,[R8,#0] CMPLT R1,R9 BLT Ba299% .Ba275% CMP R0,#&B0 CMPLE R1,#&03B8 BGT Ba250% CMP R0,#&30 CMPGE R1,#&0280 BLT Ba250% LDR R2,[R12,#1908] CMP R2,#&1F LDR R2,[R12,#208] SUB R6,R1,#&0280 MOVNE R6,R6,LSR #5 MOVEQ R6,R6,LSR #4 MOVNE R1,#9 MOVEQ R1,#&13 MOVNE R3,#9 MOVEQ R3,#&13 SUB R1,R1,R6 CMP R1,R2 BNE Ba644% LDR R6,[R12,#524] SUB R6,R3,R6 SUB R1,R6,R1 ADD R7,R7,R1,LSL #2 B Ba12% .Ba276% LDR R2,[R12,#1908] ; mode 31 CMP R2,#&1F LDR R2,[R12,#208] LDR R6,[R12,#524] MOVNE R3,#9 MOVEQ R3,#&13 SUB R6,R3,R6 SUB R2,R6,R2 ADD R0,R7,R2,LSL #2 CMP R4,#&0F ; R15 ? BEQ Ba192% STR R0,[R12,R4,LSL #2] ADD R2,R12,#&88 ; base address for sandbox registers STR R0,[R2,R4,LSL #2] BL Ba477% BL Ba78% B Ba644% .Ba277% LDR R3,[R12,#512] CMP R3,#&FF BEQ Ba374% CMP R3,#1 BNE Ba644% LDR R8,[R12,#872] ADD R8,R8,R12 LDR R9,[R8],#4 CMP R0,R9 LDR R9,[R8],#4 CMPGE R0,R9 BLT Ba278% LDR R9,[R8],#4 CMP R1,R9 LDR R9,[R8,#0] CMPLT R1,R9 BLT Ba298% .Ba278% CMP R0,#&B0 CMPLE R1,#&03B8 BGT Ba644% CMP R0,#&30 CMPGE R1,#&0280 BLT Ba644% LDR R2,[R12,#1908] CMP R2,#&1F LDR R2,[R12,#208] SUB R6,R1,#&0280 MOVNE R6,R6,LSR #5 MOVEQ R6,R6,LSR #4 MOVNE R1,#9 MOVEQ R1,#&13 SUB R1,R1,R6 CMP R1,R2 BNE Ba644% LDR R4,[R12,#520] CMP R4,#&0F LDR R7,[R12,R4,LSL #2] ;BIC R7,R7,#&FC000003 SUBEQ R7,R7,#8 B Ba12% .Ba279% ; called from Ba402. OS_EnterOS. LDR R1,[R12,#484] CMP R1,#1 SUBEQ R0,R0,#&18 MOV PC,R14 ; what is this data used for ; how is it accessed ? EQUD &00000140 EQUD &00000148 EQUD &0000013C EQUD &0000011C EQUD &00000148 EQUD &00000104 EQUD &00000134 EQUD &00000134 EQUD &00000114 EQUD &00000110 EQUD &00000080 EQUD &00000108 EQUD &00000164 EQUD &00000080 EQUD &00000150 EQUD &00000120 EQUD &00000114 EQUD &0000013C EQUD &00000080 EQUD &00000158 EQUD &00000104 EQUD &00000138 EQUD &00000080 EQUD &00000110 EQUD &00000114 EQUD &00000138 EQUD &00000080 EQUD &00000108 EQUD &0000013C EQUD &0000013C EQUD &0000011C EQUD &00000104 EQUD &00000114 EQUD &00000148 EQUD &00000150 .Ba280% ;comes here after writing module registers for first time ;these are the icons in the centre right - single step etc LDR R4,[R12,#860] ; base address of screen addresses ADD R4,R4,R12 BL Ba634% ADR R2,Da91% BL Ba25% BL Ba634% ADR R2,Da92% BL Ba25% BL Ba634% ADR R2,Da93% BL Ba25% BL Ba634% ADR R2,Da94% BL Ba25% BL Ba634% ADR R2,Da95% BL Ba25% BL Ba634% ADR R2,Da96% BL Ba25% BL Ba634% ADR R2,Da97% BL Ba25% BL Ba634% ADR R2,Da98% BL Ba25% BL Ba634% ADR R2,Da99% BL Ba25% BL Ba634% ADR R2,Da100% BL Ba25% BL Ba634% ADR R2,Da101% BL Ba25% BL Ba634% ADR R2,Da102% BL Ba25% BL Ba634% ADR R2,Da103% BL Ba25% LDMFD R13!,{PC} .Da91% EQUD &74735F53 ; S_st (S_step_off) EQUD &6F5F7065 ; ep_o EQUD &000D6666 ; ff .Da92% EQUD &74735F6D EQUD &6F5F7065 EQUD &000D6666 .Da93% EQUD &61657262 EQUD &666F5F6B EQUD &00000D66 .Da94% EQUD &70696B73 EQUD &66666F5F EQUD &0000000D .Da95% EQUD &72666572 EQUD &5F687365 EQUD &0D66666F .Da96% EQUD &74697571 EQUD &66666F5F EQUD &0000000D .Da97% EQUD &65676170 EQUD &6E776F64 EQUD &66666F5F EQUD &0000000D .Da98% EQUD &65676170 EQUD &6F5F7075 EQUD &000D6666 .Da99% EQUD &7466656C EQUD &66666F5F EQUD &0000000D .Da100% EQUD &6F5F7075 EQUD &000D6666 .Da101% EQUD &72617473 EQUD &66666F5F EQUD &0000000D .Da102% EQUD &68676972 EQUD &666F5F74 EQUD &00000D66 .Da103% EQUD &6E776F64 EQUD &66666F5F EQUD &0000000D .Da104% EQUD &74735F73 ; s_ste (s_step_on) EQUD &6F5F7065 ; ep_o EQUD &00000D6E ; n .Da105% EQUD &74735F6D EQUD &6F5F7065 EQUD &00000D6E .Da106% EQUD &61657262 EQUD &6E6F5F6B EQUD &0000000D .Da107% EQUD &65676170 EQUD &6E776F64 EQUD &0D6E6F5F .Da108% EQUD &65676170 EQUD &6F5F7075 EQUD &00000D6E .Da109% EQUD &7466656C EQUD &0D6E6F5F .Da110% EQUD &6F5F7075 EQUD &00000D6E .Da111% EQUD &72617473 EQUD &0D6E6F5F .Da112% EQUD &68676972 EQUD &6E6F5F74 EQUD &0000000D .Da113% EQUD &6E776F64 EQUD &0D6E6F5F .Ba281% LDR R4,[R12,#1792] ADD R4,R4,R12 ADR R0,Da107% STR R0,[R4],#4 ADR R0,Da108% STR R0,[R4],#4 ADR R0,Da109% STR R0,[R4],#4 ADR R0,Da110% STR R0,[R4],#4 ADR R0,Da111% STR R0,[R4],#4 ADR R0,Da112% STR R0,[R4],#4 ADR R0,Da113% STR R0,[R4],#4 ADR R0,Da97% STR R0,[R4],#4 ADR R0,Da98% STR R0,[R4],#4 ADR R0,Da99% STR R0,[R4],#4 ADR R0,Da100% STR R0,[R4],#4 ADR R0,Da101% STR R0,[R4],#4 ADR R0,Da102% STR R0,[R4],#4 ADR R0,Da103% STR R0,[R4,#0] MOV PC,R14 .Ba282% ; these are the tools mouse buttons CMP R0,#&03AC BGT Ba303% ; up and down buttons LDR R4,[R12,#864] ; cordinates of tools buttons ADD R4,R4,R12 ADD R5,R4,#4 LDR R9,[R4],#8 LDR R10,[R5],#8 CMP R0,R9 CMPGT R1,R10 BLT Ba283% LDR R9,[R4,#0] LDR R10,[R5,#0] CMP R0,R9 CMPLT R1,R10 BGT Ba283% ; single step button has been pressed here MOV R0,#4 LDR R2,[R12,#864] ADD R2,R2,R12 STR R2,[R12,#748] LDR R1,[R2],#4 LDR R2,[R2,#0] SWI "OS_Plot" ADR R2,Da104% ; s_step_on sprite name BL Ba25% ADR R2,Da91% STR R2,[R12,#752] MOV R2,#0 B Ba645% ; check keyboard keys pressed .Ba283% LDR R4,[R12,#868] ADD R4,R4,R12 ADD R5,R4,#4 LDR R9,[R4],#8 LDR R10,[R5],#8 CMP R0,R9 CMPGT R1,R10 BLT Ba284% LDR R9,[R4,#0] LDR R10,[R5,#0] CMP R0,R9 CMPLT R1,R10 BGE Ba284% MOV R0,#4 LDR R2,[R12,#868] ADD R2,R2,R12 STR R2,[R12,#748] LDR R1,[R2],#4 LDR R2,[R2,#0] SWI "OS_Plot" ADR R2,Da105% BL Ba25% ADR R2,Da92% STR R2,[R12,#752] MOV R2,#&4D B Ba645% .Ba284% LDR R4,[R12,#872] ADD R4,R4,R12 ADD R5,R4,#4 LDR R9,[R4],#8 LDR R10,[R5],#8 CMP R0,R9 CMPGT R1,R10 BLT Ba285% LDR R9,[R4,#0] LDR R10,[R5,#0] CMP R0,R9 CMPLT R1,R10 BGE Ba285% MOV R0,#4 LDR R2,[R12,#872] ADD R2,R2,R12 STR R2,[R12,#748] LDR R1,[R2],#4 LDR R2,[R2,#0] SWI "OS_Plot" ADR R2,Da106% BL Ba25% ADR R2,Da93% STR R2,[R12,#752] MOV R2,#&42 B Ba645% .Ba285% LDR R4,[R12,#892] ADD R4,R4,R12 ADD R5,R4,#4 LDR R9,[R4],#8 LDR R10,[R5],#8 CMP R0,R9 CMPGT R1,R10 BLT Ba286% LDR R9,[R4,#0] LDR R10,[R5,#0] CMP R0,R9 CMPLT R1,R10 BGE Ba286% MOV R0,#4 LDR R2,[R12,#892] ADD R2,R2,R12 STR R2,[R12,#748] LDR R1,[R2],#4 LDR R2,[R2,#0] SWI "OS_Plot" ADR R2,Da114% BL Ba25% ADR R2,Da115% STR R2,[R12,#752] MOV R2,#&53 B Ba645% .Da114% EQUD &70696B73 EQUD &0D6E6F5F .Da115% EQUD &70696B73 EQUD &66666F5F EQUD &0000000D .Ba286% LDR R4,[R12,#896] ADD R4,R4,R12 ADD R5,R4,#4 LDR R9,[R4],#8 LDR R10,[R5],#8 CMP R0,R9 CMPGT R1,R10 BLT Ba287% LDR R9,[R4,#0] LDR R10,[R5,#0] CMP R0,R9 CMPLT R1,R10 BGE Ba287% MOV R0,#4 LDR R2,[R12,#896] ADD R2,R2,R12 STR R2,[R12,#748] LDR R1,[R2],#4 LDR R2,[R2,#0] SWI "OS_Plot" ADR R2,Da116% BL Ba25% ADR R2,Da117% STR R2,[R12,#752] MOV R2,#&52 B Ba645% .Da116% EQUD &72666572 EQUD &5F687365 EQUD &000D6E6F .Da117% EQUD &72666572 EQUD &5F687365 EQUD &0D66666F .Ba287% LDR R4,[R12,#900] ADD R4,R4,R12 ADD R5,R4,#4 LDR R9,[R4],#8 LDR R10,[R5],#8 CMP R0,R9 CMPGT R1,R10 BLT Ba644% LDR R9,[R4,#0] LDR R10,[R5,#0] CMP R0,R9 CMPLT R1,R10 BGE Ba644% MOV R0,#4 LDR R2,[R12,#900] ADD R2,R2,R12 STR R2,[R12,#748] LDR R1,[R2],#4 LDR R2,[R2,#0] SWI "OS_Plot" ADR R2,Da119% BL Ba25% ADR R2,Da118% STR R2,[R12,#752] MOV R2,#&51 B Ba645% .Da118% EQUD &74697571 EQUD &66666F5F EQUD &0000000D .Da119% EQUD &74697571 EQUD &0D6E6F5F .Ba288% STR R3,[R12,#748] STR R4,[R12,#752] MOV PC,R14 .Ba289% MOV R0,#&000F5000 STR R0,[R12,#2688] MOV R0,#1 STR R0,[R12,#756] LDR R0,[R12,#748] CMP R0,#0 BEQ Ba644% LDR R1,[R0],#4 LDR R2,[R0,#0] MOV R0,#4 SWI "OS_Plot" LDR R2,[R12,#752] BL Ba25% MOV R0,#0 STR R0,[R12,#748] B Ba644% .Ba290% BL Ba293% SWI "OS_Mouse" CMP R2,#4 ; select button ADDEQ R2,R5,#&30 BEQ Ba224% LDR R2,[R12,#1908] ; colour table CMP R2,#&1F ; mode LDRNE R4,[R12,#876] ADDNE R4,R4,R12 ADDEQ R4,R12,#&08D0 LDR R5,[R4],#4 CMP R0,R5 LDR R5,[R4],#4 CMPGE R1,R5 BLT Ba291% LDR R5,[R4],#4 CMP R0,R5 LDR R5,[R4,#0] CMPLE R1,R5 BGT Ba291% SUB R4,R4,#8 LDR R5,[R4,#0] SUB R5,R1,R5 LDR R2,[R12,#1908] CMP R2,#&1F MOVEQ R5,R5,LSR #4 MOVNE R5,R5,LSR #5 MOV R6,#5 SUB R5,R6,R5 LDR R0,[R12,#760] CMP R0,R5 BEQ Ba223% CMP R0,#0 BLNE Ba292% BL Ba432% STR R5,[R12,#760] SWI &000111 ;MOV R0,#7 ; black MOV R0,#%00000000 ; black ;MOVEQ R0,#&0B ; red MOVEQ R0,#%00000011 ; red SWI "OS_WriteC" SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" MOV R0,R5 SWI "OS_WriteC" CMP R5,#1 ADREQ R0,Da120% SWIEQ "OS_Write0" ; m-step menu buttons ? CMP R5,#2 ADREQ R0,Da121% SWIEQ "OS_Write0" CMP R5,#3 ADREQ R0,Da122% SWIEQ "OS_Write0" CMP R5,#4 ADREQ R0,Da123% SWIEQ "OS_Write0" CMP R5,#5 ADREQ R0,Da124% SWIEQ "OS_Write0" B Ba223% .Ba291% LDR R3,[R12,#760] CMP R3,#0 BLNE Ba292% B Ba223% .Ba292% STMFD R13!,{R14} BL Ba432% SWI &000111 MOV R0,#&20 ; don't know ? ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" LDR R0,[R12,#760] SWI "OS_WriteC" CMP R0,#1 ADREQ R0,Da120% SWIEQ "OS_Write0" CMP R0,#2 ADREQ R0,Da121% SWIEQ "OS_Write0" CMP R0,#3 ADREQ R0,Da122% SWIEQ "OS_Write0" CMP R0,#4 ADREQ R0,Da123% SWIEQ "OS_Write0" CMP R0,#5 ADREQ R0,Da124% SWIEQ "OS_Write0" MOV R0,#0 STR R0,[R12,#760] LDMFD R13!,{PC} .Da120% EQUD &6E752031 EQUD &206C6974 EQUD &61657262 EQUD &726F206B EQUD &63736520 EQUD &20657061 EQUD &61725428 EQUD &6F206563 EQUD &00296666 .Da121% EQUD &6E752032 EQUD &206C6974 EQUD &61657262 EQUD &726F206B EQUD &63736520 EQUD &20657061 EQUD &61725428 EQUD &6F206563 EQUD &0000296E .Da122% EQUD &6E552033 EQUD &206C6974 EQUD &3E2E3C52 EQUD &3C203D20 EQUD &203E2E2E EQUD &61725428 EQUD &6F206563 EQUD &00296666 .Da123% EQUD &6E552034 EQUD &206C6974 EQUD &3E2E3C52 EQUD &3C203D20 EQUD &203E2E2E EQUD &61725428 EQUD &6F206563 EQUD &0000296E .Da124% EQUD &6E552035 EQUD &206C6974 EQUD &64413C21 EQUD &73657264 EQUD &3D203E73 EQUD &2E2E3C20 EQUD &0000003E .Ba293% STMFD R13!,{R14} LDR R0,[R12,#748] CMP R0,#0 LDMEQFD R13!,{PC} MOV R3,#&0F BL Ba350% LDR R0,[R12,#748] LDR R1,[R0],#4 LDR R2,[R0,#0] MOV R0,#4 SWI "OS_Plot" LDR R2,[R12,#752] BL Ba25% MOV R0,#0 STR R0,[R12,#748] BL Ba632% LDMFD R13!,{PC} .Ba294% BL Ba293% SWI "OS_Mouse" CMP R2,#4 BEQ Ba297% LDR R2,[R12,#1908] CMP R2,#&1F LDRNE R4,[R12,#880] ADDNE R4,R4,R12 ADDEQ R4,R12,#&08E0 LDR R5,[R4],#4 CMP R0,R5 LDR R5,[R4],#4 CMPGE R1,R5 BLT Ba295% LDR R5,[R4],#4 CMP R0,R5 LDR R5,[R4,#0] CMPLE R1,R5 BGT Ba295% SUB R4,R4,#8 LDR R5,[R4,#0] SUB R5,R1,R5 LDR R2,[R12,#1908] CMP R2,#&1F MOVEQ R5,R5,LSR #4 MOVNE R5,R5,LSR #5 MOVEQ R6,#3 MOVNE R6,#4 SUB R5,R6,R5 LDR R0,[R12,#760] CMP R0,R5 BEQ Ba203% CMP R0,#0 BLNE Ba296% BL Ba432% STR R5,[R12,#760] SWI &000111 ;MOVNE R0,#7 ; black MOVNE R0,#%00000000 ; black ;MOVEQ R0,#&0B ;red MOVEQ R0,#%00000011 ;red SWI "OS_WriteC" SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" MOV R0,R5 SWI "OS_WriteC" CMP R5,#1 ADREQ R0,Da125% SWIEQ "OS_Write0" CMP R5,#2 ADREQ R0,Da126% SWIEQ "OS_Write0" CMP R5,#3 ADREQ R0,Da127% SWIEQ "OS_Write0" B Ba203% .Ba295% LDR R3,[R12,#760] CMP R3,#0 BLNE Ba296% B Ba203% .Ba296% STMFD R13!,{R14} BL Ba432% SWI &000111 MOV R0,#&20 ; don't know ? ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" LDR R0,[R12,#760] SWI "OS_WriteC" CMP R0,#1 ADREQ R0,Da125% SWIEQ "OS_Write0" CMP R0,#2 ADREQ R0,Da126% SWIEQ "OS_Write0" CMP R0,#3 ADREQ R0,Da127% SWIEQ "OS_Write0" MOV R0,#0 STR R0,[R12,#760] LDMFD R13!,{PC} .Ba297% ADD R1,R5,#&30 B Ba204% .Da125% EQUD &53203120 EQUD &42207465 EQUD &6B616572 EQUD &6E696F70 EQUD &00000074 .Da126% EQUD &53203220 EQUD &20776F68 EQUD &61657242 EQUD &696F706B EQUD &0073746E .Da127% EQUD &43203320 EQUD &7261656C EQUD &65724220 EQUD &6F706B61 EQUD &00746E69 .Ba298% LDR R4,[R12,#520] CMP R4,#&0F LDR R2,[R12,R4,LSL #2] ;BICEQ R2,R2,#&FC000003 B Ba206% .Ba299% LDR R2,[R12,#1908] ; read mode CMP R2,#&1F ; MODE 31 ? ADDNE R3,R12,#&0120 ADDEQ R3,R12,#&0860 ; base address of screen addresses MOVEQ R4,#&13 MOVNE R4,#9 LDR R2,[R12,#208] LDR R8,[R12,#524] SUB R8,R4,R8 LDR R2,[R3,R8,LSL #2] B Ba206% .Ba300% LDR R3,[R12,#1908] CMP R3,#&1F STMFD R13!,{R14} MOV R11,R9 LDRNE R4,[R12,#888] ADDNE R4,R4,R12 ADDEQ R4,R12,#&08F0 LDR R3,[R4],#4 CMP R0,R3 LDR R3,[R4],#4 CMPGE R1,R3 BLT Ba301% LDR R3,[R4],#4 CMP R0,R3 LDR R3,[R4],#4 ADD R3,R3,#&18 CMPLE R1,R3 BGT Ba301% SUB R3,R3,R1 LDR R1,[R12,#1908] CMP R1,#&1F MOVNE R3,R3,LSR #5 MOVEQ R3,R3,LSR #4 CMP R2,#0 BNE Ba302% LDR R1,[R12,#796] CMP R3,R1 LDMEQFD R13!,{PC} STR R3,[R12,#796] BL Ba212% LDR R3,[R12,#796] SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" MOV R0,R3 SWI "OS_WriteC" LDR R0,[R12,#1908] CMP R0,#&1F ;MOVNE R0,#7 ; black ;MOVEQ R0,#&0B ; blue MOVNE R0,#%00000000 ; black MOVEQ R0,#%00110000 ; blue SWI &000111 SWI "OS_WriteC" LDR R3,[R12,#796] LDR R1,[R11,R3,LSL #2] CMP R1,#0 LDMEQFD R13!,{PC} SWI &000120 ; character ADD R0,R3,#&31 SWI "OS_WriteC" SWI &000120 ; character SWI &000126 ; character & MOV R0,R1 ADD R1,R12,#&0168 MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" LDMFD R13!,{PC} .Ba301% CMP R2,#0 BNE Ba216% LDR R1,[R12,#796] CMP R1,#&FF LDMEQFD R13!,{PC} BL Ba212% MOV R0,#&FF STR R0,[R12,#796] LDMFD R13!,{PC} .Ba302% CMP R2,#1 MOVEQ R10,#1 MOVNE R10,#0 ADD R2,R3,#&31 LDMFD R13!,{R1} B Ba216% .Ba303% ADR R4,Da128% LDR R9,[R12,#1792] ADD R9,R9,R12 SUB R9,R9,#4 .Ba304% ADD R9,R9,#4 LDR R3,[R4],#4 CMP R3,#&FF BEQ Ba644% CMP R0,R3 LDR R3,[R4],#4 CMPGE R1,R3 ADDLT R4,R4,#8 BLT Ba304% LDR R3,[R4],#4 CMP R0,R3 LDR R3,[R4],#4 CMPLE R1,R3 BGT Ba304% MOV R11,R2 MOV R0,#4 SUB R4,R4,#&10 STR R4,[R12,#748] LDR R1,[R4],#4 LDR R2,[R4,#0] SWI "OS_Plot" LDR R2,[R9],#28 BL Ba25% LDR R2,[R9,#0] STR R2,[R12,#752] LDR R0,[R12,#1792] ADD R0,R0,R12 SUB R9,R9,#&1C SUB R9,R9,R0 CMP R11,#1 ADR R2,Da129% ADDEQ R2,R2,#&1C LDR R2,[R2,R9] BL Ba306% B Ba645% .Da128% EQUD &000003D2 EQUD &000001B4 EQUD &00000406 EQUD &000001F8 EQUD &000003D2 EQUD &00000200 EQUD &00000406 EQUD &00000244 EQUD &0000041E EQUD &000001B4 EQUD &0000044C EQUD &000001E0 EQUD &0000041E EQUD &00000218 EQUD &0000044C EQUD &00000244 EQUD &00000464 EQUD &000001E8 EQUD &00000490 EQUD &00000214 EQUD &000004AA EQUD &000001B4 EQUD &000004DC EQUD &000001E0 EQUD &000004AA EQUD &00000218 EQUD &000004DC EQUD &00000244 EQUD &000000FF .Da129% EQUD &0000009E EQUD &0000009F EQUD &0000008C EQUD &0000008F EQUD &0000000A EQUD &0000008D EQUD &0000008E EQUD &0000009F EQUD &0000009E EQUD &0000008D EQUD &0000008E EQUD &0000000A EQUD &0000008C EQUD &0000008F .Ba305% STMFD R13!,{R14} LDR R4,[R12,#756] ADD R4,R4,#1 STR R4,[R12,#756] CMP R4,#2 BEQ Ba352% LDMFD R13!,{PC} ; .Ba306% STMFD R13!,{R0-R5,R14} LDR R0,[R12,#2688] CMP R0,#1 LDMEQFD R13!,{R0-R5,PC} .Ba307% SUBS R0,R0,#1 CMP R0,#0 BNE Ba307% LDR R0,[R12,#2688] SUBS R0,R0,#&1000 CMP R0,#&1100 MOVLT R0,#1 STR R0,[R12,#2688] LDMFD R13!,{R0-R5,PC} .Da130% EQUD &00000000 ; R0 EQUD &00000000 ; R1 EQUD &00000000 ; R2 EQUD &00000000 ; R3 EQUD &00000000 ; R4 EQUD &00000000 ; R5 EQUD &00000000 ; R6 EQUD &00000000 ; R7 EQUD &00000000 ; R8 EQUD &00000000 ; R9 EQUD &00000000 ; R10 EQUD &00000000 ; R11 .Da131% EQUD &00000000 ; R12 EQUD &00000000 ; R13 .Da132% EQUD &00000000 ; R14 .Da133% EQUD &00000000 ; R12 EQUD &00000000 .Da134% EQUD &00000000 ; R0 EQUD &00000000 ; R9 EQUD &00000000 ; R10 EQUD &00000000 ; R11 EQUD &00000000 ; R12 EQUD &00000000 ; R13 EQUD &00000000 ; R14 EQUD &00000000 EQUD &00000000 .Da135% EQUD &00000000 ; R13 .Da136% EQUD &00000000 ; R14 .Da137% EQUD &00000000 ; R15 EQUD &00000000 .Da137a% ; 32bit - added for PSR EQUD &00000000 ; PSR added in v112 .Ba308% ;swi OS_BreakAddress STR R0,Da134% ; <-- entry for OS_BreakAddress ADR R0,Da134% STMIB R0,{R9-R14} STR R13,Da135% STR R14,Da136% ;STR PC,Da137% ; saves PC flags MRS R9,CPSR ; save status register STR R9,Da137a% ; save PSR flags ;Da137 is not read anywhere - so we can reuse this for CPSR ;*** need CPSR save here ?? LDR R9,[R13,#0] LDR R10,[R13,#12] LDR R11,[R13,#16] LDR R12,[R13,#20] LDR R0,[R13,#4] STR R0,Da133% LDR R9,Da137a% ; 32bit - load PSR flags AND R0,R0,#3 ; check user mode CMP R0,#3 ; ADDEQ R13,R13,#&18 STR R12,Da131% BLEQ Ba651% ; sets R12 to EQUD block at end of module BEQ Ba405% ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 .Ba309% LDR R12,Da131% ADR R0,Da130% STMIB R0,{R1-R14} LDR R0,Da134% STR R0,Da130% ADR R0,Da130% LDMIA R0,{R0-R14} BL Ba651% ; sets R12 to EQUD block at end of module STMIA R12,{R0-R14} LDR R0,Da131% STR R0,[R12,#48] LDR R0,Da132% STR R0,[R12,#56] MOV R0,#&0F STR R0,[R12,#484] LDR R7,Da133% ADD R7,R7,#8 STR R7,[R12,#60] ; PC ;BIC R7,R7,#&FC000003 ; clears status/mode bits STR R7,Da133% SUB R7,R7,#8 STR R7,[R12,#116] LDR R13,[R12,#84]; base address of stack ;BL Ba315% MOV R0,#&C8 ; read/write break and escape effect MOV R1,#1 ; EOR value MOV R2,#0 ; AND value SWI "OS_Byte" STR R1,[R12,#488] ; state before being overwritten MOV R1,#1 ; escape disabled unless OS_Byte_125 STR R1,[R12,#68] ; break and escape state OS_Byte_200 STR R1,[R12,#904] ; save escape state B Ba8% .Ba310% MOV R0,#0 STR R0,[R12,#484] LDMIA R12,{R0-R11,R14} ; load break registers LDR R13,Da135% STR R9,[R13,#0] STR R10,[R13,#12] STR R11,[R13,#16] LDR R0,[R12,#60] ; PC SUB R0,R0,#8 STR R0,[R13,#4] LDR R0,[R12,#48] STR R0,[R13,#20] BL Ba409% ;LDR R0,[R12,#60] ;AND R0,R0,#&FC000000 ;TEQP PC,R0 ;32bit - reload PSR as we've reloaded break registers LDR R0,[R12,#64] ; PSR MSR CPSR_cf,R0 LDMIA R12,{R0-R14} SWI "XOS_EnterOS" ADR R9,Da134% LDMIB R9,{R9-R12} LDR R13,Da135% LDR R14,Da136% MOV PC,R14 .Ba311% ; swi instruction decode comes here ADR R2,Da142% .Ba312% LDR R1,[R2],#4 CMP R1,#0 BEQ Ba314% CMP R1,R0 BNE Ba312% .Ba313% ; specific SWI instructions processed here ; EQUD &EF0400C7 Wimp_Poll ; EQUD &EF0600C7 XWimp_Poll ; EQUD &EF0400E1 Wimp_PollIdle ; EQUD &EF0600E1 XWimp_PollIdle SWI &000107 BL Ba43% BL Ba635% SWI &000104 BL Ba248% BL Ba618% SWI &00010B SWI &00010B MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" LDR R3,[R12,#468] ; m-step enabled = 1 LDR R4,[R12,#472] CMP R3,#0 CMPEQ R4,#0 ADRNE R0,Da138% ADREQ R0,Da139% SWI "OS_Write0" ADRNE R0,Da140% SWINE "OS_Write0" ADR R0,Da141% SWI "OS_Write0" BL Ba632% MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" SWI "OS_Confirm" CMP R0,#&79 BL Ba231% ; disbles m-step BEQ Ba17% LDR R1,[R12,#60] ; PC ADD R1,R1,#4 STR R1,[R12,#60] ; PC BL Ba73% ; plots registers on screen B Ba12% .Ba314% ; specific SWI instructions processed here ; EQUD &EF000071 is SWI OS_CallASWIR12 (similar to CallASWI) ; but uses R12 to specify the target SWI LDR R1,[R2],#4 CMP R1,R0 BNE Ba71% LDR R0,[R12,#48] MOV R1,#&0F00 ADD R1,R1,#&FF AND R0,R0,R1 CMP R0,#&C7 BEQ Ba313% B Ba64% .Da138% EQUD &20202020 EQUD &2D2D2D2D EQUD &52415720 EQUD &474E494E EQUD &6D695720 EQUD &6F505F70 EQUD &2D206C6C EQUD &0D2D2D2D EQUD &2020200A EQUD &7478654E EQUD &736E6920 EQUD &63757274 EQUD &6E6F6974 EQUD &20736920 EQUD &706D6957 EQUD &6C6F705F EQUD &000A0D6C .Da139% EQUD &20202020 EQUD &2D2D2D2D EQUD &52415720 EQUD &474E494E EQUD &6D695720 EQUD &6F505F70 EQUD &2D206C6C EQUD &0D2D2D2D EQUD &6E6F430A EQUD &756E6974 EQUD &65722065 EQUD &6E727574 EQUD &6F792073 EQUD &6F742075 EQUD &65687420 EQUD &73656420 EQUD &706F746B EQUD &00000A0D .Da140% EQUD &746E6F43 EQUD &65756E69 EQUD &74657220 EQUD &736E7275 EQUD &756F7920 EQUD &206F7420 EQUD &20656874 EQUD &6B736564 EQUD &0D706F74 EQUD &0000000A .Da141% EQUD &20200A0D EQUD &20202020 EQUD &6F432020 EQUD &6E69746E EQUD &28206575 EQUD &294E2F59 EQUD &00000000 .Da142% ; these are used to trap particular SWI instructions EQUD &EF0400C7 ; SWI Wimp_Poll EQUD &EF0600C7 ; SWI XWimp_Poll EQUD &EF0400E1 ; SWI Wimp_PollIdle EQUD &EF0600E1 ; SWI XWimp_PollIdle EQUD &00000000 EQUD &EF000071 ; OS_CallASWIR12 .Da143% EQUD &00000000 .Da144% EQUD &00000000 ; R7 temporary store .Ba315% ; builds a memory map of RPi at &990 onwards ; can add in any order as the &990 memory is then sorted ; sometimes STR R7,Da144% ; save R7 for later - used below SWI "OS_ReadMemMapInfo" ; R0 = page size in bytes ; R1 = number of pages MOV R4,R0 ; R4 = page size in bytes ADD R9,R12,#&0990 MOV R0,#0 ; this address is duplicated by a dynamic area address ;STR R0,[R9],#4 ; first address e.g. 00000000 ADD R0,R0,#&8000 ; min address for OS_ValidateAddress .Ba316% ADD R1,R0,R4 ; max address SWI "XOS_ValidateAddress" ; C flag clear = range OK ADDCC R0,R0,R4 BCC Ba316% ; this address is duplicated by a dynamic area address ;STR R0,[R9],#4 ; second address e.g. 000A8000 ;MOV R0,#&01F00000 ; RPC cursor system sound MOV R0,#&FA000000 ; RPi cursor system sound &FAFF0000 ADD R0,R0,#&FF0000 STR R0,[R9],#4 ; min address for OS_ValidateAddress .Ba317% ADD R1,R0,R4 ; max address SWI "XOS_ValidateAddress" ; C flag clear = range OK ADDCC R0,R0,R4 BCC Ba317% STR R0,[R9],#4 ;MOV R0,#&03800000 ; Arch / RPC hadware ROM base address ; rom area duplicated by dynamic area on RPi - so not required ;MOV R0,#&20000000 ; RPi ROM base address ;STR R0,[R9],#4 ;MOV R0,#&2F000000 ; End of RPC ROM area ; rom area duplicated by dynamic area on RPi - so not required ;MOV R0,#&30000000 ; End of ROM area on RPi ;STR R0,[R9],#4 ;*** manually added 32bit for read-only ROM module area MOV R0,#&FC000000 ; RPi ROM base address start STR R0,[R9],#4 ADD R0,R0,#&00800000 ; RPi ROM base address end - test STR R0,[R9],#4 ;*** manually added 32bit for read-only ROM module area MOV R0,#3 ; enumerates dynamic area MVN R1,#0 ; area number (-1 to start) MVN R10,#0 ; v106 RPi2 is reading a dynamic area ; start 00000000, end 3A257000 ; this overwites other dynamic areas ?? ; so currently disabled R7 memory check again SWI "OS_DynamicArea" ; (3) STR R1,Da143% ; next area number (-1 for none) .Ba318% MOV R0,#2 ; return information on a dynamic area LDR R1,Da143% ; dynamic area number SWI "OS_DynamicArea" ; (2) ; R2 = current size of area in bytes ; R3 = base logical address of area ; R4 = area flags ; R5 = max size of area in bytes ; R6 = pointer to dynamic area handler routine (0=no routine) ; R7 = pointer to workspace for handler (re-use of R7!) ; R8 = pointer to name area ;MOV R0,#&01C00000 ; RPC SVC stack ;ADD R0,R0,#&2000 MOV R0,#&FA000000 ; RPi 32k SVC stack ADD R0,R0,#&2000 CMP R3,R0 ;MOVEQ R3,#&01C00000 ; RPC SVC stack MOVEQ R3,#&FA000000 ; RPi 32k SVC stack ADDEQ R3,R3,#&200000 CMP R3,#&04000000 CMPNE R2,#0 STRNE R3,[R9],#4 ; ADD R3,R3,R2 STRNE R3,[R9],#4 MOV R0,#3 LDR R1,Da143% SWI "OS_DynamicArea" STR R1,Da143% CMP R1,R10 BNE Ba318% .Ba319% MOV R0,#1 ; sets final item to &01 - end of list STR R0,[R9,#0] ; LDR R7,Da144% ; reload R7 again - added v79 ; MOV PC,R14 ; RGPB temp .Ba320% ; performs sort on memory map pairs ; checks that each address pair is in ascending order ; ; RGPB note - needs re-writing to sort on address pairs and ; not each individual address. ; On the RPi seems that dynamic addresses can overlap ?? ;e.g. ; 1 is 00000000 - 20000000 ; 1 is 00000000 - 3F123456 or whatever ; ADD R2,R12,#&0990 ; first value ADD R3,R12,#&0990 ADD R3,R3,#4 ; second value .Ba321% LDR R0,[R2,#0] ; lower address LDR R1,[R3,#0] ; higher address CMP R0,R1 ; are two addresses the same ? BEQ Ba322% ; two addresses the same CMP R1,#1 ; end of list, then quit LDREQ R7,Da144% ; reload original value of R7, saved above MOVEQ PC,R14 CMP R0,R1 ; are two addresses the same ? ; not 32bit ;STRGT R0,[R3,#0] ; swap them over if wrong way around ;STRGT R1,[R2,#0] ;BGT Ba320% ; read next pair of addresses ; 32bit STRHI R0,[R3,#0] ; swap them over if wrong way around STRHI R1,[R2,#0] BHI Ba320% ; read next pair of addresses ADD R2,R2,#4 ; increment address pointers ADD R3,R3,#4 B Ba321% ; read next pair of addresses .Ba322% ; lower and upper addresses are the same for a pair ADD R2,R2,#4 ; increment address pointers ADD R3,R3,#4 LDR R1,[R3,#0] ; read next address pairs STR R1,[R2,#0] CMP R1,#1 ; check for end of list BEQ Ba319% ; end of list B Ba322% ; read next pair of addresses .Ba323% ; sets up array of R7 addresses in RAM starting at &0120 ; skip R7 memory checks as these not working on RPi2 B Ba324b% ;*************************************************************** ; checks that R7 is withing valid RAM ADD R3,R12,#&0990 ;BIC R7,R7,#&80000000 ; 26bit address .Ba324% LDR R4,[R3],#4 CMP R4,#1 BEQ Ba326% CMP R7,R4 ; not 32bit ;BLT Ba326% ; 32bit BEQ Ba324a% BLS Ba326% .Ba324a% LDR R5,[R3],#4 CMP R7,R5 ; not 32bit ;BGT Ba324% ; 32bit BHI Ba324% ADD R6,R7,#&28 CMP R6,R5 ; not 32bit ;BGT Ba334% ; 32bit BHI Ba334% ;*************************************************************** ; added v126 .Ba324b% ; start of routine to save out each instruction address to array MOV R4,R7 ADD R5,R12,#&0120 MOV R2,#&0A .Ba325% STR R4,[R5],#4 ADD R4,R4,#4 SUBS R2,R2,#1 BNE Ba325% ADD R3,R12,#&0120 LDR R7,Da144% ; v125 - reload R7 again MOV PC,R14 .Ba326% CMP R4,#1 MOVEQ R4,#0 ;ORREQ R7,R7,#&80000000 ;commented out in ver41 SUB R5,R5,#4 ADD R6,R7,R10,LSL #2 CMP R6,R4 ; not 32bit ;BLT Ba330% ; 32bit BEQ Ba326a% BLS Ba330% .Ba326a% ADD R3,R12,#&0120 ADD R2,R3,R10,LSL #2 MOV R9,R10 .Ba327% STR R6,[R2],#-4 SUB R6,R6,#4 CMP R6,R4 ; not 32bit ;MOVLT R6,R5 ;MVNLT R4,#0 ; 32bit MOVLS R6,R5 MVNLS R4,#0 SUBS R9,R9,#1 ; not 32bit ;BGE Ba327% ; 32bit BEQ Ba327% BHI Ba327% MOV R9,#&0A SUB R9,R9,R10 CMP R9,#0 BEQ Ba329% ADD R6,R7,R10,LSL #2 ADD R6,R6,#4 ADD R2,R3,R10,LSL #2 ADD R2,R2,#4 .Ba328% STR R6,[R2],#4 ADD R6,R6,#4 SUBS R9,R9,#1 BNE Ba328% .Ba329% ADD R3,R12,#&0120 LDR R7,Da144% ; v125 - reload R7 again MOV PC,R14 .Ba330% SUB R6,R4,R6 CMP R6,#&28 ; #50 ; not 32bit ;MOVGT R7,R5 ;SUBGT R7,R7,R10,LSL #2 ;BGT Ba323% ; read address pair from #&990 ; 32bit MOVHI R7,R5 SUBHI R7,R7,R10,LSL #2 BHI Ba323% ; read address pair from #&990 SUB R6,R5,R6 ADD R6,R6,#4 SUB R7,R6,R10,LSL #2 B Ba323% .Ba331% ; checks R7 is within memory map for *step command ; skip R7 memory checks as these not working on RPi2 B Ba334b% ;*************************************************************** ADD R3,R12,#&0990 ;BIC R7,R7,#&80000000 ; don't want to clear top bit in R7 .Ba332% LDR R4,[R3],#4 CMP R4,#1 ; end of memory map at &990 BEQ Ba333% ; end of map found CMP R7,R4 ; not 32bit ;BLT Ba333% ; 32bit BEQ Ba332a% BLS Ba333% .Ba332a% LDR R5,[R3],#4 CMP R7,R5 ; not 32bit ;BGE Ba332% ; 32bit BEQ Ba332% BHI Ba332% MOV PC,R14 .Ba333% ; end of memory map found CMP R4,#1 MOVEQ R4,#0 MOV R7,R4 ; sets R7 to 0 MOV PC,R14 .Ba334% ; not sure ir these instructions should be processed ?? ; v126 ; R4 is used below to set R2 etc. ?? This needs more work. CMP R5,#&04000000 MOVEQ R4,#0 LDRNE R4,[R3,#0] ;*************************************************************** ; added v126 .Ba334b% MOV R9,#&0A MOV R2,R7 SUB R5,R5,#4 ADD R1,R12,#&0120 .Ba335% STR R2,[R1],#4 SUB R9,R9,#1 ADD R2,R2,#4 CMP R2,R5 ; not 32bit ;BLE Ba335% ; 32bit BLS Ba335% MOV R2,R4 .Ba336% STR R2,[R1],#4 SUBS R9,R9,#1 BEQ Ba329% ADD R2,R2,#4 B Ba336% .Ba337% ; calculates each instruction address for the break screen ; skip R7 memory checks as these not working on RPi2 B Ba338b% ;*************************************************************** ; checks R7 is within the known memory map - no good on RPi2 ADD R3,R12,#&0990 ; read memory map boundary ;BIC R7,R7,#&80000000 ; 32bit - don't clear top bit in R7 .Ba338% LDR R4,[R3],#4 CMP R4,#1 ; check for end of memory map BEQ Ba340% CMP R7,R4 ; bug019 - re-added to show correct address on 1st six lines ; not 32bit ;BLT Ba340% ; bug019 - code reverted for fix ; bug019 - not sure why the new 32bit code not working ?? ; 32bit BEQ Ba338a% BLS Ba340% .Ba338a% LDR R5,[R3],#4 CMP R7,R5 ; not 32bit ;BGT Ba338% ; 32bit BHI Ba338% ADD R6,R7,#&50 CMP R6,R5 ; not 32bit ;BGT Ba347% ; 32bit BHI Ba347% ;*************************************************************** ; added v125 .Ba338b% ; start of routine to save out each instruction address to array MOV R4,R7 ADD R5,R12,#&0860 ; base address of screen addresses MOV R2,#&14 .Ba339% STR R4,[R5],#4 ; save address of each screen instruction ADD R4,R4,#4 SUBS R2,R2,#1 BNE Ba339% ADD R3,R12,#&0860 ; base address of screen addresses MOV PC,R14 ; return from R7 memory map check .Ba340% ; these are the break addr and subsequent lines on the screen CMP R4,#1 MOVEQ R4,#0 ;ORREQ R7,R7,#&80000000 ; 32bit SUB R5,R5,#4 ADD R6,R7,R10,LSL #2 ; RPi1 ; R6 = 20203BF0 ; R4 = 2037D000 CMP R6,R4 ; not 32bit ;BLT Ba344% ; 26bit as comparing 32bit addresses ; *** this code when active - causes R7 address to be 'FAFF0000' ; 32bit BEQ Ba340a% ; *** here *** BLS Ba344% ; RPi1 branches here .Ba340a% ADD R3,R12,#&0860 ; base address of screen addresses ADD R2,R3,R10,LSL #2 MOV R9,R10 .Ba341% STR R6,[R2],#-4 SUB R6,R6,#4 CMP R6,R4 ; not 32bit ;MOVLT R6,R5 ; 32bit MOVEQ R6,R5 MOVLS R6,R5 SUBS R9,R9,#1 ; not 32bit ;BGE Ba341% ; 32bit BEQ Ba341% BHI Ba341% MOV R9,#&14 SUB R9,R9,R10 CMP R9,#0 BEQ Ba343% ADD R6,R7,R10,LSL #2 ADD R6,R6,#4 ADD R2,R3,R10,LSL #2 ADD R2,R2,#4 .Ba342% STR R6,[R2],#4 ADD R6,R6,#4 SUBS R9,R9,#1 BNE Ba342% .Ba343% ;R3 contains the address of the first instruction on the screen ADD R3,R12,#&0860 ; base address of screen addresses MOV PC,R14 ; return from R7 memory check .Ba344% ; This code is only called on the RPi1 ?? ; when the memory map appears to have been built incorrectly, ; so not sure what Theo was intending this code to be for. ; ; Given that this block of code contains a small block ; of code that cannot ever be run - I suspect that this ; whole sequence is redundant - it is not used on the RPi2/4 ?? SUB R6,R4,R6 CMP R6,#&50 ; not 32bit ;MOVGT R7,R5 ;SUBGT R7,R7,R10,LSL #2 ;BGT Ba337% ; 32bit MOVHI R7,R5 ; <-- this is where R7 is corrupted on RPi1 SUBHI R7,R7,R10,LSL #2 BHI Ba337% SUB R6,R5,R6 ADD R6,R6,#4 SUB R7,R6,R10,LSL #2 B Ba337% ; <-- as per original ; this code is never run - double checked no label with !ARMAlyser ; checks R7 is within a RISC OS memory block ADD R3,R12,#&0990 ; <-- this is never run ?? ;BIC R7,R7,#&80000000 ; don't want to clear top bit in R7 .Ba345% LDR R4,[R3],#4 CMP R4,#1 BEQ Ba346% CMP R7,R4 ; not 32bit ;BLT Ba346% ; 32bit BEQ Ba345a% BLS Ba346% .Ba345a% LDR R5,[R3],#4 CMP R7,R5 ; not 32bit ;BGE Ba345% ; 32bit BEQ Ba345% BHI Ba345% MOV PC,R14 .Ba346% CMP R4,#1 MOVEQ R4,#0 MOV R7,R4 MOV PC,R14 .Ba347% LDR R9,[R3,#0] CMP R9,#1 MOVEQ R4,#0 LDRNE R4,[R3,#0] MOV R9,#&14 ; puts R7 addresses in an array for outputting on the screen ; (not used) MOV R2,R7 SUB R5,R5,#4 ADD R1,R12,#&0860 ; base address of screen addresses .Ba348% STR R2,[R1],#4 SUB R9,R9,#1 ADD R2,R2,#4 CMP R2,R5 ; not 32bit ;BLE Ba348% ; 32bit BLS Ba348% ; LS = less than or equal for 32bit compare MOV R2,R4 .Ba349% STR R2,[R1],#4 SUBS R9,R9,#1 BEQ Ba343% ; RPi1 branches here to return to EnterOS etc ADD R2,R2,#4 B Ba349% .Da145% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Ba350% MOV R0,#3 STRB R0,Da145% ADR R1,Da145% MOV R0,#&0E SWI "OS_Word" LDR R2,Da145% ADD R3,R2,R3 .Ba351% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&FF MOVEQ PC,R14 MOV R0,#3 STRB R0,Da145% ADR R1,Da145% MOV R0,#&0E SWI "OS_Word" LDR R2,Da145% CMP R2,R3 BLT Ba351% MOV PC,R14 .Ba352% MOV R0,#3 STRB R0,Da145% ADR R1,Da145% MOV R0,#&0E SWI "OS_Word" LDR R2,Da145% ADD R4,R2,#&1F .Ba353% MOV R0,#3 STRB R0,Da145% ADR R1,Da145% MOV R0,#&0E SWI "OS_Word" SWI "OS_Mouse" CMP R2,#0 LDMEQFD R13!,{PC} LDR R2,Da145% CMP R2,R4 BLT Ba353% LDMFD R13!,{PC} .Da146% EQUD &4B534154 .Da147% EQUD &506B7242 EQUD &746E696F EQUD &00746553 .Da148% EQUD &00000000 .Ba354% SWI "OS_EnterOS" LDMFD R13!,{R1-R12,R14} STMFD R13!,{R14} ADR R1,Da147% MOV R0,#2 SWI "XOS_Module" LDMFD R13!,{PC} .Ba355% ;module start code MOV R0,#&C8 LDR R1,Da146% ADR R2,Da147% SWI "Wimp_Initialise" STR R1,Da148% MOV R0,#&FF MVN R1,#0 SWI "Wimp_SlotSize" .Ba356% MOV R0,#0 ADR R1,Da149% SWI "XWimp_Poll" CMP R0,#&11 CMPNE R0,#&12 BNE Ba356% LDR R0,[R1,#16] CMP R0,#&FF ADREQ R9,Da149% BEQ Ba357% CMP R0,#0 BNE Ba356% LDR R0,Da148% LDR R1,Da146% SWI "Wimp_CloseDown" SWI "OS_Exit" .Da149% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Da150% EQUD &00000000 EQUD &00000000 .Ba357% SWI "OS_ReadMemMapInfo" STR R0,Da150% MVN R0,#0 MVN R1,#0 SWI "Wimp_SlotSize" ADD R0,R0,#&2000 MVN R1,#0 SWI "Wimp_SlotSize" MOV R0,#0 MOV R1,#&8000 MOV R3,#&2000 SWI "OS_Heap" LDR R0,[R9,#20] MOV R7,R0 .Ba358% MOV R1,#&8000 MOV R3,R0 MOV R0,#2 SWI "XOS_Heap" BVC Ba359% MVN R0,#0 MVN R1,#0 SWI "Wimp_SlotSize" MOV R6,R0 ADD R5,R0,#&8000 LDR R4,Da150% ADD R0,R0,R4 MOV R3,R0 MVN R1,#0 SWI "Wimp_SlotSize" CMP R0,R3 BLT Ba360% SUB R3,R0,R6 MOV R1,#&8000 MOV R0,#5 SWI "OS_Heap" MOV R0,R7 B Ba358% .Ba359% LDR R0,[R9,#24] LDR R1,[R9,#28] LDR R2,Da148% MOV R3,#&8000 LDR R4,[R9,#20] LDR R7,[R9,#32] SWI "Wimp_TransferBlock" MOV R2,#1 ADD R13,R9,#&02EC B Ba237% .Ba360% ADR R0,Da151% MOV R1,#0 ADR R2,Da152% SWI "Wimp_ReportError" MOV R0,#&FF MVN R1,#0 SWI "Wimp_SlotSize" MVN R1,#0 SWI "Wimp_CreateMenu" B Ba356% .Da151% EQUD &00000901 EQUD &20746F4E EQUD &756F6E65 EQUD &6D206867 EQUD &726F6D65 EQUD &6F662079 EQUD &68742072 EQUD &6F207369 EQUD &61726570 EQUD &6E6F6974 EQUD &00000000 .Da152% EQUD &204D5241 EQUD &75626564 EQUD &72656767 EQUD &0000000D .Ba361% BL Ba407% MVN R1,#0 SWI "Wimp_CreateMenu" LDR R0,Da148% LDR R1,Da146% SWI "Wimp_CloseDown" SWI "OS_Exit" .Ba362% ADR R0,Da153% STR R0,[R12,#84]; base address of stack MOV PC,R14 ; block of memory reserved for the target ARM processor stacks ; 43 32bit words EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; ascending stack starts here and goes up .Da153% ; descending stack starts here and goes down ? EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Da154% EQUD &20202020 EQUD &6D205220 EQUD &20747375 EQUD &62206562 EQUD &65777465 EQUD &30206E65 EQUD &646E6120 EQUD &00353120 .Ba363% STMFD R13!,{R14} SWI "OS_RemoveCursors" SWI &00010C SWI "OS_NewLine" SWINE "OS_NewLine" ADR R0,Da154% SWI "OS_Write0" BL Ba627% SWI "OS_RestoreCursors" LDMFD R13!,{PC} .Ba364% STMFD R13!,{R14} BL Ba19% MOV R0,#4 MOV R1,#&32 MOV R2,#&01E0 ADD R2,R2,#&0E STMFD R13!,{R0-R2} BL Ba24% TST R6,#&80000000 ADRNE R2,Da155% ADREQ R2,Da161% SWI "OS_SpriteOp" BL Ba24% TST R6,#&40000000 ADRNE R2,Da156% ADREQ R2,Da162% SWI "OS_SpriteOp" BL Ba24% TST R6,#&20000000 ADRNE R2,Da157% ADREQ R2,Da163% SWI "OS_SpriteOp" BL Ba24% TST R6,#&10000000 ADRNE R2,Da158% ADREQ R2,Da164% SWI "OS_SpriteOp" BL Ba24% TST R6,#&08000000 ADRNE R2,Da159% ADREQ R2,Da165% SWI "OS_SpriteOp" BL Ba24% TST R6,#&04000000 ADRNE R2,Da160% ADREQ R2,Da166% SWI "OS_SpriteOp" LDMFD R13!,{R0-R2,PC} .Da155% EQUD &65735F6E EQUD &00000D74 .Da156% EQUD &65735F7A EQUD &00000D74 .Da157% EQUD &65735F63 EQUD &00000D74 .Da158% EQUD &65735F76 EQUD &00000D74 .Da159% EQUD &65735F69 EQUD &00000D74 .Da160% EQUD &65735F66 EQUD &00000D74 .Da161% EQUD &00000D6E .Da162% EQUD &00000D7A .Da163% EQUD &00000D63 .Da164% EQUD &00000D76 .Da165% EQUD &00000D69 .Da166% EQUD &00000D66 .Ba365% CMP R0,#&0150 CMPLE R1,#&03B8 BLE Ba366% B Ba388% .Ba366% CMP R0,#&D0 CMPGE R1,#&0280 BGE Ba367% BL Ba632% B Ba644% .Da167% EQUD &00000000 .Da168% EQUD &00000000 .Ba367% LDR R9,[R12,#1908] CMP R9,#&1F ADDNE R3,R12,#&0120 ADDEQ R3,R12,#&0860 ; base address of screen addresses SUB R6,R1,#&0280 MOVNE R6,R6,LSR #5 MOVEQ R6,R6,LSR #4 STR R6,Da167% MOVNE R9,#9 MOVEQ R9,#&13 SUB R9,R9,R6 LDR R9,[R3,R9,LSL #2] SWI "OS_EnterOS" LDR R9,[R9,#0] ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 STR R9,Da168% MOV R9,#0 CMP R2,#1 BEQ Ba375% STMFD R13!,{R7} LDR R7,[R12,#1908] CMP R7,#&1F MOVNE R3,#&20 MOVEQ R3,#&10 MUL R7,R6,R3 ADD R7,R7,#&0290 MOV R6,#&D0 MOV R4,R0 MOV R5,R1 MOV R10,R0 MOV R11,R1 SWI "OS_WriteS" EQUD &00010312 MOV R2,R10 MOV R3,R11 BL Ba371% .Ba368% SWI "OS_Mouse" SUB R0,R0,R4 SUB R1,R1,R5 ADD R0,R0,R6 ADD R1,R1,R7 STMFD R13!,{R2} BIC R0,R0,#1 BIC R1,R1,#3 CMP R0,R10 BNE Ba369% CMP R1,R11 BNE Ba369% CMP R9,#0 SUBNE R9,R9,#1 BNE Ba370% MOV R9,#&0190 MOV R2,R10 MOV R3,R11 BL Ba371% ADD R8,R8,#1 AND R8,R8,#7 BL Ba371% MOV R0,#&13 SWI "OS_Byte" B Ba370% .Ba369% MOV R2,R10 MOV R3,R11 BL Ba371% MOV R10,R0 MOV R11,R1 ADD R8,R8,#1 AND R8,R8,#7 MOV R2,R10 MOV R3,R11 BL Ba371% .Ba370% LDMFD R13!,{R2} TST R2,#4 BNE Ba368% MOV R2,R10 MOV R3,R11 BL Ba371% LDR R0,[R12,#1908] CMP R0,#&1F SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOVNE R0,#0 ; white ;MOVEQ R0,#7 ; black MOVNE R0,#%00111111 ; white MOVEQ R0,#%00000000 ; black SWI "OS_WriteC" LDMFD R13!,{R7} SWI "OS_Mouse" B Ba373% .Da169% EQUD &3F3F3F3F .Ba371% STMFD R13!,{R0-R2,R14} SWI "OS_WriteS" EQUD &00000617 LDR R0,Da169% MOV R0,R0,ROR R8 SWI "OS_WriteC" MOV R1,#8 .Ba372% SWI &000100 SUBS R1,R1,#1 BNE Ba372% MOV R0,#4 MOV R1,R2 MOV R2,R3 SWI "OS_Plot" MOV R0,#&15 ADD R1,R1,#&7E SWI "OS_Plot" LDR R0,[R12,#1908] CMP R0,#&1F MOV R0,#&15 ADDNE R2,R2,#&1C SUBEQ R2,R2,#&10 SWI "OS_Plot" SUB R1,R1,#&7E SWI "OS_Plot" SUBNE R2,R2,#&1C ADDEQ R2,R2,#&10 SWI "OS_Plot" LDMFD R13!,{R0-R2,PC} .Ba373% MOV R4,#&FF STR R4,[R12,#512] CMP R0,#&B0 CMPLE R1,#&03B8 BGT Ba250% CMP R0,#&30 CMPGE R1,#&0280 BLT Ba250% LDR R2,[R12,#1908] CMP R2,#&1F LDR R2,[R12,#208] SUB R6,R1,#&0280 MOVNE R6,R6,LSR #5 MOVEQ R6,R6,LSR #4 MOVEQ R1,#&13 MOVNE R1,#9 SUB R1,R1,R6 CMP R1,R2 BNE Ba644% LDR R7,Da168% BIC R7,R7,#3 B Ba12% .Ba374% B Ba644% .Ba375% BL Ba618% SWI &00010B ADR R0,Da170% SWI "OS_Write0" LDR R0,Da168% ADR R1,Da172% MOV R2,#&1E SWI "OS_ConvertHex8" ADR R0,Da172% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_RestoreCursors" ADR R0,Da171% SWI "OS_Write0" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADR R0,Da172% MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% SWI "OS_NewLine" CMP R1,#0 BEQ Ba48% MOV R0,#&7C SWI "OS_Byte" MOV R0,#&10 ADR R1,Da172% MOV R2,#&1E SWI "XOS_ReadUnsigned" MOVVS R1,#2 BVS Ba630% LDR R9,[R12,#1908] CMP R9,#&1F ADDNE R3,R12,#&0120 ADDEQ R3,R12,#&0860 ; base address of screen addresses LDR R6,Da167% MOVEQ R9,#&13 MOVNE R9,#9 SUB R9,R9,R6 SWI "OS_EnterOS" LDR R9,[R3,R9,LSL #2] STR R2,[R9,#0] ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 B Ba48% .Da170% EQUD &20202020 EQUD &20202020 EQUD &20646C4F EQUD &61746164 EQUD &0026203A .Da171% EQUD &6E452020 EQUD &20726574 EQUD &2077656E EQUD &61746164 EQUD &0026203A .Da172% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Ba376% LDR R0,Da168% CMP R4,#&0F BEQ Ba192% STR R0,[R12,R4,LSL #2] ADD R6,R12,#&88 ; base address for sandbox registers STR R0,[R6,R4,LSL #2] BL Ba477% BL Ba78% B Ba644% .Da173% EQUD &00000000 .Ba377% ; find button pressed comes herre ; +640C STMFD R13!,{R0-R12,R14} MOV R4,R0 MOV R5,R1 MOV R6,#0 MOV R0,#&C8 ; read/write break and escape effect MOV R1,#0 MOV R2,#0 SWI "OS_Byte" BL Ba632% .Ba378% STR R6,Da173% SWI "OS_Mouse" CMP R2,#0 LDMNEFD R13!,{R0-R12,R14} MOVNE R1,#0 LDRNE R2,Da173% MOVNE PC,R14 MOV R0,#&79 ; keyboard scan MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 ; escape key pressed MOVEQ R2,#&1B MOVEQ R0,#&7C ; clear escape condition SWIEQ "OS_Byte" BEQ Ba379% MOV R0,#&91 ; get character from buffer MOV R1,#0 SWI "OS_Byte" BCS Ba378% .Ba379% CMP R5,R6 CMPNE R2,#&1B CMPNE R2,#&0D CMPNE R2,#&7F CMPNE R1,#&1B BNE Ba380% CMP R5,R6 BLEQ Ba381% CMP R2,#&1B CMPNE R1,#&1B BEQ Ba382% CMP R2,#&7F BEQ Ba383% MOV R2,#&0D STRB R2,[R4,#0] LDMFD R13!,{R0-R12} LDMFD R13!,{PC} .Ba380% CMP R2,#&99 BLEQ Ba565% BEQ Ba378% CMP R2,#&DA BLEQ Ba566% BEQ Ba378% CMP R2,#&DB BLEQ Ba567% BEQ Ba378% CMP R2,#&1F BLT Ba378% ADD R6,R6,#1 STRB R2,[R4],#1 MOV R0,R2 SWI "OS_WriteC" B Ba378% .Ba381% CMP R2,#&7F CMPNE R2,#&1B CMPNE R1,#&1B CMPNE R2,#&0D SWINE &000107 BNE Ba378% CMP R2,#&1B CMPNE R1,#&1B CMPNE R2,#&0D MOVEQ R0,#&7C SWIEQ "OS_Byte" MOVEQ PC,R14 SUB R4,R4,#1 SUB R6,R6,#1 MOV R0,#&7F SWI "OS_WriteC" B Ba378% .Ba382% MOV R4,#0 ; v143 commented out rgpb_a again to see what crashes ;ADR R0,rgpb_1 ; added to stop the write to zero page STR R4,[R0,#0] ; write to zero page R0 = &7C MOV R0,#&7C ; keyboard scan SWI "OS_Byte" LDMFD R13!,{R0-R12} MOV R1,#0 LDR R2,Da173% LDMFD R13!,{PC} .Ba383% CMP R6,#0 BEQ Ba378% SUB R4,R4,#1 SUB R6,R6,#1 MOV R0,#&7F SWI "OS_WriteC" B Ba378% .Ba384% ; read escape key state MOV R0,#&C8 MOV R1,#0 MOV R2,#0 SWI "OS_Byte" MOV R0,#&81 MOV R1,#0 MOV R2,#0 SWI "OS_Byte" CMP R2,#0 CMPNE R2,#&1B MOVNE PC,R14 MOV R0,#&7C SWI "OS_Byte" MOV PC,R14 .rgpb_1 EQUD &00000000 .Ba385% SWI "OS_EnterOS" MOV R0,R13 SUB R13,R13,#&0200 ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 MOV R1,#1 MOV PC,R14 EQUD &EF000011 ; SWI OS_Exit .Ba386% ; run m-step option 1 LDR R0,[R12,#60] ; PC ; getting rid of the status and control bits no longer required ;MOV R0,R0,LSR #2 ;MOV R0,R0,LSL #8 ;MOV R0,R0,LSR #6 SUB R0,R0,#8 MOV R7,R0 MOV PC,R14 .Ba387% ; getting rid of the status and control bits no longer required LDR R0,[R12,#60] ; PC ;MOV R0,R0,LSR #2 ;MOV R0,R0,LSL #8 ;MOV R0,R0,LSR #6 SUB R0,R0,#8 MOV R7,R0 LDMFD R13!,{PC} .Ba388% CMP R0,#&0490 CMPLE R1,#&03B8 BLE Ba389% BL Ba632% B Ba644% .Ba389% CMP R0,#&0174 CMPGE R1,#&0280 BGE Ba390% BL Ba632% B Ba644% .Ba390% LDR R9,[R12,#1908] CMP R9,#&1F ADDNE R3,R12,#&0120 ADDEQ R3,R12,#&0860 ; base address of screen addresses SUB R6,R1,#&0280 MOVEQ R6,R6,LSR #4 MOVNE R6,R6,LSR #5 STR R6,Da175% MOVNE R9,#9 MOVEQ R9,#&13 SUB R9,R9,R6 LDR R9,[R3,R9,LSL #2] LDR R0,[R9,#0] STR R0,Da176% AND R1,R0,#&0E000000 CMP R1,#&0A000000 BEQ Ba391% AND R1,R0,#&000F0000 CMP R1,#&000F0000 BNE Ba397% AND R1,R0,#&0FF00000 CMP R1,#&05100000 BEQ Ba393% CMPNE R1,#&05900000 BEQ Ba394% CMP R1,#&05000000 BEQ Ba393% CMP R1,#&05800000 BEQ Ba394% CMP R1,#&02400000 BEQ Ba395% CMP R1,#&02800000 BEQ Ba396% BL Ba632% B Ba644% .Da174% EQUD &00FF0000 .Ba391% LDR R1,Da174% AND R2,R0,R1 CMP R2,R1 MOV R0,R0,LSL #8 MOVNE R0,R0,LSR #6 ADDNE R0,R0,#8 BLEQ Ba392% SUBEQ R7,R7,R0 ADDNE R7,R7,R0 LDR R0,Da177% AND R7,R7,R0 LDR R2,[R12,#1908] CMP R2,#&1F LDR R2,[R12,#208] MOVNE R3,#9 MOVEQ R3,#&13 SUB R6,R3,R6 SUB R1,R6,R2 ADD R7,R7,R1,LSL #2 B Ba12% .Ba392% MOV R0,R0,LSR #8 MVN R1,#0 MOV R1,R1,LSR #8 SUB R0,R1,R0 MOV R0,R0,LSL #2 SUB R0,R0,#4 MOV PC,R14 .Da175% EQUD &00000000 .Da176% EQUD &00000000 .Da177% ;EQUD &03FFFFFC EQUD &FFFFFFFF .Ba393% LDR R2,Da178% AND R1,R0,R2 SUB R7,R9,R1 ADD R7,R7,#8 B Ba12% .Ba394% LDR R2,Da178% AND R1,R0,R2 ADD R7,R9,R1 ADD R7,R7,#8 B Ba12% .Ba395% ; R0 is current instruction (e.g. SWI EF000016) AND R1,R0,#&0F00 MOV R1,R1,ROR #7 AND R2,R0,#&FF SUB R7,R9,R2,ROR R1 ; ADD R7,R7,#8 B Ba12% .Ba396% AND R1,R0,#&0F00 MOV R1,R1,ROR #7 AND R2,R0,#&FF ADD R7,R9,R2,ROR R1 ADD R7,R7,#8 B Ba12% .Ba397% BL Ba632% B Ba644% .Da178% EQUD &00000FFF .Ba398% BL Ba82% BNE Ba12% SWI &000107 BL Ba618% MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADR R0,Da179% SWI "OS_Write0" BL Ba293% BL Ba632% .Ba399% SWI "OS_Mouse" CMP R2,#0 BNE Ba230% BL Ba384% BNE Ba399% B Ba230% .Da179% ;undefined instruction EQUD &20202020 EQUD &646E5520 EQUD &6E696665 EQUD &49206465 EQUD &7274736E EQUD &69746375 EQUD &00006E6F ; these instructions were 'recovered' from EQUD statements ; new labels worked out 'by hand' .Ba399a% LDR R1,[R12,#120] CMP R1,#0 ;BEQ &00001130 BEQ Ba62a% MOV R3,R0 BIC R3,R3,#&00020000 BIC R3,R3,#&FF000000 CMP R3,#0 CMPNE R3,#2 ;BEQ &00002B58 BEQ Ba195a% LDR R1,[R12,#388] AND R2,R3,R1 CMP R2,#0 ;BNE &00001130 BNE Ba62a% TST R3,#&0100 ;BNE &00002B58 BNE Ba195a% ;B &00001130 B Ba62a% ;EQUD &E59C1078 ;EQUD &E3510000 ;EQUD &0AFFEA72 ;EQUD &E1A03000 ;EQUD &E3C33802 ;EQUD &E3C334FF ;EQUD &E3530000 ;EQUD &13530002 ;EQUD &0AFFF0F6 ;EQUD &E59C1184 ;EQUD &E0032001 ;EQUD &E3520000 ;EQUD &1AFFEA68 ;EQUD &E3130C01 ;EQUD &1AFFF0F0 ;EQUD &EAFFEA65 .Ba400% STMFD R13!,{R14} BL Ba632% .Ba401% SWI "OS_Mouse" CMP R2,#0 LDMNEFD R13!,{PC} MOV R0,#&81 MOV R1,#0 MOV R2,#0 SWI "OS_Byte" CMP R2,#&FF BEQ Ba401% LDMFD R13!,{PC} .Da180% SWI "OS_EnterOS" ; &EF000016 .Ba402% ; SWI OS_EnterOS (and others) are processed here LDR R1,Da180% CMP R0,R1 BNE Ba64% ; not EnterOS SWI so go elsewhere ; only SWI OS_EnterOS from here onwards LDR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R0,#1 BEQ Ba403% MOV R0,#1 STR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC LDR R0,[R12,#912] CMP R0,#0 MOV R1,#0 BLEQ Ba385% ; reduces R13_SVC stack ptr by 0x200 ; returns R1=1 MOV R2,#1 STR R2,[R12,#912] LDR R4,[R12,#52] ; break R13 STR R4,[R12,#916]; R13_usr LDR R4,[R12,#56] ; break R14 STR R4,[R12,#920]; R14_usr ;LDR R2,[R12,#60] LDR R2,[R12,#64] ; break PSR ORR R2,R2,#3 ; SVC mode ;STR R2,[R12,#60] STR R2,[R12,#64] ; break PSR LDR R2,[R12,#60] ; 32bit SUB R2,R2,#4 ; break PC CMP R1,#0 LDREQ R0,[R12,#924]; R13_SVC ADDNE R0,R0,#&18 ; BLNE Ba279% ; reduces R0 by &18 when #484 = 1 ADD R3,R12,#&88 ; base address for sandbox registers STR R0,[R3,#52] ; update sandbox R13 STR R2,[R3,#56] ; update sandbox R14 .Ba403% BL Ba73% ; plots registers on screen B Ba12% ; update screen .Ba404% ; entry point for something that only uses R0-R5 STR R13,[R12,#924] ; R13_svc STR R14,[R12,#928] ; R14_svc STR R0,Da181% ADR R0,Da181% STMIB R0,{R1-R5} ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 STR R13,[R12,#916] ; R13_usr STR R14,[R12,#920] ; R14_usr LDR R13,[R12,#84] ; base address of stack BL Ba385% ; reduces R13_SVC stack ptr by 0x200 MOV R0,#1 STR R0,[R12,#912] STR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC ADR R0,Da181% LDMIA R0,{R0-R5} B Ba579% .Da181% EQUD &00000000 ; R0 EQUD &00000000 ; R1 EQUD &00000000 ; R2 EQUD &00000000 ; R3 EQUD &00000000 ; R4 EQUD &00000000 ; R5 .Ba405% STR R13,[R12,#924] ; R13_svc MOV R14,#0 STR R14,[R12,#928] ; R14_svc STR R0,Da181% ADR R0,Da181% STMIB R0,{R1-R5} ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 STR R13,[R12,#916] ; R13_usr STR R14,[R12,#920] ; R14_usr LDR R13,[R12,#924] ; R13_svc MOV R14,#0 BL Ba385% MOV R0,#1 STR R0,[R12,#912] STR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC ADR R0,Da181% LDMIA R0,{R0-R5} MOV R14,#0 B Ba309% .Ba406% ; saves out R13_svc and R14_svc STR R13,[R12,#924] ; R13_svc STR R14,[R12,#928] ; R14_svc STR R0,Da181% ADR R0,Da181% STMIB R0,{R1-R5} ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 STR R13,[R12,#916] ; R13_usr STR R14,[R12,#920] ; R14_usr LDR R13,[R12,#84] ; base address of stack BL Ba385% ; reduces stack pointer R13_SVC by &200 MOV R0,#1 STR R0,[R12,#912] STR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC ADR R0,Da181% LDMIA R0,{R0-R5} CMP R0,#1 ; ?? set to 1 in Dissi test BEQ Ba7% B Ba23% .Ba407% ; changes sandbox mode from SVC to USR LDR R0,[R12,#912] CMP R0,#1 MOVNE PC,R14 MOV R5,R14 MOV R0,#0 STR R0,[R12,#912] LDR R1,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R1,#1 STR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC BNE Ba408% LDR R13,[R12,#916] ; R13_usr LDR R14,[R12,#920] ; R14_usr SWI "OS_EnterOS" MOV PC,R5 ; R5 = R14 above .Ba408% SWI "OS_EnterOS" LDR R13,[R12,#924] ; R13_svc LDR R14,[R12,#928] ; R14_svc ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 MOV PC,R5 .Ba409% ; changes mode from SVC to USR LDR R0,[R12,#912] CMP R0,#0 MOVEQ PC,R14 LDR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R0,#1 LDREQ R3,[R12,#52] ; break R13 LDREQ R1,[R12,#916] ; R13_usr LDREQ R2,[R12,#920] ; R13_usr STREQ R1,[R12,#52] ; break R13 STREQ R2,[R12,#56] ; break R14 LDRNE R3,[R12,#924] ; R13_svc SWI "OS_EnterOS" MOV R13,R3 ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 MOV R0,#0 STR R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC STR R0,[R12,#912] MOV PC,R14 .Ba410% ; return if we're not changing mode to USR mode ; R0 is the current instruction ; AND R1,R0,#3 ; 32bit MSR - process the rotate on the MSR instruction ; not sure why anybody would do a rotate on MSR CPSR_c,#&10 ?? AND R2,R0,#&00000F00 ; get rotate bits b8-b11 MOV R2,R2,LSR #8 ; create integer for rotate AND R1,R0,#&000000FF ; 8-bit immediate value MOV R1,R1,LSR R2 ; perform rotate right of immediate AND R1,R1,#3 ; 32bit CMP R1,#0 ; check for USR mode MOVNE PC,R14 ; returns if not a USR mode change B Ba412% .Ba411% ; checks control flags in register for MSR CPSR_c,Rx AND R1,R0,#&0F LDR R2,[R12,R1,LSL #2] AND R2,R2,#3 CMP R2,#0 MOVNE PC,R14 .Ba412% ; called via Ba410 ; reloads R13_usr and R14_usr for the sandbox instruction ; nb these registers values are in the target module mem map ! LDR R2,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R2,#0 MOVEQ PC,R14 ; return if mode = USR MOV R2,#0 STR R2,[R12,#396] ; sandbox running in 0=USR, 1=SVC LDR R1,[R12,#52] ; break R13 STR R1,[R12,#924] ; R13_svc LDR R1,[R12,#916] ; R13_usr STR R1,[R12,#188] ; sandbox R13 LDR R1,[R12,#920] ; R14_usr STR R1,[R12,#192] ; sandbox R14 MOV PC,R14 .Ba413% ; this code is commented out already - before Ba315 changes. ; sets R7 to 0 if not within defined mem map ; memory checks were causing bug7 - where R7 goes to &00000000 STMFD R13!,{R14} LDMFD R13!,{PC} ; temp return in v87 HI/LS code not working ;BIC R7,R7,#&FC000003 ADD R0,R12,#&0990 ; address of RO5 memory map ; *** first address is zero so not sure why we add 4 at start ? ADD R0,R0,#4 ; need to check this instruction .Ba414% ; R7 range bounds are checked here against available memory ; this logic used LT or GT (signed) on 32bit numbers ; changed to HI and LS - i.e. unsigned LDR R1,[R0],#4 ; read memory lower limit CMP R7,R1 ;LDMLTFD R13!,{PC} ; returns if R7 < R1 - fails on FCxxxxxxx ! ; 32bit HI/LS ; if the same, then we need to skip the LS check below BEQ Ba414a% LDMLSFD R13!,{PC} ; uses LS - lower than OR THE SAME .Ba414a% LDR R1,[R0],#4 ; read memory higher limit CMP R7,R1 ;BGT Ba414% ; 32bit HI/LS BHI Ba414% ; 32bit GT replaced with HI - higher (unsigned LDR R4,[R0,#0] CMP R4,#1 MOVEQ R7,#0 MOVNE R7,R1 ; 32bit ;LDR R4,[R12,#60] ; v84 commented out ;AND R4,R4,#&FC000003 ; flags only no address ;ORR R4,R7,R4 ; ;ADD R4,R4,#4 ADD R4,R7,#4 ; 32bit - feed R7 back into PC STR R4,[R12,#60] ; PC BL Ba231% ; disbles m-step LDMFD R13!,{PC} .Ba415% ;flags and tools buttons after mouse press CMP R0,#&34 ; R0 = X coordinate BGE Ba416% ; tools buttons B Ba644% ; flags buttons .Ba416% ; tools buttons after a mouse select here CMP R0,#&58 MOVLE R0,#&80000000 BLLE Ba364% ; flag button 'N' BLLE Ba632% CMP R0,#&74 BGE Ba417% B Ba644% ; checks key presses .Ba417% CMP R0,#&98 MOVLE R0,#&40000000 BLLE Ba364% BLLE Ba632% CMP R0,#&B4 ; flag button 'C' BGE Ba256% ; toggles 'C' flag B Ba644% ; checks key presses .Ba418% LDR R0,[R12,#1908] CMP R0,#&1F BEQ Ba419% MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&37 SWI "OS_WriteC" MOV R0,#&0B SWI "OS_WriteC" MOV R0,#&4C SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white background MOV R0,#%10000000 ; white background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&36 SWI "OS_WriteC" MOV R0,#&0A SWI "OS_WriteC" MOV R0,#&4B SWI "OS_WriteC" MOV R0,#2 SWI "OS_WriteC" SWI &000111 MOV R0,#&FF SWI "OS_WriteC" SWI &00010C SWI &000111 MOV R0,#&20 ; don't know ? SWI "OS_WriteC" MOV PC,R14 .Ba419% MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&37 SWI "OS_WriteC" MOV R0,#&22 SWI "OS_WriteC" MOV R0,#&4C SWI "OS_WriteC" MOV R0,#&14 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&87 ; black background MOV R0,#%10000000 ; black background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&36 SWI "OS_WriteC" MOV R0,#&21 SWI "OS_WriteC" MOV R0,#&4B SWI "OS_WriteC" MOV R0,#&13 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white background MOV R0,#%10111111 ; white background SWI "OS_WriteC" SWI &00010C SWI &000111 ;MOV R0,#8 ; blue MOV R0,#%00110000 ; blue SWI "OS_WriteC" MOV PC,R14 .Ba420% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 MOVEQ R0,#&7C SWIEQ "OS_Byte" MOVEQ R2,#0 MOVEQ PC,R14 MOV R0,#&91 MOV R1,#0 SWI "OS_Byte" MOV PC,R14 .Da182% ; record_data EQUD &6F636572 EQUD &645F6472 EQUD &0D617461 .Ba421% MOV R0,#0 STR R0,[R12,#932] BL Ba418% MOV R0,#4 MOV R1,#&0384 MOV R2,#&0330 SWI "OS_Plot" SWI "Wimp_BaseOfSprites" MOV R0,#&011C ADR R2,Da182% MOV R5,#0 SWI "OS_SpriteOp" ADR R0,Da183% SWI "OS_Write0" ; write <---Record To File---> SWI &00011F ; position text cursor MOV R0,#3 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" ADR R0,Da184% LDR R1,[R12,#968] ; pointer to pointer to filename ADD R1,R1,R12 MOV R2,#&48 SWI "XOS_GSTrans" BCS Ba448% ADD R0,R1,R2 LDR R3,[R12,#972] ADD R3,R3,R12 MOV R4,#&11 STR R2,[R12,#936] SUBS R5,R2,#&11 MOVMI R5,#0 STR R5,[R12,#940] MOV R5,#0 STR R5,[R12,#944] CMP R2,#&11 SUBGE R0,R0,#&11 SUBLT R0,R0,R2 STRB R5,[R3,#17] .Ba422% LDRB R5,[R0,R4] STRB R5,[R3,R4] SUBS R4,R4,#1 BPL Ba422% MOV R0,R3 SWI "OS_Write0" BL Ba455% .Ba423% ; main 'Record' button pressed MOV R0,#&79 ; keyboard scan MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 ; key pressed 112dec escape BEQ Ba12% BL Ba293% SWI "OS_Mouse" CMP R2,#0 BNE Ba424% ; 'Options' button pressed LDR R0,[R12,#944] CMP R0,#0 BNE Ba425% BL Ba420% AND R2,R2,#&5F CMP R2,#&4F BEQ Ba460% CMP R2,#&43 BEQ Ba458% B Ba423% .Ba424% ; 'Options' button on record option comes here LDR R4,[R12,#964] ADD R4,R4,R12 LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 BLT Ba456% ; LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4,#0] CMPLE R1,R6 BGT Ba456% ; BL Ba431% BL Ba435% BL Ba429% BL Ba452% BL Ba632% .Ba425% LDR R0,[R12,#944] CMP R0,#0 BEQ Ba423% BL Ba420% BCS Ba423% CMP R2,#0 BEQ Ba12% CMP R2,#&0D BEQ Ba460% CMP R2,#&7A BGT Ba426% CMP R2,#&21 BGE Ba441% .Ba426% CMP R2,#&7F BEQ Ba444% LDR R1,[R12,#944] CMP R2,#&8C SUBEQ R1,R1,#&10 BLEQ Ba436% CMP R2,#&8D ADDEQ R1,R1,#&10 BLEQ Ba436% CMP R2,#&9D CMPNE R2,#&9C BEQ Ba439% CMP R2,#&15 BEQ Ba450% MOV R3,#&1F .Ba427% BL Ba350% .Ba428% MOV R0,#&79 ; keyboard scan MOV R1,#0 SWI "OS_Byte" CMP R1,#&FF BEQ Ba423% MOV R0,#&91 ; get char from buffer MOV R1,#0 SWI "OS_Byte" BCS Ba428% LDR R1,[R12,#944] CMP R2,#&8C SUBEQ R1,R1,#&10 BLEQ Ba436% CMP R2,#&8D ADDEQ R1,R1,#&10 BLEQ Ba436% MOV R3,#5 B Ba427% .Ba429% LDR R0,[R12,#936] CMP R0,#&11 BGE Ba430% MOV R2,#&038C ADD R2,R2,R0,LSL #4 CMP R1,R2 MOVGE R1,R2 STRGE R1,[R12,#944] .Ba430% MOV R0,#4 MOV R2,#&033C SWI "OS_Plot" MOV R0,#&011C LDR R1,[R12,#112] ADR R2,Da185% MOV R5,#3 SWI "OS_SpriteOp" MOV PC,R14 .Ba431% STMFD R13!,{R0-R5,R14} LDR R1,[R12,#944] CMP R1,#0 LDMEQFD R13!,{R0-R5,PC} CMP R2,#&0D MOVEQ R2,#0 STREQ R2,[R12,#944] BLEQ Ba454% ; calls Ba480 for record buttons MOV R0,#4 MOV R2,#&033C SWI "OS_Plot" SWI "Wimp_BaseOfSprites" MOV R0,#&011C ADR R2,Da185% MOV R5,#3 SWI "OS_SpriteOp" LDMFD R13!,{R0-R5,PC} .Da183% ; Record text ---Record To File--- EQUD &2D2D2D20 EQUD &6F636552 EQUD &54206472 EQUD &6946206F EQUD &2D2D656C EQUD &200A0D2D EQUD &6E655320 EQUD &64612064 EQUD &73657264 EQUD &20736573 EQUD &003A6F74 .Da184% EQUD &6172543C EQUD &41246563 EQUD &65726464 EQUD &003E7373 EQUD &6F636572 EQUD &645F6472 EQUD &0D617461 .Da185% EQUD &65726163 EQUD &00000D74 .Ba432% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 MOV R0,#&1C ; define text window SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#8 MOVEQ R0,#&1B SWI "OS_WriteC" MOV R0,#&31 SWI "OS_WriteC" MOV R0,#3 MOVEQ R0,#&16 SWI "OS_WriteC" MOV PC,R14 .Ba433% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 BEQ Ba434% MOV R0,#&1C ; define text window SWI "OS_WriteC" MOV R0,#&36 SWI "OS_WriteC" MOV R0,#7 SWI "OS_WriteC" MOV R0,#&4B SWI "OS_WriteC" MOV R0,#2 SWI "OS_WriteC" MOV PC,R14 .Ba434% MOV R0,#&1C ; define text window SWI "OS_WriteC" MOV R0,#&36 SWI "OS_WriteC" MOV R0,#&21 SWI "OS_WriteC" MOV R0,#&4B SWI "OS_WriteC" MOV R0,#&13 SWI "OS_WriteC" MOV PC,R14 .Ba435% MOV R1,R0,LSR #4 MOV R1,R1,LSL #4 SUB R1,R1,#4 LDR R0,[R12,#1164] CMP R1,R0 MOVGT R1,R0 CMP R1,#&038C MOVLT R1,#&038C STR R1,[R12,#944] MOV PC,R14 .Ba436% STMFD R13!,{R14} CMP R1,#&038C BLT Ba437% LDR R3,[R12,#1164] CMP R1,R3 BGT Ba437% BL Ba431% STR R1,[R12,#944] BL Ba429% LDMFD R13!,{PC} .Ba437% LDR R3,[R12,#940] SUBLT R3,R3,#1 ADDGT R3,R3,#1 LDR R4,[R12,#936] CMP R4,#&11 BLE Ba423% CMP R3,#0 BLT Ba423% ADD R5,R3,#&11 CMP R5,R4 BGT Ba423% STR R3,[R12,#940] MOV R4,#&10 LDR R5,[R12,#968] ADD R5,R5,R12 LDR R6,[R12,#972] ADD R6,R6,R12 ADD R5,R5,R3 .Ba438% LDRB R9,[R5,R4] STRB R9,[R6,R4] SUBS R4,R4,#1 BPL Ba438% BL Ba431% BL Ba433% SWI &00011F ; position text cursor MOV R0,#3 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R0,R6 BL Ba447% LDR R1,[R12,#944] BL Ba429% B Ba423% .Ba439% LDR R0,[R12,#936] CMP R0,#0 BEQ Ba423% CMP R0,#&11 MOVLT R0,#&11 CMP R2,#&9D SUBEQ R0,R0,#&11 MOVNE R0,#0 STR R0,[R12,#940] MOV R4,#&10 LDR R5,[R12,#968] ADD R5,R5,R12 LDR R6,[R12,#972] ADD R6,R6,R12 ADD R5,R5,R0 .Ba440% LDRB R9,[R5,R4] STRB R9,[R6,R4] SUBS R4,R4,#1 BPL Ba440% BL Ba431% BL Ba433% SWI &00011F ; position text cursor MOV R0,#3 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R0,R6 BL Ba447% CMP R2,#&9D LDREQ R1,[R12,#1164] MOVNE R1,#&038C STR R1,[R12,#944] BL Ba429% B Ba423% .Ba441% LDR R0,[R12,#936] ADD R0,R0,#1 CMP R0,#&48 SWIGT &000107 LDMGTFD R13!,{PC} STMFD R13!,{R2} LDR R0,[R12,#940] LDR R3,[R12,#944] SUB R3,R3,#&038C MOV R3,R3,LSR #4 ADD R0,R0,R3 LDR R3,[R12,#936] SUB R0,R3,R0 LDR R1,[R12,#968] ADD R1,R1,R12 ADD R1,R1,R3 ADD R2,R1,#1 LDR R3,[R12,#940] .Ba442% LDRB R4,[R1],#-1 STRB R4,[R2],#-1 SUBS R0,R0,#1 BPL Ba442% LDMFD R13!,{R3} STRB R3,[R2,#0] LDR R0,[R12,#936] ADD R0,R0,#1 STR R0,[R12,#936] LDR R3,[R12,#940] MOV R4,#&10 LDR R5,[R12,#968] ADD R5,R5,R12 LDR R6,[R12,#972] ADD R6,R6,R12 ADD R5,R5,R3 .Ba443% LDRB R9,[R5,R4] STRB R9,[R6,R4] SUBS R4,R4,#1 BPL Ba443% LDR R1,[R12,#944] ADD R1,R1,#&10 LDR R3,[R12,#1164] CMP R1,R3 BGT Ba437% BL Ba431% STR R1,[R12,#944] BL Ba433% SWI &00011F ; position text cursor MOV R0,#3 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R0,R6 BL Ba447% LDR R1,[R12,#944] BL Ba429% B Ba423% .Ba444% LDR R0,[R12,#940] LDR R3,[R12,#944] SUB R3,R3,#&038C MOV R3,R3,LSR #4 ADDS R0,R0,R3 BLE Ba423% LDR R3,[R12,#936] SUB R5,R3,R0 LDR R1,[R12,#968] ADD R1,R1,R12 ADD R1,R1,R0 SUB R2,R1,#1 .Ba445% LDRB R4,[R1],#1 STRB R4,[R2],#1 SUBS R5,R5,#1 BPL Ba445% BL Ba431% LDR R4,[R12,#940] CMP R4,#0 LDREQ R1,[R12,#944] SUBEQ R1,R1,#&10 STREQ R1,[R12,#944] SUBS R4,R4,#1 STRGE R4,[R12,#940] LDR R5,[R12,#968] ADD R5,R5,R12 ADDGE R5,R5,R4 LDR R6,[R12,#972] ADD R6,R6,R12 MOV R4,#&10 .Ba446% LDRB R9,[R5,R4] STRB R9,[R6,R4] SUBS R4,R4,#1 BPL Ba446% LDR R3,[R12,#936] SUB R3,R3,#1 STR R3,[R12,#936] LDR R1,[R12,#944] BL Ba433% SWI &00011F ; position text cursor MOV R0,#3 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R0,R6 BL Ba447% LDR R1,[R12,#944] BL Ba429% B Ba423% .Ba447% ;MOV R0,#%10000100 ; light grey background STMFD R13!,{R0-R5,R14} STMFD R13!,{R0} SWI &000111 ; set text colour ;MOV R0,#8 ; blue MOV R0,#%00110000 ; blue SWI "OS_WriteC" LDR R1,[R12,#936] CMP R1,#&11 LDMFD R13!,{R0} SWIGE "OS_Write0" LDMGEFD R13!,{R0-R5,PC} LDR R3,[R12,#972] ADD R3,R3,R12 ADD R3,R3,R1 MOV R2,#0 STRB R2,[R3,#0] MOV R6,R0 ADR R0,Da186% SWI "OS_Write0" SWI &00011F ; position text cursor MOV R0,#3 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R0,R6 SWI "OS_Write0" LDMFD R13!,{R0-R5,PC} .Da186% EQUD &20202020 EQUD &20202020 EQUD &20202020 EQUD &20202020 EQUD &00000020 .Ba448% BL Ba618% SWI &000107 ADR R0,Da187% SWI "OS_Write0" BL Ba632% .Ba449% SWI "OS_Mouse" CMP R2,#0 BNE Ba12% BL Ba384% BNE Ba449% B Ba12% .Da187% ;various messages EQUD &20202020 EQUD &20202020 EQUD &2D2D2020 EQUD &5252452D EQUD &2D2D524F EQUD &540D0A2D EQUD &70206568 EQUD &20687461 EQUD &676E656C EQUD &66206874 EQUD &206D6F72 EQUD &20656874 EQUD &7074756F EQUD &69667475 EQUD &0D0A656C EQUD &20202020 EQUD &6C207369 EQUD &65676E6F EQUD &68742072 EQUD &37206E65 EQUD &68632032 EQUD &63617261 EQUD &73726574 EQUD &20200D0A EQUD &6C502020 EQUD &65736165 EQUD &61686320 EQUD &2065676E EQUD &6172543C EQUD &41246563 EQUD &65726464 EQUD &0A3E7373 EQUD &2020200D EQUD &72502020 EQUD &20737365 EQUD &63617073 EQUD &726F2065 EQUD &696C6320 EQUD &6D206B63 EQUD &6573756F EQUD &00000000 .Ba450% LDR R0,[R12,#968] ADD R0,R0,R12 LDR R1,[R12,#936] MOV R2,#0 .Ba451% STRB R2,[R0,R1] SUBS R1,R1,#1 BPL Ba451% BL Ba431% MOV R0,#0 STR R0,[R12,#936] STR R0,[R12,#940] BL Ba433% SWI &00011F ; position text cursor MOV R0,#3 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" LDR R0,[R12,#972] ADD R0,R0,R12 BL Ba447% MOV R1,#&038C BL Ba429% LDR R0,[R12,#968] ADD R0,R0,R12 B Ba423% .Ba452% STMFD R13!,{R14} BL Ba433% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 SWI &000111 MOVNE R0,#&17 ; mode 15 is a 256 colour mode ! ;MOVEQ R0,#&0B ; red MOVEQ R0,#%00000011 ; red SWI "OS_WriteC" SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" ADR R0,Da188% SWI "OS_Write0" SWI &000111 MOVNE R0,#&20 ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" LDMFD R13!,{PC} .Ba453% SWI &00011F ; position text cursor MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" ADR R0,Da188% SWI "OS_Write0" MOV PC,R14 .Da188% ;--- Record To File --- EQUD &2D2D2D20 EQUD &6F636552 EQUD &54206472 EQUD &6946206F EQUD &2D2D656C EQUD &0000002D .Ba454% STMFD R13!,{R0-R8,R14} BL Ba433% BL Ba453% BL Ba480% ; specially formatted output 'record' files LDMFD R13!,{R0-R8,PC} .Ba455% STMFD R13!,{R14} LDR R4,[R12,#1168] ADD R4,R4,R12 BL Ba466% ADR R2,Da189% BL Ba25% BL Ba466% ADR R2,Da192% BL Ba25% BL Ba466% ADR R2,Da194% BL Ba25% LDMFD R13!,{PC} .Da189% ; options_off EQUD &6974706F EQUD &5F736E6F EQUD &0D66666F .Da190% ;options_on EQUD &6974706F EQUD &5F736E6F EQUD &000D6E6F .Da191% ;cancel on EQUD &636E6163 EQUD &6F5F6C65 EQUD &00000D6E .Da192% ;cancel_off EQUD &636E6163 EQUD &6F5F6C65 EQUD &000D6666 .Da193% ;ok_on EQUD &6F5F6B6F EQUD &00000D6E .Da194% ;ok_off EQUD &6F5F6B6F EQUD &000D6666 .Ba456% ; 'Options' for record button comes here LDR R4,[R12,#1332] ADD R4,R4,R12 LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba457% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPLE R1,R6 BGT Ba457% LDR R4,[R12,#1168] ADD R4,R4,R12 BL Ba466% ADR R2,Da190% BL Ba25% LDR R3,[R12,#1168] ADD R3,R3,R12 ADR R4,Da189% BL Ba288% B Ba473% .Ba457% ; 'Cancel' record button comes here LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba459% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPLE R1,R6 BGT Ba459% .Ba458% ; 'Cancel' record button comes here LDR R4,[R12,#1172] ADD R4,R4,R12 BL Ba466% ADR R2,Da191% BL Ba25% LDR R3,[R12,#1172] ADD R3,R3,R12 ADR R4,Da192% BL Ba288% MOV R2,#1 BL Ba431% MOV R2,#0 STR R2,[R12,#944] BL Ba433% BL Ba453% BL Ba468% ; close log file BL Ba293% B Ba12% .Ba459% ; toggle of 'Mnemonic' button comes here LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba461% ; mnemonic button pressed LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPLE R1,R6 BGT Ba461% .Ba460% LDR R4,[R12,#1176] ADD R4,R4,R12 BL Ba466% ADR R2,Da193% BL Ba25% LDR R3,[R12,#1176] ADD R3,R3,R12 ADR R4,Da194% BL Ba288% LDR R2,[R12,#944] CMP R2,#0 BLNE Ba431% MOV R2,#0 STR R2,[R12,#944] BL Ba293% BL Ba454% BL Ba467% B Ba12% .Ba461% ; mnemonic button comes here LDR R6,[R12,#932] ; =1 CMP R6,#0 BEQ Ba12% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba462% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPLE R1,R6 BGT Ba462% BL Ba474% BL Ba632% B Ba423% .Ba462% ; toggling mnemonic button comes here LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba463% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPLE R1,R6 BGT Ba463% LDR R0,[R12,#1336] ; toggling mnemonic button here TST R0,#4 ; 16 registers EOR R0,R0,#2 ; toggles bit 2 (mnenonics) ANDNE R0,R0,#&19 STR R0,[R12,#1336] ; record save file format BL Ba474% BL Ba632% B Ba423% .Ba463% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba464% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinatb CMPLE R1,R6 BGT Ba464% LDR R0,[R12,#1336] ; toggle registers button comes here TST R0,#2 ; Addr/mne BEQ Ba423% EOR R0,R0,#4 TST R0,#4 ; changed to allow record registers to be output in text format ;ORRNE R0,R0,#8 ; forces non-text format here STR R0,[R12,#1336] ; record save file format BL Ba474% BL Ba632% B Ba423% .Ba464% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba465% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPLE R1,R6 BGT Ba465% LDR R0,[R12,#1336] ; fix for B047 text or data - now works with 1,2,3 all selected ;TST R0,#4 ; B047 toggle 1,2,3 ;BNE Ba423% ; B047 toggle 1,2,3 EOR R0,R0,#8 ; B046 toggles the text or data button ;AND R0,R0,#&07 ; B046 sets to text only for test STR R0,[R12,#1336] BL Ba474% BL Ba632% B Ba423% .Ba465% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba12% LDR R6,[R4],#4 ; mouse button coordinate CMP R0,R6 LDR R6,[R4],#4 ; mouse button coordinate CMPLE R1,R6 BGT Ba12% B Ba479% .Da195% ;--file-options-- ;--Text-or-Data-- EQUD &69462D2D EQUD &6F2D656C EQUD &6F697470 EQUD &2D2D736E EQUD &2D2D2020 EQUD &74786554 EQUD &2D726F2D EQUD &61746144 EQUD &00002D2D .Da196% ; --Max-file-length-- EQUD &614D2D2D EQUD &69662D78 EQUD &6C2D656C EQUD &74676E65 EQUD &002D2D68 .Ba466% MOV R0,#4 LDR R1,[R4],#4 LDR R2,[R4],#4 SWI "OS_Plot" MOV PC,R14 .Ba467% STMFD R13!,{R14} MOV R0,#4 LDR R1,[R12,#1340] LDR R2,[R12,#1344] SWI "OS_Plot" LDR R0,[R12,#1348] ; record off = 0 CMP R0,#0 ADRNE R2,Da197% ADREQ R2,Da198% BL Ba25% MOV R0,#4 LDR R1,[R12,#1352] LDR R2,[R12,#1356] SWI "OS_Plot" ADR R2,Da201% BL Ba25% MOV R0,#4 LDR R1,[R12,#1360] LDR R2,[R12,#1364] SWI "OS_Plot" ADR R2,Da203% BL Ba25% MOV R0,#4 LDR R1,[R12,#1368] LDR R2,[R12,#1372] SWI "OS_Plot" ADR R2,Da204% BL Ba25% LDMFD R13!,{PC} ; main screen buttons .Da197% ;record EQUD &6F636572 EQUD &000D6472 .Da198% ;record_off EQUD &6F636572 EQUD &6F5F6472 EQUD &000D6666 .Da199% ;record_on EQUD &6F636572 EQUD &6F5F6472 EQUD &00000D6E .Da200% ;find_on EQUD &646E6966 EQUD &0D6E6F5F .Da201% ;find_off EQUD &646E6966 EQUD &66666F5F EQUD &0000000D .Da202% ;marker_on EQUD &6B72616D EQUD &6F5F7265 EQUD &00000D6E .Da203% ;marker_off EQUD &6B72616D EQUD &6F5F7265 EQUD &000D6666 .Da204% ;calc_off EQUD &636C6163 EQUD &66666F5F EQUD &0000000D .Da205% ;calc_on EQUD &636C6163 EQUD &0D6E6F5F .Ba468% ; turn record off LDR R2,[R12,#1348] ; record off = 0 CMP R2,#0 MOVEQ PC,R14 MOV R2,#0 STR R2,[R12,#1348] MOV R0,#0 ; close file reason code LDR R1,[R12,#1376] ; filename or handle SWI "XOS_Find" LDR R0,[R12,#1336] AND R0,R0,#&0F STR R0,[R12,#1336] MOV PC,R14 .Da206% ; 'Record' button coordintes EQUD &00000266 EQUD &000003D0 EQUD &000002CE EQUD &000003F8 .Da207% EQUD &0000032A EQUD &000003D0 EQUD &00000392 EQUD &000003F8 .Da208% EQUD &000003F2 EQUD &000003D0 EQUD &00000460 EQUD &000003F8 .Da209% EQUD &000001A4 EQUD &000003D4 EQUD &00000210 EQUD &000003FC .Da210% EQUD &00000266 EQUD &000003D0 .Da211% EQUD &00000108 EQUD &00000344 EQUD &00000108 EQUD &00000308 EQUD &00000108 EQUD &000002CC EQUD &0000025C EQUD &00000330 .Da212% EQUD &0000024C EQUD &000002C8 ; s_address_off EQUD &64615F73 EQUD &6F5F7264 EQUD &000D6666 .Da213% ;s_mnemonic off EQUD &6E6D5F73 EQUD &5F6F6D65 EQUD &0D66666F .Da214% ; s_regist_off EQUD &65725F73 EQUD &74736967 EQUD &66666F5F EQUD &0000000D .Da215% ; s_address_on EQUD &64615F73 EQUD &6F5F7264 EQUD &00000D6E .Da216% ; s_mnemonic_on EQUD &6E6D5F73 EQUD &5F6F6D65 EQUD &000D6E6F .Da217% ; s_regist_on EQUD &65725F73 EQUD &74736967 EQUD &0D6E6F5F .Da218% ; address EQUD &72646461 EQUD &0D737365 .Da219% ; addr_mnemo EQUD &72646461 EQUD &656E6D5F EQUD &000D6F6D .Da220% ; addr_mne_reg EQUD &72646461 EQUD &656E6D5F EQUD &6765725F EQUD &0000000D .Da221% EQUD &0D666666 .Da222% EQUD &5F78616D EQUD &676E656C EQUD &000D6874 .Ba469% ADR R4,Da206% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 BLT Ba470% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba470% ADR R4,Da210% BL Ba466% ADR R2,Da199% BL Ba25% ADR R3,Da210% ADR R4,Da198% BL Ba288% MOV R2,#1 B Ba645% .Ba470% ADR R4,Da207% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 BLT Ba471% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba471% ADR R4,Da207% BL Ba466% ADR R2,Da200% ; find on BL Ba25% ; plot a sprite on screen ADR R3,Da207% ADR R4,Da201% BL Ba288% B Ba501% .Ba471% ADR R4,Da208% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 BLT Ba472% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba472% ADR R4,Da208% BL Ba466% ADR R2,Da202% BL Ba25% ADR R3,Da208% ADR R4,Da203% BL Ba288% B Ba552% .Ba472% ADR R4,Da209% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 BLT Ba644% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba644% ADR R4,Da209% BL Ba466% ADR R2,Da205% BL Ba25% ADR R3,Da209% ADR R4,Da204% BL Ba288% B Ba601% ; enter expression .Ba473% BL Ba499% ADR R0,Da195% SWI "OS_Write0" SWI &000105 BL Ba476% MOV R0,#4 MOV R1,#&01E4 MOV R2,#&0324 SWI "OS_Plot" ADR R0,Da196% SWI "OS_Write0" BL Ba477% SWI &000104 BL Ba474% B Ba423% .Ba474% STMFD R13!,{R0-R8,R14} LDR R6,[R12,#1336] ADR R4,Da211% BL Ba466% ADR R2,Da215% BL Ba25% BL Ba466% TST R6,#2 ; Addr/mne ADREQ R2,Da213% ADRNE R2,Da216% BL Ba25% BL Ba466% TST R6,#4 ; 16 registers ADREQ R2,Da214% ADRNE R2,Da217% BL Ba25% BL Ba466% TST R6,#8 ; text format ADREQ R2,Da221% BEQ Ba475% TST R6,#4 ADRNE R2,Da220% BNE Ba475% TST R6,#2 ADRNE R2,Da219% ADREQ R2,Da218% .Ba475% BL Ba25% BL Ba466% ADR R2,Da222% BL Ba25% SWI &000105 BL Ba476% LDR R0,[R12,#1908] CMP R0,#&1F MOV R0,#4 MOV R1,#&0258 MOVNE R2,#&02F0 MOVEQ R2,#&02EC SWI "OS_Plot" ADR R0,Da224% SWI "OS_Write0" BL Ba477% SWI &000104 LDMFD R13!,{R0-R8,PC} .Ba476% LDR R0,[R12,#1908] CMP R0,#&1F SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOVNE R0,#&20 ; 32 = white ? MOVNE R0,#%00111111 ; white ? ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" MOV PC,R14 .Ba477% STMFD R13!,{R0} LDR R0,[R12,#1908] CMP R0,#&1F SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOVNE R0,#0 ; white ;MOVEQ R0,#7 ; black MOVNE R0,#%00111111 ; white MOVEQ R0,#%00000000 ; black SWI "OS_WriteC" LDMFD R13!,{R0} MOV PC,R14 LDR R0,[R12,#1908] CMP R0,#&1F SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOVNE R0,#&0B ; red ;MOVEQ R0,#9 ; yellow MOVNE R0,#%00000011 ; red MOVEQ R0,#%00001111 ; yellow SWI "OS_WriteC" MOV PC,R14 .Ba478% STMFD R13!,{R0} LDR R0,[R12,#1908] CMP R0,#&1F SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOVNE R0,#&17 ; possibly black ;MOVEQ R0,#&0B ; red MOVNE R0,#%00000000 ; possibly black MOVEQ R0,#%00000011 ; red SWI "OS_WriteC" LDMFD R13!,{R0} MOV PC,R14 .Ba479% SWI &000105 BL Ba476% ADR R4,Da212% BL Ba466% ADR R2,Da222% BL Ba25% BL Ba478% LDR R0,[R12,#1908] CMP R0,#&1F MOV R0,#4 MOV R1,#&0258 MOVNE R2,#&02F0 MOVEQ R2,#&02EC SWI "OS_Plot" ADR R0,Da224% ; max file size MOV R1,#5 MOV R2,#&20 MOV R3,#&80 SWI "OS_ReadLine" MOV R0,#&0A ADR R1,Da224% ; max file size MOV R2,#0 SWI "XOS_ReadUnsigned" MOV R2,R2,LSL #10 STR R2,[R12,#1380] ; maximum configured file size MOV R0,#&10 ADR R1,Da224% ; max file size MOV R2,#0 SWI "XOS_ReadUnsigned" MOV R0,R2 ADR R1,Da223% MOV R2,#7 SWI "XOS_ConvertHex6" BL Ba477% MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" SWI &000104 BL Ba474% B Ba423% ; file save of data section (record to file) EQUW &0000:EQUB &00 .Da223% EQUB &00 .Da224% ;EQUD &30303530 ;EQUD &00000030 ;EQUD &39393939 ; file size in kbytes = 99.999kB ;EQUD &00000039 EQUD &30303030 ; 00000 = unlimited file size EQUD &00000030 EQUD &00000000 EQUD &00000000 .Ba480% ; set up data blocks for file output LDR R0,[R12,#1336] ; record save file type (bits 0-3) TST R0,#8 ; data file output ? LDREQ R2,[R12,#1400] ; 1400 is not set anywhere, so zero BEQ Ba481% ; text file TST R0,#4 ; all 16 registers LDRNE R2,[R12,#1392] ; filetype for A/M/R file &BD BNE Ba493% ; 16 resisters TST R0,#2 ; address and nmonic LDRNE R2,[R12,#1388] ; filetype for Addr/mne file &BC BNE Ba492% ; 2 words LDREQ R2,[R12,#1384] ; filetype for Addr only file &BB BEQ Ba491% ; 1 word MOV PC,R14 .Ba481% ; text file outputs routed through here ; 1336 usage decoded using ARM_Debug ; note that text 1 does not use a bit as you'd probably expect ; 00 = text 1 ; 02 = text 1 2 ; 04 = text 3 (not supported) ; 06 = text 1 2 3 (not originally supported) ; 08 = data 1 ; 0A = data 1 2 ; 0E = data 1 2 3 STMFD R13!,{R14} BL Ba482% ; check for file open else open it LDR R0,[R12,#1336] ; read record file type ;*** new 32bit TST R0,#4 ; 32bit - all 16 registers BNE Ba483a% ; save 16 registers to text file ;*** new 32bit TST R0,#2 ; addr/mnemo BNE Ba483% B Ba484% ; write text header line .Ba482% ; checks for open file ; R2 is file type and comes from above TST R0,#&10 ; bit4 = 1 - is this file open flag ? MOVNE R0,#0 ; closes file if already open LDRNE R1,[R12,#1376] ; filename or handle SWINE "OS_Find" ; closes file if already open LDRNE R0,[R12,#1336] ; type of record file save ANDNE R0,R0,#&0F ; effectively clears bit 4 in 1336 STRNE R0,[R12,#1336] ; type of record file save MOV R0,#&0B ; create empty file LDR R1,[R12,#968] ; pointer to pointer to file name ADD R1,R1,R12 ; R2 is the file type, &FFF = text MOV R3,#0 MOV R4,#0 MOV R5,#0 ; size of file SWI "XOS_File" BVS Ba485% MOV R0,#&8E MOV R2,R1 SWI "XOS_Find" STR R0,[R12,#1376] ; save file handle LDR R0,[R12,#1336] ; type of record file save ORR R0,R0,#&10 ; what is bit 4 used for STR R0,[R12,#1336] ; type of record file save MOV R1,#1 ; STR R1,[R12,#1348] ; record on = 1 ADR R0,Da228% LDR R1,[R12,#968] ADD R1,R1,R12 MOV R2,#2 MOV R3,#0 MOV R4,#0 SWI "OS_SetVarVal" MOV PC,R14 .Ba483% ; Addr/mne text file MOV R1,#2 ; write bytes to file at current pointer STR R1,Da229% ; output file data block ADR R1,Da229% ; output file data block LDR R0,[R12,#1376] ; file handle STR R0,[R1,#4] ; save file handle ;ADR R0,Da226% ADR R0,Da225% ; top character shown (not blanked out) STR R0,[R1,#8] ; OS_GBPB buffer address LDMFD R13!,{PC} .Ba483a% ; 16 registers text file - added in v107 MOV R1,#2 ; write bytes to file at current pointer STR R1,Da229% ; output file data block ADR R1,Da229% ; output file data block LDR R0,[R12,#1376] ; file handle STR R0,[R1,#4] ; save file handle ;ADR R0,Da226% ADR R0,Da225% ; top character now shown (not blanked out) STR R0,[R1,#8] ; OS_GBPB buffer address LDMFD R13!,{PC} .Ba484% ; writes 8 character address MOV R1,#2 ; write bytes to file at current pointer STR R1,Da229% ; output file data block ADR R1,Da229% ; output file data block LDR R0,[R12,#1376] ; file handle STR R0,[R1,#4] ;ADR R0,Da226% ADR R0,Da225% ; top character no longer blanked out STR R0,[R1,#8] ; OS_GBPB buffer address MOV R7,#8 ; number of characters - 2345678colon ADD R7,R7,#&01 ; 32bit - add extra character STR R7,[R1,#12] ; OS_GBPB bytes to write LDMFD R13!,{PC} .Ba484a ; writes flags and mnemonics for registers_text ; placed here to avoid 1024byte address limit for stuff below ; R7 is number of bytes in Da225 buffer at this moment ADR R1,Da225% ; buffer base ADD R1,R1,R7 ; address of next free byte SUB R8,R7,#51 ; spaces required for formatting .new_space CMP R8,#0 ADDLT R8,R8,#01 MOVLT R2,#&20 ; add space character STRLTB R2,[R1],#1 ADDLT R7,R7,#01 BLT new_space ; Flags= MOV R2,#ASC"F" STRB R2,[R1],#1 MOV R2,#ASC"l" STRB R2,[R1],#1 MOV R2,#ASC"a" STRB R2,[R1],#1 MOV R2,#ASC"g" STRB R2,[R1],#1 MOV R2,#ASC"s" STRB R2,[R1],#1 MOV R2,#ASC":" STRB R2,[R1],#1 ; read the PSR status bits LDR R8,[R12,#64] ; load PSR register TST R8,#1<<31 ; N status bit MOVNE R2,#78 ; N MOVEQ R2,#110 ; n STRB R2,[R1],#1 TST R8,#1<<30 ; Z status bit MOVNE R2,#90 ; Z MOVEQ R2,#122 ; z STRB R2,[R1],#1 TST R8,#1<<29 ; C status bit MOVNE R2,#67 ; C MOVEQ R2,#99 ; c STRB R2,[R1],#1 TST R8,#1<<28 ; V status bit MOVNE R2,#86 ; V MOVEQ R2,#118 ; v STRB R2,[R1],#1 MOV R2,#105 ; i - fixed STRB R2,[R1],#1 MOV R2,#102 ; f - fixed STRB R2,[R1],#1 MOV R2,#&20 ; add space character STRB R2,[R1],#1 ADD R7,R7,#13 ; update number of bytes ; Mode= ;MOV R2,#ASC"M" ;STRB R2,[R1],#1 ;MOV R2,#ASC"o" ;STRB R2,[R1],#1 ;MOV R2,#ASC"d" ;STRB R2,[R1],#1 ;MOV R2,#ASC"e" ;STRB R2,[R1],#1 ;MOV R2,#ASC"=" ;STRB R2,[R1],#1 ;ADD R7,R7,#19 ;AND R9,R8,#&13 ; 32bit check to SVC mode ;CMP R9,#&13 ; User mode ;MOVNE R2,#ASC"U" ;STRNEB R2,[R1],#1 ;MOVNE R2,#ASC"s" ;STRNEB R2,[R1],#1 ;MOVNE R2,#ASC"e" ;STRNEB R2,[R1],#1 ;MOVNE R2,#ASC"r" ;STRNEB R2,[R1],#1 ;ADDNE R7,R7,#4 ; SVC mode ;MOVEQ R2,#ASC"S" ;STREQB R2,[R1],#1 ;MOVEQ R2,#ASC"V" ;STREQB R2,[R1],#1 ;MOVEQ R2,#ASC"C" ;STREQB R2,[R1],#1 ;ADDEQ R7,R7,#3 MOV R8,R1 ; save R1 in R8 for OS_ConvertHex8 LDR R0,[R12,#64]; load PSR register for text output ADR R1,Da225% ; R1 = buffer for output string ADD R1,R1,R7 ; pointer to buffer to place Hex8 MOV R2,#8 ; R2 = size of buffer SWI "XOS_ConvertHex8" ; on exit R0 = buffer pointer MOV R1,R8 ; reload buffer pointer ADD R1,R1,#8 ; point to endd of Hex8 MOV R2,#&0A ; add line feed character STRB R2,[R1],#1 ; save line feed to end of line ADR R5,Da229% ; load base address of file information ADD R7,R7,#9 ; increase number of bytes (8 + 1) STR R7,[R5,#12] ; R7 = number of bytes to write to file ;carriage return at the end of the line ;MOV R2,#&0A ; line feed ;STRB R2,[R1],#1 MOV PC,R14 .Da225% ; 32-bit address in ASCII - i.e. 8 characters ; strange arrangement originally used to remove top 'nibble' ; from 32-bit hex address (for 26-bit ARM2 et al). EQUB &00 .Da226% EQUW &0000 EQUB &00 EQUD &00000000 EQUW &0000 .Da227% ; buffer for 24 and a 1/2 registers ?? EQUW &0000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Da228% EQUD &63617254 EQUD &64412465 EQUD &73657264 EQUD &00000073 .Ba485% STMFD R13!,{R0} BL Ba499% SWI &000107 LDMFD R13!,{R0} ADD R0,R0,#4 SWI "OS_Write0" LDMFD R13!,{R0-R5,R14} BL Ba632% B Ba449% .Ba486% ; save disassembled instructions to record file ; R0 = current sandbox instruction for documentation LDR R3,[R12,#1348] ; record on = 1 CMP R3,#0 MOVEQ PC,R14 ; return if record not enabled STMFD R13!,{R0-R12,R14} MOV R4,R1 ; current instruction address MOV R5,R2 ; R12 pointer LDR R6,[R12,#1336] ; type of record save TST R6,#8 ; record file format = data BNE Ba489% ; save records in data format ;*** added to save registers in text format TST R6,#4 ; save registers in text format BNE Ba486a% ; save registers in text format ;*** added to save registers in text format TST R6,#2 ; addr_mnemo BEQ Ba488% ; 2 not set so addr only (strange logic) .Ba486a% ; save addr_mnemo and 16 registers in text format SWI "Debugger_Disassemble" TST R6,#4 ; register_text (not) MOVEQ R3,#&0A ; add line feed character STREQB R3,[R1,R2] ADD R7,R2,#&0A ; number of bytes to write to file ADDEQ R7,R7,#&01 ; 32bit - add extra character ADR R0,Da227% ; buffer for text output to file .Ba487% ;save disassebled text to file LDRB R3,[R1,R2] ; move disassembled text to output buffer STRB R3,[R0,R2] ; R0 = address of buffer Da227 SUBS R2,R2,#1 BPL Ba487% ;LDR R2,[R12,#396] ; sandbox running in 0=USR, 1=SVC ;CMP R2,#1 ;ORREQ R4,R4,#3 MOV R0,R4 ; R0 = address of instruction ADR R1,Da225% ; R1 = pointer to buffer for output string MOV R2,#&14 ; R2 = size of buffer SWI "XOS_ConvertHex8" ; on exit R0 = buffer pointer MOV R2,#&3A ; add colon character STRB R2,[R1],#1 MOV R2,#&20 ; add space ;STRB R2,[R1,#0] STRB R2,[R1],#1 TST R6,#4 ; save registers in text format BLNE Ba484a ; add flags and mode on first line ADR R5,Da229% STR R7,[R5,#12] ; number of bytes to write to file LDMIA R5,{R0-R4} ; load text file handle info SWI "XOS_GBPB" BVS Ba498% STR R4,[R5,#16] BL Ba496% ; check record file reached maximum length ; add register lines to text file TST R6,#4 ; save registers in text format BLNE save_registers LDMFD R13!,{R0-R12,PC} .save_registers ; saves 16 registers to text file in data file screen format ; I wonder why Theo didn't do this originally ?? MOV R8,#&00 ; register number MOV R9,#&00 ; line number MOV R10,#05 ; registers per line .next_line ADR R1,Da225% ; R1 = pointer to buffer for output string MOV R2,#&20 ; add 4 space characters STRB R2,[R1],#1 STRB R2,[R1],#1 STRB R2,[R1],#1 STRB R2,[R1],#1 .next_register MOV R2,#&52 ; add R character STRB R2,[R1],#1 CMP R8,#10 MOVGE R2,#49 ; 1x STRGEB R2,[R1],#1 ADDGE R2,R8,#38 ; add register number character ADDLT R2,R8,#48 ; add register number character STRB R2,[R1],#1 MOV R2,#61 ; equals character STRB R2,[R1],#1 MOVLT R2,#&20 ; space character for 1-9 STRLTB R2,[R1],#1 LDR R0,[R12,R8,LSL #2] ; load register value into R0 MOV R2,#&14 ; R2 = size of buffer SWI "XOS_ConvertHex8" ; on exit R0 = buffer pointer MOV R2,#&20 ; add space STRB R2,[R1],#1 MOV R2,#&20 ; add space STRB R2,[R1],#1 ADD R8,R8,#&01 ; increment register number CMP R8,R10 BLT next_register MOV R2,#&0A ; add LF character at end of line STRB R2,[R1],#01 MOV R7,#75 ; line length for register line ; add a second line feed character if this is the final line CMP R10,#14 ; final line of registers ? MOVGE R2,#&0A ; add LF character at end of line STRGEB R2,[R1],#01 ADDGE R7,R7,#01 ADR R5,Da229% ; file info buffer STR R7,[R5,#12] ; number of bytes to write to file LDMIA R5,{R0-R4} ; load text file handle info SWI "XOS_GBPB" ; send line to file ;BVS Ba498% STR R4,[R5,#16] ADD R10,R10,#05 ; registers per line ADD R9,R9,#1 ; increment line number CMP R9,#3 ; three lines of registers BLT next_line ; BL Ba496% ; check record file reched maximum length MOV PC,R14 .Da229% ; text output file handle information buffer EQUD &00000000 ; 0 R0 = 2 - write bytes to current pointer EQUD &00000000 ; 4 R1 = file handle EQUD &00000000 ; 8 R2 = buffer EQUD &00000000 ;12 R3 = bytes to write to file EQUD &00000000 ;16 R4 = on exit new file pointer EQUD &00000000 EQUD &00000000 .Ba488% ; save just hex address to text file - no mnemonics LDR R2,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R2,#1 ;ORREQ R1,R1,#3 MOV R0,R1 ; current address ADR R1,Da225% MOV R2,#&14 SWI "XOS_ConvertHex8" ; R1 = pointer to termiator MOV R0,#&0A STRB R0,[R1,#0] ADR R5,Da229% LDMIA R5,{R0-R4} ; load file data SWI "XOS_GBPB" BVS Ba498% STR R4,[R5,#16] BL Ba496% ; check for maximum file length LDMFD R13!,{R0-R12,PC} ;.Ba488a% ; *** save registers in text format ; no longer used - label commented out ; 1st line ;MOV R0,R1 ; current address ;ADR R1,Da225% ;MOV R2,#&14 ;SWI "XOS_ConvertHex8" ; R1 = pointer to termiator ;MOV R0,#&0A ;STRB R0,[R1,#0] ; test ;ADR R1,Da229% ;MOV R7,#9 ; characters per line ;STR R7,[R1,#12] ; R3 number of bytes to write to file ; test ;ADR R5,Da229% ;LDMIA R5,{R0-R4} ; load file data ;SWI "XOS_GBPB" ;BVS Ba498% ;STR R4,[R5,#16] ;BL Ba496% ; check for maximum file length ;LDMFD R13!,{R0-R12,PC} .Ba489% ; save 16 registers to file in data or text format TST R6,#2 ; type of record save - 1336 BEQ Ba494% ; 2 not set then branch TST R6,#4 BEQ Ba495% ; 4 not set then branch - 2 set LDR R3,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R3,#1 ;ORREQ R1,R1,#3 STR R1,Da225% ADR R1,Da225% ; strange buffer 27 words ?? STR R0,[R1,#4] ADD R1,R1,#8 MOV R3,#&10 ; 16 registers - 17 counting from 0 ! .Ba490% ; copies register values to file output buffer LDR R4,[R2,R3,LSL #2] ; R2 base register address for R0 STR R4,[R1,R3,LSL #2] SUBS R3,R3,#1 BPL Ba490% ; 32bit changes - overwrite R15 with stored PSR MOV R3,#&10 ; offset to PCR at #64, R15 is #60 LDR R4,[R2,R3,LSL #2] ; R2 base register address for R0 SUB R3,R3,#1 STR R4,[R1,R3,LSL #2] ; overwrite R15 with PCR value ; 32bit end of changes ADR R5,Da229% ; buffer for file information LDMIA R5,{R0-R4} ; load file data SWI "XOS_GBPB" BVS Ba498% STR R4,[R5,#16] BL Ba496% ; check for maximum file length LDMFD R13!,{R0-R12,PC} .Ba491% ; save one word to file STMFD R13!,{R14} BL Ba482% ; checks for open file else opens it MOV R1,#2 ; write bytes to current pointer STR R1,Da229% ; buffer for file information ADR R1,Da229% ; buffer for file information LDR R0,[R12,#1376] ; handle of output file STR R0,[R1,#4] ; file handle ADR R0,Da225% STR R0,[R1,#8] ; file output buffer MOV R7,#4 STR R7,[R1,#12] ; number of bytes to write to file LDMFD R13!,{PC} .Ba492% ; save two words to file - PC-8 and current instruction STMFD R13!,{R14} BL Ba482% ; checks for open file else opens it MOV R1,#2 ; write bytes to current pointer STR R1,Da229% ; buffer for file information ADR R1,Da229% ; buffer for file information LDR R0,[R12,#1376] ; handle of output file STR R0,[R1,#4] ; file handle ADR R0,Da225% STR R0,[R1,#8] ; file output buffer MOV R7,#8 STR R7,[R1,#12] ; number of bytes to write to file LDMFD R13!,{PC} .Ba493% ; save 16 registers to file STMFD R13!,{R14} BL Ba482% ; checks for open file else opens it MOV R1,#2 ; write bytes to current pointer STR R1,Da229% ; buffer for file information ADR R1,Da229% ; buffer for file information LDR R0,[R12,#1376] ; handle of output file STR R0,[R1,#4] ; file handle ADR R0,Da225% STR R0,[R1,#8] ; file output buffer MOV R7,#&48 ; registers to file = 16 * 4 STR R7,[R1,#12] ; number of bytes to write to file LDMFD R13!,{PC} .Ba494% ; save addr in data format LDR R2,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R2,#1 ;ORREQ R1,R1,#3 STR R1,Da225% ADR R5,Da229% ; buffer for file information LDMIA R5,{R0-R4} SWI "XOS_GBPB" BVS Ba498% STR R4,[R5,#16] BL Ba496% LDMFD R13!,{R0-R12,PC} .Ba495% ;save addr_mnemo in data format LDR R2,[R12,#396] ; sandbox running in 0=USR, 1=SVC CMP R2,#1 ;ORREQ R1,R1,#3 STR R1,Da225% ADR R1,Da225% STR R0,[R1,#4] ADR R5,Da229% ; buffer for file information LDMIA R5,{R0-R4} SWI "XOS_GBPB" BVS Ba498% STR R4,[R5,#16] BL Ba496% LDMFD R13!,{R0-R12,PC} .Ba496% ; check whether record file has reached maximum length ? LDR R0,[R12,#1380] ; maximum configured file size LDR R1,[R5,#16] ; current file size CMP R0,#0 ; v133 check whether zero file size MOVEQ PC,R14 ; v133 skip file size check if zero CMP R1,R0 MOVLT PC,R14 BL Ba468% ; close log file BL Ba231% ; disbles m-step BL Ba618% SWI &000107 ADR R0,Da230% ; Record file has reached maximum length SWI "OS_Write0" LDMFD R13!,{R0-R12,R14} BL Ba632% .Ba497% SWI "OS_Mouse" CMP R2,#0 BNE Ba12% BL Ba384% BNE Ba497% B Ba12% .Da230% ; Record file has reached maximum length EQUD &6F636552 EQUD &66206472 EQUD &20656C69 EQUD &20736168 EQUD &63616572 EQUD &20646568 EQUD &2E78616D EQUD &676E656C EQUD &00006874 .Ba498% STMFD R13!,{R0} BL Ba499% SWI &000107 SWI "OS_NewLine" SWI "OS_NewLine" LDMFD R13!,{R0} ADD R0,R0,#4 SWI "OS_Write0" BL Ba468% ; close log file BL Ba231% ; disbles m-step LDMFD R13!,{R0-R12,R14} BL Ba632% B Ba449% .Ba499% MOV R0,#1 STR R0,[R12,#932] LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 BEQ Ba500% MOV R0,#&1C ; mode 15 SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV R0,#&0A SWI "OS_WriteC" MOV R0,#&32 SWI "OS_WriteC" MOV R0,#4 SWI "OS_WriteC" SWI &000111 MOV R0,#&80 SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#9 SWI "OS_WriteC" MOV R0,#&31 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" SWI &000111 MOV R0,#&FF SWI "OS_WriteC" SWI &00010C MOV PC,R14 .Ba500% ; mode 31 MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV R0,#&21 SWI "OS_WriteC" MOV R0,#&32 SWI "OS_WriteC" MOV R0,#&13 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&87 ; black background colour MOV R0,#%10000000 ; black background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#&20 SWI "OS_WriteC" MOV R0,#&31 SWI "OS_WriteC" MOV R0,#&12 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white background MOV R0,#%10111111 ; white background SWI "OS_WriteC" SWI &00010C MOV PC,R14 .Ba501% BL Ba549% BL Ba646% STR R0,[R12,#112] BL Ba548% BL Ba293% BL Ba632% MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" .Ba502% SWI "OS_Mouse" CMP R2,#0 BNE Ba503% BL Ba384% BNE Ba502% AND R1,R1,#&5F CMP R1,#&4D BEQ Ba506% CMP R1,#&57 BEQ Ba527% CMP R1,#&53 BEQ Ba536% B Ba11% .Da231% EQUD &00000226 EQUD &00000168 EQUD &000002C8 EQUD &00000194 .Da232% EQUD &00000226 EQUD &00000130 EQUD &000002C8 EQUD &0000015C .Da233% EQUD &00000226 EQUD &000000F4 EQUD &000002C8 EQUD &00000120 .Ba503% ADR R4,Da231% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba504% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba504% B Ba506% .Ba504% ADR R4,Da232% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba505% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba505% B Ba527% .Ba505% ADR R4,Da233% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba11% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba11% B Ba536% .Ba506% ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 SWI &000111 MOVNE R0,#&20 ; mode 15 ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" SWI &000104 BL Ba549% ADDNE R4,R12,#&0900 ADDEQ R4,R12,#&0910 BL Ba466% ADR R2,Da234% ; value BL Ba25% SWI "OS_NewLine" ADR R0,Da237% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_NewLine" ADR R0,Da238% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_NewLine" ADR R0,Da239% SWI "OS_Write0" MOV R0,R7 LDR R1,[R12,#1404] ADD R1,R1,R12 MOV R2,#&20 SWI "OS_ConvertHex8" SWI &00010B SWI &00010B SWI "OS_Write0" SWI "OS_RestoreCursors" SWI &00010A SWI &00010A SWI "OS_WriteS" EQUD &08080808 EQUD &08080808 EQUD &00000008 BL Ba632% .Ba507% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 MOVEQ R0,#&7C SWIEQ "OS_Byte" BEQ Ba551% SWI "OS_Mouse" CMP R2,#0 BNE Ba516% LDRB R0,[R12,#1460] CMP R0,#0 LDR R3,[R12,#1408] ADD R3,R3,R12 BLNE Ba546% LDR R0,[R12,#1408] ADD R0,R0,R12 MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 BEQ Ba521% SWI "OS_RemoveCursors" SWI &00011F ; position text cursor MOV R0,#&11 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R9,#&FF ; check whether R7 is within valid RAM or ROM areas ; commented out following three lines for Ba315 changes ;ADD R3,R12,#&0990 ;LDR R4,[R3,#0] ; start memory address ;LDR R5,[R3,#4] ; end memory address ;BIC R7,R7,#&80000000 32 bit ; always perform mode change SWI "OS_EnterOS" ; put jump for Ba315 changes after mode change ;BNE skip_r7_check ; RGPB B skip_r7_check ; make unconditional V143 .Ba508% ; check that R7 is within the memory bounds ; keep incrementing R7 until it is within memory bounds ; converted to work with unsigned integers in v87 CMP R4,#1 ; 1 = memory address pairs terminator MOVEQ R7,#0 ; R7 = 0 is no more memory addresses in list ADDEQ R3,R12,#&0990 LDREQ R4,[R3,#0] ; start memory address LDREQ R5,[R3,#4] ; end memory address BEQ Ba510% ; end of list found CMP R7,R4 ;BGE Ba509% ; R7 in current memory block ; 32bit HI/LS BEQ Ba509% ; R7 in current memory block BHI Ba509% ; R7 in current memory block MOV R7,R4 B Ba510% .Ba509% ; R7 in current memory block CMP R7,R5 ; R4 < R7 < R5 , R7 within this memory block ;BLT Ba510% ; 32bit HI/LS BEQ Ba509a% BLS Ba510% .Ba509a% ADD R3,R3,#8 ; read next address LDR R4,[R3,#0] LDR R5,[R3,#4] B Ba508% .Ba510% ; FIND comes through here before crashing B skip_r7_check ; RGPB add v143 ; no more memory in the list (01 = END) ADD R7,R7,#4 CMP R7,R5 ;BLGE Ba515% ; 32bit HI/LS BLEQ Ba515% BLHI Ba515% BEQ Ba506% .skip_r7_check LDR R10,[R12,#1408] ADD R10,R10,R12 LDR R0,[R7,#0] MOV R1,R7 SWI "Debugger_Disassemble" MOV R2,R10 .Ba511% LDRB R6,[R1],#1 CMP R6,#&20 ANDNE R6,R6,#&5F LDRB R8,[R2],#1 CMP R8,#&20 ANDNE R8,R8,#&5F CMP R8,#&0D BEQ Ba512% CMP R6,R8 BEQ Ba511% MOV R2,R10 CMP R6,#0 BNE Ba511% SUBS R9,R9,#1 BNE Ba510% MOV R9,#&FF MOV R0,R7 LDR R1,[R12,#1404] ADD R1,R1,R12 MOV R2,#&20 SWI "OS_ConvertHex8" SWI "OS_Write0" SWI "OS_WriteS" EQUD &08080808 EQUD &08080808 EQUD &00000000 MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 CMPNE R1,#9 CMPNE R1,#&0A CMPNE R1,#&0B BNE Ba510% MOV R0,#&7C SWI "OS_Byte" BL Ba632% B Ba506% .Da234% EQUD &756C6176 EQUD &0D315F65 EQUD &6E6D5F73 EQUD &5F6F6D65 EQUD &000D6E6F EQUD &69727473 EQUD &6F5F676E EQUD &00000D6E EQUD &64726F77 EQUD &6E6F5F73 EQUD &0000000D .Ba512% ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 BL Ba514% B Ba506% .Ba513% ;TEQP PC,#0 ; assume that double TEQP was error on 26bit ?? ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 BL Ba514% B Ba527% .Ba514% STMFD R13!,{R14} BL Ba41% SWI &000111 MOVNE R0,#&95 ; mode 15 ;MOVEQ R0,#&83 ; light grey background MOVEQ R0,#%10000100 ; light grey background SWI "OS_WriteC" SWI &000111 MOVNE R0,#0 ; mode 15 ;MOVEQ R0,#7 ; black MOVEQ R0,#%00000000 ; black SWI "OS_WriteC" SWI &00010C BL Ba27% MOV R0,#0 BL Ba467% LDMFD R13!,{PC} .Ba515% ; checks R7 is within memory map - otherwise change R7 ADD R3,R3,#8 LDR R4,[R3,#0] LDR R5,[R3,#4] CMP R4,#1 MOVEQ R7,#0 ADDEQ R3,R12,#&0990 LDREQ R4,[R3,#0] LDREQ R5,[R3,#4] MOVNE R7,R4 MOV PC,R14 .Ba516% BL Ba519% B Ba506% .Ba517% BL Ba519% B Ba527% .Ba518% BL Ba519% B Ba536% .Ba519% LDR R2,[R12,#1908] CMP R2,#&1F ADRNE R4,Da235% ADREQ R4,Da236% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba551% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba551% STMFD R13!,{R14} BL Ba632% SWI &000105 LDR R2,[R12,#1908] CMP R2,#&1F ADDNE R4,R12,#&0900 ADDEQ R4,R12,#&0910 BL Ba466% ADR R2,Da234% BL Ba25% BL Ba478% MOV R0,#4 LDR R2,[R12,#1908] CMP R2,#&1F MOVNE R1,#&0294 MOVNE R2,#&017C MOVEQ R1,#&0294 MOVEQ R2,#&01A0 SUBEQ R2,R2,#2 SWI "OS_Plot" LDR R0,[R12,#1404] ADD R0,R0,R12 MOV R1,#8 MOV R2,#&20 MOV R3,#&80 BL Ba377% CMP R1,#0 BLEQ Ba520% BL Ba476% MOV R0,#&0A LDR R1,[R12,#1404] ADD R1,R1,R12 MOV R2,#0 SWI "XOS_ReadUnsigned" LDR R2,[R12,#1908] CMP R2,#&1F MOV R0,#4 MOVNE R1,#&0294 MOVNE R2,#&017C MOVEQ R1,#&0294 MOVEQ R2,#&01A0 SUBEQ R2,R2,#2 SWI "OS_Plot" MOV R0,#&10 LDR R1,[R12,#1404] ADD R1,R1,R12 MOV R2,#0 SWI "XOS_ReadUnsigned" MOV R7,R2 BIC R7,R7,#3 ; clear lower two bits of address LDMFD R13!,{PC} .Da235% EQUD &00000278 EQUD &00000154 EQUD &0000031A EQUD &00000180 .Da236% EQUD &0000027A EQUD &0000018C EQUD &0000031C EQUD &000001A2 .Da237% ; --Find Mnemonics-- EQUD &20202020 EQUD &2D2D2020 EQUD &646E6946 EQUD &656E4D20 EQUD &696E6F6D EQUD &2D2D7363 EQUD &00000000 .Da238% ; Start Address : EQUD &72617453 EQUD &64412074 EQUD &73657264 EQUD &003A2073 .Da239% ; Enter Mnemonic: EQUD &65746E45 EQUD &6E4D2072 EQUD &6E6F6D65 EQUD &203A6369 EQUD &00000020 .Ba520% MOV R1,#&0D STRB R1,[R0,R2] MOV PC,R14 .Ba521% BL Ba520% .Ba522% CMP R2,#0 BLE Ba507% MOV R0,#8 SWI "OS_WriteC" SUB R2,R2,#1 B Ba522% .Ba523% BL Ba520% .Ba524% CMP R2,#0 BLE Ba528% MOV R0,#8 SWI "OS_WriteC" SUB R2,R2,#1 B Ba524% .Ba525% BL Ba520% .Ba526% CMP R2,#0 BLE Ba537% MOV R0,#8 SWI "OS_WriteC" SUB R2,R2,#1 B Ba526% .Ba527% ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 SWI &000111 MOVNE R0,#&20 ; mode 15 ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" SWI &000104 BL Ba549% LDR R2,[R12,#1908] CMP R2,#&1F ADDNE R4,R12,#&0900 ADDEQ R4,R12,#&0910 BL Ba466% ADR R2,Da234% ; value BL Ba25% SWI "OS_NewLine" ADR R0,Da240% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_NewLine" ADR R0,Da241% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_NewLine" ADR R0,Da242% SWI "OS_Write0" MOV R0,R7 LDR R1,[R12,#1492] ADD R1,R1,R12 MOV R2,#&20 SWI "OS_ConvertHex8" SWI &00010B SWI &00010B SWI "OS_Write0" SWI "OS_RestoreCursors" SWI &00010A SWI &00010A SWI "OS_WriteS" EQUD &08080808 EQUD &08080808 EQUD &00000000 BL Ba632% ADD R3,R12,#&0990 .Ba528% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 MOVEQ R0,#&7C SWIEQ "OS_Byte" BEQ Ba551% SWI "OS_Mouse" CMP R2,#0 BNE Ba517% LDRB R0,[R12,#1548] CMP R0,#0 LDRNE R3,[R12,#1496] ADDNE R3,R3,R12 BLNE Ba546% LDR R0,[R12,#1496] ADD R0,R0,R12 MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 BEQ Ba523% SWI "OS_RemoveCursors" LDR R1,[R12,#1496] ADD R1,R1,R12 MOV R0,#&10 MOV R2,#&FF SWI "XOS_ReadUnsigned" BVS Ba532% MOV R10,R2 SWI &00011F ; position text cursor MOV R0,#&11 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R9,#&FF ; commented out following three lines for Ba315 changes ;ADD R3,R12,#&0990 ;LDR R4,[R3,#0] ;LDR R5,[R3,#4] ;BIC R7,R7,#&80000000 32bit SWI "OS_EnterOS" B skip_r7_check1 .Ba529% ; check that R7 is within the memory bounds ; keep incrementing R7 until it is within memory bounds ; ********************************************************* ; this should really be called using BL to make code neater CMP R4,#1 MOVEQ R7,#0 ADDEQ R3,R12,#&0990 LDREQ R4,[R3,#0] LDREQ R5,[R3,#4] BEQ Ba531% CMP R7,R4 ;BGE Ba530% ; 32bit HI/LS BEQ Ba530% BHI Ba530% MOV R7,R4 B Ba531% .Ba530% CMP R7,R5 ;BLT Ba531% ; 32bit HI/LS BEQ Ba530a% BLS Ba531% .Ba530a% ADD R3,R3,#8 LDR R4,[R3,#0] LDR R5,[R3,#4] B Ba529% .Ba531% ADD R7,R7,#4 CMP R7,R5 ;BLGE Ba515% ; 32bit HI/LS BLEQ Ba515% BLHI Ba515% BEQ Ba527% ; this should really be called using BL to make code neater ; ********************************************************* .skip_r7_check1 LDR R0,[R7,#0] CMP R0,R10 BEQ Ba513% SUBS R9,R9,#1 BNE Ba531% MOV R9,#&FF MOV R0,R7 LDR R1,[R12,#1492] ADD R1,R1,R12 MOV R2,#&20 SWI "OS_ConvertHex8" SWI "OS_Write0" SWI "OS_WriteS" EQUD &08080808 EQUD &08080808 EQUD &00000000 MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 CMPNE R1,#9 CMPNE R1,#&0A CMPNE R1,#&0B BNE Ba531% MOV R0,#&7C SWI "OS_Byte" BL Ba632% B Ba527% .Da240% EQUD &20202020 EQUD &20202020 EQUD &69462D2D EQUD &5720646E EQUD &7364726F EQUD &00002D2D .Da241% EQUD &72617453 EQUD &64412074 EQUD &73657264 EQUD &003A2073 .Da242% EQUD &65746E45 EQUD &6F572072 EQUD &20206472 EQUD &203A2020 EQUD &00000026 .Ba532% STMFD R13!,{R0} BL Ba549% ADR R0,Da243% SWI "OS_Write0" SWI "OS_NewLine" SWI &000107 LDMFD R13!,{R0} ADD R1,R0,#4 .Ba533% LDRB R0,[R1],#1 CMP R0,#&20 SWICS "OS_WriteC" BCS Ba533% BL Ba632% .Ba534% SWI "OS_Mouse" CMP R2,#0 BNE Ba527% BL Ba384% BNE Ba534% B Ba527% .Da243% EQUD &20202020 EQUD &20202020 EQUD &2D2D2020 EQUD &4F525245 EQUD &002D2D52 .Ba535% STMFD R13!,{R0-R2,R14} ADR R4,Da244% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 ADDLT R4,R4,#8 LDMLTFD R13!,{R0-R2,PC} LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 LDMGTFD R13!,{R0-R2,PC} LDR R4,[R12,#1572] EOR R4,R4,#1 STR R4,[R12,#1572] ADR R4,Da244% BL Ba466% LDR R2,[R12,#1572] CMP R2,#0 ADREQ R2,Da246% ; value ADRNE R2,Da247% BL Ba25% MOVS R0,#0 LDMFD R13!,{R0-R2,PC} .Da244% EQUD &00000204 EQUD &000000E8 EQUD &000002F4 EQUD &00000110 .Da245% EQUD &756C6176 EQUD &0D315F65 .Da246% EQUD &65736163 EQUD &66666F5F EQUD &0000000D .Da247% EQUD &65736163 EQUD &0D6E6F5F .Ba536% ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 SWI &000111 MOVNE R0,#&20 ; mode 15 ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" SWI &000104 BL Ba549% LDR R2,[R12,#1908] CMP R2,#&1F ADDNE R4,R12,#&0900 ADDEQ R4,R12,#&0910 BL Ba466% ADR R2,Da245% BL Ba25% ADR R4,Da244% BL Ba466% LDR R2,[R12,#1572] CMP R2,#0 ADREQ R2,Da246% ADRNE R2,Da247% BL Ba25% SWI "OS_NewLine" ADR R0,Da248% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_NewLine" ADR R0,Da249% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_NewLine" ADR R0,Da250% SWI "OS_Write0" MOV R0,R7 LDR R1,[R12,#1576] ADD R1,R1,R12 MOV R2,#&20 SWI "OS_ConvertHex8" SWI &00010B SWI &00010B SWI "OS_WriteS" EQUD &00000909 SWI "OS_Write0" SWI "OS_RestoreCursors" SWI &00010A SWI &00010A SWI "OS_WriteS" EQUD &08080808 EQUD &08080808 EQUD &00000008 BL Ba632% ADD R3,R12,#&0990 .Ba537% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 MOVEQ R0,#&7C SWIEQ "OS_Byte" BEQ Ba551% SWI "OS_Mouse" CMP R2,#0 BLNE Ba535% BNE Ba518% LDRB R0,[R12,#1632] CMP R0,#0 LDRNE R3,[R12,#1580] ADDNE R3,R3,R12 BLNE Ba546% LDR R0,[R12,#1580] ADD R0,R0,R12 MOV R1,#&0A MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 BEQ Ba525% SWI "OS_RemoveCursors" SWI &00011F ; position text cursor MOV R0,#&11 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" MOV R9,#&FF ; commented out following three lines for Ba315 changes ;ADD R3,R12,#&0990 ;LDR R4,[R3,#0] ;LDR R5,[R3,#4] ;BIC R7,R7,#&80000000 32 bit SWI "OS_EnterOS" B skip_r7_check2 .Ba538% ; check that R7 is within the memory bounds ; keep incrementing R7 until it is within memory bounds CMP R4,#1 MOVEQ R7,#0 ADDEQ R3,R12,#&0990 LDREQ R4,[R3,#0] LDREQ R5,[R3,#4] BEQ Ba540% CMP R7,R4 ;BGE Ba539% ; 32bit HI/LS BEQ Ba539% BHI Ba539% MOV R7,R4 B Ba540% .Ba539% CMP R7,R5 ;BLT Ba540% ; 32bit HI/LS BEQ Ba539a% BLS Ba540% .Ba539a% ADD R3,R3,#8 LDR R4,[R3,#0] LDR R5,[R3,#4] B Ba538% .Ba540% ADD R7,R7,#4 CMP R7,R5 ;BLGE Ba515% ; 32bit HI/LS BLEQ Ba515% BLHI Ba515% BEQ Ba536% .Ba541% LDR R0,[R12,#1580] ADD R0,R0,R12 .Ba542% LDRB R2,[R7],#1 LDRB R6,[R0],#1 CMP R6,#&0D BEQ Ba545% CMP R7,R5 ;BLGE Ba515% ; 32bit HI/LS BLEQ Ba515% BLHI Ba515% BEQ Ba536% .skip_r7_check2 LDR R1,[R12,#1572] CMP R1,#0 ANDEQ R2,R2,#&5F ANDEQ R6,R6,#&5F CMP R2,R6 BEQ Ba542% SUBS R9,R9,#1 BNE Ba541% MOV R9,#&FF MOV R0,R7 LDR R1,[R12,#1576] ADD R1,R1,R12 MOV R2,#&20 SWI "OS_ConvertHex8" SWI "OS_Write0" SWI "OS_WriteS" EQUD &08080808 EQUD &08080808 EQUD &00000000 MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 CMPNE R1,#9 CMPNE R1,#&0A CMPNE R1,#&0B BNE Ba541% MOV R0,#&7C SWI "OS_Byte" BL Ba632% BL Ba543% B Ba536% .Ba543% MOV R0,#0 LDR R1,[R12,#1580] ADD R1,R1,R12 .Ba544% LDRB R2,[R1],#1 CMP R2,#&0D ADDNE R0,R0,#1 BNE Ba544% SUB R7,R7,R0 BIC R7,R7,#3 MOV PC,R14 .Da248% ;--Find strings-- EQUD &20202020 EQUD &20202020 EQUD &69462D2D EQUD &7320646E EQUD &6E697274 EQUD &2D2D7367 EQUD &00000000 .Da249% ;Start Address EQUD &72617453 EQUD &64412074 EQUD &73657264 EQUD &003A2073 .Da250% ;Enter string EQUD &65746E45 EQUD &74732072 EQUD &676E6972 EQUD &003A2020 .Ba545% ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 BL Ba543% LDR R0,[R12,#1580] ADD R0,R0,R12 BL Ba514% B Ba536% ; this code is not called from anywhere ; some more EQUDs that are really instructions ; label created v99 .Ba545a% LDR R0,[R12,#1580] ADD R0,R0,R12 LDRB R1,[R0,#0] CMP R1,#&0D MOVEQ PC,R14 AND R1,R1,#&5F STRB R1,[R0],#1 B Ba545a% ;EQUD &E59C062C ;EQUD &E080000C ;EQUD &E5D01000 ;EQUD &E351000D ;EQUD &01A0F00E ;EQUD &E201105F ;EQUD &E4C01001 ;EQUD &EAFFFFF9 .Ba546% MOV R0,#&8A MOV R1,#0 .Ba547% LDRB R2,[R3],#1 CMP R2,#&0D CMPNE R2,#0 SWINE "OS_Byte" BNE Ba547% MOV PC,R14 .Da251% EQUD &20202020 EQUD &20202020 EQUD &2D202020 EQUD &6E69462D EQUD &002D2D64 .Da252% EQUD &00000220 EQUD &00000168 EQUD &00000220 EQUD &00000130 EQUD &00000220 EQUD &000000F4 .Da253% EQUD &6D656E6D EQUD &666F5F6F EQUD &00000D66 .Da254% EQUD &64726F77 EQUD &666F5F73 EQUD &00000D66 .Da255% EQUD &69727473 EQUD &6F5F676E EQUD &000D6666 .Ba548% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 SWI "OS_NewLine" SWI &000111 MOVNE R0,#&20 ; mode 15 ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" ADR R0,Da251% SWI "OS_Write0" SWI &000111 MOVNE R0,#&80 ; mode 15 ;MOVEQ R0,#&87 ; black background MOVEQ R0,#%10000000 ; black background SWI "OS_WriteC" SWI &000105 MOV R0,#4 ADR R6,Da252% LDR R1,[R6],#4 LDR R2,[R6],#4 SWI "OS_Plot" MOV R0,#&011C LDR R1,[R12,#112] ADR R2,Da253% MOV R5,#0 SWI "OS_SpriteOp" MOV R0,#4 LDR R1,[R6],#4 LDR R2,[R6],#4 SWI "OS_Plot" MOV R0,#&011C LDR R1,[R12,#112] ADR R2,Da254% MOV R5,#0 SWI "OS_SpriteOp" MOV R0,#4 LDR R1,[R6],#4 LDR R2,[R6],#4 SWI "OS_Plot" MOV R0,#&011C LDR R1,[R12,#112] ADR R2,Da255% MOV R5,#0 SWI "OS_SpriteOp" MOV PC,R14 .Ba549% LDR R0,[R12,#1908] CMP R0,#&1F BEQ Ba550% ; mode 15 MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&19 SWI "OS_WriteC" MOV R0,#&19 SWI "OS_WriteC" MOV R0,#&37 SWI "OS_WriteC" MOV R0,#&12 SWI "OS_WriteC" SWI &000111 MOV R0,#&80 SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&18 SWI "OS_WriteC" MOV R0,#&18 SWI "OS_WriteC" MOV R0,#&36 SWI "OS_WriteC" MOV R0,#&11 SWI "OS_WriteC" SWI &000111 MOV R0,#&FF SWI "OS_WriteC" SWI &00010C MOV PC,R14 .Ba550% ; mode 31 MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&19 SWI "OS_WriteC" MOV R0,#&3E SWI "OS_WriteC" MOV R0,#&37 SWI "OS_WriteC" MOV R0,#&2F SWI "OS_WriteC" SWI &000111 ;MOV R0,#&87 ; black background MOV R0,#%10000000 ; black background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&18 SWI "OS_WriteC" MOV R0,#&3D SWI "OS_WriteC" MOV R0,#&36 SWI "OS_WriteC" MOV R0,#&2E SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white background MOV R0,#%10111111 ; white background SWI "OS_WriteC" SWI &00010C MOV PC,R14 .Ba551% BL Ba43% BL Ba635% SWI &000104 SWI "OS_RemoveCursors" BL Ba248% B Ba12% .Ba552% BL Ba572% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 SWI &000111 MOVNE R0,#&20 ; mode 15 ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" ADR R0,Da256% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_NewLine" ADREQ R0,Da258% ADRNE R0,Da257% SWI "OS_Write0" SWI &00011F ; position text cursor MOV R0,#&1B SWI "OS_WriteC" MOVNE R0,#2 MOVEQ R0,#3 SWI "OS_WriteC" ADR R0,Da259% SWI "OS_Write0" SWI &00011F ; position text cursor MOV R0,#&1B SWI "OS_WriteC" MOVNE R0,#4 MOVEQ R0,#7 SWI "OS_WriteC" ADR R0,Da260% SWI "OS_Write0" SWI &00011F ; position text cursor MOV R0,#&1B SWI "OS_WriteC" MOVNE R0,#6 MOVEQ R0,#&0B SWI "OS_WriteC" ADR R0,Da261% SWI "OS_Write0" MOV R6,#7 BL Ba555% BL Ba558% BL Ba293% BL Ba632% MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" .Ba553% SWI "OS_Mouse" CMP R2,#0 BNE Ba559% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&FF MOVEQ R0,#&15 MOVEQ R1,#0 SWIEQ "OS_Byte" CMP R1,#&70 BEQ Ba12% MOV R0,#&91 MOV R1,#0 SWI "OS_Byte" BCS Ba553% MOV R6,#1 BL Ba554% B Ba12% .Ba554% CMP R2,#&99 BEQ Ba565% CMP R2,#&DA BEQ Ba566% CMP R2,#&DB BEQ Ba567% CMP R2,#&89 BEQ Ba568% CMP R2,#&CA BEQ Ba569% CMP R2,#&CB BEQ Ba570% MOV PC,R14 .Da256% EQUD &20202020 EQUD &20202020 EQUD &20202020 EQUD &4D2D2D20 EQUD &656B7261 EQUD &2D2D7372 EQUD &00000000 .Da257% EQUD &20746553 EQUD &39468B20 EQUD &0D0A0D3A EQUD &7465530A EQUD &31468B20 EQUD &0A0D3A30 EQUD &65530A0D EQUD &468B2074 EQUD &003A3131 .Da258% EQUD &530A0D20 EQUD &20207465 EQUD &3A39468B EQUD &0A0D0A0D EQUD &0A0D0A0D EQUD &20746553 EQUD &3031468B EQUD &0D0A0D3A EQUD &0D0A0D0A EQUD &7465530A EQUD &31468B20 EQUD &00003A31 .Da259% EQUD &746F473A EQUD &4620206F EQUD &00000039 .Da260% EQUD &746F473A EQUD &3146206F EQUD &00000030 .Da261% EQUD &746F473A EQUD &3146206F EQUD &00000031 .Da262% EQUD &756C6176 EQUD &0D315F65 .Da263% EQUD &000001AE EQUD &00000354 EQUD &00000254 EQUD &00000384 .Da264% EQUD &000001AE EQUD &00000314 EQUD &00000254 EQUD &00000344 .Da265% EQUD &000001AE EQUD &000002D4 EQUD &00000254 EQUD &00000304 .Ba555% STMFD R13!,{R14} TST R6,#1 BEQ Ba556% ADR R4,Da263% BL Ba466% ADR R2,Da262% ; value ; BL Ba25% .Ba556% TST R6,#2 BEQ Ba557% ADR R4,Da264% BL Ba466% ADR R2,Da262% ; value ; BL Ba25% .Ba557% TST R6,#4 LDMEQFD R13!,{PC} ADR R4,Da265% BL Ba466% ADR R2,Da262% ; value ; BL Ba25% LDMFD R13!,{PC} .Ba558% LDR R0,[R12,#1908] CMP R0,#&1F SWI &00011F ; position text cursor MOV R0,#&0F SWI "OS_WriteC" MOVNE R0,#2 MOVEQ R0,#3 SWI "OS_WriteC" ADR R3,Da269% LDR R0,[R3],#4 LDR R1,[R12,#1704] ADD R1,R1,R12 MOV R2,#&0C SWI "OS_ConvertHex8" TST R6,#1 SWINE "OS_Write0" LDR R0,[R12,#1908] CMP R0,#&1F SWI &00011F ; position text cursor MOV R0,#&0F SWI "OS_WriteC" MOVNE R0,#4 MOVEQ R0,#7 SWI "OS_WriteC" ADR R3,Da270% LDR R0,[R3],#4 LDR R1,[R12,#1704] ADD R1,R1,R12 MOV R2,#&0C SWI "OS_ConvertHex8" TST R6,#2 SWINE "OS_Write0" LDR R0,[R12,#1908] CMP R0,#&1F SWI &00011F ; position text cursor MOV R0,#&0F SWI "OS_WriteC" MOVNE R0,#6 MOVEQ R0,#&0B SWI "OS_WriteC" ADR R3,Da271% LDR R0,[R3],#4 LDR R1,[R12,#1704] ADD R1,R1,R12 MOV R2,#&0C SWI "OS_ConvertHex8" TST R6,#4 SWINE "OS_Write0" MOV PC,R14 .Ba559% ADR R4,Da263% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba560% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba560% B Ba562% .Ba560% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba561% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba561% B Ba563% .Ba561% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPGE R1,R6 ADDLT R4,R4,#8 BLT Ba12% LDR R6,[R4],#4 CMP R0,R6 LDR R6,[R4],#4 CMPLE R1,R6 BGT Ba12% B Ba564% .Ba562% MOV R6,#1 BL Ba555% SWI &000104 LDR R0,[R12,#1908] CMP R0,#&1F SWI &00011F ; position text cursor MOV R0,#&0F SWI "OS_WriteC" MOVNE R0,#2 MOVEQ R0,#3 SWI "OS_WriteC" ADR R0,Da266% MOV R1,#8 MOV R2,#&20 MOV R3,#&80 BL Ba377% CMP R1,#0 BLEQ Ba520% MOV R0,#&10 ADR R1,Da266% MOV R2,#0 SWI "XOS_ReadUnsigned" MOV R7,R2 BIC R7,R7,#3 STR R7,Da269% B Ba12% .Ba563% MOV R6,#2 BL Ba555% SWI &000104 LDR R0,[R12,#1908] CMP R0,#&1F SWI &00011F ; position text cursor MOV R0,#&0F SWI "OS_WriteC" MOVNE R0,#4 MOVEQ R0,#7 SWI "OS_WriteC" ADR R0,Da267% MOV R1,#8 MOV R2,#&20 MOV R3,#&80 BL Ba377% CMP R1,#0 BLEQ Ba520% MOV R0,#&10 ADR R1,Da267% MOV R2,#0 SWI "XOS_ReadUnsigned" MOV R7,R2 BIC R7,R7,#3 STR R7,Da270% B Ba12% .Ba564% MOV R6,#4 BL Ba555% SWI &000104 LDR R0,[R12,#1908] CMP R0,#&1F SWI &00011F ; position text cursor MOV R0,#&0F SWI "OS_WriteC" MOVNE R0,#6 MOVEQ R0,#&0B SWI "OS_WriteC" ADR R0,Da268% MOV R1,#8 MOV R2,#&20 MOV R3,#&80 BL Ba377% CMP R1,#0 BLEQ Ba520% MOV R0,#&10 ADR R1,Da268% MOV R2,#0 SWI "XOS_ReadUnsigned" MOV R7,R2 BIC R7,R7,#3 STR R7,Da271% B Ba12% .Ba565% STMFD R13!,{R0-R5,R14} STR R7,Da269% BL Ba571% LDMFD R13!,{R0-R5,PC} .Ba566% STMFD R13!,{R0-R5,R14} STR R7,Da270% BL Ba571% LDMFD R13!,{R0-R5,PC} .Ba567% STMFD R13!,{R0-R5,R14} STR R7,Da271% BL Ba571% LDMFD R13!,{R0-R5,PC} .Ba568% STMFD R13!,{R14} LDR R7,Da269% CMP R6,#1 LDMEQFD R13!,{PC} BL Ba27% LDMFD R13!,{PC} .Ba569% STMFD R13!,{R14} LDR R7,Da270% CMP R6,#1 LDMEQFD R13!,{PC} BL Ba27% LDMFD R13!,{PC} .Ba570% STMFD R13!,{R14} LDR R7,Da271% CMP R6,#1 LDMEQFD R13!,{PC} BL Ba27% LDMFD R13!,{PC} .Ba571% MOV R0,#1 MVN R1,#&0E MOV R2,#&4B MOV R3,#5 SWI "Sound_Control" MOV PC,R14 .Da266% EQUD &00000000 EQUD &00000000 EQUD &00000000 .Da267% EQUD &00000000 EQUD &00000000 EQUD &00000000 .Da268% EQUD &00000000 EQUD &00000000 EQUD &00000000 .Da269% EQUD &00000000 .Da270% EQUD &00000000 .Da271% EQUD &00000000 .Ba572% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 BEQ Ba573% MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV R0,#&0B SWI "OS_WriteC" MOV R0,#&32 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" SWI &000111 MOV R0,#&80 SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#&0A SWI "OS_WriteC" MOV R0,#&31 SWI "OS_WriteC" MOV R0,#2 SWI "OS_WriteC" SWI &000111 MOV R0,#&FF SWI "OS_WriteC" SWI &00010C SWI &000111 MOV R0,#&20 SWI "OS_WriteC" MOV PC,R14 .Ba573% ; mode 31 MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV R0,#&1F SWI "OS_WriteC" MOV R0,#&32 SWI "OS_WriteC" MOV R0,#&12 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&87 ; black background MOV R0,#%10000000 ; black background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#&1E SWI "OS_WriteC" MOV R0,#&31 SWI "OS_WriteC" MOV R0,#&11 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white background MOV R0,#%10111111 ; white background SWI "OS_WriteC" SWI &00010C SWI &000111 MOV R0,#&20 ; <- I think this is an error ?? SWI "OS_WriteC" MOV PC,R14 .Ba574% ; OS_SetSWIBreak comes here ; configures this module for SWI break trap STMFD R13!,{R12,R14} ; R1 values ; 0 Break Before - SWI breakpoint off (clear) ; 1 Break Before - always interrupt ; 2 Break Before - only if R1 matches ; 3 Break Before - only if R1 AND R2 match ; 4 Break Before - only if R1 AND/OR R2 match ; 5 Break After - always interrupt ; 6 Break After - only if R1 matches ; 7 Break After - only if R1 AND R2 match ; 8 Break After - only if R1 AND/OR R2 match ; 9 OSCLI break - R2 = pointer BL Ba651% ; sets R12 to EQUD block at end of module CMP R1,#9 ; OSCLI break BEQ Ba575% STR R0,[R12,#2368] ; swi_number STR R1,[R12,#2404] ; swi break function code STR R2,[R12,#2408] ; swi form r1 STR R3,[R12,#2412] ; swi form r1_data STR R4,[R12,#2416] ; swi form r2 STR R5,[R12,#2420] ; swi form r2_data STR R6,[R12,#2424] ; swi form X SWIs included = -1 LDMFD R13!,{R12,PC} .Ba575% ; OS_SetSWIBreak - R1=9 OSCLI break STR R0,[R12,#2368] ; swi_number STR R1,[R12,#2404] ; swi break function code MVN R0,#0 STR R0,[R12,#2424] ; X SWIs included = -1 MOV R0,#0 ADD R1,R12,#&0A30 .Ba576% ; OS_SetSWIBreak - R1=9 OSCLI break (cont) LDRB R3,[R2,R0] STRB R3,[R1,R0] CMP R3,#&20 LDMLEFD R13!,{R12,PC} ADD R0,R0,#1 B Ba576% ;another break starts here ;added PSR_break2 for RPi as we need somewhere to save the PSR ;Note - this is not used for s_step .PSR_break2 EQUD &00000000 ; break PSR .Da272% EQUD &00000000 ; break R12 .Da273% EQUD &00000000 ; break R14 .Da274% EQUD &00000000 ; break PC - not used - use for CPSR ?? .Ba577% STR R12,Da272% STR R14,Da273% ;STR PC,Da274% ; used for PC flags MRS R14,CPSR ; read PSR STR R14,PSR_break2 ; save break PSR BL Ba651% ; resets R12 to point at EQUD block STMIA R12,{R0-R11} ; update saved break registers LDR R0,Da272% STR R0,[R12,#48] ; save break R12 STR R13,[R12,#52] ; save break R13 LDR R0,Da273% STR R0,[R12,#56] ; save break R14 LDR R0,PSR_break2 STR R0,[R12,#64] ; save PSR break to #64 LDR R1,[R12,#2404] ; swi break function code SUB R1,R1,#5 ADD PC,PC,R1,LSL #2 MOV R0,R0 B Ba578% B Ba580% B Ba581% B Ba582% .Ba578% ;TEQP PC,#0 ;MOV R1,#0 MSR CPSR_c,#%10000 ; USR32 MOV R1,#0 ; normal escape / normal reset STR R1,[R12,#68] ; break and escape state OS_Byte_200 LDR R7,[R12,#2384] ADD R7,R7,#4 SWI "OS_EnterOS" LDR R0,[R7,#0] ; read instruction at break PC ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 STR R0,[R12,#92] ; save current instruction at break PC BIC R7,R7,#&00000003 ; 32bit stops address corruption STR R7,[R12,#76] ; R7 address of break PC ADD R0,R7,#8 ; restore PC ;LDR R1,Da274% ; must be for the R15 flags LDR R1,PSR_break2 STR R1,[R12,#64] ; PSR - added for 32bit ;AND R1,R1,#&F0000000 ; gets PSR flags from old PC ;ORR R0,R0,R1 STR R0,[R12,#60] ; PC LDR R0,Da285% AND R0,R0,#3 CMP R0,#3 MOVEQ R0,#1 BEQ Ba404% .Ba579% LDR R13,[R12,#84] ; base address of stack ;BL Ba315% LDR R1,[R12,#68] ; break and escape state OS_Byte_200 B Ba8% .Ba580% LDR R0,[R12,#2408] ; swi form r1 LDR R0,[R12,R0,LSL #2] LDR R1,[R12,#2412] ; swi form r1_data CMP R0,R1 BEQ Ba578% B Ba583% .Ba581% LDR R0,[R12,#2408] ; swi form r1 LDR R0,[R12,R0,LSL #2] LDR R1,[R12,#2412] ; swi form r1_data CMP R0,R1 BNE Ba583% LDR R0,[R12,#2416] ; swi form r2 LDR R0,[R12,R0,LSL #2] LDR R1,[R12,#2420] ; swi form r2_data CMP R0,R1 BEQ Ba578% B Ba583% .Ba582% LDR R0,[R12,#2408] ; swi form r1 LDR R0,[R12,R0,LSL #2] LDR R1,[R12,#2412] ; swi form r1_data CMP R0,R1 BEQ Ba578% LDR R0,[R12,#2416] ; swi form r2 LDR R0,[R12,R0,LSL #2] LDR R1,[R12,#2420] ; swi form r2_data CMP R0,R1 BEQ Ba578% B Ba583% .Ba583% BL Ba591% LDR R1,[R12,#2384] ADD R1,R1,#4 STR R1,[R12,#60] ; PC ;LDR R1,Da274% ; reload PC flags ;TEQP PC,R1 LDR R1,[R12,#64] ; reload saved break PSR MSR CPSR_cf,R1 ; LDMIA R12,{R0-PC}; bang - go back to somewhere .Ba584% ;module initialisation code STMFD R13!,{R12,R14} MOV R2,R12 BL Ba651% ; sets R12 to EQUD block at end of module BL Ba362% ADR R1,Da289% MOV R0,#&1C ; tickerV MOV R2,#0 SWI "OS_Claim" MOV R0,#&0100 ADD R0,R0,#2 ; SWI vector ADR R1,Da278% ; address of replacement routine SWI "OS_ClaimProcessorVector" STR R1,Da275% ; save address of original routine BL Ba281% LDMFD R13!,{R12,R14} MOV PC,R14 ; 32bit S removed .Da275% EQUD &00000000 ; address of original SWI routine EQUD &000003AC .Da276% EQUD &00000000 ; set to 2 if a SWI has been trapped, else 0 .Ba585% ; OS_ReadSwiCondition STMFD R13!,{R12,R14} BL Ba651% ; sets R12 to EQUD block at end of module LDR R0,[R12,#2404] ; swi break function code LDMFD R13!,{R12,PC} .Da277% EQUD &00000000 ; vector number = 2 for SWI vector .Da278% ; claimed SWI vector entry point - new routine STR R0,Da277% ; vector number LDR R0,Da276% CMP R0,#0 LDRNE R0,Da277% ; vector number - gets overwritten below ?? LDRNE PC,Da275% ; return to original SWI routine MOV R0,#1 STR R0,Da276% LDR R0,Da277% ; vector number 2 = SWI vector STR R0,Da279% ADR R0,Da279% STMIB R0,{R1-PC} ;MRS R1,SPSR_all ; original code for SA RPC ADR R0,Da282% ; 32bit now used to store PSR MRS R1,SPSR ; this was not used - R1 was overwritten ?? STR R1,[R0,#0]; 32bit - save PSR SUB R14,R14,#4 ; ; redundant code commented out ;LDR R0,Da282% ; was &3FFFFFFC, now &FFFFFFFF ;AND R1,R14,R0 ; MOV R1,R14 ; 32bit new instruction ;LDR R0,[R1,#0] ; < crashed here v16. R1 = 3c018ef8 LDR R0,[R14,#0] ; < crashed here v19. R14 = FC018ef8 BL Ba651% ; resets R12 to point to our module's stuff STR R1,[R12,#2384] ; saved break PC STR R0,[R12,#2400] ; SWI instruction STR R0,Da283% ; SWI break decode logic LDR R2,[R12,#2404] ; SWI trap function number ADD PC,PC,R2,LSL #2 MOV R0,R0 B Ba586% ; 0 SWI breakpoint off (clear) B Ba587% ; 1 Break Before - always interrupt B Ba588% ; 2 Break Before - only if R1 matches B Ba589% ; 3 Break Before - only if R1 AND R2 match B Ba590% ; 4 Break Before - only if R1 AND/OR R2 match B Ba587% ; 5 Break After - always interrupt B Ba587% ; 6 Break After - only if R1 matches B Ba587% ; 7 Break After - only if R1 AND R2 match B Ba587% ; 8 Break After - only if R1 AND/OR R2 match B Ba586% ; 9 OSCLI break - R2 = pointer ;EQUD &EA000004 ; branch instruction, offset 4 ? .Ba586% ; SWI breakpoint off (clear) ; return to sender MOV R0,#0 ;STR R0,[R12,#2404] ; 32bit added - clear SWI function no. STR R0,Da276% ADR R0,Da279% LDMIA R0,{R0-R14} LDR PC,Da275% .Ba587% ; SWI - 1 Break Before - always interrupt, 6/7/8 Break After LDR R0,[R12,#2400] ; SWI instruction LDR R2,[R12,#2424] ; X SWIs included = -1 CMP R2,#0 LDRNE R2,[R12,#2428] ; not used ?? set to 0 ANDNE R0,R0,R2 LDR R1,[R12,#2368] ; swi number MVN R2,#0 MOV R2,R2,LSR #8 AND R0,R0,R2 CMP R0,R1 BEQ Ba593% MOV R0,#0 ;STR R0,[R12,#2404] ; 32bit added - clear SWI function no. STR R0,Da276% ADR R0,Da279% LDMIA R0,{R0-R14} LDR PC,Da275% .Ba588% ; SWI - 2 Break Before - only if R1 matches LDR R0,[R12,#2400] ; SWI instruction LDR R2,[R12,#2424] ; X SWIs included = -1 CMP R2,#0 LDRNE R2,[R12,#2428] ; not used ?? set to 0 ANDNE R0,R0,R2 LDR R1,[R12,#2368] ; swi_number MVN R2,#0 MOV R2,R2,LSR #8 AND R0,R0,R2 CMP R0,R1 BNE Ba586% ; return to sender LDR R0,[R12,#2408] ; swi form r1 ADR R1,Da279% LDR R0,[R1,R0,LSL #2] LDR R1,[R12,#2412] ; swi form r1_data CMP R0,R1 BEQ Ba593% ; process swi break B Ba586% ; return to sender .Ba589% ; SWI - 3 Break Before - only if R1 AND R2 match LDR R0,[R12,#2400] ; SWI instruction LDR R2,[R12,#2424] ; X SWIs included = -1 CMP R2,#0 LDRNE R2,[R12,#2428] ; not used ?? set to 0 ANDNE R0,R0,R2 LDR R1,[R12,#2368] ; swi_number MVN R2,#0 MOV R2,R2,LSR #8 AND R0,R0,R2 CMP R0,R1 BNE Ba586% ; return to sender LDR R0,[R12,#2408] ; swi form r1 ADR R1,Da279% LDR R0,[R1,R0,LSL #2] LDR R1,[R12,#2412] ; swi form r1_data CMP R0,R1 BNE Ba586% ; return to sender LDR R0,[R12,#2416] ; swi form r2 ADR R1,Da279% LDR R0,[R1,R0,LSL #2] LDR R1,[R12,#2420] ; swi form r2_data CMP R0,R1 BEQ Ba593% ; process swi break B Ba586% ; return to sender .Ba590% ; SWI - 4 Break Before - only if R1 AND/OR R2 match LDR R0,[R12,#2400] ; SWI instruction LDR R2,[R12,#2424] ; X SWIs included = -1 CMP R2,#0 LDRNE R2,[R12,#2428] ; not used ?? set to 0 ANDNE R0,R0,R2 LDR R1,[R12,#2368] ; swi_number MVN R2,#0 MOV R2,R2,LSR #8 AND R0,R0,R2 CMP R0,R1 BNE Ba586% ; return to sender LDR R0,[R12,#2408] ; swi form r1 ADR R1,Da279% LDR R0,[R1,R0,LSL #2] LDR R1,[R12,#2412] ; swi form r1_data CMP R0,R1 BEQ Ba593% ; process swi break LDR R0,[R12,#2416] ; swi form r2 ADR R1,Da279% LDR R0,[R1,R0,LSL #2] LDR R1,[R12,#2420] ; swi form r2_data CMP R0,R1 BEQ Ba593% ; process swi break B Ba586% ; return to sender .Da279% ; save registers at the time of intercepting the SWI vector ; registers R1-R12 EQUD &00000000 ; vector number 2 = SWI ? EQUD &00000000 ; R1 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; R11 .Da280% ; registers R12,R13 EQUD &00000000 EQUD &00000000 .Da281% ; registers R14,R15 EQUD &00000000 EQUD &00000000 .Da282% ;no longer used ;EQUD &3FFFFFFC ; RPC ;EQUD &FFFFFFFF ; RPi ; re-used to save PSR at the time of a SWI intercept EQUD &00000000 ; PSR at time of SWI trap .mask32 ; added new word as this value cannot be an ARM constant EQUD &F000001F ; was F0000003 in 26bit (see below) .Ba591% ; return MOV R0,#0 STR R0,Da276% MOV PC,R14 .Ba592% MRS R1,SPSR LDR R0,mask32 ; v83 added &F000001F ;AND R1,R1,#&F0000003 AND R1,R1,R0 ; v83 STR R1,Da285% ADR R1,Da283% ADD R2,R1,#4 MOV R0,#1 ; cache flush request SWI "XOS_MMUControl" LDR R1,Da285% ;MSR CPSR_all,R1 MSR CPSR_cf,R1 ADR R0,Da279% LDMIA R0,{R0-R12} .Da283% ANDEQ R0,R0,R0 ; <- another sandbox B Ba577% EQUD &00000000 .Da284% EQUD &00000000 .Da285% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Ba593% ; process swi break LDR R1,[R12,#2404] ; swi trap function number CMP R1,#9 ; 9 OSCLI break - R2 = pointer BEQ Ba597% CMP R1,#5 BGE Ba592% ;Ba594 not referenced anywhere ?? .Ba594% ; process swi break MRS R1,SPSR ; original RPC - note stored PSR here ;MRS R1,SPSR_all ;AND R2,R1,#&F0000003 LDR R0,mask32 ; v83 added &F000001F AND R2,R1,R0 ; v83 re-instated on review STR R2,Da284% STR R2,[R12,#64] ; update break PSR (original instruction) ;BIC R2,R2,#&DF ; 26bit ;ORR R2,R2,#3 ; 26bit ;BIC R2,R2,#&EF ; 32bit clears everything except M4 ;ORR R2,R2,#13 ; 32bit restart in SVC mode MOV R2,#&13 ; 32bit restart in SVC mode ;MSR CPSR_all,R2 ; original RPC ;MSR CPSR_c,R2 MSR CPSR_cf,R2 ; added 'f' flags B054 ADR R0,Da279% ; saved registers at the time of SWI LDMIA R0,{R0-R11} ; re-load original registers STMIA R12,{R0-R11} ; written to break registers LDR R0,Da280% ; load saved R12 STR R0,[R12,#48] ; break register R12 LDR R0,[R12,#2400] ; SWI instruction STR R0,[R12,#92] LDR R0,[R12,#2384] BIC R0,R0,#&00000003 ; 32bit stops address corruption STR R0,[R12,#76] ; break PC actual address ADD R0,R0,#8 ; PC being restored LDR R1,Da284% ; SPSR from above ;AND R2,R1,#&F0000000 ; mistake on 26bit? Should be R1 ? ;ORR R0,R0,R1 STR R1,[R12,#64] ; save break PSR STR R0,[R12,#60] ; save break PC LDR R0,[R12,#64] ; 64 was also used by Theo on RPC here ;AND R0,R0,#3 ; check for SVC26 mode AND R0,R0,#&13 ; check for SVC32 mode ;CMP R0,#3 CMP R0,#&13 ; check for SVC32 mode STREQ R13,[R12,#52]; save R13 break LDREQ R14,Da281% ; load saved R14 STREQ R14,[R12,#56]; save R14 break STR R13,[R12,#924] ; R13_svc STR R14,[R12,#928] ; R14_svc ;TEQP PC,#0 ;MOV R0,R0 MSR CPSR_c,#%10000 ; USR32 LDR R0,[R12,#64] ; PSR ;AND R0,R0,#3 ; check for SVC26 mode AND R0,R0,#&13 ; check for SVC32 mode ;CMP R0,#3 CMP R0,#&13 ; check for SVC32 mode STRNE R13,[R12,#52] STRNE R14,[R12,#56] STR R13,[R12,#916] ; R13_usr STR R14,[R12,#920] ; R14_usr MOV R0,#1 STR R0,[R12,#912] STREQ R0,[R12,#396] ; sandbox running in 0=USR, 1=SVC LDR R13,[R12,#84] ; base address of stack BL Ba385% ;BL Ba315% MOV R1,#1 STR R1,[R12,#2680] MOV R1,#0 STR R1,[R12,#68] ; break and escape state OS_Byte_200 B Ba8% .Da286% EQUD &00000000 .Da287% EQUD &00000000 .Da288% EQUD &00000000 ; R13 temp store .Da289% STMFD R13!,{R0-R12,R14} ; ticker routine STR R13,Da288% LDR R0,Da286% CMP R0,#2 LDMEQFD R13!,{R0-R12,PC} MOV R8,#0 ;MOV R9,PC ; 26bit MRS R9,CPSR ; 32bit ORR R8,R9,#3 ; set SVC26 or SVC32 ;TEQP R8,#0 ;MOV R0,R0 MSR CPSR_c,R8 ; 32bit switch to SVC (allowed from USR??) MOV R0,R0 ; is NOP required on 32bit processors ? ; sets up <-> keys to break to Da298 below STR R14,Da287% MOV R0,#&79 MOV R1,#&80 ; shift = 0, EOR 80 SWI "XOS_Byte" TEQ R1,#&FF BNE Ba595% MOV R1,#&81 ; ctrl = 1, EOR 80 SWI "XOS_Byte" TEQ R1,#&FF BNE Ba595% ; v127 60 = keypad enter, 61 = insert MOV R1,#&BB + instantiation% ; keypad- = 59 (for ins. = 0) SWI "XOS_Byte" TEQ R1,#&FF BNE Ba595% MOV R0,#2 STR R0,Da286% ;TEQP PC,R8 MSR CPSR_c,R8 ; 32bit switch to SVC mode MOV R0,R0 ; NOP ADR R0,Da298% ; entry point SWI "OS_AddCallBack" .Ba595% LDR R14,Da287% ;TEQP R9,#0 ;MOV R0,R0 MSR CPSR_c,R9 LDR R13,Da288% LDMFD R13!,{R0-R12,PC} .Ba596% MOV R0,#0 STR R0,Da286% MOV PC,R14 .Ba597% ; oscli break comes here ; 9 OSCLI break - R2 = pointer LDR R0,Da279% ADD R1,R12,#&0A30 MOV R2,#0 .Ba598% LDRB R3,[R0,R2] LDRB R4,[R1,R2] AND R3,R3,#&5F CMP R4,#&20 BLE Ba594% ; process swi break CMP R3,R4 BNE Ba586% ADD R2,R2,#1 B Ba598% ; register allocations are wrong in these comments ?? check .psr_4 EQUD &00000000 ; PSR .Da290% EQUD &00000000 ; R0 .Da291% EQUD &00000000 ; R1 .Da292% EQUD &00000000 ; R2 EQUD &00000000 ; R3 EQUD &00000000 ; R4 EQUD &00000000 ; R5 EQUD &00000000 ; R6 EQUD &00000000 ; R7 EQUD &00000000 ; R8 EQUD &00000000 ; R9 .Da293% EQUD &00000000 ; R10 .Da294% EQUD &00000000 ; R11 .Da295% EQUD &00000000 ; R12 .Da296% EQUD &00000000 ; R13 .Da297% EQUD &00000000 ; R14 EQUD &00000000 ; PC EQUD &00000000 ; PC+8 ?? possible side effect of STMIB ?? EQUD &00000000 ; PC+12 ?? possible side effect of STMIB ?? .Da298% ; entry point for <-(keypad minus)> STR R0,Da290% ; save R0 ADR R0,Da290% STMIB R0,{R1-PC} ; save break registers MRS R0,CPSR ; 32bit read break PSR STR R0,psr_4 ; 32bit save break PSR to local storage ;TEQP PC,#0 ;MOV R0,R0 ; commented out MSR - fix for B049 ;MSR CPSR_c,#%10000 ; switch to USR32 mode ; load registers from stack at R13 in system workspace LDR R1,Da296% LDR R0,[R1,#0] STR R0,Da299% LDR R2,[R1,#8] LDR R3,[R1,#12] LDR R4,[R1,#16] LDR R5,[R1,#20] LDR R6,[R1,#24] LDR R10,[R1,#48] ; R12 LDR R11,[R1,#52] ; R13 LDR R12,[R1,#56] ; R14 LDR R0,[R1,#44] ; R10 - what's special about R10 ? STR R0,Da301% ; R15 break LDR R1,[R1,#4] ; R1 ADR R0,Da299% STMIB R0,{R1-R14} ; save break registers to base Da299% LDR R0,[R0,#0] ; reading system workspace needs to in SVC on RO5.30 B049 MSR CPSR_c,#%10000 ; switch to USR32 mode BL Ba651% ; reload R12 to point at EQUDs STMIA R12,{R0-R11} ; update break registers 0-11 ADR R0,Da300% LDMIA R0,{R1-R3} STR R1,[R12,#48] ; R12 STR R2,[R12,#52] ; R13 STR R3,[R12,#56] ; R14 LDR R7,Da301% STR R7,[R12,#60] ; break PC ;BIC R7,R7,#&FC000003 ; 26bit ; save break PC without flags BIC R7,R7,#&00000003 ; 32bit ensure address word aligned STR R7,[R12,#76] ; 76 is break PC without flags ; save break PSR LDR R0,psr_4 ; saved break PSR STR R0,[R12,#64] ; break PSR LDR R13,[R12,#84]; base address of stack ;BL Ba315% ; checks that R7 is a valid RO address MOV R0,#&C8 ; read or write break and escape state MOV R1,#1 MOV R2,#0 SWI "OS_Byte" SWI "OS_EnterOS" LDR R1,[R7,#0] ; load instruction at break PC address STR R1,[R12,#92] ; break instruction ;TEQP PC,#0 ;MOVNV R0,R0 MSR CPSR_c,#%10000 ; USR32 MOV R1,#3 ; escape disabled and power on reset STR R1,[R12,#68] ; escape disabled/power on reset bits B Ba8% .PSR_break3 EQUD &00000000 ; break PSR .Da299% EQUD &00000000 ; R0 EQUD &00000000 ; R1 EQUD &00000000 ; R2 EQUD &00000000 ; R3 EQUD &00000000 ; R4 EQUD &00000000 ; R5 EQUD &00000000 ; R6 EQUD &00000000 ; R7 EQUD &00000000 ; R8 EQUD &00000000 ; R9 EQUD &00000000 ; R10 EQUD &00000000 ; R11 .Da300% EQUD &00000000 ; R12 EQUD &00000000 ; R13 EQUD &00000000 ; R14 .Da301% EQUD &00000000 ; R15 break .Ba599% ; return to caller after CTRL-SHFT-minus MOV R2,#0 ; normal escape / normal reset STR R2,[R12,#68] ; break and escape state OS_Byte_200 ; B049 RO5.30 writing to system workspace needs to be in SVC mode SWI "OS_EnterOS" LDR R5,Da296% LDR R7,[R12,#0] ; R0 break STR R7,[R5,#0] LDR R7,[R12,#4] ; R1 STR R7,[R5,#4] LDR R7,[R12,#8] ; R2 STR R7,[R5,#8] LDR R7,[R12,#12]; R3 STR R7,[R5,#12] LDR R7,[R12,#16]; R4 STR R7,[R5,#16] LDR R7,[R12,#20]; R5 STR R7,[R5,#20] LDR R7,[R12,#24]; R6 STR R7,[R5,#24] LDR R7,[R12,#40]; R10 STR R7,[R5,#48] LDR R7,[R12,#44]; R11 STR R7,[R5,#52] LDR R7,[R12,#48]; R12 STR R7,[R5,#56] LDR R7,[R12,#60] ; PC SUB R7,R7,#8 STR R7,[R5,#44] ; break PC copy at R9 ? ; B049 mode switch added for RO5.30 MSR CPSR_c,#%10000 ; switch to USR32 mode MOV R0,#0 STR R0,Da286% ; re-load break PSR back into local store v137 LDR R7,[R12,#64] ; 32bit reload PSR v137 STR R7,PSR_break3 ; 32bit v137 LDMIA R12,{R0-R14} ; reload break registers LDR R0,Da290% LDR R1,Da291% LDR R2,Da292% LDR R10,Da293% LDR R11,Da294% LDR R12,Da295% SWI "OS_EnterOS" LDR R13,Da296% ; reload R13_SVC ; 32bit reload PSR in SVC mode LDR R14,PSR_break3 ; reload R14_SVC MSR CPSR_cf,R14 ; reload PSR LDR R14,Da297% ;LDR R14,Da301% ; test v143 ;SUB R14,R14,#8 ; test v143 MOV PC,R14 .Ba600% ; module finalisation code STMFD R13!,{R14} MOV R0,#&1C ; tickerV ADR R1,Da289% ; existing ticker routine MOV R2,#0 SWI "OS_Release" LDR R1,Da275% ; address of original routine MOV R0,#2 ; FNlong_adr(" ",2,Da278%) ; address of replacement routine ;ADR R2,Da278% SWI "OS_ClaimProcessorVector" ; LDMFD R13!,{R14} MOV PC,R14 ; S removed .Ba601% STMFD R13!,{R0-R3} BL Ba616% BL Ba293% SWI "OS_RestoreCursors" MOV R0,#&0F MOV R1,#1 SWI "OS_Byte" .Ba602% SWI "OS_WriteS" EQUW &0A0D EQUS "Enter Expression:" EQUB &00 ADR R0,Da302% MOV R1,#&25 MOV R2,#&20 MOV R3,#&7F BL Ba377% CMP R1,#0 BEQ Ba603% B Ba604% .Ba603% MOV R0,#&7C SWI "OS_Byte" SWI "OS_RemoveCursors" LDMFD R13!,{R0-R3} B Ba12% .Ba604% ADR R0,Da302% LDRB R2,[R0,#0] CMP R2,#&0D BEQ Ba603% MOV R2,#0 .Ba605% CMP R2,R1 BEQ Ba607% CMP R2,#&64 MOVEQ R2,#&0D STREQB R2,[R0,#99] BEQ Ba607% LDRB R3,[R0,R2] ADD R2,R2,#1 CMP R3,#&25 BNE Ba605% MOV R3,#&32 SUB R4,R2,#1 STRB R3,[R0,R4] MOV R3,#&5F ADD R1,R1,#1 ADD R2,R2,#1 .Ba606% ADD R4,R4,#1 LDRB R5,[R0,R4] STRB R3,[R0,R4] MOV R3,R5 CMP R4,R1 BLS Ba606% ; LS = lower than or the same (unsigned) BHI Ba605% ; HI = higher than (unsigned) .Ba607% ADR R1,Da302% MOV R2,#&64 LDRB R3,[R0],#0 CMP R3,#&40 ADDEQ R0,R0,#1 MOVEQ R6,#1 MOVNE R6,#0 SWI "XOS_EvaluateExpression" BVS Ba614% CMP R1,#0 BEQ Ba608% SWI "OS_WriteS" EQUS "Not an integer result" EQUW &0007:EQUB &00 B Ba602% .Ba608% SWI "OS_NewLine" SWI "OS_WriteS" EQUS "=&" EQUW &0000 MOV R1,#&1C .Ba609% MOV R0,R2,LSR R1 AND R0,R0,#&0F ADD R0,R0,#&30 CMP R0,#&39 ADDHI R0,R0,#7 SWI "OS_WriteC" SUBS R1,R1,#4 BPL Ba609% SWI &000120 ;Character SWI &00013D ;Character = MOV R3,R2 MOV R0,R2 ADR R1,Da302% MOV R2,#&64 SWI "XOS_BinaryToDecimal" MOV R0,R1 MOV R1,#0 STRB R1,[R0,R2] SWI "OS_Write0" CMP R6,#0 BEQ Ba613% CMP R2,#&0B SWINE "OS_NewLine" MOV R0,R3 ADR R1,Da302% MOV R2,#&64 SWI "XOS_ConvertBinary4" ADR R1,Da302% SWI "OS_WriteS" EQUS "=%" EQUW &0000 MOV R2,#1 .Ba610% MOV R3,#3 .Ba611% MOV R4,#3 .Ba612% LDRB R0,[R1],#1 SWI "OS_WriteC" SUBS R4,R4,#1 BPL Ba612% SUBS R3,R3,#1 SWIPL &000120 ;Character BPL Ba611% CMP R2,#1 BNE Ba613% MOV R2,#0 SWI "OS_WriteS" EQUW &0A0D EQUS " " EQUD &00000000 B Ba610% .Ba613% B Ba602% .Ba614% SWI &000107 ADD R1,R0,#4 .Ba615% LDRB R0,[R1],#1 CMP R0,#&20 SWICS "OS_WriteC" BCS Ba615% B Ba602% .Da302% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Ba616% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 BEQ Ba617% ; mode 15 MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV R0,#8 SWI "OS_WriteC" MOV R0,#&46 SWI "OS_WriteC" MOV R0,#4 SWI "OS_WriteC" SWI &000111 MOV R0,#&80 SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#7 SWI "OS_WriteC" MOV R0,#&45 SWI "OS_WriteC" MOV R0,#3 SWI "OS_WriteC" SWI &000111 MOV R0,#&FF SWI "OS_WriteC" SWI &00010C SWI &000111 MOV R0,#&20 SWI "OS_WriteC" MOV PC,R14 .Ba617% ; mode 31 MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&46 SWI "OS_WriteC" MOV R0,#&18 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&87 ; black background MOV R0,#%10000000 ; black background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#&1B SWI "OS_WriteC" MOV R0,#&45 SWI "OS_WriteC" MOV R0,#&17 SWI "OS_WriteC" SWI &000111 ;MOV R0,#&80 ; white background MOV R0,#%10111111 ; white background SWI "OS_WriteC" SWI &00010C SWI &000111 ;MOV R0,#8 ; blue MOV R0,#%00110000 ; blue SWI "OS_WriteC" MOV PC,R14 .Ba618% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0F SWI "OS_WriteC" MOV R0,#9 MOVEQ R0,#&1C SWI "OS_WriteC" MOV R0,#&32 SWI "OS_WriteC" MOV R0,#4 MOVEQ R0,#&17 SWI "OS_WriteC" SWI &000111 MOV R0,#&80 ;MOVEQ R0,#&87 ; black background MOVEQ R0,#%10000000 ; black background SWI "OS_WriteC" SWI &00010C MOV R0,#&1C SWI "OS_WriteC" MOV R0,#&0E SWI "OS_WriteC" MOV R0,#8 MOVEQ R0,#&1B SWI "OS_WriteC" MOV R0,#&31 SWI "OS_WriteC" MOV R0,#3 MOVEQ R0,#&16 SWI "OS_WriteC" SWI &000111 MOV R0,#&FF ;MOVEQ R0,#&80 ; white background MOVEQ R0,#%10111111 ; white background SWI "OS_WriteC" SWI &00010C SWI &000111 MOV R0,#&20 ;MOVEQ R0,#8 ; blue MOVEQ R0,#%00110000 ; blue SWI "OS_WriteC" SWI "OS_NewLine" SWI "OS_NewLine" MOV PC,R14 .Ba619% STMFD R13!,{R14} BL Ba618% SWI &00010B SWI &00010B ADR R0,Da304% SWI "OS_Write0" MOV R0,#&0F MOV R1,#0 SWI "OS_Byte" ADR R0,Da308% MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 LDMEQFD R13!,{PC} MOV R0,#&10 ADR R1,Da308% MOV R2,#&FF SWI "XOS_ReadUnsigned" BVS Ba625% STR R2,Da306% STMFD R13!,{R7} STMFD R13!,{R2} MOV R7,R2 ;BL Ba315% B Ba622% ; RGPB added as part of removing Ba315 checks ADD R3,R12,#&0990 STR R3,Da303% LDR R4,[R3,#0] LDR R5,[R3,#4] ;BIC R7,R7,#&80000000 .Ba620% ; check that R7 is within the memory bounds ; keep incrementing R7 until it is within memory bounds CMP R4,#1 MOVEQ R7,#0 BEQ Ba622% CMP R7,R4 ;BGE Ba621% ; 32bit HI/LS BEQ Ba621% BHI Ba621% MOV R7,R4 B Ba622% .Ba621% CMP R7,R5 ;BLT Ba622% ; 32bit HI/LS BEQ Ba621a% BLS Ba622% .Ba621a% ADD R3,R3,#8 LDR R4,[R3,#0] LDR R5,[R3,#4] B Ba620% .Ba622% LDMFD R13!,{R2} CMP R7,R2 LDMFD R13!,{R7} BNE Ba625% SWI "OS_NewLine" ADR R0,Da305% SWI "OS_Write0" ADR R0,Da308% MOV R1,#8 MOV R2,#&20 MOV R3,#&7B BL Ba377% CMP R1,#0 LDMEQFD R13!,{PC} MOV R0,#&10 ADR R1,Da308% MOV R2,#&FF SWI "XOS_ReadUnsigned" BVS Ba626% STR R2,Da307% MOV R1,#1 STR R1,Da309% BL Ba226% LDMFD R13!,{PC} .Da303% EQUD &00000000 .Da304% EQUD &20202020 EQUD &6F472D2D EQUD &746E7520 EQUD &21206C69 EQUD &72646441 EQUD &20737365 EQUD &2E3C203D EQUD &2D2D3E2E EQUD &0A0D0A0D EQUD &65746E45 EQUD &64612072 EQUD &73657264 EQUD &00263A73 .Da305% EQUD &65746E45 EQUD &61562072 EQUD &2065756C EQUD &00263A20 .Da306% EQUD &00000000 .Da307% EQUD &00000000 .Da308% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Da309% EQUD &00000000 .Ba623% LDR R0,Da309% CMP R0,#0 MOVEQ PC,R14 LDR R0,Da306% LDR R0,[R0,#0] LDR R1,Da307% CMP R1,R0 BEQ Ba230% MOV PC,R14 .Ba624% MOV R0,#0 STR R0,Da309% MOV PC,R14 .Ba625% ; Illegal address BL Ba618% SWI &00010B SWI &00010B ADR R0,Da310% SWI "OS_Write0" BL Ba627% LDMFD R13!,{PC} .Ba626% ; Illegal word BL Ba618% SWI &00010B SWI &00010B ADR R0,Da311% SWI "OS_Write0" BL Ba627% LDMFD R13!,{PC} ; this code never gets called ? ; label missing ? Seems so. ; Illegal register BL Ba618% SWI &00010B SWI &00010B ADR R0,Da312% SWI "OS_Write0" BL Ba627% LDMFD R13!,{PC} .Ba627% STMFD R13!,{R14} BL Ba632% .Ba628% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&70 MOVEQ R0,#&7C SWIEQ "OS_Byte" CMP R1,#&FF MOV R0,#&0F MOV R1,#0 SWINE "OS_Byte" BNE Ba629% SWI "OS_Mouse" CMP R2,#0 BNE Ba629% B Ba628% .Ba629% BL Ba632% LDMFD R13!,{PC} .Da310% ;--ERROR-- ;Illegal address EQUD &20202020 EQUD &20202020 EQUD &20202020 EQUD &452D2D20 EQUD &524F5252 EQUD &0D0A2D2D EQUD &20200D0A EQUD &20202020 EQUD &20202020 EQUD &656C6C49 EQUD &206C6167 EQUD &72646461 EQUD &00737365 .Da311% ;--ERROR-- ;Illegal word EQUD &20202020 EQUD &20202020 EQUD &20202020 EQUD &452D2D20 EQUD &524F5252 EQUD &0D0A2D2D EQUD &20200D0A EQUD &20202020 EQUD &20202020 EQUD &656C6C49 EQUD &206C6167 EQUD &64726F77 EQUD &00000000 .Da312% ;--ERROR-- ;Illegal register EQUD &20202020 EQUD &20202020 EQUD &20202020 EQUD &452D2D20 EQUD &524F5252 EQUD &0D0A2D2D EQUD &20200D0A EQUD &20202020 EQUD &20202020 EQUD &656C6C49 EQUD &206C6167 EQUD &69676552 EQUD &72657473 EQUD &00000000 .Da313% ;--ERROR-- EQUD &20202020 EQUD &20202020 EQUD &20202020 EQUD &452D2D20 EQUD &524F5252 EQUD &00002D2D .Ba630% STMFD R13!,{R1} CMP R1,#1 SWI &00010C ADD R1,R0,#4 ADR R0,Da313% SWI "OS_Write0" SWI "OS_NewLine" SWI "OS_NewLine" .Ba631% LDRB R0,[R1],#1 CMP R0,#&20 SWICS "OS_WriteC" BCS Ba631% BL Ba627% LDMFD R13!,{R1} CMP R1,#1 BEQ Ba12% CMP R1,#2 BEQ Ba48% LDMFD R13!,{PC} .Ba632% STMFD R13!,{R14} .Ba633% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&FF BNE Ba633% SWI "OS_Mouse" CMP R2,#0 BNE Ba633% LDMFD R13!,{R14} ; <-- doesn't load PC ? MOV PC,R14 ; S removed .Ba634% LDR R0,[R4],#4 LDR R1,[R4],#4 LDR R2,[R4],#4 SWI "OS_Plot" MOV PC,R14 .Ba635% LDR R0,[R12,#1908] CMP R0,#&1F ; mode 31 (correct = at 1908) BEQ Ba639% ; draws registers on screen STMFD R13!,{R14} SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOV R0,#&3F ; cyan ? MOV R0,#%00101000 ; cyan ? SWI "OS_WriteC" ADR R4,Da320% LDR R0,[R4],#4 .Ba636% LDR R1,[R4],#4 LDR R2,[R4],#4 SWI "OS_Plot" LDR R0,[R4],#4 CMP R0,#&8000 BNE Ba636% SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOV R0,#0 ; white MOV R0,#%00111111 ; white SWI "OS_WriteC" LDR R0,[R4],#4 .Ba637% LDR R1,[R4],#4 LDR R2,[R4],#4 SWI "OS_Plot" LDR R0,[R4],#4 CMP R0,#&8000 BNE Ba637% BL Ba634% ADR R2,Da314% BL Ba25% BL Ba634% ADR R2,Da315% BL Ba25% BL Ba634% ADR R2,Da316% BL Ba25% BL Ba634% ADR R2,Da317% BL Ba25% BL Ba634% STMFD R13!,{R0-R2} MOV R9,#0 MOV R8,R12 ; R8 = base address of register values .Ba638% ;this code also plots register values ADR R2,Da318% BL Ba25% ; register number sprite LDMFD R13!,{R0-R2} STMFD R13!,{R0-R2} ADD R1,R1,#&50 SWI "OS_Plot" ADR R2,Da319% BL Ba25% ; sprite behind register hex LDMFD R13!,{R0-R2} STMFD R13!,{R0-R2} ADD R1,R1,#&0C ADD R2,R2,#&28 SWI "OS_Plot" SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOV R0,#&34 ; grey ? MOV R0,#%00000100 ; grey ? SWI "OS_WriteC" MOV R0,#&52 SWI "OS_WriteC" MOV R0,R9 ADD R9,R9,#1 ADR R1,Da321% MOV R2,#&10 SWI "OS_ConvertCardinal1" SWI "OS_Write0" SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOV R0,#0 ; white MOV R0,#%00111111 ; white SWI "OS_WriteC" LDMFD R13!,{R0-R2} STMFD R13!,{R0-R2} ADD R1,R1,#&72 ADD R2,R2,#&28 SWI "OS_Plot" LDR R0,[R8],#4 ADR R1,Da321% MOV R2,#&10 SWI "OS_ConvertHex8" SWI "OS_Write0" LDMFD R13!,{R0-R2} ADD R1,R1,#&012C CMP R1,#&03E8 STMLTFD R13!,{R0-R2} SWILT "OS_Plot" BLT Ba638% MOV R1,#&32 CMP R2,#&3C SUBGT R2,R2,#&5A SWIGT "OS_Plot" STMFD R13!,{R0-R2} BGT Ba638% LDMFD R13!,{R0-R2} B Ba280% .Ba639% ; module register plotting code STMFD R13!,{R14} SWI &000112 MOV R0,#0 SWI "OS_WriteC" MOV R0,#0 SWI "OS_WriteC" ADR R4,Da320% LDR R0,[R4],#4 .Ba640% LDR R1,[R4],#4 LDR R2,[R4],#4 SWI "OS_Plot" LDR R0,[R4],#4 CMP R0,#&8000 BNE Ba640% SWI &000112 MOV R0,#0 SWI "OS_WriteC" ;MOV R0,#7 ; black MOV R0,#%00000000 ; black SWI "OS_WriteC" LDR R0,[R4],#4 .Ba641% LDR R1,[R4],#4 LDR R2,[R4],#4 SWI "OS_Plot" LDR R0,[R4],#4 CMP R0,#&8000 BNE Ba641% BL Ba634% ADR R2,Da314% BL Ba25% BL Ba634% ADR R2,Da315% BL Ba25% BL Ba634% ADR R2,Da316% BL Ba25% BL Ba634% ADR R2,Da317% BL Ba25% BL Ba634% STMFD R13!,{R0-R2} MOV R9,#0 MOV R8,R12 .Ba642% ;registers are written here for module break ADR R2,Da318% BL Ba25% LDMFD R13!,{R0-R2} STMFD R13!,{R0-R2} ADD R1,R1,#&50 SWI "OS_Plot" ADR R2,Da319% BL Ba25% LDMFD R13!,{R0-R2} STMFD R13!,{R0-R2} ADD R1,R1,#&0E ADD R2,R2,#&1C SWI "OS_Plot" SWI &000112 ; this is for the 'R1' lettering MOV R0,#0 SWI "OS_WriteC" ;MOV R0,#8 ; blue MOV R0,#%00110000 ; blue SWI "OS_WriteC" MOV R0,#&52 SWI "OS_WriteC" MOV R0,R9 ADD R9,R9,#1 ADR R1,Da321% MOV R2,#&10 SWI "OS_ConvertCardinal1" SWI "OS_Write0" SWI &000112 ; this is the register value MOV R0,#0 ; overwite colour on screen with another colour SWI "OS_WriteC" ;MOV R0,#7 ; black MOV R0,#%00000000 ; black - this is the initial colour SWI "OS_WriteC" LDMFD R13!,{R0-R2} STMFD R13!,{R0-R2} ADD R1,R1,#&72 ADD R2,R2,#&1C SWI "OS_Plot" LDR R0,[R8],#4 ; load register value ADR R1,Da321% ; buffer address MOV R2,#&10 ; buffer length SWI "OS_ConvertHex8" SWI "OS_Write0" ; register value plotted here LDMFD R13!,{R0-R2} ADD R1,R1,#&012C CMP R1,#&03E8 STMLTFD R13!,{R0-R2} SWILT "OS_Plot" BLT Ba642% MOV R1,#&32 CMP R2,#&3C SUBGT R2,R2,#&5A SWIGT "OS_Plot" STMFD R13!,{R0-R2} BGT Ba642% LDMFD R13!,{R0-R2} B Ba280% .Da314% EQUD &61657242 EQUD &00000D6B .Da315% EQUD &67616C46 EQUD &00000D73 .Da316% EQUD &69676552 EQUD &72657473 EQUD &0000000D .Da317% EQUD &6C6F6F54 EQUD &00000D73 .Da318% EQUD &00000D52 .Da319% EQUD &756C6156 EQUD &00000D65 .Da320% EQUD &00000004 EQUD &00000018 EQUD &000003E4 EQUD &00000005 EQUD &000004E6 EQUD &000003E4 EQUD &00000005 EQUD &000004E6 EQUD &00000018 EQUD &00000005 EQUD &00000018 EQUD &00000018 EQUD &00000005 EQUD &00000018 EQUD &000003E4 EQUD &00000004 EQUD &00000018 EQUD &00000258 EQUD &00000005 EQUD &000004E6 EQUD &00000258 EQUD &00000004 EQUD &00000018 EQUD &000001AE EQUD &00000005 EQUD &000004E6 EQUD &000001AE EQUD &00000004 EQUD &000001BC EQUD &000001AE EQUD &00000005 EQUD &000001BC EQUD &00000258 EQUD &00008000 EQUD &00000004 EQUD &0000001C EQUD &0000001C EQUD &00000005 EQUD &0000001C EQUD &000003E0 EQUD &00000005 EQUD &000004E4 EQUD &000003E0 EQUD &00000004 EQUD &000004EA EQUD &000003D8 EQUD &00000005 EQUD &000004EA EQUD &00000014 EQUD &00000005 EQUD &00000018 EQUD &00000014 EQUD &00000004 EQUD &00000018 EQUD &00000254 EQUD &00000005 EQUD &000004E6 EQUD &00000254 EQUD &00000004 EQUD &00000018 EQUD &000001AA EQUD &00000005 EQUD &000004E6 EQUD &000001AA EQUD &00000004 EQUD &000001C0 EQUD &000001B6 EQUD &00000005 EQUD &000001C0 EQUD &00000252 EQUD &00008000 EQUD &00000004 EQUD &000000B4 EQUD &000003C8 EQUD &00000004 EQUD &000000B4 EQUD &0000023E EQUD &00000004 EQUD &00000096 EQUD &0000018C EQUD &00000004 EQUD &000002EE EQUD &0000023E EQUD &00000004 EQUD &00000032 EQUD &0000013C .Da321% EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 .Ba643% AND R1,R0,#&000F0000 CMP R1,#&000F0000 BNE Ba64% LDR R1,Da323% AND R0,R0,R1 STR R0,Da322% ADR R1,Da322% ADD R2,R1,#4 MOV R0,#1 SWI "XOS_SynchroniseCodeAreas" ;LDR R0,[R12,#60] ; PC (not used? - overwritten by R7) ;AND R1,R0,#&F0000000 ; getting status flags LDR R1,[R12,#64] ; PSR ; TEQP PC,R1 MSR CPSR_f,R1 ; set just the flags ADD R0,R7,#4 .Da322% ANDEQ R0,R0,R0 BL Ba73% ; plots registers on screen B Ba12% .Da323% EQUD &FFF0FFFF .Ba644% ; from Ba416/289 - decoding mouse select X,Y coordinates ; or not as R1 is over-written here LDR R1,[R12,#2684] CMP R1,#1 BEQ Ba17% MOV R0,#&79 MOV R1,#0 SWI "OS_Byte" CMP R1,#&FF MOVEQ R0,#&15 MOVEQ R1,#0 SWIEQ "OS_Byte" MOV R0,#&7C SWI "OS_Byte" MOV R0,#&91 ; read character from buffer (keycode) MOV R1,#0 SWI "OS_Byte" BCS Ba14% BIC R2,R2,#&20 .Ba645% ; comes here after writing S-step and other icons on the screen MOV R10,R2 ; R2=0 when single step button pressed CMP R2,#0 BEQ Ba59% ; go to ARM instruction decoder in single step CMP R2,#&4E ; N sets flag MOVEQ R0,#&80000000 BLEQ Ba364% CMP R2,#&5A ; Z sets flag MOVEQ R0,#&40000000 BLEQ Ba364% CMP R2,#&43 ; C sets flag MOVEQ R0,#&20000000 BLEQ Ba364% CMP R2,#&56 ; V sets flag MOVEQ R0,#&10000000 BLEQ Ba364% CMP R2,#&8F ; arrow up SUBEQ R7,R7,#4 BLEQ Ba27% CMP R2,#&8E ; arrow down ADDEQ R7,R7,#4 BLEQ Ba27% CMP R2,#&9F ; page up SUBEQ R7,R7,#&28 BLEQ Ba27% CMP R2,#&9E ; page down ADDEQ R7,R7,#&28 BLEQ Ba27% CMP R2,#&84 ; F4 BEQ Ba47% CMP R2,#&81 ; F1 BEQ Ba49% CMP R2,#&82 ; F2 BEQ Ba52% CMP R2,#&92 ; shft F2 BEQ Ba53% ; clears swi break CMP R2,#&83 ; F3 BEQ Ba54% CMP R2,#&85 ; F5 BEQ Ba647% CMP R2,#&53 ; 'S' BEQ Ba197% ; is not single step after all CMP R2,#&52 ; 'R' BEQ Ba200% ; refresh CMP R2,#&42 ; 'B' BEQ Ba201% ; break CMP R2,#&4D ; 'M' BEQ Ba221% ; multi-step CMP R2,#&0A ; BEQ Ba239% ; CMP R2,#&45 ; 'E' BEQ Ba421% ; record CMP R2,#&46 ; 'F' BEQ Ba501% ; find CMP R2,#&41 ; 'A' BEQ Ba552% ; marker CMP R2,#&4C ; 'L' BEQ Ba601% ; enter expression CMP R2,#&8D ; move down but keep break highlighted ?? BEQ Ba15% CMP R2,#&8C ; left BEQ Ba16% CMP R2,#1 BEQ Ba421% MOV R6,#0 BL Ba554% CMP R2,#&51 ; Q BNE Ba13% ; quit B Ba17% .Ba646% SWI "Wimp_BaseOfSprites" STR R1,[R12,#112] MOV R0,R1 MOV PC,R14 .Ba647% BL Ba618% SWI &00010B SWI &00010B STMFD R13!,{R1-R7,R14} SUB R13,R13,#&10 SWI "XOS_WriteS" EQUS " Address :&" EQUB &00 BL Ba478% MOV R0,R7 MOV R1,R13 MOV R2,#&10 SWI "XOS_ConvertHex8" SWI "XOS_Write0" SWI "XOS_NewLine" BL Ba477% MOV R1,#0 MOV R2,#0 .Ba648% MOV R0,#&0C SWI "XOS_Module" BVS Ba649% LDR R4,[R3,#-4] SUBS R0,R7,R3 BCC Ba648% CMP R0,R4 BCS Ba648% SWI "XOS_WriteS" EQUS " Is at offset :&" EQUB &00 BL Ba478% MOV R1,R13 MOV R2,#&10 SWI "XOS_ConvertHex8" SWI "XOS_Write0" SWI "XOS_NewLine" BL Ba477% SWI "XOS_WriteS" EQUS " In module :" EQUW &0000 BL Ba478% LDR R0,[R3,#16] ADD R0,R0,R3 SWI "XOS_Write0" BL Ba477% B Ba650% .Ba649% SWI "XOS_NewLine" SWI "XOS_NewLine" SWI "XOS_WriteS" EQUS " is not in any module" EQUW &0000 .Ba650% SWI "XOS_NewLine" SWI "OS_ReadC" ADD R13,R13,#&10 LDMFD R13!,{R1-R7,R14} B Ba12% .Ba651% ; sets R12 to EQUD block at end of module ADR R12,Da324% MOV PC,R14 .Da324% EQUD &00000000 ; 0 R0 from module break EQUD &00000000 ; 4 R1 EQUD &00000000 ; 8 R2 EQUD &00000000 ; 12 R3 EQUD &00000000 ; 16 R4 EQUD &00000000 ; 20 R5 EQUD &00000000 ; 24 R6 EQUD &00000000 ; 28 R7 EQUD &00000000 ; 32 R8 EQUD &00000000 ; 36 R9 EQUD &00000000 ; 40 R10 EQUD &00000000 ; 44 R11 EQUD &00000000 ; 48 R12 EQUD &00000000 ; 52 R13 EQUD &00000000 ; 56 R14 EQUD &00000000 ; 60 3Ch break PC EQUD &00000000 ; 64 40h CPSR for 32bit (was also used on RPC!) EQUD &00000000 ; 68 44h 0 RPC - escape state (OS_Byte 200) EQUD &00000000 ; 72 48h break and escape effect flag 0,1 EQUD &00000000 ; 76 4Ch break PC address with no status bits EQUD &00000000 ; 80 50h unused ?? reserved for break SPSR ?? EQUD &00000000 ; 84 54h base address of stacks (up/down) EQUD &00000000 ; 88 58h E59C014C RPC last sandbox instruction EQUD &00000000 ; 92 5Ch E5300000 RPC next sandbox instruction EQUD &00000000 ; 96 60h 0 RPC EQUD &00000000 ;100 64h E0028003 RPC EQUD &00000000 ;104 68h 1 RPC EQUD &00000000 ;108 6Ch 0 RPC EQUD &00000000 ;112 70h 0D300008 RPC EQUD &00000000 ;116 address of break instruction type=1 EQUD &00000001 ;120 m-step trace enabled = 1 EQUD &00000000 ;124 0 RPC EQUD &00000000 ;128 0 RPC was &03FFFFFC EQUD &FFFFFFFF ;132 valid bits for PC address (not used now) EQUD &00000000 ;136 88h R0 - sandbox registers EQUD &00000000 ;140 8Ch R1 EQUD &00000000 ;144 90h R2 EQUD &00000000 ;148 94h R3 EQUD &00000000 ;152 98h R4 EQUD &00000000 ;156 9Ch R5 EQUD &00000000 ;160 A0h R6 EQUD &00000000 ;164 A4h R7 EQUD &00000000 ;168 A8h R8 EQUD &00000000 ;172 ACh R9 EQUD &00000000 ;176 B0h R10 EQUD &00000000 ;180 B4h R11 EQUD &00000000 ;184 B8h R12 EQUD &00000000 ;188 BCh R13 EQUD &00000000 ;192 C0h R14 PC return address for BL EQUD &00000000 ;196 C4h R15 EQUD &00000000 ;200 2 = always break, 4 = Conditional if Rx=yy EQUD &00000000 ;204 on-screen address offset EQUD &00000005 ;208 5 RPC EQUD &00000000 ;212 conditional break register number EQUD &00000000 ;216 conditional break register value EQUD &00000000 ;220 sandbox CPSR to go with PC at 196 - 32bit EQUD &00000000 ;224 reserved for sandbox SPSR - 32bit EQUD &00000000 ;228 not used EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; 300 EQUD &00000000 ; 304 EQUD &00000000 ; 308 EQUD &00000000 ; 312 EQUD &00000000 ; 316 EQUD &00000000 ; 320 EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; 332 EQUD &00000000 ; EQUD &00000000 ; 340 EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; 360 EQUD &00000000 ; 364 OSCLI command text buffer EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00FDFE00 EQUD &E1A0F00E EQUD &00000000 ; 396 sandbox running in 0=USR, 1=SVC ;EQUD &00FF0000 ; 400 used in Ba100 for branch logic EQUD &00FFFFFF ; 400 used in Ba100 for branch logic (DeepSeek) EQUD &00000000 ; 404 EQUD &00000000 ; 408 R9 store - what lower bits are used for ? EQUD &00000000 ; 412 EQUD &00000000 ; 416 EQUD &00000000 ; 420 PCR store for something ? EQUD &00000000 ; 424 PC store for something ? EQUD &00000000 ; 428 ? EQUD &00000000 ; 432 EQUD &00000000 ; 436 PCR flags and control bits EQUD &00000000 ; 440 EQUD &00000000 ; 444 R7 break PC address in Ba130 EQUD &00000000 ; 448 R7 break PC address EQUD &00000000 ; 452 EQUD &00000000 ; 456 EQUD &00000000 ; 460 EQUD &00000000 ; 464 EQUD &00000000 ; 468 m-step enabled = 1 EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; 500 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &000001D0 EQUD &000001C6 EQUD &00000258 EQUD &000001F2 EQUD &000001D0 EQUD &0000020A EQUD &00000254 EQUD &00000236 EQUD &0000027C EQUD &000001C6 EQUD &00000300 EQUD &000001F2 EQUD &000000DC EQUD &000002E4 EQUD &0000031C EQUD &00000384 EQUD &00000004 EQUD &000001D0 EQUD &000001C6 ;600 EQUD &00000004 EQUD &000001D0 EQUD &0000020A EQUD &00000004 EQUD &0000027C EQUD &000001C6 EQUD &00000004 EQUD &0000027C EQUD &0000020A EQUD &00000004 EQUD &00000328 EQUD &000001C6 EQUD &00000004 EQUD &00000328 EQUD &0000020A EQUD &00000004 EQUD &000003D2 EQUD &000001B4 EQUD &00000004 EQUD &000003D2 EQUD &00000200 EQUD &00000004 EQUD &0000041E EQUD &000001B4 EQUD &00000004 ; 700 EQUD &0000041E EQUD &00000218 EQUD &00000004 EQUD &00000464 EQUD &000001E8 EQUD &00000004 EQUD &000004AA EQUD &000001B4 EQUD &00000004 EQUD &000004AA EQUD &00000218 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &000000DC EQUD &000002E4 EQUD &0000031C EQUD &00000384 EQUD &000000DC EQUD &00000300 EQUD &0000031C EQUD &00000384 EQUD &00000000 EQUD &0000027C ; 800 EQUD &0000020A EQUD &00000300 EQUD &00000236 EQUD &00000328 EQUD &000001C6 EQUD &000003AC EQUD &000001F2 EQUD &00000328 EQUD &0000020A EQUD &000003AC EQUD &00000236 EQUD &0000014C EQUD &000001EC EQUD &00000000 EQUD &00000250 EQUD &00000210 EQUD &00000220 EQUD &00000230 EQUD &00000240 EQUD &0000030C EQUD &00000120 EQUD &000002FC EQUD &00000320 EQUD &00000330 EQUD &00000340 ; 900 EQUD &00000000 ; 904 escape state (OS_Byte 200) EQUD &00000000 ; 908 EQUD &00000000 ; 912 set to 1 in Ba402 OS_EnterOS EQUD &00000000 ; 916 R13_usr EQUD &00000000 ; 920 R14_usr EQUD &00000000 ; 924 R13_svc EQUD &00000000 ; 928 R14_svc EQUD &00000000 ; 932 EQUD &00000000 ; 936 EQUD &00000000 ; 940 EQUD &00000000 ; 944 EQUD &00000388 ; 948 EQUD &00000334 ; 952 EQUD &000004A4 ; 956 EQUD &00000360 ; 960 EQUD &000003B4 ; 964 EQUD &000003D4 ; 968 pointer to filename 3d4=980dec EQUD &0000041C ; 972 EQUD &00000000 ; 976 ; EQUD &00000000 ; 980 EQUD &00000024 ; 980 $ ; EQUD &00000000 ; 984 EQUD &0000002E ; 984 . ; EQUD &00000000 ; 988 EQUD &00000061 ; 988 a ; EQUD &00000000 ; 992 EQUD &00000000 ; 992 00 termination EQUD &00000000 ; 996 EQUD &00000000 ; 1000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; 1100 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &0000049C EQUD &0000049C EQUD &000004A4 EQUD &000004AC EQUD &000003C8 EQUD &000002F3 EQUD &00000372 EQUD &000002B2 EQUD &0000041A EQUD &000002B2 ; 1200 EQUD &000003D2 EQUD &000002F0 EQUD &00000454 EQUD &0000031C EQUD &0000037C EQUD &000002B0 EQUD &000003FE EQUD &000002DC EQUD &00000424 EQUD &000002B0 EQUD &000004A6 EQUD &000002DC EQUD &0000010E EQUD &00000344 EQUD &000001B0 EQUD &00000370 EQUD &0000010E EQUD &00000308 EQUD &000001B0 EQUD &00000334 EQUD &0000010E EQUD &000002CC EQUD &000001B0 EQUD &000002F8 EQUD &00000248 ; 1300 EQUD &00000334 ; 1304 EQUD &0000028A ; 1308 EQUD &00000378 ; 1312 EQUD &00000250 ; 1316 EQUD &000002C8 ; 1320 EQUD &000002B0 ; 1324 EQUD &000002FC ; 1328 EQUD &000004B4 ; 1332 ; EQUD &00000008 ; 1336 format of file - bits 0,1,2,3,4 EQUD &00000006 ; 1336 default changed to text with 16 regs EQUD &00000266 ; 1340 EQUD &000003D0 ; 1344 EQUD &00000000 ; 1348 record on = 1 EQUD &0000032A ; 1352 EQUD &000003D0 ; 1356 EQUD &000003F2 ; 1360 EQUD &000003D0 ; 1364 EQUD &000001A4 ; 1368 EQUD &000003D4 ; 1372 EQUD &00000000 ; 1376 ;EQUD &0007D000 ; 1380 max file length EQUD &061A7C00 ; 1380 max file length = 99.99MBytes EQUD &00000187 ; 1384 filetype for Addr only file EQUD &00000188 ; 1388 filetype for Addr/mne file EQUD &00000189 ; 1392 filetype for A/M/R file EQUD &00000000 ; 1396 EQUD &00000FFF ; 1400 EQUD &00000584 EQUD &000005B4 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &000005DC EQUD &0000060C EQUD &00000000 ; 1500 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000630 EQUD &00000660 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; 1600 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; 1700 EQUD &000006AC EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00004438 EQUD &00004444 EQUD &00004450 EQUD &00004458 EQUD &00004460 EQUD &00004468 EQUD &00004474 EQUD &000043C0 EQUD &000043D0 EQUD &000043DC EQUD &000043E8 EQUD &000043F0 EQUD &000043FC EQUD &00004408 EQUD &000006C8 EQUD &00000000 EQUD &00000000 ; 1800 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; rechecked offsets and 1908 is offset 774h=1F EQUD &00000000 ; 1900 EQUD &00000000 ; 1904 EQUD &0000001F ; M 1908 <-- VDU19 bytes mode 31 or mode 15 EQUD &0000077C ; = 1916_decimal EQUD &00000000 ; 1 white EQUD &000000FF ; 2 red EQUD &000000FF ; 3 green EQUD &000000FF ; 4 blue EQUD &00000001 ; 1 light grey EQUD &000000DD ; 2 EQUD &000000DD ; 3 EQUD &000000DD ; 4 EQUD &00000002 ; 1 med grey EQUD &000000BC ; 2 EQUD &000000BC ; 3 EQUD &000000BC ; 4 EQUD &00000003 ; 1 middle grey EQUD &00000099 ; 2 EQUD &00000099 ; 3 EQUD &00000099 ; 4 EQUD &00000005 ; 1 darker grey EQUD &00000055 ; 2 EQUD &00000055 ; 3 EQUD &00000055 ; 4 EQUD &00000006 ; 1 dark grey EQUD &00000033 ; 2 EQUD &00000033 ; 3 EQUD &00000033 ; 4 EQUD &00000007 ; 1 black EQUD &00000000 ; 2 EQUD &00000000 ; 3 EQUD &00000000 ; 4 EQUD &00000008 ; 1 blue EQUD &00000000 ; 2 EQUD &00000000 ; 3 EQUD &000000FF ; 4 EQUD &00000009 ; 1 yellow EQUD &000000EE ; 2 EQUD &000000EE ; 3 EQUD &00000000 ; 4 EQUD &0000000A ; 1 green EQUD &00000000 ; 2 EQUD &000000DD ; 3 EQUD &00000000 ; 4 EQUD &0000000B ; 1 red EQUD &000000DD ; 2 EQUD &00000000 ; 3 EQUD &00000000 ; 4 EQUD &0000000C ; 1 cream ?? EQUD &000000EE ; 2 EQUD &000000EE ; 3 EQUD &000000BB ; 4 end of VDU19 colours EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; 2140 EQUD &00000000 ; 2144 &860 base address of screen addresses EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; 2160 EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; 2180 EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; EQUD &00000000 ; 2196 EQUD &00000000 ; 2200 EQUD &00000000 ; 2204 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &000000D6 EQUD &000002EE EQUD &00000314 EQUD &0000033E EQUD &000000E2 EQUD &00000314 EQUD &00000320 EQUD &00000344 EQUD &000000DC EQUD &000002F0 EQUD &0000031C ; 2300 EQUD &00000338 EQUD &00000270 EQUD &00000154 EQUD &00000000 EQUD &00000000 EQUD &00000270 EQUD &00000186 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; 2368 swi_number EQUD &00055800 ; 2372 EQUD &00000000 ; 2376 EQUD &00000000 ; 2380 EQUD &00000000 ; 2384 R7 saved break PC address (SWI break) EQUD &00000000 ; 2388 EQUD &00000000 ; 2392 EQUD &00000000 ; 2396 EQUD &00000000 ; 2400 SWI instruction EQUD &00000000 ; 2404 SWI break function number 0 - 9 EQUD &00000000 ; 2408 swi form r1 EQUD &00000000 ; 2412 swi form r1 data EQUD &00000000 ; 2416 swi form r2 EQUD &00000000 ; 2420 swi form r2 data EQUD &00000000 ; 2424 X SWIs included = -1 EQUD &00000000 ; 2428 not used ?? set to 0 EQUD &FFFDFFFF EQUD &00000000 EQUD &54534554 ; TEST <- useful pointer to find &0990 blow EQUD &00000000 EQUD &00000000 ; 2448 = &990 = memory information stored here EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ;2500 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 ; 2600 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &00000000 EQUD &34333231 EQUD &00000035 ; 2700 original end of file .End% ] PRINT "Pass ";Pass%;" successful..." NEXT Pass% A$ = "*save " + out_file$ + " " + STR$~(Code%) + " " + STR$~(O%) PRINT A$ OSCLI(A$) A$ = "*settype " + out_file$ + " module" PRINT A$ OSCLI(A$) NEXT END : REM DESC. : ADR equivalent for long address ranges, in 2 instructions REM ENTRY : cond$ = two char string, containing the ARM condition REM reg% = 0..15 REM pointer% = long range pointer REM COMM. : Pass% = OPT variable in the assembler FOR..NEXT loop REM Can only handle 64 KByte ranges REM Version 1.1 DEFFNlong_adr(cond$,reg%,pointer%) LOCAL cc%,diff%,lo%,hi%,op1%,op2% IF (Pass% AND%10)=0 P%+=8:O%+=8:="" IF ABS(pointer%-P%)<256 PRINT"WARNING : No FNlong_adr needed at &";~P%;" (&";~O%;") Use instead ADR ..." IF ABS(pointer%-P%)>65535 ERROR 1,"FATAL ERROR : FNlong_adr can only handle 64 KByte ranges at &"+STR$(~P%)+" (&"+STR$(~O%)+")" IFcond$=" " OR cond$="" THENcond$="AL" cc%=INSTR("EQNECSCCMIPLVSVCHILSGELTGTLEALNV",cond$) IF cc%=0 ERROR 1,"FATAL ERROR : Unknown condition in FNlong_adr at &"+STR$(~P%)+" (&"+STR$(~O%)+")" ELSE cc%=(cc%-1)DIV2 diff%=pointer%-P%-8 lo%=ABS(diff%)AND&FF hi%=ABS(diff%)AND&FF00 IFdiff%>=0THEN op1%=(cc%<<28)+&028F0000+(reg%<<12)+lo% op2%=(cc%<<28)+&02800C00+(reg%<<16)+(reg%<<12)+(hi%>>8) ELSE op1%=(cc%<<28)+&024F0000+(reg%<<12)+lo% op2%=(cc%<<28)+&02400C00+(reg%<<16)+(reg%<<12)+(hi%>>8) ENDIF [OPT Pass%:EQUD op1%:EQUD op2%:] =0