Re: 9825 disassembly status

Home Messages Hashtags

#92

Re: 9825 disassembly status

Paul Berger #92 Craig, I can assure you that those instructions get executed and the 9825 does not blow up, I just cranked up my 16700B to check if I had saved any execution traces and there is one, it contains a little over 685,000 state captures, I do not know what commend it is a trace of any more, but it is not one of the data file functions as it does not touch the address where I found the defective bit. I can send it to you if you are interested , it is about 35MB in size. Paul. toggle quoted messageShow quoted text On 2017-02-11 7:18 PM, Craig Ruff wrote: On Feb 11, 2017, at 4:00 PM, Paul Berger <phb.hfx@...> wrote: You understand that there are two 1K word windows into the ROM and the bank selection is done by write to the area occupied by the base page ROM, I think my writeup included with the package gives a good description of how it works. Yes. At the moment, I’m looking at the code in bank 0 that appears to be associated with bank selection of the other banks. There are two instructions that my disassembler flagged as invalid bit patterns. They are at (octal) word addresses 30272 (pattern 070113) and 30313 (pattern 070117). These do not match any instructions described in the 9825A patent, nor in the 9835 Assembly Language manual (the 9835 CPU is a superset of the 9825 CPU). The instruction at 30272 happens immediately after a dir (disable interrupts) instruction, and the one at 30313 immediately before an eir (enable interrupts) instruction. The rest of the code in this sequence copies blocks of 16 words from one location to another, I have not yet determined what this data is. These apparently invalid instruction bit patterns do not occur as instructions in the entire contents of the other 9825T ROMs. I have not yet looked at the contents of banks 2-7, nor do I have tentative labels or definitions for base page temporary locations being used. Notes about the disassembler output. The second column are word attribute tags derived from the disassembly process. The ‘r’ indicates ROM, ‘i’ the word is considered to be an instruction, ‘c’ means a conditional jump, ‘u’ means unconditional jump. Symbols in the operand column surrounded by braces on a line following an instruction are alternative names known for the operand location. They may or not apply semantically to that specific instruction. For example, at 30273, the operand address is the decimal 152 constant in the base page rom. It is also known, via an equate as b230 (octal 0230). 30256 ri 004177 selbank? ldb p0 ; perform pre bank select stuff? {kpa,dpa,ppa,zero} 30257 ri 035742 stb op1 {tvar3,op1e} 30260 ri 004177 ldb p0 {kpa,dpa,ppa,zero} 30261 ri 035767 stb 77767 30262 ri 004077 ldb p58 {b72,colln} 30263 ri 025044 adb stolendsk 30264 ri 035763 stb 77763 ; save address stolen+58 30265 ric 011335 cpa 77335 30266 riu 067315 jmp selbnkjmp ; bank already selected? 30267 ri 031335 sta 77335 30270 ri 022676 ada 31676 ; «(31676) = 055750» 30271 ri 070430 dir 30272 ri 070113 INVALID ; «Unknown instruction, load something into A?, something else entirely?» 30273 ri 030047 sta p152 ; «write to 0230, select bank 0? Is this an argument word?» {b230} 30274 ri 104000 ldb a,i 30275 ri 174510 sbr 9 30276 ri 035762 stb 77762 30277 ri 104000 ldb a,i 30300 ri 174606 sbl 7 30301 ri 174506 sbr 7 30302 ric 044000 isz a 30303 ri 100000 lda a,i 30304 ri 134001 stb b,i 30305 ri 005763 ldb 77763 30306 ri 071417 xfr 16 30307 ri 020127 ada p16 {adr2,b20,ar2a,d16} 30310 ri 024127 adb p16 {adr2,b20,ar2a,d16} 30311 ric 055762 dsz 77762 30312 riu 067306 jmp *-4 30313 ri 070117 INVALID ; «Unknown instruction, store A into something?» 30314 ri 070420 eir 30315 ri 030041 selbnkjmp sta 00041 ; select bank (1)? and jump to code at 077763? 30316 riu 165763 jmp 77763,i
More All Messages By This Member

View All 5 Messages In Topic

#92

Join VintHPcom@groups.io to automatically receive all group messages.

Home Hashtags About Features Pricing Updates Terms Help Twitter