Brief description file for the TA disassembler system.
TA is a program the provides an interactive disassembler for the HP 48SX
ROM. It is written in Microsoft C and should be fairly portable (I haven't
tried).
TA uses 5 data files:
HP48MAP.ROM is an ascii listing of the complete ROM contents, produced
by downloading all of the ROM to your computer and processing
it through the TOROMMAP filter. This will strip all addresses
from the dump file, creating a flat 524,288 byte file.
Two comment files are used by TA. Both have the same format. Each line
consists of the 5 nibble address being described, followed by a space and the one line comment describing the address. Lines beginning with a '-' are considered deleted.
REMC.MAP is the code comment file. It provides comments explaining what the
code at a particular address is doing. When the corresponding
address is UnThreaded or UnAssembled, the comment is appended
to the output line.
For example, the RPL routine at 03188 executes the inner-most code
for the DUP routine (i.e. after error checking and setup has been
done). It is an assembler routine with an RPL entry point, and
UnThreading the entry point yields:
TA> ut 3188
; *** RPL do DUP ***
03188: 0318D ML ENTRY
0318D: CF D=D-1 A ; room on stack?
0318F: 41F GOC 03181 ; if not, make some
03192: 143 A=DAT1 A ; get obj @ TOS
03195: 1C4 D1=D1- 5 ; push object again
03198: 141 DAT1=A A
0319B: 142 A=DAT0 A ; cont RPL
0319E: 164 D0=D0+ 5
The comments following each disassembled line are stored in REMC.MAP.
NOTE: The disassembler stops after outputting 8 lines - the
routine above continues for one more line.
REMA.MAP is the address comment file. It provides comments explaining the
purpose of address references. For example, the DUP routine is at
1FB87. UnThreading this yields:
TA> ut 1fb87
; *** XLIB: 10D002 DUP ***
1fb87: 02D9D Type 8: RPL Program
1fb8c: 18AA5 save Last RPL Token / verify DEPTH >= 1
1fb91: 03188 RPL do DUP
1fb96: 0312B End RPL Program
Each comment following the threaded routine address is stored in
REMA.MAP. In addition, the comment line preceding 1FB87 (and in
the above example, preceding 03188) is stored in REMA.MAP.
As a further example, the RPL routine at 14039 is a very deep internal
routine to the code for ERRN. It pushes the Last Error Number as a
short integer or address type.
TA> ut 14039
; *** Push Last Err# as Short Int ***
14039: 1403E ML ENTRY
1403E: 34FF607 LCHEX 706FF ; Save Last Err#
14045: 8D3B411 GOVLNG 114B3 ; Push @C.A as new Short Int
; *** Push @C.A as new Short Int ***
114B3: DA A=C A
114B5: 8FB9760 GOSBVL 0679B ; Save Regs D, B, D1, D0 (uses C)
114BC: 130 D0=A
114BF: 142 A=DAT0 A
114C2: 8DC7530 GOVLNG 0357C ; Push A as new Short Int
The comments after 706FF, 114B3 0679B and 0357C are stored in
REMA.MAP and are automatically appended to the disassembly.
REMA.INX and REMC.INC are index files for the .MAP files. These are binary
arrays of Adress, .MAP offset information in sorted order. A binary
search on these arrays in core is used to lookup comment information.
If the .MAP file is edited using a text editor, the corresponding
.INX file must be deleted. The TA program will automatically
re-create them correctly.
A number of features of TA disassembly should be apparent from the examples.
Here is a listing of some of the more significant features.
1. Initial disassembly mode is set by the command used to start
disassembly.
2. UnThread to UnAssemble mode switching is handled automatically.
3. Disassembly/unthreading is stopped automatically when a termination
point is reached.
4. Absolute GOTOs in assembly are followed automatically.
5. The HP-71 style mnemonics are used. (but see notes at end)
6. Currently, disassembly is only available for the ROM. Other Binary
files cannot be handled (i.e. I'm working on the USAG command).
7. In-line literal RPL Objects are not handled by the UnThreader.
8. Only the HP-71 instruction set is currently understood. I don't
have access to Alonzo's notes on the 28 or the new instructions
in the 48 - if anyone can tell me these, I'd be overjoyed to add
them to the program.
SHORT COMMAND REFERENCE
UT UnThread
UT addr
Example: UT 3188
The UnThread command begins disassembly in UnThread mode at a given
address. Up to 8 lines of mixed RPL/assembly output will be produced.
If an RPL end program is encountered, output will stop. If RPL CODE or
ML Entry is encountered, disassembly mode will be switched to
UnAssemble automatically.
UA UnAssemble
UA addr
Example: UA 114B3
The UnAssemble command begins disassembly in UnAssemble mode at a
given address. Up to 8 lines of assembly will be produced. If an
Unconditional Return or an indirect Goto (i.e. PC=(A)) is encounterd,
disassembly will be stopped. If an unconditional Goto is encountered,
it will be followed.
U Un-continue
U
The Unassemble command continues at the last unassembled address, in
the last used mode, for another 8 lines or until a stop condition is
reached.
CA Comment Address
CA addr text
Example: CA 114b3 Push @C.A as new Short Int
The Comment Address command creates a new comment on an address. Any
reference to the address will automatically have the comment appended
to the line. Any existing address comment for the address is replaced.
CC Comment Code
CC addr text
Example: CC 318d room on stack?
The Comment Code command creates a new comment on the code at an
address. Any disassembly of the address will have the comment
appended to it. Any existing code comment for the address is replaced.
CCD Comment Code Delete
CCD addr
Example: CCD 318d
The Comment Code Delete command removes a code comment for an address.
CAD Comment Address Delete
CAD addr
Example: CAD 114b3
The Comment Address Delete command removes an address comment for an
