giomba
/
nes-proj
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

ready to give this a shot.

This commit is contained in:
Mariano Alvira 2009-04-11 14:24:26 -04:00
parent ddc0cd6139
commit 9a896369b7
3 changed files with 180 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
doc/caldump.txt Normal file
View File

@ -0,0 +1,85 @@
0x4051b4 is the base that all the radioinit entries get offset from
r7 base
(gdb) x/128x $r7
0x4051b4 <gRadioTOCCal2_None24MHz_c>: 0x80009000 0x80050300 0x80009004 0x00000101
0x4051c4 <gRadioTOCCal2_None24MHz_c+16>: 0x80009008 0x00000000 0x8000900c 0x00000000
0x4051d4 <gRadioTOCCal2_None24MHz_c+32>: 0x80009020 0x0000000c 0x80009000 0xc0050300
0x4051e4 <gRadioTOCCal1>: 0x80003048 0x00000f78 0x8000304c 0x00607707
0x4051f4 <gRadioTOCCal1+16>: 0x00000000 0x000161a8 0x8000a050 0x0000047b
0x405204 <gRadioTOCCal1+32>: 0x8000a054 0x0000007b 0x00005dc0 0x00000000
0x405214 <gu8BuckEnable>: 0x00000000 0x00000000 0x00000000 0x00000000
0x405224 <buffer_radio_init+12>: 0x00000000 0x80009400 0x00000017 0x8000a050
0x405234 <gRadioTOCCal5+12>: 0x00000000 0x8000a054 0x00000000 0x80003048
0x405244 <gRadioTOCCal5+28>: 0x00000f00 0x00000000 0x00000000 0x10000108
0x405254 <mLineParams+8>: 0x03180002 0x00042000 0x30000528 0x07380006
0x405264 <??isPageDeleted>: 0x0000fd01 0xc60081ff 0xb90f0000 ---Type <return> to continue, or q <return> to quit---
0xc51e0000
0x405274: 0x00901200 0x05030080 0x00900480 0x00010180
0x405284: 0x00900800 0x0300fc80 0x8000900c 0x200400fc
0x405294: 0x0c800090 0x901500fc 0x03008000 0x3048c005
0x4052a4: 0x0f788000 0x304c0000 0x77078000 0x1000fb60
0x4052b4: 0x000161a8 0x8000a050 0x0000047b 0x8000a054
0x4052c4: 0x0300e07b 0x17800094 0x500300fd 0xfc8000a0
0x4052d4: 0xa0540300 0x00fc8000 0x00304805 0xf60f0080
0x4052e4: 0x01081400 0x00021000 0x20000318 0x05280004
0x4052f4: 0x00063000 0x00010738 0x00000000 0x00000000
0x405304: 0x00000000 0x00000000 0x00000000 0x00000000
(gdb) x/128x $r4
0x402b54 <gBuckEnable_c>: 0x80003000 0x00000019 0x80003048 0x00000ffb
0x402b64 <gBuckByPass_c>: 0x80003000 0x00000018 0x80003048 0x00000f04
0x402b74 <gBuckByPass_c+16>: 0x00000000 0x000161a8 0x80003048 0x00000ffc
0x402b84 <gRadioTOCCal2_24MHz_c>: 0x80009000 0x80050100 0x80009400 0x00020017
0x402b94 <gRadioTOCCal3_c+8>: 0x80009a04 0x8185a0a4 0x80009a00 0x8c900025
0x402ba4 <gRadioTOCCal3_c+24>: 0x00000000 0x00011194 0x80009a00 0x8c900021
0x402bb4 <gRadioTOCCal3_c+40>: 0x80009a00 0x8c900027 0x00000000 0x00011194
0x402bc4 <gRadioTOCCal3_c+56>: 0x80009a00 0x8c90002b 0x80009a00 0x8c90002f
0x402bd4 <gRadioTOCCal3_c+72>: 0x00000000 0x00011194 0x80009a00 0x8c900000
0x402be4 <gRadioTOCCal4_None24MHz_c>: 0x80009000 0x80050300 0x80004118 0x00180012
0x402bf4 <gRadioInit_RegReplacement_c+8>: 0x80009204 0x00000605 0x80009208 0x00000504
0x402c04 <gRadioInit_RegReplacement_c+24>: 0x8000920c 0x00001111 ---Type <return> to continue, or q <return> to quit---
0x80009210 0x0fc40000
0x402c14 <gRadioInit_RegReplacement_c+40>: 0x80009300 0x20046000 0x80009304 0x4005580c
0x402c24 <gRadioInit_RegReplacement_c+56>: 0x80009308 0x40075801 0x8000930c 0x4005d801
0x402c34 <gRadioInit_RegReplacement_c+72>: 0x80009310 0x5a45d800 0x80009314 0x4a45d800
0x402c44 <gRadioInit_RegReplacement_c+88>: 0x80009318 0x40044000 0x80009380 0x00106000
0x402c54 <gRadioInit_RegReplacement_c+104>: 0x80009384 0x00083806 0x80009388 0x00093807
0x402c64 <gRadioInit_RegReplacement_c+120>: 0x8000938c 0x0009b804 0x80009390 0x000db800
0x402c74 <gRadioInit_RegReplacement_c+136>: 0x80009394 0x00093802 0x8000a008 0x00000015
0x402c84 <gRadioInit_RegReplacement_c+152>: 0x8000a018 0x00000002 0x8000a01c 0x0000000f
0x402c94 <gRadioInit_RegReplacement_c+168>: 0x80009424 0x0000aaa0 0x80009434 0x01002020
0x402ca4 <gRadioInit_RegReplacement_c+184>: 0x80009438 0x016800fe 0x8000943c 0x8e578248
0x402cb4 <gRadioInit_RegReplacement_c+200>: 0x80009440 0x000000dd 0x80009444 0x00000946
---Type <return> to continue, or q <return> to quit---
0x402cc4 <gRadioInit_RegReplacement_c+216>: 0x80009448 0x0000035a 0x8000944c 0x00100010
0x402cd4 <gRadioInit_RegReplacement_c+232>: 0x80009450 0x00000515 0x80009460 0x00397feb
0x402ce4 <gRadioInit_RegReplacement_c+248>: 0x80009464 0x00180358 0x8000947c 0x00000455
0x402cf4 <gRadioInit_RegReplacement_c+264>: 0x800094e0 0x00000001 0x800094e4 0x00020003
0x402d04 <gRadioInit_RegReplacement_c+280>: 0x800094e8 0x00040014 0x800094ec 0x00240034
0x402d14 <gRadioInit_RegReplacement_c+296>: 0x800094f0 0x00440144 0x800094f4 0x02440344
0x402d24 <gRadioInit_RegReplacement_c+312>: 0x800094f8 0x04440544 0x80009470 0x0ee7fc00
0x402d34 <gRadioInit_RegReplacement_c+328>: 0x8000981c 0x00000082 0x80009828 0x0000002a
0x402d44 <RadioInit>: 0x0006b5f8 0x0015000c 0x21fa4f39 0xf7fd0089
(gdb) x/128x $r5
0x405210 <ram_init_val>: 0x00000000 0x00000000 0x00000000 0x00000000
0x405220 <buffer_radio_init+8>: 0x00000000 0x00000000 0x80009400 0x00000017
0x405230 <gRadioTOCCal5+8>: 0x8000a050 0x00000000 0x8000a054 0x00000000
0x405240 <gRadioTOCCal5+24>: 0x80003048 0x00000f00 0x00000000 0x00000000
0x405250 <mLineParams+4>: 0x10000108 0x03180002 0x00042000 0x30000528
0x405260 <mLineParams+20>: 0x07380006 0x0000fd01 0xc60081ff 0xb90f0000
0x405270: 0xc51e0000 0x00901200 0x05030080 0x00900480
0x405280: 0x00010180 0x00900800 0x0300fc80 0x8000900c
0x405290: 0x200400fc 0x0c800090 0x901500fc 0x03008000
0x4052a0: 0x3048c005 0x0f788000 0x304c0000 0x77078000
0x4052b0: 0x1000fb60 0x000161a8 0x8000a050 0x0000047b
0x4052c0: 0x8000a054 0x0300e07b 0x17800094 0x500300fd
0x4052d0: 0xfc8000a0 0xa0540300 0x00fc8000 0x00304805
0x4052e0: 0xf60f0080 0x01081400 0x00021000 0x20000318
0x4052f0: 0x05280004 0x00063000 0x00010738 0x00000000
0x405300: 0x00000000 0x00000000 0x00000000 0x00000000
0x405310: 0x00000000 0x00000000 0x00000000 0x00000000

73
doc/radioinit
View File

@ -35,22 +35,79 @@ then it seems like the emulator dies on the stack munging they do at
the end of InitFromMemory... but I think I've decoded the entry
enough to figure out the rest.
but it looks like they then redo the first entry in cal1
then they do one entry of r4 base + 48 (gRadioTOCCal2_24MHz_c[0])
0x80003048
0x00000f78
0x80009000
0x80050100
then they do 11 entries in cal3 (need dump)
then they do 11 entries in cal3 and reg replacment (first two have delays)
then 4 entries from r5+24 (need to check what r5 has... 0x4051e4
should dump this)
0x402b8c <gRadioTOCCal3_c>: 0x80009400 0x00020017 0x80009a04 0x8185a0a4
0x402b9c <gRadioTOCCal3_c+16>: 0x80009a00 0x8c900025 0x00000000 0x00011194
0x402bac <gRadioTOCCal3_c+32>: 0x80009a00 0x8c900021 0x80009a00 0x8c900027
0x402bbc <gRadioTOCCal3_c+48>: 0x00000000 0x00011194 0x80009a00 0x8c90002b
0x402bcc <gRadioTOCCal3_c+64>: 0x80009a00 0x8c90002f 0x00000000 0x00011194
0x402bdc <gRadioTOCCal3_c+80>: 0x80009a00 0x8c900000 0x80009000 0x80050300
0x402bec <gRadioInit_RegReplacement_c>: 0x80004118 0x00180012 0x80009204 0x00000605
0x402bfc <gRadioInit_RegReplacement_c+16>: 0x80009208 0x00000504 0x8000920c 0x00001111
0x402c0c <gRadioInit_RegReplacement_c+32>: 0x80009210 0x0fc40000 0x80009300 0x20046000
0x402c1c <gRadioInit_RegReplacement_c+48>: 0x80009304 0x4005580c 0x80009308 0x40075801
0x402c2c <gRadioInit_RegReplacement_c+64>: 0x8000930c 0x4005d801 0x80009310 0x5a45d800
0x402c3c <gRadioInit_RegReplacement_c+80>: 0x80009314 0x4a45d800 0x80009318 0x40044000
---Type <return> to continue, or q <return> to quit---
0x402c4c <gRadioInit_RegReplacement_c+96>: 0x80009380 0x00106000 0x80009384 0x00083806
0x402c5c <gRadioInit_RegReplacement_c+112>: 0x80009388 0x00093807 0x8000938c 0x0009b804
0x402c6c <gRadioInit_RegReplacement_c+128>: 0x80009390 0x000db800 0x80009394 0x00093802
0x402c7c <gRadioInit_RegReplacement_c+144>: 0x8000a008 0x00000015 0x8000a018 0x00000002
0x402c8c <gRadioInit_RegReplacement_c+160>: 0x8000a01c 0x0000000f 0x80009424 0x0000aaa0
0x402c9c <gRadioInit_RegReplacement_c+176>: 0x80009434 0x01002020 0x80009438 0x016800fe
0x402cac <gRadioInit_RegReplacement_c+192>: 0x8000943c 0x8e578248 0x80009440 0x000000dd
0x402cbc <gRadioInit_RegReplacement_c+208>: 0x80009444 0x00000946 0x80009448 0x0000035a
0x402ccc <gRadioInit_RegReplacement_c+224>: 0x8000944c 0x00100010 0x80009450 0x00000515
0x402cdc <gRadioInit_RegReplacement_c+240>: 0x80009460 0x00397feb 0x80009464 0x00180358
then 44 regreplacment entries
then 4 entries from r5+24 (buffer_radio_init and cal5)
0x80009400 0x00000017
0x405230 <gRadioTOCCal5+8>: 0x8000a050 0x00000000 0x8000a054 0x00000000
0x405240 <gRadioTOCCal5+24>: 0x80003048 0x00000f00
then 43 entries from r4+152 (reg replacement)
0x402bec <gRadioInit_RegReplacement_c>: 0x80004118 0x00180012 0x80009204 0x00000605
0x402bfc <gRadioInit_RegReplacement_c+16>: 0x80009208 0x00000504 0x8000920c 0x00001111
0x402c0c <gRadioInit_RegReplacement_c+32>: 0x80009210 0x0fc40000 0x80009300 0x20046000
0x402c1c <gRadioInit_RegReplacement_c+48>: 0x80009304 0x4005580c 0x80009308 0x40075801
0x402c2c <gRadioInit_RegReplacement_c+64>: 0x8000930c 0x4005d801 0x80009310 0x5a45d800
0x402c3c <gRadioInit_RegReplacement_c+80>: 0x80009314 0x4a45d800 0x80009318 0x40044000
0x402c4c <gRadioInit_RegReplacement_c+96>: 0x80009380 0x00106000 0x80009384 0x00083806
0x402c5c <gRadioInit_RegReplacement_c+112>: 0x80009388 0x00093807 0x8000938c 0x0009b804
0x402c6c <gRadioInit_RegReplacement_c+128>: 0x80009390 0x000db800 0x80009394 0x00093802
0x402c7c <gRadioInit_RegReplacement_c+144>: 0x8000a008 0x00000015 0x8000a018 0x00000002
0x402c8c <gRadioInit_RegReplacement_c+160>: 0x8000a01c 0x0000000f 0x80009424 0x0000aaa0
0x402c9c <gRadioInit_RegReplacement_c+176>: 0x80009434 0x01002020 0x80009438 0x016800fe
0x402cac <gRadioInit_RegReplacement_c+192>: 0x8000943c 0x8e578248 0x80009440 0x000000dd
0x402cbc <gRadioInit_RegReplacement_c+208>: 0x80009444 0x00000946 0x80009448 0x0000035a
0x402ccc <gRadioInit_RegReplacement_c+224>: 0x8000944c 0x00100010 0x80009450 0x00000515
0x402cdc <gRadioInit_RegReplacement_c+240>: 0x80009460 0x00397feb 0x80009464 0x00180358
0x402cec <gRadioInit_RegReplacement_c+256>: 0x8000947c 0x00000455 0x800094e0 0x00000001
0x402cfc <gRadioInit_RegReplacement_c+272>: 0x800094e4 0x00020003 0x800094e8 0x00040014
0x402d0c <gRadioInit_RegReplacement_c+288>: 0x800094ec 0x00240034 0x800094f0 0x00440144
0x402d1c <gRadioInit_RegReplacement_c+304>: 0x800094f4 0x02440344 0x800094f8 0x04440544
0x402d2c <gRadioInit_RegReplacement_c+320>: 0x80009470 0x0ee7fc00 0x8000981c 0x00000082
0x402d3c <gRadioInit_RegReplacement_c+336>: 0x80009828 0x0000002a
then flash init. (hrmm.. this might be important)
then flyback init.
then some other stuff. (need to check this out closley)
then maybe buckbypass sequence... 4 entries from r4+16
0x402b64 <gBuckByPass_c>: 0x80003000 0x00000018 0x80003048 0x00000f04
0x402b74 <gBuckByPass_c+16>: 0x00000000 0x000161a8 0x80003048 0x00000ffc

60
doc/ws.dis
View File

@ -5186,13 +5186,13 @@ Disassembly of section P2:
402fce: 65b8 str r0, [r7, #88] // gRadioTOCCal2_N[88] 0x58
402fd0: 4837 ldr r0, [pc, #220] (4030b0 <RadioInit+0xf4>) // r0 gets 4030b0: 016e3600 .word 0x016e3600 = 240000000
402fd2: 4286 cmp r6, r0
402fd4: d001 beq.n 402fda <RadioInit+0x1e> // if 24 MHz test for 24MHZ
402fd4: d001 beq.n 402fda <RadioInit+0x1e> // if 24 MHz test for 24MHZ skips to endif
402fd6: 617c str r4, [r7, #20] // gRadioTOCCal2_N[20] 0x14
402fd8: 61fd str r5, [r7, #28] // gRadioTOCCal2_N[28] 0x1c
402fda: 4c36 ldr r4, [pc, #216] (4030b4 <RadioInit+0xf8>) // else endif 4030b4: .word 0x00402dcc buck_enable
402fdc: 4d70 ldr r5, [pc, #448] (4031a0 <fill_ram_struct+0x18>) // 0x0040544c ram_init_val
402fde: 7928 ldrb r0, [r5, #4] // load low byte
402fe0: 2801 cmp r0, #1 // check if its 1 (it's not)
402fe0: 2801 cmp r0, #1 // check if its 1 (it's not, it's 0)
402fe2: d106 bne.n 402ff2 <RadioInit+0x36> // and skip stuff (to 2ff2,HERE) assume skip we have 24MHz
402fe4: 4834 ldr r0, [pc, #208] (4030b8 <RadioInit+0xfc>) // 4030b8: .word 0x00000f7b
402fe6: 6378 str r0, [r7, #52] // what's r7? put f7b into gRadioTOCCal2_None24Mhz_c[52] 0x34
@ -5201,9 +5201,9 @@ Disassembly of section P2:
402fec: 2110 movs r1, #16
402fee: 0020 lsls r0, r4, #0
402ff0: e009 b.n 403006 <RadioInit+0x4a>
402ff2: 7968 ldrb r0, [r5, #5] // HERE: what's r5? looks like ram_init_val[5] 0x05
402ff4: 2801 cmp r0, #1 // another test. not one. (it's 0x1e)
402ff6: d108 bne.n 40300a <RadioInit+0x4e> // maybe skip to THERE
402ff2: 7968 ldrb r0, [r5, #5] // HERE: what's r5? looks like ram_init_val[5] i
402ff4: 2801 cmp r0, #1 // another test. not one. (it's 0) skip to THERE
402ff6: d108 bne.n 40300a <RadioInit+0x4e> // skip to THERE
402ff8: 4830 ldr r0, [pc, #192] (4030bc <RadioInit+0x100>) // 4030bc: 00000f7c .word 0x00000f7c
402ffa: 6378 str r0, [r7, #52] // put f7c into gRadioTOCCal2_None24Mhz_c[52] 0x34
402ffc: 3878 subs r0, #120
@ -5213,33 +5213,33 @@ Disassembly of section P2:
403004: 3010 adds r0, #16
403006: f000 f96d bl 4032e4 <SMAC_InitFromMemory> // call InitFromMemory with setup vals? 32 bytes of buck_enable+16?
40300a: 2128 movs r1, #40 // THERE: chould have come from a skip r1 gets 40
40300c: 0038 lsls r0, r7, #0 // r0 is r7 (cal2)
40300c: 0038 lsls r0, r7, #0 // r0 is r7 (cal2) r7 base
40300e: 3030 adds r0, #48 // now its cal2+48 which is 0x405420 (increment by sizeof?)
403010: f000 f968 bl 4032e4 <SMAC_InitFromMemory> // 40 entries of gRadioTOCCal2_None24Mhz+48?//i think this bombs b/c zero...
403014: 4826 ldr r0, [pc, #152] (4030b0 <RadioInit+0xf4>) // 4030b0: 016e3600 .word 0x016e3600
403016: 4286 cmp r6, r0
403018: d103 bne.n 403022 <RadioInit+0x66> // another test for 24MHz
40301a: 2108 movs r1, #8
40301c: 0020 lsls r0, r4, #0
40301e: 3030 adds r0, #48
403018: d103 bne.n 403022 <RadioInit+0x66> // another test for 24MHz branch to NEXT: if !=, but they are
40301a: 2108 movs r1, #8 // 8 bytes = 1 entry
40301c: 0020 lsls r0, r4, #0 // r4 base
40301e: 3030 adds r0, #48 // r4 base+48
403020: e001 b.n 403026 <RadioInit+0x6a> // goto endif
403022: 2130 movs r1, #48 // else, guissing else is for not 24MHz since r7 is involved
403024: 0038 lsls r0, r7, #0
403026: f000 f95d bl 4032e4 <SMAC_InitFromMemory> // endif, do InitFromMemory, 8 entries from 00402dfc <gRadioTOCCal2_24MHz_c>:
40302a: 2158 movs r1, #88
40302c: 0020 lsls r0, r4, #0
403022: 2130 movs r1, #48 // NEXT:
403024: 0038 lsls r0, r7, #0 // 48 bytes = 6 entries of r7+0
403026: f000 f95d bl 4032e4 <SMAC_InitFromMemory> // endif do the init
40302a: 2158 movs r1, #88 // do 11 entries
40302c: 0020 lsls r0, r4, #0 // of r4 base + 56
40302e: 3038 adds r0, #56
403030: f000 f958 bl 4032e4 <SMAC_InitFromMemory> // do another then do 88 entries from r4+56 0x2e14 (in cal 3)
403030: f000 f958 bl 4032e4 <SMAC_InitFromMemory> // do another then do 11 entries from r4+56 0x2e14 (in cal 3)
403034: 481e ldr r0, [pc, #120] (4030b0 <RadioInit+0xf4>)
403036: 4286 cmp r6, r0 // check for 24MHZ
403038: d004 beq.n 403044 <RadioInit+0x88> // goto endif
40303a: 2108 movs r1, #8
40303c: 0020 lsls r0, r4, #0
40303e: 3090 adds r0, #144
403040: f000 f950 bl 4032e4 <SMAC_InitFromMemory>
403044: 2120 movs r1, #32 // endif
40303a: 2108 movs r1, #8 // skip
40303c: 0020 lsls r0, r4, #0 // skip
40303e: 3090 adds r0, #144 // skip
403040: f000 f950 bl 4032e4 <SMAC_InitFromMemory> // skip
403044: 2120 movs r1, #32 // endif: four entries of
403046: 0028 lsls r0, r5, #0
403048: 3018 adds r0, #24
403048: 3018 adds r0, #24 // r5+24
40304a: f000 f94b bl 4032e4 <SMAC_InitFromMemory> // do 32 entries in r5+24 this might be zero...
40304e: 21ac movs r1, #172
403050: 0049 lsls r1, r1, #1 // r1 gets 344
@ -5250,20 +5250,20 @@ Disassembly of section P2:
40305c: 0240 lsls r0, r0, #9 // r0 is now 0x1F000
40305e: f000 f8db bl 403218 <SMAC_InitFromFlash> // from flash --- this might be the regreplacment since that's in codespace...
403062: f000 f82f bl 4030c4 <SMAC_InitFlybackSettings> // looks like this happens...
403066: 7928 ldrb r0, [r5, #4]
403066: 7928 ldrb r0, [r5, #4] // 0 unless initfromflash does something to it
403068: 2801 cmp r0, #1
40306a: d101 bne.n 403070 <RadioInit+0xb4>
40306c: 2110 movs r1, #16
40306e: e004 b.n 40307a <RadioInit+0xbe>
40306a: d101 bne.n 403070 <RadioInit+0xb4> // say it doesn't branch,
40306c: 2110 movs r1, #16 // r1 gets 16
40306e: e004 b.n 40307a <RadioInit+0xbe> // branch to 5
403070: 7968 ldrb r0, [r5, #5]
403072: 2801 cmp r0, #1
403074: d104 bne.n 403080 <RadioInit+0xc4>
403074: d104 bne.n 403080 <RadioInit+0xc4> // skips an init from memory
403076: 2120 movs r1, #32
403078: 3410 adds r4, #16
40307a: 0020 lsls r0, r4, #0
40307c: f000 f932 bl 4032e4 <SMAC_InitFromMemory> // do 32 entries but now from 0x2e74 + 16 0x2e84
40307a: 0020 lsls r0, r4, #0 // 5:
40307c: f000 f932 bl 4032e4 <SMAC_InitFromMemory> // do 4 entries but now from r4 + 16 of buck bypass
403080: 480f ldr r0, [pc, #60] (4030c0 <RadioInit+0x104>)
403082: f000 f881 bl 403188 <fill_ram_struct>
403082: f000 f881 bl 403188 <fill_ram_struct> // and a call to fill ram struct --- maybe important to the program?
403086: 2400 movs r4, #0
403088: 78e9 ldrb r1, [r5, #3]
40308a: 0620 lsls r0, r4, #24