32X Slave SH2 BIOS disassembly

Ask anything your want about the 32X Mushroom programming.

Moderator: BigEvilCorporation

Post Reply
ob1
Very interested
Posts: 465
Joined: Wed Dec 06, 2006 9:01 am
Location: Aix-en-Provence, France

32X Slave SH2 BIOS disassembly

Post by ob1 » Mon Feb 08, 2021 2:27 pm

Yo guys.

Here is a disassembly of the Slave SH2 BIOS.
I went a bit further than for the master (13 years ago !!!) and I finally got the frame buffer read (it's for the Sega CD32X, stupid!).

Code: Select all

INITIAL_SP	equ	$0603F800

	dc.l	start
	dc.l	INITIAL_SP
	dc.l	start
	dc.l	INITIAL_SP

	dc.l	fail
	dc.l	0
	dc.l	fail
	dc.l	$20100400

	dc.l	$20100420
	dc.l	fail
	dc.l	fail
	dc.l	fail

	dc.l	fail
	dc.l	0,0,0
	dc.l	0,0,0,0
	dc.l	0,0,0,0
	dc.l	0,0,0,0
	dc.l	0,0,0,0

	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail,fail
	dc.l	fail,fail,fail

fail:
	BRA	fail
	NOP

start:
	MOV.L	maskAllInterrupts,R0
	LDC	R0,SR

	MOV	#0,R0
	MOV	#0,R1
	MOV	#0,R2
	MOV	#0,R3
	MOV	#0,R4
	MOV	#0,R5
	MOV	#0,R6
	MOV	#0,R7
	MOV	#0,R8
	MOV	#0,R9
	MOV	#0,R10
	MOV	#0,R11
	MOV	#0,R12
	MOV	#0,R13
	MOV	#0,R14

	MOV.L	registerValuesPointer,R8
	MOV.L	registers,R9		; $FFFFFE00
	MOV.L	@R8+,R0
	MOV.L	R0,@(0,R9)		; BCR1
	MOV.L	@R8+,R0
	MOV.L	R0,@(4,R9)		; BCR2
	MOV.L	@R8+,R0
	MOV.L	R0,@(8,R9)		; WCR
	MOV.L	@R8+,R0
	MOV.L	R0,@($C,R9)		; MCR
	MOV.L	@R8+,R0
	MOV.L	R0,@($10,R9)		; RTCSR
	MOV.L	@R8+,R0
	MOV.L	R0,@($14,R9)		; RTCNT
	MOV.L	@R8+,R0
	MOV.L	R0,@($18,R9)		; RTCOR
	MOV.L	GBR_value,R14
	LDC	R14,GBR
	MOV.B	@(0,GBR),R0		; Read IMR
	TST	#2,R0			; T <=> IMR & 2 == 0 <=> /ADEN
	BF	adenIsTrue
	SLEEP
adenIsFalse:
	BRA	adenIsFalse
	NOP

	.align	4
maskAllInterrupts:
	DC.L	$000000F0

adenIsTrue:
	MOV.L	SBYCR,R8
	MOV	#0,R0
	MOV.B	R0,@R8
	MOV.L	CCR,R9
	MOV	#$11,R0
	MOV.B	R0,@R9		; Four-way mode cache
	MOV.B	@(0,GBR),R0	; Read IMR
	TST	#1,R0		; T <=> IMR & 1 == 0 <=> /CART <=> a cart in inserted!
	BF	segaCD32X
	BSR	waitForM_OK
	NOP
	MOV.L	startAddressInCart,R13
	MOV.L	@(8,R13),R0	; Load Slave VBR
	LDC	R0,VBR
	MOV.L	@R13,R8		; R8 = startAddress
	MOV.L	S_OK,R0
	MOV.L	R0,@($24,GBR)
	JMP	@R8
	NOP

waitForM_OK:
	MOV.L	M_OK,R2
loop:
	MOV	#$28,R0
	MOV	#1,R1
waitAWhile:
	SUB	R1,R0
	CMP/EQ	#0,R0
	BF	waitAWhile
	MOV.L	@($20,GBR),R0	; Read CommPort0
	CMP/EQ	R0,R2
	BF	loop
	RTS
	NOP

M_OK:	DC.L	'M_OK'

segaCD32X:
	MOV.L	_CD_,R1
waitForCD:
	MOV.L	@($20,GBR),R0
	CMP/EQ	R0,R1
	BF	waitForCD
	BSR	waitForM_OK
	NOP

	MOV.L	frameBuffer,R8		; In case of Sega CD 32X, ...
					; ... the Sega CD writes stuff in the frame buffer
	MOV.L	@($C,R8),R10		; R10 = startAddress
	MOV.L	@($14,R8),R11		; R11 = VBR
	MOV.L	S_OK,R0
	MOV.L	R0,@($24,GBR)
	LDC	R11,VBR
	JMP	@R10
	NOP

GBR_value:
	DC.L	$20004000

registerValuesPointer:
	DC.L	registerValues

registers:
	DC.L	$FFFFFFE0

CCR:	DC.L	$FFFFFE92

SBYCR:	DC.L	$FFFFFE91

startAddressInCart:
	DC.L	$220003E4

frameBuffer:
	DC.L	$24000018
	DC.L	$00020000
	DC.L	$26000000
	DC.L	$26040000

registerValues:
	DC.L	$A55A0001	; BCR1
	DC.L	$A55A00A8	; BCR2
	DC.L	$A55A0055	; WCR
	DC.L	$A55A0AB8	; MCR
	DC.L	$A55A0008	; RTCSR
	DC.L	$A55A0000	; RTCNT
	DC.L	$A55A0059	; RTCOR

_CD_:	DC.L	'_CD_'

S_OK:	DC.L	'S_OK'


	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF
	DC.L	$FFFFFFFF,$FFFFFFFF,$FFFFFFFF,$FFFFFFFF

Post Reply