gaming/dolphin-emulator
gaming/dolphin-emulator
1
0
Fork 0
mirror of https://github.com/dolphin-emu/dolphin synced 2024-07-03 00:38:51 +00:00
Code Issues Projects Releases Wiki Activity
master
dolphin-emulator/Source/DSPSpy/gba.txt
Tillmann Karras fb041f75e5 DSPSpy: save and restore $sr properly
2020-06-08 04:21:41 +01:00

609 lines
13 KiB
Plaintext
Raw Permalink Blame History

incdir "tests"
include "dsp_base.inc"
; We'll let dsp_base.inc catch exceptions
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;halt
;rti
;halt
sbset #0x06
sbclr #0x03
sbclr #0x04
sbset #0x05
lri $CR, #0x00ff
lri $WR0, #0xffff
lri $WR1, #0xffff
lri $WR2, #0xffff
lri $WR3, #0xffff
set40
m0
clr15
;step 1: context setup
call send_back
call 0x807e ; loop until DSP->CPU mailbox is empty
si @DMBH, #0xdcd1
si @DMBL, #0x0000 ; sendmail 0xdcd10000
si @DIRQ, #0x0001
; wait for CPU mail == 0xabbaxxxx
wait_cpu_init:
call 0x8078
lrs $AC0.L, @CMBL
cmpi $AC0.M, #0xabba
jnz wait_cpu_init
; Next mail has the mram addr of the data to fetch
set16
call 0x8078
lrs $AX0.L, @CMBL
andi $AC0.M, #0x0fff
mrr $AX0.H, $AC0.M
lri $AX1.H, #0x0000 ; DSP-DRAM addr
lri $AX1.L, #0x0020 ; length (32 bytes = 16 words, word 9 and 10 are addr where result should DMA'd to in main mem)
lri $IX3, #0x0000 ; there will be no ucode/iram upload
lri $AR0, #do_main ; return addr after DRAM upload
jmp 0x80bc ; DRAM upload !!
; $AX0.H-$AX0.L - CPU(PPC) addr = mail & 0x0fffffff
; upload data from mainmem to DSP DRAM and jump to 0x41 after that
; ucode addr 0x0041
do_main:
;step 2: got data from CPU, before going into BigCrazyFunction
call send_back
call BigCrazyFunction ; <<------------- main crap is here!!!!!!!!!
call 0x807e ; loop until DSP->CPU mailbox is empty
si @DMBH, #0xdcd1
si @DMBL, #0x0003 ; sendmail 0xdcd10003 (aka... calc is over, result is in main mem now)
si @DIRQ, #0x0001
set40
; wait for CPU to tell us what to do after calc'ing
wait_cpu_end:
call 0x8078
cmpi $AC0.M, #0xcdd1
jnz wait_cpu_end
lrs $AC0.M, @CMBL
cmpi $AC0.M, #0x0001
jz PrepareBootUcode ; if CPU->DSP mail was 0xcdd10001 -> 005e_PrepareBootUcode()
cmpi $AC0.M, #0x0002
jz 0x8000 ; if CPU->DSP mail was 0xcdd10002 -> DSP reset ( jmp to irom(0x8000))
; THIS IS CUSTOM CODE
cmpi $AC0.M, #0xbabe
jz end_of_test ; wait for DSP to be reset by CPU
jmp wait_cpu_end ; wait for next mail from CPU
halt
PrepareBootUcode:
set16
call 0x8078
lrs $AC0.L, @CMBL
call 0x8078
lrs $AC0.L, @CMBL
call 0x8078
lrs $AC0.L, @CMBL
call 0x8078
lr $IX1, @CMBL
andi $AC0.M, #0x0fff
mrr $IX0, $AC0.M
call 0x8078
lr $IX3, @CMBL
call 0x8078
lr $IX2, @CMBL
call 0x8078
lr $AR0, @CMBL
call 0x8078
lrs $AX0.L, @CMBL
andi $AC0.M, #0x0fff
mrr $AX0.H, $AC0.M
call 0x8078
lrs $AX1.L, @CMBL
call 0x8078
lrs $AX1.H, @CMBL
sbclr #0x05
sbclr #0x06
jmp 0x80b5 ; BootUcode()
halt
; does some crazy stuff with data at DRAM @0x3/0x5/0x6/0x7 with help of some values from drom :)
; result is @0x22,@0x23 and written back to main memory to dmem-0x08:dmem-0x09
BigCrazyFunction:
; {
clr $ACC0
lri $AR1, #0x0010
loopi #0x20
srri @$AR1, $AC0.M
call send_back ;3
lr $AC1.M, @0x1456
call send_back
andi $AC1.M, #0xffd0
call send_back
clrp'mv : $AX1.L, $AC1.M ; assembler doesn't like .m here
call send_back
lri $AR0, #0x0000
call send_back
lri $IX2, #0x0000
call send_back
lri $AR2, #0x001f
call send_back
lr $AC0.M, @0x15f6
call send_back
lsl $ACC0, #8
call send_back
lr $AC1.M, @0x1766
call send_back
andi $AC1.M, #0x00ff
call send_back
mrr $AX0.H, $AC1.M
call send_back
call 0x88e5
call send_back
mrr $AX0.L, $AC0.L
call send_back
clr'mv $ACC0 : $AX1.H, $AC0.M ; assembler doesn't like .m here
call send_back
lrri $AC0.M, @$AR0
call send_back
lsr $ACC0, #-8
call send_back
mrr $AC1.M, $AC0.L
call send_back
mrr $AX0.H, $AC0.M
call send_back
call 0x8809
call send_back
call 0x8723
call send_back
dar $AR2
call send_back
clr'dr $ACC0 : $AR2
call send_back
lr $AC0.M, @0x166c
call send_back
lsl $ACC0, #4
call send_back
andi $AC0.M, #0xff00
call send_back
lr $AC1.M, @0x1231
call send_back
lsr $ACC1, #-8
call send_back
andi $AC1.M, #0x00ff
call send_back
mrr $AX0.H, $AC1.M
call send_back
call 0x88e5
call send_back
mrr $AX0.L, $AC0.L
call send_back
clr'mv $ACC0 : $AX1.H, $AC0.M ; assembler doesn't like .m here
call send_back
lrri $AC0.M, @$AR0
call send_back
lsr $ACC0, #-8
call send_back
mrr $AC1.M, $AC0.L
call send_back
mrr $AX0.H, $AC0.M
call send_back
call 0x8809
call send_back
call 0x8723
call send_back
clr $ACC0
call send_back
clr $ACC1
call send_back
lr $AC1.H, @0x0005
call send_back
asr16 $ACC1
call send_back
cmp
call send_back ;46
jz Unk_00e5
call send_back ;47
jl Unk_00f3
call send_back ;48
; if ( > ) {
; length 12
lri $AR2, #0x0010
call send_back
lri $IX2, #0x0001
call send_back
lr $AC0.H, @0x171b
call send_back
asr16 $ACC0
call send_back
neg $ACC1
call send_back
add $ACC1, $ACC0
call send_back
lsl $ACC1, #1
call send_back
mrr $AX0.H, $AC1.M
call send_back
lr $AC1.M, @0x0003
call send_back
lsl $ACC1, #4
call send_back
call 0x8809
call send_back
jmp Unk_0102
call send_back ;60
; } else if ( == 0) {
; length 8
Unk_00e5:
lri $AR2, #0x0011
call send_back
lr $AC1.M, @0x0003
call send_back
lsl $ACC1, #1
call send_back
mrr $AX0.H, $AC1.M
call send_back
lr $AC0.M, @0x1043
call send_back
andi $AC0.M, #0xfff0
call send_back
call 0x88e5
call send_back ;53
jmp Unk_0102
; } else if ( < ) {
; length 10
Unk_00f3:
lri $AR2, #0x0010
call send_back
lri $IX2, #0x0001
call send_back
lr $AC0.H, @0x1285
call send_back
asr16 $ACC0
call send_back
add $ACC1, $ACC0
call send_back
lsl $ACC1, #1
call send_back
lr $AC0.M, @0x0003
call send_back
lsl $ACC0, #4
call send_back
mrr $AX0.H, $AC0.M
call send_back
call 0x8809
call send_back ;57
; }
Unk_0102:
lri $AR3, #0x0013
call send_back ; either step 60, 53, 57
srri @$AR3, $AC0.M
call send_back
clr's $ACC1 : @$AR3, $AC0.L
call send_back
lri $AR3, #0x0013
call send_back
lr $AC1.M, @0x0007
call send_back
lr $AC0.M, @0x11b8
call send_back
andi $AC0.M, #0xfff0 ;66
call send_back
mrr $AX0.H, $AC0.M
call send_back
;call 0x81f4
mulxac'mv $AX0.H, $AX1.L, $ACC1 : $AX1.H, $AC0.M
call send_back
asr16'ir $ACC1 : $AR1
call send_back ;66
srri @$AR3, $AC1.M
call send_back
clr's $ACC0 : @$AR3, $AC1.L
call send_back
lsl16 $ACC1
call send_back
;call 0x8458 ;66
mulxac'mv $AX0.H, $AX1.L, $ACC1 : $AX1.H, $AC0.M
call send_back
asr16 $ACC1
call send_back
srri @$AR3, $AC1.M
call send_back
clr's $ACC0 : @$AR3, $AC1.L
call send_back
call send_back
set40
call send_back
lri $AR2, #0x0015
call send_back
lr $AC0.M, @0x0006
call send_back
lr $AX0.H, @0x165b
call send_back
call 0x88e5
call send_back
asr $ACC0, #-3
call send_back
lsl $ACC0, #3
call send_back
srri @$AR2, $AC0.M
call send_back
srri @$AR2, $AC0.L
call send_back
lri $AR2, #0x0016
call send_back
lr $AC0.M, @0x1723
call send_back
asr $ACC0, #-12
call send_back
lr $AX0.H, @0x166b
call send_back
call 0x88e5
call send_back
tst $ACC0
call send_back
jge Unk_012e
call send_back
clr $ACC0
call send_back
Unk_012e:
asr $ACC0, #-3
call send_back
set16
;step 4
call send_back
lr $AC1.M, @0x1491
call send_back
andi $AC1.M, #0xd0f0
call send_back
mrr $IX1, $AC1.M
call send_back
lr $AC1.M, @0x1468
call send_back
lr $AC1.H, @0x11fc
call send_back
lsr $ACC1, #-4
call send_back
mrr $IX2, $AC1.M
call send_back
lr $AC1.H, @0x11b8
call send_back
asr16 $ACC1
call send_back
lsl $ACC0, #24
call send_back
lsr $ACC0, #-8
call send_back
mrr $AX0.H, $AC0.M
call send_back
mrr $AC1.M, $AC0.M
call send_back
mrr $AX1.H, $IX1
call send_back
andr $AC0.M, $AX1.H
call send_back
lsl $ACC0, #2
call send_back
mrr $AX1.H, $IX2
call send_back
andr $AC1.M, $AX1.H
call send_back
lsl $ACC1, #1
call send_back
add $ACC0, $ACC1
call send_back
lsl $ACC1, #24
call send_back
asr16 $ACC1
call send_back
andr $AC1.M, $AX0.H
call send_back
add $ACC0, $ACC1
call send_back
lr $AC1.M, @0x0012
call send_back
orc $AC1.M, $AC0.M
call send_back
sr @0x0012, $AC1.M
call send_back
lsr $ACC0, #-16
call send_back
lr $AC1.M, @0x0011
call send_back
orc $AC1.M, $AC0.M
call send_back
sr @0x0011, $AC1.M
call send_back
mrr $AC1.L, $IX1
call send_back
lsl $ACC1, #1
call send_back
mrr $AC1.M, $IX2
call send_back
lsl16 $ACC1
call send_back
asr $ACC1, #-8
call send_back
lsr16 $ACC1
call send_back
mrr $AX0.H, $AC1.M
call send_back
mrr $AX1.H, $AC1.L
call send_back
clr $ACC0
call send_back
lr $AC0.M, @0x0011
call send_back
andr $AC0.M, $AX0.H
call send_back
clr $ACC1
call send_back
lr $AC1.M, @0x0012
call send_back
andr $AC1.M, $AX0.H
call send_back
add $ACC0, $ACC1
call send_back
lr $AC1.M, @0x0012
call send_back
lsr $ACC1, #-8
call send_back
add $ACC0, $ACC1
call send_back
call send_back
clr $ACC1
call send_back
mrr $AC1.M, $AC0.M
call send_back
lsl $ACC1, #8
call send_back
orr $AC1.M, $AX1.H
call send_back
lr $AC0.M, @0x0011
call send_back
orc $AC0.M, $AC1.M
call send_back
lr $AC1.M, @0x0012
call send_back
orr $AC1.M, $AX1.H
call send_back
mrr $IX1, $AC1.M
call send_back
lr $AX0.H, @0x15f1
call send_back
andr $AC1.M, $AX0.H
call send_back
jz else_0192
call send_back
; if () {
lr $AC1.M, @0x10e2
call send_back
lsl $ACC1, #8
call send_back
mrr $AX0.H, $AC1.M
call send_back
lr $AC1.M, @0x103b
call send_back
decm $AC1.M
call send_back
orr $AC1.M, $AX0.H
call send_back
xorc $AC0.M, $AC1.M
call send_back
sr @0x0022, $AC0.M
call send_back
lr $AC0.L, @0x1229
call send_back
lr $AC1.L, @0x11f8
call send_back
sub $ACC0, $ACC1
call send_back
lsl16 $ACC0
call send_back
mrr $AC1.M, $IX1
call send_back
xorc $AC0.M, $AC1.M
call send_back
jmp Unk_01a5
call send_back
; } else {
else_0192:
lr $AC1.M, @0x10ca
call send_back
lsl $ACC1, #8
call send_back
mrr $AX0.H, $AC1.M
call send_back
lr $AC1.M, @0x1043
call send_back
incm $AC1.M
call send_back
orr $AC1.M, $AX0.H
call send_back
xorc $AC0.M, $AC1.M
call send_back
sr @0x0022, $AC0.M
call send_back
lr $AC0.L, @0x1259
call send_back
lr $AC1.L, @0x16fe
call send_back
add $ACC0, $ACC1
call send_back
lsl16 $ACC0
call send_back
mrr $AC1.M, $IX1
call send_back
xorc $AC0.M, $AC1.M
call send_back
; }
Unk_01a5:
; this is where result is written to main memory
; DSP mem 0x20-0x23 (8 bytes) are written back (DMA limitation),
; but only values @22 and @23 were modified (result is 32bit)
sr @0x0023, $AC0.M
call send_back
lr $AX0.H, @0x0008 ; CPU addr high
call send_back
lr $AX0.L, @0x0009 ; CPU addr low
call send_back
lri $AX1.H, #0x0020 ; DSP addr
call send_back
lri $AX1.L, #0x0008 ; length
call send_back
lri $IX3, #0x0000 ; there will be no iram DMA
call send_back
call 0x808b ; DRAM->CPU <<<--- important!!
call send_back
ret
; }
; Free some space for the TROJAN CODEZ
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
;nop
Reference in New Issue View Git Blame Copy Permalink