Post Reply 
[HP4x] ROM Disassembly
03-03-2015, 10:10 AM (This post was last modified: 03-11-2015 08:40 AM by Bruno.)
Post: #1
[HP4x] ROM Disassembly
Hi all,

by chance, I found this website providing the full entries for the HP49G ROM 1.24 (about 24000 symbols!), and a pretty full list for the HP48SX (9000 symbols).
As explained by the author, the 49G symbols are the real symbols used by the HP's developers.
And I think the HP48's symbols are extracted by the same way (from ROM's objects files) and are the true symbols names used by the HP's developers.

This give me the idea for two new projects:
- Disassembling the HP48 and HP49 ROMs with SadHp and those big symbols lists
- Increase and update the Carsten's Entries Database (see my other thread about that)

After some work on the 'ALLROM48' file, I've produced a ready to use symbol file with SadHp (see attached files),
and discovered some interesting things:

- This symbols provide from one of the following ROM revision A,B,C or D, but I can’t say which one.

- The ALLROM48 (& ALLROM49 also) file do not contain only entries, but also DEFINES,CONSTANTS,ROMPTR and object files names used to produce the ROM binary object.
It was fastidious to sort out this file, but this give me a 'quick' overview on how the source code and the ROM have been organized. Smile

- Curiously, this file does not contain all of the symbols, even a few supported entries doesn't appears, and there are some 'holes'.

For now, if it was easy with SadHp to disassemble the HP48SX's ROMs, the HP48GX's ROMs disassembly require additional work:

- Replace in my file 'All symbols.txt' all of the 48SX addresses by the addresses in the Mika's '.symbols.gx' file.
- Remove the 7ffff limitation to allow disassembly of the whole GX ROM.

If anyone have time to help me, He is welcome Smile

In the attached archive, you can find the following files useful for the HP48SX/GX ROM disassembly:

[SX UPDATE 3]
- SXSymbolsHP.txt: ALLROM48 & HPSupported Entries mixed together
- SXSymbolsHP2.txt Same as above plus User commands was marked as supported entries.
- SXSymbolsMika&ALLHP.txt: ALLROM48 & Mika's Symbols mixed together
- SXSymbolsMika&ALLHP Duplicates removed.txt: ALLROM48 & Mika's Symbols mixed together with duplicate entries (by address) removed - DEFINES.txt: contain some definitions and constants extracted from the 'ALLROM48' file (very interesting)
- ROMPTR.txt: all ROMPTR symbols for libraries 0F0, 700 and 002, extracted from the 'ALLROM48' file
- ObjFiles.txt: Generated object file names that produced the ROM binary, extracted from the 'ALLROM48' file

[GX UPDATE 4]
- GXSymbolsHP.txt: ALLROM48 & HPSupported Entries & RAMEntries mixed together ( SX addresses replaced by GX addresses using Mika's symbol files).
- SXGXEntriesCrossReference.csv: Address cross reference beetween SX RevE and GX RevM.

Here is a sample that you could expect using SadHp with my symbols file:

Code:
ASSEMBLE
09946   =File:r.config.o                     -----------  Object File Name  -----------
09946   =INITCARDS    ( Version dependant )  -----------  Mika's entry name -----------
09946   =Chipconfig                          -----------  Official HP name  -----------
09946 843         ST=0    3
09949 840         ST=0    0
0994C 7322        GOSUB    =COMPCONFCRC

Enjoy Smile
Bruno


Attached File(s)
.zip  HP48SXSymbols.zip (Size: 286.12 KB / Downloads: 17)
.zip  HP48GXSymbols.zip (Size: 68.75 KB / Downloads: 22)
Find all posts by this user
Quote this message in a reply
03-03-2015, 01:19 PM
Post: #2
RE: [HP4x] ROM Disassembly
Here are some additional hints for the covered portion of the rom:

Code:
.formats.gx
-----------------------------------
80000:c
80946:x2
809be:c
81ecf:x32
82000:L
89975:r
8d29f:r
8fd72:l
90000:L
98bf8:l
98ddd:L
b4b32:L
bA56f:L
be9b4:x32
c0000:L
c31be:L
c4e1f:L
c532b:L
c78d4:L
cadbd:L
cbac7:L
cf380:r
d1362:r
d49c7:L
d9a4a:L
dcb7c:L
ff959:x32
FFFFF:r

This is for ROM R. I know for sure that at #82000h is the start of a library, and everything past that should be enough to disassemble the rest of covered ROM. So in between #80000h and #82000h should be some SASM code that handles ports, but I have not spent too much time looking into it.

For those who want to tinker with sadhp, you'll need to adjust sad.c and remove the memory limit (change #7FFFFh to #FFFFFh) around line 609:

Change: if(opt_startpt <= 0x7ffff) to if(opt_startpt <= 0xfffff)

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-03-2015, 01:55 PM (This post was last modified: 03-04-2015 02:32 AM by Han.)
Post: #3
RE: [HP4x] ROM Disassembly
Additionally, the core files used by sadhp expect the ROM to be in "decompressed" form. That is, you will have to convert each character in the ROM file into separate nibbles. Note also that the nibbles must be swapped. Here's a short program that will convert a rom file stored in rom.bin into a core file named rom.core

EDIT: This code below is for converting SX roms to the proper format. For GX roms, you can simply use the sport command

Code:
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <ctype.h>

int main(argc, argv)
    int argc;
    char **argv;
{
     int value, counter, chr;
     FILE *in, *out;

     value = 0;

     if(!(in=fopen("rom.bin","r")))
      {
           perror("rom.bin");
           exit(1);
      }
     if(!(out=fopen("rom.core","w")))
      {
           perror("rom.core");
           exit(1);
      }
     while( (chr = getc(in) ) != EOF)
      {
                 value= (chr/16) & 0xF;
                 putc(value,out);
                 value=(chr) & 0xF ;
                 putc(value,out);
      }
     return 0 ;
}

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-04-2015, 08:19 AM
Post: #4
RE: [HP4x] ROM Disassembly
Thank you very much Han.
I'm pretty sure to finish the GX symbols file today Smile
Find all posts by this user
Quote this message in a reply
03-04-2015, 09:15 AM (This post was last modified: 03-13-2015 06:16 PM by Han.)
Post: #5
RE: [HP4x] ROM Disassembly
Here are some diffs for compiling on Mac OS X; your interest in the HP48 has renewed my own interest in it as well. You will need to install the command line tools (this process has changed a few times, but it's basically the unix stuff such as make, etc).

The attached zip file is a diff of the original 1.05 Source directory with my Source directory which I've re-versioned to 1.06

The next update will be to get the xcom, xfmt, and xsym programs to run for the GX ROMs. Then it will be much easier to disassemble and comment these ROMs using emacs.

To disassemble covered ROM, use:

sad -Xv <start> <end>

You can still disassemble port1 and port2 by simply removing the -v option and ensure that <start> is an address in the port1 or port2 range (i.e. #80000h or higher)

EDIT: Modified rpl.c to better handle composite endings; should be able to properly disassemble all composite objects properly except for secondaries that were intentionally not compiled to have SEMI terminators (e.g. SDB within Jazz, though this is the only case I can think of)

Edit: newer version available here: version 1.061

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-04-2015, 09:21 AM
Post: #6
RE: [HP4x] ROM Disassembly
(03-04-2015 08:19 AM)Bruno Wrote:  Thank you very much Han.
I'm pretty sure to finish the GX symbols file today Smile

If it's not too late, you may as well trim the symbol files to use only the HP names where there are duplicates. There's no point in having a large symbols table floating in memory while disassembling the ROM if we can reduce the size (and hence speed when searching for names).

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-04-2015, 10:22 AM (This post was last modified: 03-04-2015 10:25 AM by Bruno.)
Post: #7
RE: [HP4x] ROM Disassembly
Many thanks Han, what a great job Smile
I'm excited at the idea of fully disassemble the GX ROM.

I think we are the only interested in lol

About the duplicate symbols (Mika + HP), It's preatty easy to remove duplicates, I'll provide both.
The only reason I keep the mika's symbols was to help understanding an entry (2 different names to describe the same things)
Find all posts by this user
Quote this message in a reply
03-05-2015, 10:15 AM
Post: #8
RE: [HP4x] ROM Disassembly
I've encountered many difficulties with the GX symbols, so I needed a much clear SX symbols file:
I've updated the package see my firts post.

Now, GX symbols are coming soon.
Find all posts by this user
Quote this message in a reply
03-05-2015, 01:15 PM (This post was last modified: 03-05-2015 02:18 PM by Bruno.)
Post: #9
RE: [HP4x] ROM Disassembly
(03-05-2015 10:15 AM)Bruno Wrote:  Now, GX symbols are coming soon.

Done, see my first post.

I hope there are no mistakes Smile

[EDIT] [UPDATE1]

I would like to complete this symbols lists with the full RAM symbols,
anyone know where can I find the full RAM symbols for both the GX and the SX ?

A curiosity in the Mika's symbols: What is the correct GX entry for SysNib9 ?

Code:
80807,SysNib7
80808,SysNib8
80809,SysNib9
8080A,SysNib9
8080B,EDITLFLAG
8080B,SysNib10
8080C,ParenModFLAG
8080C,SysNib11
Find all posts by this user
Quote this message in a reply
03-05-2015, 02:12 PM
Post: #10
RE: [HP4x] ROM Disassembly
(03-05-2015 01:15 PM)Bruno Wrote:  
(03-05-2015 10:15 AM)Bruno Wrote:  Now, GX symbols are coming soon.

Done, see my first post.

I hope there are no mistakes Smile

[EDIT]

I would like to complete this symbols lists with the full RAM symbols,
anyone know where can I find the full RAM symbols for both the GX and the SX ?

A curiosity in the Mika's symbols: What is the correct GX entry for SysNib9 ?

Code:
80807,SysNib7
80808,SysNib8
80809,SysNib9
8080A,SysNib9
8080B,EDITLFLAG
8080B,SysNib10
8080C,ParenModFLAG
8080C,SysNib11

I can send you a copy of the RAM map (I believe what I have was for the GX since the project file was named charlemagne, and then simply modified with additions for the HP49G).

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-05-2015, 02:16 PM
Post: #11
RE: [HP4x] ROM Disassembly
Thank you Han, I will check your file with this one : http://www.hpcalc.org/details.php?id=5331

I've updated the GX Symbols files with this RAM entries. [UPDATE 2]
Find all posts by this user
Quote this message in a reply
03-05-2015, 02:27 PM (This post was last modified: 03-05-2015 03:16 PM by Han.)
Post: #12
RE: [HP4x] ROM Disassembly
It appears your entries files do not always properly identify the supported entries. For example, xKILL is a global name that should be listed as =xKILL and not :xKILL. If you leave it as xKILL then sadhp will disassemble this as PTR xKILL (due to it being considered "local"). If possible, please ensure that the supported entries are listed as =EntryName and not :EntryName

Edit: Mika's entries were likely partly generated by sad. His .symbols.gx lists xKILL with : and not = likely due to the fact that xKILL was a library command and libraries could possibly change positions in ROM. The hash tables within libraries makes it a non-issue from a user stand point.

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-05-2015, 03:02 PM (This post was last modified: 03-05-2015 03:17 PM by Bruno.)
Post: #13
RE: [HP4x] ROM Disassembly
Thank you for testing Smile
I've checked and, xKILL is not part of the supported entries list Sad
None of the User commands are part of the supported entries.

But I've updated the package. [UPDATE 3]
Find all posts by this user
Quote this message in a reply
03-05-2015, 09:20 PM
Post: #14
RE: [HP4x] ROM Disassembly
(03-05-2015 03:02 PM)Bruno Wrote:  Thank you for testing Smile
I've checked and, xKILL is not part of the supported entries list Sad
None of the User commands are part of the supported entries.

But I've updated the package. [UPDATE 3]

I stand corrected. You are right, they are not listed in the supported entries. I think the proper thing to do here is fix sadhp; my current source tree properly handles library commands, now.

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-09-2015, 03:13 PM
Post: #15
RE: [HP4x] ROM Disassembly
Interestingly, a lot of the entries listed as stable or supported are version dependent.

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-10-2015, 07:54 AM
Post: #16
RE: [HP4x] ROM Disassembly
In what file ? I think there are a bug in my Powershell script that generated the cross reference file, about the 'type' field.
Do you have some examples please ?
Find all posts by this user
Quote this message in a reply
03-10-2015, 08:10 AM (This post was last modified: 03-10-2015 08:11 AM by Bruno.)
Post: #17
RE: [HP4x] ROM Disassembly
Ouch, my apologies, I published a GX file without any translated addresses from the SX Sad
When I have more time, I'll re-upload the correct files.
Find all posts by this user
Quote this message in a reply
03-11-2015, 08:40 AM (This post was last modified: 03-11-2015 08:41 AM by Bruno.)
Post: #18
RE: [HP4x] ROM Disassembly
[UPDATE 4]

I corrected the GX files.
Find all posts by this user
Quote this message in a reply
03-11-2015, 06:23 PM (This post was last modified: 03-12-2015 12:06 AM by Han.)
Post: #19
RE: [HP4x] ROM Disassembly
(03-11-2015 08:40 AM)Bruno Wrote:  [UPDATE 4]

I corrected the GX files.

I'm currently at around #22000h within the ROM and have verified the addresses up to this point. I also have a very different layout of library #F0h -- the command numbers on the HP48GX are no longer the same as those on the HP48SX. Libraries #A1h through #A6h are still the keys for each shift plane (no shift, alpha shift, left, right, alpha-left, alpha-right, though I don't remember if this is the correct order). It appears the matrix editor (#EAh) has moved into covered ROM. Library #A8h is where all the softkey definitions are, #A9h is where all the menus are defined (mostly arrays of pointers or romptrs in #A8h)

I'll post my .symbols.gx file and updated version of sadhp once I get a bit further down the entries list. (It will be for ROM R only). I think once we have fully labeled all the entries then we could probably work on fully commenting the ROM.

I had (a long time ago) thought about creating a custom ROM for the HP48G series (see this link) and even got as far as designs for reworking the card ports so that one could do direct execution from covered ROM. A custom ROM chip would not be hard to implement (I'd test on an HP48G and not GX first). I should be as "simple" as building a daughter card that is connected to the card connector, minus a few pins that can be wired to switch between the original ROM or the custom ROM (either the CE or NCE line on the ROM chip; I forget whether that chip uses inverted signals for its card enable pin).

Maybe once we get fully commented source, this can actually be realized. Too bad I have long since lost my earlier work with respect to the .symbols.gx file and have to start over, now.

Graph 3D | QPI | SolveSys
Find all posts by this user
Quote this message in a reply
03-12-2015, 10:51 AM
Post: #20
RE: [HP4x] ROM Disassembly
(03-11-2015 06:23 PM)Han Wrote:  I'm currently at around #22000h within the ROM and have verified the addresses up to this point.

You are doing a great work, this will requiere a lot of time ! Thanks for sharing this.

(03-11-2015 06:23 PM)Han Wrote:  I also have a very different layout of library #F0h -- the command numbers on the HP48GX are no longer the same as those on the HP48SX.

I just tried to automate the addresses translation with very few checks, so it could contain some errors.

(03-11-2015 06:23 PM)Han Wrote:  I had (a long time ago) thought about creating a custom ROM for the HP48G series

Indeed, it's a real interesting project, I think anyone would like to customize the OS, me first Smile
Trying to understand each part of the RPL-OS is also one of my interest and passion Smile
I'll help you as much as I can, but my skills are limited. We'll see how far we can go, mostly depending on free times.

Bruno
Find all posts by this user
Quote this message in a reply
Post Reply 




User(s) browsing this thread: 3 Guest(s)