-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathsxb-hacker.lst
2389 lines (2306 loc) · 146 KB
/
sxb-hacker.lst
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Mon Jun 18 2018 21:48 Page 1
***************************************
** WDC 65C816 Macro Assembler **
** **
** Version 3.49.1- Feb 6 2006 **
***************************************
1 ;===============================================================================
2 ; ______ ______ _ _ _
3 ; / ___\ \/ / __ ) | | | | __ _ ___| | _____ _ __
4 ; \___ \\ /| _ \ _____| |_| |/ _` |/ __| |/ / _ \ '__|
5 ; ___) / \| |_) |_____| _ | (_| | (__| < __/ |
6 ; |____/_/\_\____/ |_| |_|\__,_|\___|_|\_\___|_|
7 ;
8 ; A program for Hacking your W65C265SXB or W65C816SXB
9 ;-------------------------------------------------------------------------------
10 ; Copyright (C),2015-2018 Andrew Jacobs
11 ; All rights reserved.
12 ;
13 ; This work is made available under the terms of the Creative Commons
14 ; Attribution-NonCommercial-ShareAlike 4.0 International license. Open the
15 ; following URL to see the details.
16 ;
17 ; http://creativecommons.org/licenses/by-nc-sa/4.0/
18 ;
19 ;===============================================================================
20 ; Notes:
21 ;
22 ; This program provides a simple monitor that you can use to inspect the memory
23 ; in your SXB and reprogram parts of the flash ROM.
24 ;
25 ;-------------------------------------------------------------------------------
26
27 pw 132
28 inclist on
29
30 chip 65816
31
32 ifdef W65C265SXB
33 include "w65c265.inc"
34 else
35 include "w65c816.inc"
1 ;==============================================================================
2 ; __ ____ ____ ____ ___ _ __
3 ; \ \ / / /_| ___| / ___( _ )/ |/ /_
4 ; \ \ /\ / / '_ \___ \| | / _ \| | '_ \
5 ; \ V V /| (_) |__) | |__| (_) | | (_) |
6 ; \_/\_/ \___/____/ \____\___/|_|\___/
7 ;
8 ; Western Design Center W65C816 device definitions
9 ;------------------------------------------------------------------------------
10 ; Copyright (C)2015 HandCoded Software Ltd.
11 ; All rights reserved.
12 ;
13 ; This work is made available under the terms of the Creative Commons
14 ; Attribution-NonCommercial-ShareAlike 4.0 International license. Open the
15 ; following URL to see the details.
16 ;
17 ; http://creativecommons.org/licenses/by-nc-sa/4.0/
Mon Jun 18 2018 21:48 Page 2
18 ;
19 ;===============================================================================
20 ; Notes:
21 ;
22 ; Various macros and definitions for the W65C816 microprocessor.
23 ;
24 ;===============================================================================
25 ; Revision History:
26 ;
27 ; 2015-12-18 AJ Initial version
28 ;-------------------------------------------------------------------------------
29 ; $Id$
30 ;-------------------------------------------------------------------------------
31
32 ;==============================================================================
33 ; Status Register Bits
34 ;------------------------------------------------------------------------------
35
36 00000080 N_FLAG equ 1<<7
37 00000040 V_FLAG equ 1<<6
38 00000020 M_FLAG equ 1<<5
39 00000010 X_FLAG equ 1<<4
40 00000010 B_FLAG equ 1<<4
41 00000008 D_FLAG equ 1<<3
42 00000004 I_FLAG equ 1<<2
43 00000002 Z_FLAG equ 1<<1
44 00000001 C_FLAG equ 1<<0
45
46 ;==============================================================================
47 ; Macros
48 ;------------------------------------------------------------------------------
49
50 ; Puts the processor in emulation mode. A, X and Y become 8-bits and the stack
51 ; is fixed at $0100-$01ff.
52
53 emulate macro
54 sec
55 xce
56 endm
57
58 ; Puts the processor in native mode. The size of the memory and index register
59 ; operations is not controlled by the M & X bits in the status register.
60
61 native macro
62 clc
63 xce
64 endm
65
66 ; Resets the M bit making the accumulator and memory accesses 16-bits wide.
67
68 long_a macro
69 rep #M_FLAG
70 longa on
71 endm
72
73 ; Resets the X bit making the index registers 16-bits wide
74
75 long_i macro
Mon Jun 18 2018 21:48 Page 3
76 rep #X_FLAG
77 longi on
78 endm
79
80 ; Resets the M and X bits making the accumulator, memory accesses and index
81 ; registers 16-bits wide.
82
83 long_ai macro
84 rep #M_FLAG|X_FLAG
85 longa on
86 longi on
87 endm
88
89 ; Sets the M bit making the accumulator and memory accesses 8-bits wide.
90
91 short_a macro
92 sep #M_FLAG
93 longa off
94 endm
95
96 ; Sets the X bit making the index registers 8-bits wide.
97
98 short_i macro
99 sep #X_FLAG
100 longi off
101 endm
102
103 ; Sets the M & X bits making the accumulator, memory accesses and index
104 ; registers 8-bits wide.
105
106 short_ai macro
107 sep #M_FLAG|X_FLAG
108 longa off
109 longi off
110 endm
36 endif
37
38 ;===============================================================================
39 ;-------------------------------------------------------------------------------
40
41 MNEM macro P,Q,R
42 dw ((((P-'@')<<5)|(Q-'@'))<<5)|(R-'@')
43 endm
44
45 ;===============================================================================
46 ; ASCII Character Codes
47 ;-------------------------------------------------------------------------------
48
49 00000001 SOH equ $01
50 00000004 EOT equ $04
51 00000006 ACK equ $06
52 00000007 BEL equ $07
53 00000008 BS equ $08
54 0000000A LF equ $0a
55 0000000D CR equ $0d
56 00000015 NAK equ $15
57 00000018 CAN equ $18
58 0000001B ESC equ $1b
Mon Jun 18 2018 21:48 Page 4
59 0000007F DEL equ $7f
60
61 ;===============================================================================
62 ;-------------------------------------------------------------------------------
63
64 00000000 OP_ADC equ 0<<1
65 00000002 OP_AND equ 1<<1
66 00000004 OP_ASL equ 2<<1
67 00000006 OP_BCC equ 3<<1
68 00000008 OP_BCS equ 4<<1
69 0000000A OP_BEQ equ 5<<1
70 0000000C OP_BIT equ 6<<1
71 0000000E OP_BMI equ 7<<1
72 00000010 OP_BNE equ 8<<1
73 00000012 OP_BPL equ 9<<1
74 00000014 OP_BRA equ 10<<1
75 00000016 OP_BRK equ 11<<1
76 00000018 OP_BRL equ 12<<1
77 0000001A OP_BVC equ 13<<1
78 0000001C OP_BVS equ 14<<1
79 0000001E OP_CLC equ 15<<1
80 00000020 OP_CLD equ 16<<1
81 00000022 OP_CLI equ 17<<1
82 00000024 OP_CLV equ 18<<1
83 00000026 OP_CMP equ 19<<1
84 00000028 OP_COP equ 20<<1
85 0000002A OP_CPX equ 21<<1
86 0000002C OP_CPY equ 22<<1
87 0000002E OP_DEC equ 23<<1
88 00000030 OP_DEX equ 24<<1
89 00000032 OP_DEY equ 25<<1
90 00000034 OP_EOR equ 26<<1
91 00000036 OP_INC equ 27<<1
92 00000038 OP_INX equ 28<<1
93 0000003A OP_INY equ 29<<1
94 0000003C OP_JML equ 30<<1
95 0000003E OP_JMP equ 31<<1
96 00000040 OP_JSL equ 32<<1
97 00000042 OP_JSR equ 33<<1
98 00000044 OP_LDA equ 34<<1
99 00000046 OP_LDX equ 35<<1
100 00000048 OP_LDY equ 36<<1
101 0000004A OP_LSR equ 37<<1
102 0000004C OP_MVN equ 38<<1
103 0000004E OP_MVP equ 39<<1
104 00000050 OP_NOP equ 40<<1
105 00000052 OP_ORA equ 41<<1
106 00000054 OP_PEA equ 42<<1
107 00000056 OP_PEI equ 43<<1
108 00000058 OP_PER equ 44<<1
109 0000005A OP_PHA equ 45<<1
110 0000005C OP_PHB equ 46<<1
111 0000005E OP_PHD equ 47<<1
112 00000060 OP_PHK equ 48<<1
113 00000062 OP_PHP equ 49<<1
114 00000064 OP_PHX equ 50<<1
115 00000066 OP_PHY equ 51<<1
116 00000068 OP_PLA equ 52<<1
Mon Jun 18 2018 21:48 Page 5
117 0000006A OP_PLB equ 53<<1
118 0000006C OP_PLD equ 54<<1
119 0000006E OP_PLP equ 55<<1
120 00000070 OP_PLX equ 56<<1
121 00000072 OP_PLY equ 57<<1
122 00000074 OP_REP equ 58<<1
123 00000076 OP_ROL equ 59<<1
124 00000078 OP_ROR equ 60<<1
125 0000007A OP_RTI equ 61<<1
126 0000007C OP_RTL equ 62<<1
127 0000007E OP_RTS equ 63<<1
128 00000080 OP_SBC equ 64<<1
129 00000082 OP_SEC equ 65<<1
130 00000084 OP_SED equ 66<<1
131 00000086 OP_SEI equ 67<<1
132 00000088 OP_SEP equ 68<<1
133 0000008A OP_STA equ 69<<1
134 0000008C OP_STP equ 70<<1
135 0000008E OP_STX equ 71<<1
136 00000090 OP_STY equ 72<<1
137 00000092 OP_STZ equ 73<<1
138 00000094 OP_TAX equ 74<<1
139 00000096 OP_TAY equ 75<<1
140 00000098 OP_TCD equ 76<<1
141 0000009A OP_TCS equ 77<<1
142 0000009C OP_TDC equ 78<<1
143 0000009E OP_TRB equ 79<<1
144 000000A0 OP_TSB equ 80<<1
145 000000A2 OP_TSC equ 81<<1
146 000000A4 OP_TSX equ 82<<1
147 000000A6 OP_TXA equ 83<<1
148 000000A8 OP_TXS equ 84<<1
149 000000AA OP_TXY equ 85<<1
150 000000AC OP_TYA equ 86<<1
151 000000AE OP_TYX equ 87<<1
152 000000B0 OP_WAI equ 88<<1
153 000000B2 OP_WDM equ 89<<1
154 000000B4 OP_XBA equ 90<<1
155 000000B6 OP_XCE equ 91<<1
156
157 00000000 MD_ABS equ 0<<1 ; a
158 00000002 MD_ACC equ 1<<1 ; A
159 00000004 MD_ABX equ 2<<1 ; a,x
160 00000006 MD_ABY equ 3<<1 ; a,y
161 00000008 MD_ALG equ 4<<1 ; al
162 0000000A MD_ALX equ 5<<1 ; al,x
163 0000000C MD_AIN equ 6<<1 ; (a)
164 0000000E MD_AIX equ 7<<1 ; (a,x)
165 00000010 MD_DPG equ 8<<1 ; d
166 00000012 MD_STK equ 9<<1 ; d,s
167 00000014 MD_DPX equ 10<<1 ; d,x
168 00000016 MD_DPY equ 11<<1 ; d,x
169 00000018 MD_DIN equ 12<<1 ; (d)
170 0000001A MD_DLI equ 13<<1 ; [d]
171 0000001C MD_SKY equ 14<<1 ; (d,s),y
172 0000001E MD_DIX equ 15<<1 ; (d,x)
173 00000020 MD_DIY equ 16<<1 ; (d),y
174 00000022 MD_DLY equ 17<<1 ; [d],y
Mon Jun 18 2018 21:48 Page 6
175 00000024 MD_IMP equ 18<<1 ;
176 00000026 MD_REL equ 19<<1 ; r
177 00000028 MD_RLG equ 20<<1 ; rl
178 0000002A MD_MOV equ 21<<1 ; xyc
179 0000002C MD_IMM equ 22<<1 ; # (A or M)
180 0000002E MD_INT equ 23<<1 ; # (BRK/COP/WDM)
181 00000030 MD_IMX equ 24<<1 ; # (X or Y)
182
183 ;===============================================================================
184 ; Data Areas
185 ;-------------------------------------------------------------------------------
186
187 page0
188 org $20
189
190 00:0020: FLAGS ds 1 ; Emulated processor flags
191 00:0021: BUFLEN ds 1 ; Command buffer length
192 00:0022: BANK ds 1 ; Memory bank
193
194 00:0023: ADDR_S ds 3 ; Start address
195 00:0026: ADDR_E ds 3 ; End address
196
197 00:0029: BLOCK ds 1 ; XMODEM block number
198 00:002A: RETRIES ds 1 ; Retry count
199 00:002B: SUM ds 1 ; Checksum
200
201 00:002C: TEMP ds 4 ; Scratch workspace
202
203 data
204 org $200
205
206 00:0200: BUFFER ds 128 ; Command buffer
207
208 ;===============================================================================
209 ; Initialisation
210 ;-------------------------------------------------------------------------------
211
212 code
213 public Start
214 extern UartRx
215 extern UartTx
216 extern UartRxTest
217 extern RomSelect
218 extern RomCheck
219 Start:
220 short_a ; Configure register sizes
+ 220 00:0000: E2 20 sep #M_FLAG
+ 220 longa off
221 long_i
+ 221 00:0002: C2 10 rep #X_FLAG
+ 221 longi on
222 00:0004: 20 xx xx jsr TxCRLF
223 00:0007: A2 xx xx ldx #TITLE ; Display application title
224 00:000A: 20 xx xx jsr TxStr
225
226 00:000D: 64 22 stz BANK ; Reset default bank
227
228 ;===============================================================================
Mon Jun 18 2018 21:48 Page 7
229 ; Command Processor
230 ;-------------------------------------------------------------------------------
231
232 NewCommand:
233 00:000F: 64 21 stz BUFLEN ; Clear the buffer
234 ShowCommand:
235 short_i
+ 235 00:0011: E2 10 sep #X_FLAG
+ 235 longi off
236 00:0013: 20 xx xx jsr TxCRLF ; Move to a new line
237
238 00:0016: A9 2E lda #'.' ; Output the prompt
239 00:0018: 20 xx xx jsr UartTx
240
241 00:001B: A2 00 ldx #0
242 00:001D: E4 21 DisplayCmd: cpx BUFLEN ; Any saved characters
243 00:001F: F0 0E beq ReadCommand
244 00:0021: BD 00 02 lda BUFFER,x ; Yes, display them
245 00:0024: 20 xx xx jsr UartTx
246 00:0027: E8 inx
247 00:0028: 80 F3 bra DisplayCmd
248
249 RingBell:
250 00:002A: A9 07 lda #BEL ; Make a beep
251 00:002C: 20 xx xx jsr UartTx
252
253 ReadCommand:
254 00:002F: 20 xx xx jsr UartRx ; Wait for character
255
256 00:0032: C9 1B cmp #ESC ; Cancel input?
257 00:0034: F0 D9 beq NewCommand ; Yes, clear and restart
258 00:0036: C9 0D cmp #CR ; End of command?
259 00:0038: F0 2D beq ProcessCommand ; Yes, start processing
260
261 00:003A: C9 08 cmp #BS ; Back space?
262 00:003C: F0 15 beq BackSpace
263 00:003E: C9 7F cmp #DEL ; Delete?
264 00:0040: F0 11 beq BackSpace
265
266 00:0042: C9 20 cmp #' ' ; Printable character
267 00:0044: 90 E4 bcc RingBell ; No.
268 00:0046: C9 7F cmp #DEL
269 00:0048: B0 E0 bcs RingBell ; No.
270 00:004A: 9D 00 02 sta BUFFER,x ; Save the character
271 00:004D: E8 inx
272 00:004E: 20 xx xx jsr UartTx ; Echo it and repeat
273 00:0051: 80 DC bra ReadCommand
274
275 BackSpace:
276 00:0053: E0 00 cpx #0 ; Buffer empty?
277 00:0055: F0 D3 beq RingBell ; Yes, beep and continue
278 00:0057: CA dex ; No, remove last character
279 00:0058: A9 08 lda #BS
280 00:005A: 20 xx xx jsr UartTx
281 00:005D: 20 xx xx jsr TxSpace
282 00:0060: A9 08 lda #BS
283 00:0062: 20 xx xx jsr UartTx
284 00:0065: 80 C8 bra ReadCommand ; And retry
Mon Jun 18 2018 21:48 Page 8
285
286 ProcessCommand:
287 00:0067: 86 21 stx BUFLEN ; Save final length
288 00:0069: A0 00 ldy #0 ; Load index for start
289
290 00:006B: 20 xx xx jsr SkipSpaces ; Fetch command character
291 00:006E: B0 9F bcs NewCommand ; None, empty command
292
293 ;===============================================================================
294 ; B - Select Memory Bank
295 ;-------------------------------------------------------------------------------
296
297 00:0070: C9 42 cmp #'B' ; Select memory bank?
298 00:0072: D0 0D bne NotMemoryBank
299
300 00:0074: A2 22 ldx #BANK ; Parse bank
301 00:0076: 20 xx xx jsr GetByte
302 00:0079: 90 03 bcc $+5
303 00:007B: 4C xx xx jmp ShowError
304 00:007E: 4C xx xx jmp NewCommand
305 NotMemoryBank:
306
307 ;===============================================================================
308 ; D - Disassemble Memory
309 ;-------------------------------------------------------------------------------
310
311 00:0081: C9 44 cmp #'D' ; Memory display?
312 00:0083: D0 78 bne NotDisassemble
313
314 00:0085: A2 23 ldx #ADDR_S ; Parse start address
315 00:0087: 20 xx xx jsr GetAddr
316 00:008A: 90 03 bcc $+5
317 00:008C: 4C xx xx jmp ShowError
318 00:008F: A2 26 ldx #ADDR_E ; Parse end address
319 00:0091: 20 xx xx jsr GetAddr
320 00:0094: 90 03 bcc $+5
321 00:0096: 4C xx xx jmp ShowError
322
323 00:0099: 08 php
324 00:009A: 68 pla
325 00:009B: 85 20 sta FLAGS
326
327 Disassemble:
328 00:009D: 20 xx xx jsr TxCRLF
329 00:00A0: A5 25 lda ADDR_S+2 ; Show memory address
330 00:00A2: 20 xx xx jsr TxHex2
331 00:00A5: A9 3A lda #':'
332 00:00A7: 20 xx xx jsr UartTx
333 00:00AA: A5 24 lda ADDR_S+1
334 00:00AC: 20 xx xx jsr TxHex2
335 00:00AF: A5 23 lda ADDR_S+0
336 00:00B1: 20 xx xx jsr TxHex2
337 00:00B4: 20 xx xx jsr TxSpace
338
339 00:00B7: 20 xx xx jsr TxCodeBytes ; Show code bytes
340 00:00BA: 20 xx xx jsr TxSymbolic ; And instruction
341
342 00:00BD: A7 23 lda [ADDR_S] ; Fetch opcode again
Mon Jun 18 2018 21:48 Page 9
343 00:00BF: 48 pha
344 00:00C0: A0 01 ldy #1
345
346 00:00C2: C9 18 cmp #$18 ; CLC?
347 00:00C4: D0 04 bne NotCLC
348 00:00C6: A9 01 lda #C_FLAG
349 00:00C8: 80 0E bra DoREP
350 NotCLC:
351 00:00CA: C9 38 cmp #$38 ; SEC?
352 00:00CC: D0 04 bne NotSEC
353 00:00CE: A9 01 lda #C_FLAG
354 00:00D0: 80 10 bra DoSEP
355 NotSEC:
356 00:00D2: C9 C2 cmp #$c2 ; REP?
357 00:00D4: D0 06 bne NotREP
358 00:00D6: B7 23 lda [ADDR_S],Y
359 00:00D8: 14 20 DoREP: trb FLAGS
360 00:00DA: 80 08 bra NextOpcode
361 NotREP:
362 00:00DC: C9 E2 cmp #$e2 ; SEP?
363 00:00DE: D0 04 bne NextOpcode
364 00:00E0: B7 23 lda [ADDR_S],Y
365 00:00E2: 04 20 DoSEP: tsb FLAGS
366
367 NextOpcode:
368 00:00E4: 68 pla
369 00:00E5: 20 xx xx jsr OpcodeSize
370
371 00:00E8: 18 clc
372 00:00E9: 65 23 adc ADDR_S+0 ; And move start address on
373 00:00EB: 85 23 sta ADDR_S+0
374 00:00ED: 90 02 bcc $+4
375 00:00EF: E6 24 inc ADDR_S+1
376
377 00:00F1: 38 sec ; Exceeded the end address?
378 00:00F2: E5 26 sbc ADDR_E+0
379 00:00F4: A5 24 lda ADDR_S+1
380 00:00F6: E5 27 sbc ADDR_E+1
381 00:00F8: 30 A3 bmi Disassemble ; No, show more
382
383 00:00FA: 4C xx xx jmp NewCommand ; Done
384 NotDisassemble:
385
386 ;===============================================================================
387 ; E - Erase ROM bank
388 ;-------------------------------------------------------------------------------
389
390 00:00FD: C9 45 cmp #'E' ; Erase bank?
391 00:00FF: D0 45 bne NotEraseBank
392
393 00:0101: 20 xx xx jsr CheckSafe
394
395 ifdef W65C265SXB
396 lda BCR ; Save mask rom state
397 pha
398 lda #$80 ; Then ensure disabled
399 tsb BCR
400 endif
Mon Jun 18 2018 21:48 Page 10
401
402 00:0104: A9 00 lda #$00 ; Set start address
403 00:0106: 85 23 sta ADDR_S+0
404 00:0108: A9 80 lda #$80
405 00:010A: 85 24 sta ADDR_S+1
406 EraseLoop:
407 00:010C: A9 AA lda #$aa ; Unlock flash
408 00:010E: 8D 55 D5 sta $8000+$5555
409 00:0111: A9 55 lda #$55
410 00:0113: 8D AA AA sta $8000+$2aaa
411 00:0116: A9 80 lda #$80 ; Signal erase
412 00:0118: 8D 55 D5 sta $8000+$5555
413 00:011B: A9 AA lda #$aa
414 00:011D: 8D 55 D5 sta $8000+$5555
415 00:0120: A9 55 lda #$55
416 00:0122: 8D AA AA sta $8000+$2aaa
417 00:0125: A9 30 lda #$30 ; Sector erase
418 00:0127: 92 23 sta (ADDR_S)
419
420 EraseWait:
421 00:0129: B2 23 lda (ADDR_S) ; Wait for erase to finish
422 00:012B: C9 FF cmp #$FF
423 00:012D: D0 FA bne EraseWait
424
425 00:012F: 18 clc ; Move to next sector
426 00:0130: A5 24 lda ADDR_S+1
427 00:0132: 69 10 adc #$10
428 00:0134: 85 24 sta ADDR_S+1
429 00:0136: 90 D4 bcc EraseLoop ; Repeat until end of memory
430
431 ifdef W65C265SXB
432 pla ; Restore mask ROM state
433 sta BCR
434 endif
435
436 00:0138: 4C xx xx jmp NewCommand ; And start over
437
438 EraseFailed:
439 long_i ; Warn that erase failed
+ 439 00:013B: C2 10 rep #X_FLAG
+ 439 longi on
440 00:013D: A2 xx xx ldx #ERASE_FAILED
441 00:0140: 20 xx xx jsr TxStr
442 longi off
443 00:0143: 4C xx xx jmp NewCommand ; And start over
444 NotEraseBank:
445
446 ;===============================================================================
447 ; F - WDC Mask ROM Enable/Disable
448 ;-------------------------------------------------------------------------------
449
450 ifdef W65C265SXB
451 cmp #'F'
452 bne NotMaskROM
453
454 jsr SkipSpaces ; Find first argument
455 bcs MaskFail ; Success?
456
Mon Jun 18 2018 21:48 Page 11
457 cmp #'0' ; Check bank is 0..3
458 beq MaskOff
459 cmp #'1'
460 beq MaskOn
461 MaskFail:
462 jmp ShowError
463
464 MaskOn:
465 lda #$80 ; Enable mask ROM
466 trb BCR
467 jmp NewCommand
468
469 MaskOff:
470 lda #$80 ; Disable mask ROM
471 tsb BCR
472 jmp NewCommand
473
474 NotMaskROM:
475 endif
476
477 ;===============================================================================
478 ; G - Goto
479 ;-------------------------------------------------------------------------------
480
481 00:0146: C9 47 cmp #'G' ; Invoke code
482 00:0148: D0 0D bne NotGoto
483
484 00:014A: A2 23 ldx #ADDR_S ; Parse execution address
485 00:014C: 20 xx xx jsr GetAddr
486 00:014F: B0 03 bcs $+5
487 00:0151: DC 23 00 jmp [ADDR_S] ; Run from address
488 00:0154: 6C FC FF jmp ($FFFC) ; Otherwise reset
489 NotGoto:
490
491 ;===============================================================================
492 ; H - Hunt for RAM
493 ;-------------------------------------------------------------------------------
494
495 00:0157: C9 48 cmp #'H' ; Hunt for RAM
496 00:0159: F0 03 beq $+5
497 00:015B: 4C xx xx jmp NotHunt
498
499 00:015E: 64 23 stz ADDR_S+0 ; Start at $00:0000
500 00:0160: 64 24 stz ADDR_S+1
501 00:0162: 64 25 stz ADDR_S+2
502
503 HuntStart:
504 00:0164: A7 23 lda [ADDR_S] ; Is byte is writeable?
505 00:0166: 48 pha
506 00:0167: 49 FF eor #$ff
507 00:0169: 87 23 sta [ADDR_S]
508 00:016B: C7 23 cmp [ADDR_S]
509 00:016D: F0 11 beq HuntFound ; Yes
510
511 00:016F: 68 pla
512 00:0170: 18 clc ; Try the next block
513 00:0171: A5 24 lda ADDR_S+1
514 00:0173: 69 10 adc #$10
Mon Jun 18 2018 21:48 Page 12
515 00:0175: 85 24 sta ADDR_S+1
516 00:0177: 90 EB bcc HuntStart
517 00:0179: E6 25 inc ADDR_S+2
518 00:017B: D0 E7 bne HuntStart
519 00:017D: 4C xx xx jmp NewCommand ; Reached end of RAM
520
521 HuntFound:
522 00:0180: 20 xx xx jsr TxCRLF
523 00:0183: A5 25 lda ADDR_S+2 ; Print start address
524 00:0185: 20 xx xx jsr TxHex2
525 00:0188: A9 3A lda #':'
526 00:018A: 20 xx xx jsr UartTx
527 00:018D: A5 24 lda ADDR_S+1
528 00:018F: 20 xx xx jsr TxHex2
529 00:0192: A5 23 lda ADDR_S+0
530 00:0194: 20 xx xx jsr TxHex2
531
532 00:0197: A9 2D lda #'-'
533 00:0199: 20 xx xx jsr UartTx
534
535 HuntEnd:
536 00:019C: 68 pla ; Restore memory bytes
537 00:019D: 87 23 sta [ADDR_S]
538 00:019F: 18 clc ; Try the next block
539 00:01A0: A5 24 lda ADDR_S+1
540 00:01A2: 69 10 adc #$10
541 00:01A4: 85 24 sta ADDR_S+1
542 00:01A6: 90 04 bcc HuntNext
543 00:01A8: E6 25 inc ADDR_S+2
544 00:01AA: F0 2D beq HuntDone
545
546 HuntNext
547 00:01AC: A7 23 lda [ADDR_S] ; Is byte is writeable?
548 00:01AE: 48 pha
549 00:01AF: 49 FF eor #$ff
550 00:01B1: 87 23 sta [ADDR_S]
551 00:01B3: C7 23 cmp [ADDR_S]
552 00:01B5: F0 E5 beq HuntEnd ; Yes, keep looking
553
554 00:01B7: 68 pla
555 00:01B8: 38 sec ; Print end address
556 00:01B9: A5 23 lda ADDR_S+0
557 00:01BB: E9 01 sbc #1
558 00:01BD: 48 pha
559 00:01BE: A5 24 lda ADDR_S+1
560 00:01C0: E9 00 sbc #0
561 00:01C2: 48 pha
562 00:01C3: A5 25 lda ADDR_S+2
563 00:01C5: E9 00 sbc #0
564 00:01C7: 20 xx xx jsr TxHex2
565 00:01CA: A9 3A lda #':'
566 00:01CC: 20 xx xx jsr UartTx
567 00:01CF: 68 pla
568 00:01D0: 20 xx xx jsr TxHex2
569 00:01D3: 68 pla
570 00:01D4: 20 xx xx jsr TxHex2
571 00:01D7: 80 8B bra HuntStart
572
Mon Jun 18 2018 21:48 Page 13
573 HuntDone:
574 00:01D9: A9 FF lda #$ff ; Pring FF:FFFF
575 00:01DB: 48 pha
576 00:01DC: 48 pha
577 00:01DD: 20 xx xx jsr TxHex2
578 00:01E0: A9 3A lda #':'
579 00:01E2: 20 xx xx jsr UartTx
580 00:01E5: 68 pla
581 00:01E6: 20 xx xx jsr TxHex2
582 00:01E9: 68 pla
583 00:01EA: 20 xx xx jsr TxHex2
584 00:01ED: 4C xx xx jmp NewCommand
585 NotHunt:
586
587 ;===============================================================================
588 ; M - Display Memory
589 ;-------------------------------------------------------------------------------
590
591 00:01F0: C9 4D cmp #'M' ; Memory display?
592 00:01F2: D0 70 bne NotMemoryDisplay
593
594 00:01F4: A2 23 ldx #ADDR_S ; Parse start address
595 00:01F6: 20 xx xx jsr GetAddr
596 00:01F9: 90 03 bcc $+5
597 00:01FB: 4C xx xx jmp ShowError
598 00:01FE: A2 26 ldx #ADDR_E ; Parse end address
599 00:0200: 20 xx xx jsr GetAddr
600 00:0203: 90 03 bcc $+5
601 00:0205: 4C xx xx jmp ShowError
602
603 DisplayMemory:
604 00:0208: 20 xx xx jsr TxCRLF
605 00:020B: A5 25 lda ADDR_S+2 ; Show memory address
606 00:020D: 20 xx xx jsr TxHex2
607 00:0210: A9 3A lda #':'
608 00:0212: 20 xx xx jsr UartTx
609 00:0215: A5 24 lda ADDR_S+1
610 00:0217: 20 xx xx jsr TxHex2
611 00:021A: A5 23 lda ADDR_S+0
612 00:021C: 20 xx xx jsr TxHex2
613
614 00:021F: A0 00 ldy #0 ; Show sixteen bytes of data
615 00:0221: 20 xx xx ByteLoop: jsr TxSpace
616 00:0224: B7 23 lda [ADDR_S],y
617 00:0226: 20 xx xx jsr TxHex2
618 00:0229: C8 iny
619 00:022A: C0 10 cpy #16
620 00:022C: D0 F3 bne ByteLoop
621
622 00:022E: 20 xx xx jsr TxSpace
623 00:0231: A9 7C lda #'|'
624 00:0233: 20 xx xx jsr UartTx
625 00:0236: A0 00 ldy #0 ; Show sixteen characters
626 00:0238: B7 23 CharLoop: lda [ADDR_S],Y
627 00:023A: 20 xx xx jsr IsPrintable
628 00:023D: B0 02 bcs $+4
629 00:023F: A9 2E lda #'.'
630 00:0241: 20 xx xx jsr UartTx
Mon Jun 18 2018 21:48 Page 14
631 00:0244: C8 iny
632 00:0245: C0 10 cpy #16
633 00:0247: D0 EF bne CharLoop
634 00:0249: A9 7C lda #'|'
635 00:024B: 20 xx xx jsr UartTx
636
637 00:024E: 18 clc ; Bump the display address
638 00:024F: 98 tya
639 00:0250: 65 23 adc ADDR_S+0
640 00:0252: 85 23 sta ADDR_S+0
641 00:0254: 90 02 bcc $+4
642 00:0256: E6 24 inc ADDR_S+1
643
644 00:0258: 38 sec ; Exceeded the end address?
645 00:0259: E5 26 sbc ADDR_E+0
646 00:025B: A5 24 lda ADDR_S+1
647 00:025D: E5 27 sbc ADDR_E+1
648 00:025F: 30 A7 bmi DisplayMemory ; No, show more
649
650 00:0261: 4C xx xx jmp NewCommand
651 NotMemoryDisplay:
652
653 ;===============================================================================
654 ; R - Select ROM Bank
655 ;-------------------------------------------------------------------------------
656
657 00:0264: C9 52 cmp #'R' ; ROM Bank?
658 00:0266: D0 16 bne NotROMBank ; No
659
660 00:0268: 20 xx xx jsr SkipSpaces ; Find first argument
661 00:026B: 90 03 bcc $+5 ; Success?
662 00:026D: 4C xx xx BankFail: jmp ShowError ; No
663
664 00:0270: C9 30 cmp #'0' ; Check bank is 0..3
665 00:0272: 90 F9 bcc BankFail
666 00:0274: C9 34 cmp #'3'+1
667 00:0276: B0 F5 bcs BankFail
668
669 00:0278: 20 xx xx jsr RomSelect ; Switch ROM banks
670 00:027B: 4C xx xx jmp NewCommand ; Done
671 NotROMBank:
672
673 ;===============================================================================
674 ; S - S19 Record
675 ;-------------------------------------------------------------------------------
676
677 00:027E: C9 53 cmp #'S' ; S19?
678 00:0280: F0 03 beq $+5
679 00:0282: 4C xx xx jmp NotS19
680
681 00:0285: 20 xx xx jsr NextChar ; Get record type
682 00:0288: B0 75 bcs S19Fail
683 00:028A: C9 31 cmp #'1' ; Only process type 1
684 00:028C: D0 6E bne S19Done
685
686 00:028E: A2 26 ldx #ADDR_E ; Get byte count
687 00:0290: 20 xx xx jsr GetByte
688 00:0293: B0 6A bcs S19Fail
Mon Jun 18 2018 21:48 Page 15
689 00:0295: A5 26 lda ADDR_E ; Use as initial checksum
690 00:0297: 85 2B sta SUM
691 00:0299: C6 26 dec ADDR_E
692 00:029B: F0 62 beq S19Fail
693
694 00:029D: A2 23 ldx #ADDR_S ; Get address
695 00:029F: 20 xx xx jsr GetAddr
696 00:02A2: B0 5B bcs S19Fail
697 00:02A4: A5 23 lda ADDR_S+0 ; Add to checksum
698 00:02A6: 65 24 adc ADDR_S+1
699 00:02A8: 18 clc
700 00:02A9: 65 2B adc SUM
701 00:02AB: 85 2B sta SUM
702 00:02AD: C6 26 dec ADDR_E
703 00:02AF: F0 4E beq S19Fail
704 00:02B1: C6 26 dec ADDR_E
705 00:02B3: F0 4A beq S19Fail
706
707 S19Load:
708 00:02B5: A2 2C ldx #TEMP ; Fetch a data byte
709 00:02B7: 20 xx xx jsr GetByte
710 00:02BA: B0 43 bcs S19Fail
711 00:02BC: A5 2C lda TEMP
712 00:02BE: 65 2B adc SUM
713 00:02C0: 85 2B sta SUM
714 00:02C2: C6 26 dec ADDR_E
715 00:02C4: F0 39 beq S19Fail
716
717 00:02C6: A5 25 lda ADDR_S+2 ; Writing to ROM?
718 00:02C8: D0 13 bne WriteS19 ; No
719 00:02CA: A5 24 lda ADDR_S+1
720 00:02CC: 10 0F bpl WriteS19 ; No
721
722 ifdef W65C265SXB
723 cmp #$df ; Register page?
724 beq NoWrite
725 endif
726
727 00:02CE: A9 AA lda #$aa ; Yes, unlock flash
728 00:02D0: 8D 55 D5 sta $8000+$5555
729 00:02D3: A9 55 lda #$55
730 00:02D5: 8D AA AA sta $8000+$2aaa
731 00:02D8: A9 A0 lda #$a0 ; Start byte write
732 00:02DA: 8D 55 D5 sta $8000+$5555
733 WriteS19:
734 00:02DD: A5 2C lda TEMP ; Write the value
735 00:02DF: 87 23 sta [ADDR_S]
736
737 NoWrite:
738 00:02E1: E6 23 inc ADDR_S+0 ; Bump address by one
739 00:02E3: D0 02 bne $+4
740 00:02E5: E6 24 inc ADDR_S+1
741
742 00:02E7: A5 26 lda ADDR_E ; Reached checksum?
743 00:02E9: C9 01 cmp #1
744 00:02EB: D0 C8 bne S19Load
745
746 00:02ED: A2 2C ldx #TEMP ; Yes, read it
Mon Jun 18 2018 21:48 Page 16
747 00:02EF: 20 xx xx jsr GetByte
748 00:02F2: B0 0B bcs S19Fail
749 00:02F4: A5 2C lda TEMP
750 00:02F6: 65 2B adc SUM
751 00:02F8: C9 FF cmp #$ff ; Checksum correct?
752 00:02FA: D0 03 bne S19Fail
753
754 00:02FC: 4C xx xx S19Done: jmp NewCommand ; Get
755
756 S19Fail:
757 long_i ; Display error message
+ 757 00:02FF: C2 10 rep #X_FLAG
+ 757 longi on
758 00:0301: A2 xx xx ldx #INVALID_S19
759 00:0304: 20 xx xx jsr TxStr
760 longi off
761 00:0307: 4C xx xx jmp NewCommand ; And start over
762 NotS19:
763
764 ;===============================================================================
765 ; W - Write memory
766 ;-------------------------------------------------------------------------------
767
768 00:030A: C9 57 cmp #'W' ; Write memory?
769 00:030C: D0 58 bne NotWrite
770
771 00:030E: A2 23 ldx #ADDR_S ; Parse start address
772 00:0310: 20 xx xx jsr GetAddr
773 00:0313: 90 03 bcc $+5
774 00:0315: 4C xx xx jmp ShowError
775
776 00:0318: 24 24 bit ADDR_S+1 ; Load into ROM area?
777 00:031A: 10 03 bpl $+5
778 00:031C: 20 xx xx jsr CheckSafe ; Yes, check selection
779
780 00:031F: A2 26 ldx #ADDR_E ; Parse value byte
781 00:0321: 20 xx xx jsr GetByte ; Is there a value?
782 00:0324: 90 03 bcc $+5
783 00:0326: 4C xx xx jmp NewCommand ; No.
784
785 00:0329: A5 25 lda ADDR_S+2 ; Writing to ROM?
786 00:032B: D0 13 bne WriteMemory ; No
787 00:032D: 24 24 bit ADDR_S+1
788 00:032F: 10 0F bpl WriteMemory ; No
789
790 00:0331: A9 AA lda #$aa ; Yes, unlock flash
791 00:0333: 8D 55 D5 sta $8000+$5555
792 00:0336: A9 55 lda #$55
793 00:0338: 8D AA AA sta $8000+$2aaa
794 00:033B: A9 A0 lda #$a0 ; Start byte write
795 00:033D: 8D 55 D5 sta $8000+$5555
796 WriteMemory:
797 00:0340: A5 26 lda ADDR_E ; Write the value
798 00:0342: 87 23 sta [ADDR_S]
799
800 00:0344: E6 23 inc ADDR_S+0 ; Bump address by one
801 00:0346: D0 02 bne $+4
802 00:0348: E6 24 inc ADDR_S+1
Mon Jun 18 2018 21:48 Page 17
803
804 00:034A: A9 57 lda #'W' ; Build command for next byte
805 00:034C: 20 xx xx jsr StartCommand
806 00:034F: A9 20 lda #' '
807 00:0351: 20 xx xx jsr BuildCommand
808 00:0354: A5 24 lda ADDR_S+1 ; Add the next address
809 00:0356: 20 xx xx jsr BuildByte
810 00:0359: A5 23 lda ADDR_S+0
811 00:035B: 20 xx xx jsr BuildByte
812 00:035E: A9 20 lda #' '
813 00:0360: 20 xx xx jsr BuildCommand
814 00:0363: 4C xx xx jmp ShowCommand ; And prompt for data
815
816 NotWrite:
817
818 ;===============================================================================
819 ; X - XMODEM Receive
820 ;-------------------------------------------------------------------------------
821
822 00:0366: C9 58 cmp #'X' ; XModem upload?
823 00:0368: F0 03 beq $+5 ; Yes.