help writing an whdload install for Brian the Lion Demo needed

[Joe Maroni]

i´ve tried to write a slave to support the demo version of Brian the Lion months ago...maybe Codetapper remember this, after i asked for some help.

but i didn´t really understand what the bootprog really do...

now i´ve restarted it and it seems that i´m still too stupid for it...

first i reassembled the bootblock, without the first 12 bytes (disktype, checksum, rootblock pointer)

this is what i´ve already understand:

Quote:

EXT_0000 EQU $0
ABSEXECBASE EQU $4
ILLEG_OPC EQU $10
EXT_0003 EQU $16
EXT_0004 EQU $40
EXT_0005 EQU $44
EXT_0006 EQU $48
EXT_0007 EQU $4C
EXT_0008 EQU $58
EXT_0009 EQU $5A
EXT_000A EQU $5E
TRAP_01 EQU $80
TRAP_02 EQU $84
TRAP_03 EQU $88
TRAP_09 EQU $A0
TRAP_10 EQU $A4
EXT_0010 EQU $CC
EXT_0011 EQU $D0
EXT_0012 EQU $D4
EXT_0013 EQU $D8
EXT_0014 EQU $E0
EXT_0015 EQU $64F
EXT_0016 EQU $800
EXT_0017 EQU $1000
EXT_0018 EQU $7F00
EXT_0019 EQU $7A000
EXT_001A EQU $A0000
CIAB_PRA EQU $BFD000
CIAB_PRB EQU $BFD100
CIAA_PRA EQU $BFE001
HARDBASE EQU $DFF000
EXT_001F EQU $1570035
EXT_0020 EQU $FFFFEB07




SECTION S_0,CODE

SECSTRT_0:
CLR.L (EXT_0004).W ------------
CLR.L (EXT_0005).W
CLR.L (EXT_0006).W clear
CLR.L (EXT_0007).W variables
CLR (EXT_000A).W
CLR.L (EXT_0014).W ------------
MOVEA.L (ABSEXECBASE).W,A6 move execbase to A6
LEA 322(A6),A6 load adress of pointer of MemList (offset $142 in ExecBaseStruct)
ExecBaseStruct starts at $676 (512 k Chip) or $C00276 (1 MB Chip)
lets do it with 1MB, and now A6 contains C00368
MOVEA.L (A6),A0 move the value that is stored at $C00368 to A0


MOVE.B 15(A0),D2 pointer to the first MemChunk struct...??
MOVE.L 20(A0),D0 points to memory start of the above MemChunk...??
MOVE.L 24(A0),D1 points to memory end of the above MemChunk...??
ANDI.L #$FFF80000,D0 AND the value $FFF80000 to the memory start adress to be sure you have $80000 bytes free
CMP.B #$03,D2 check if the MemChunk is ChipRam...??
BNE.S LAB_0000 if not branch to LAB_0000
MOVE.L #$00080000,D0 otherwise move $80000 to D0

LAB_0000:
MOVE.L D0,(EXT_0012).W move memory start pointer to $D4
MOVE.L #$00000800,(EXT_0013).W move $800 to absolute adress $D8
LEA LAB_0001(PC),A0 load adress of LAB_0001 to A0
MOVE.L A0,(TRAP_01).W send adress to TRAP #0 vector
TRAP #0 cause an exception and start again at $80

LAB_0001:
LEA LAB_0002(PC),A0 set LAB_0002 adress to A0
MOVE.L A0,(ILLEG_OPC).W now put this adress to $10
DC.W $4E7A --------------------------------------------------
DC.W $0002 this code seems to be illegal, no reassembler was
ANDI #$FFFE,D0 possible to reassemble this...!?
DC.W $4E7B continue with next label...
DC.W $0002 --------------------------------------------------
LAB_0002:
LEA (EXT_0016).W,A7 setup stack to $800
BSR LAB_0003 branch to label LAB_0003 and see what happens
MOVEA.L (EXT_0012).W,A1 move value $D4 to A1
ADDA.L #$0007DE00,A1 ADD $0007DE00 to A1 = $7DED4
MOVEQ #16,D0 move $16 to D0
MOVEQ #6,D1 move $6 to D1
MOVEQ #0,D2 move $0 to D2
TRAP #1 Trap -> go to LAB_0004
MOVEA.L (EXT_0012).W,A1
ADDA.L #$0007DE00,A1
JMP (A1)

LAB_0003:
LEA LAB_0027(PC),A0 load adress of variable LAB_0027 to A0
MOVE.L #$FFFF0000,14(A0) move $FFFF0000 to LAB_0027 + $14
LEA HARDBASE,A6 load custom chip base to A6
MOVE #$7FFF,D0 move $7FFF (%1111111111111111) to D0
MOVE D0,154(A6) ------------------------------------
MOVE D0,158(A6) disable Interrupts(INTENA),Disk(ADKCON),DMA(DMACON)
MOVE D0,150(A6) ------------------------------------
MOVE #$0000,384(A6) set background black
MOVE #$4489,126(A6) $4489 -> DSKSYNC
MOVE #$9500,158(A6) set %1001010100000000 to ADKCON
bit 15 - set bits
bit 14 - first precompensation specifier 00 = none
bit 13 - second precompensation specifier 00 = none
bit 12 - 1 = MFM precompensation
bit 11 - not used for disk
bit 10 - enables sync and start DMA
bit 9 - used for GCR...??
bit 8 - write speed setup -> 1 for MFM
bit 7 - 0 only used for audio

MOVE #$8210,150(A6) set %1000001000010000 to DMACON
bit 15 - set bits
bit 14 - read-only
bit 13 - read-only
bit 12 - unused
bit 11 - unused
bit 10 - 1 = blitter hasn´t full priority over CPU
bit 9 - enable all DMA (bits 8-0)
bit 5 - disable Sprite DMA...??

LEA LAB_0004(PC),A0 load adress of LAB_0004 to A0
MOVE.L A0,(TRAP_02).W load this adress to Trap vector $84
LEA CIAB_PRA,A0 put CIA B base adress to A0
MOVE.B #$03,4609(A0) Direction for Port A ???
MOVE.B #$FF,512(A0) Direction for Port A ???
MOVE.B #$FF,768(A0) Direction for Port B ???
RTS return from subroutine

LAB_0004:
BSR.S LAB_0007 branch to label LAB_0007
LEA LAB_0027(PC),A5
LEA EXT_0019,A0
MOVE.L A1,0(A5)
MOVE.B #$08,3840(A3)
ADD D1,D0
SUBQ #1,D0
EXT.L D1
DIVU #$000B,D1
MOVE.L D1,6(A5)
EXT.L D0
DIVU #$000B,D0
MOVE.L D0,10(A5)
BSR LAB_001C
TST 14(A5)
BPL.S LAB_0006
CLR 14(A5)
LAB_0005:
BTST #4,(A3)
BEQ.S LAB_0006
BSR LAB_0024
BRA.S LAB_0005

LAB_0006:
BSR LAB_001C
BSR.S LAB_0008
BSR LAB_001F
SWAP D1
ROR #7,D1
SUBA D1,A1
MOVE.L A1,0(A5)
BSR.S LAB_0008
MOVE 14(A5),D0
BSR.S LAB_000A
MOVE.B #$F9,(A4)
MOVE.B #$81,(A4)
RTE

LAB_0007:
LEA CIAA_PRA,A3 load CIA A base to A3
LEA -3841(A3),A4 $BFE001 - $F01 = $BFD100 -> A4
LEA HARDBASE,A6 load DFF000 to A6
RTS return to where we came from

please lets do everything step by step that everybody can understand what happens...

[BippyM]

Moved to coders/tutorials as I feel this may turn into a tutorial on WHDInstalling

[Galahad/FLT]

What is it with Tutorials. Ok, I'll do a DD2 tutorial in a Carrier Command Style!!!!!

[Joe Maroni]

yeah...that´s right...

@ all advanced assembler coders

please don´t laugh....it´s really hard for me to understand...especially the indirect adressing modes...

in my eyes i would understand the command as:
LEA 322(A6),A6 ; load effective adress at position $4 + $142 into A6

but Codetapper gave me the advice that this is a memory test...

assembler is so hard to understand....

[Joe Maroni]

Quote:

Originally Posted by Galahad/FLT

What is it with Tutorials. Ok, I'll do a DD2 tutorial in a Carrier Command Style!!!!!

many many thanks...

[BippyM]

Quote:

Originally Posted by x_to

yeah...that´s right...

@ all advanced assembler coders

in my eyes i would understand the command as:
LEA 322(A6),A6 ; load effective adress at position $4 + $142 into A6

assembler is so hard to understand....

Yeah that is how I would interpret it (Assuming a6 is currently $4)

[Joe Maroni]

Quote:

Yeah that is how I would interpret it (Assuming a6 is currently $4)

and i think that´s the problem why assembler is not that easy for us...

maybe we should first lear nsome methods what is possible with assembler...

getting into SV mode can be done in more than one way AFAIK, but how does those methods look like...???

1. Permit() after "open" the exec.lib is the first
2. disable some interrupts is another method
3. do a TRAP #x (x <- Trap vector) is another one (causes an exception)

and all this stuff is very hard to understand....

[BippyM]

Well from a book I have it gives the following code for getting into the supervisor mode

Code:

Execbase		=4		;Execbase address
SuperState		=-150		;Turn on function
	...
	move.l Execbase,a6	;Execbase address into a6
	jsr SuperState (a6)	;Turn on supervisor mode
	move.l d0,savesp		;Save return value
	...

savesp:blk.l 1			;Space for SP Value

I don't know if this is correct (I assume it is) but it's from a book on Amiga asm.

[Joe Maroni]

Execbase is always $4
LVO for Superstate is -150

first you move the execbase into A6 (library bases must ever be in A6 if you call any functions of them !)
then you jump to subroutine "Superstate"
this function returns the old user stack (supervisor has its own stack !) in D0
to save it for later use you put it with a move to variable "savesp"

that´s how i would understand it...

more details:

it is allowed to change from supervisor mode into user mode but not in the other direction...
the function "superstate" just causes an exception and then jumps to the routine that starts at $020 (vector $08)

BTW: first post edited..

[Codetapper]

I would advise that you ditch IRA for now and use Resource for disassembly. It has the advantage that when you are looking down the list and you see execbase (4) in register a6, you can press "e" (for exec) and it will change the hex offset into human readable form. When it gets into lists, you can use the symbols features to tell Resource that it is a memlist and it will auto-comment the code.

Ditto with anything involving the DOS and graphics library functions - hit "d" and "g" respectively. "h" for any hardware references etc. It will help a great deal while learning this stuff!

[BippyM]

x_to: I don't mind scanning in the article from this asm book I have.. I'll scan the few pages and OCR them

The book is also available on an LSD doc disk and I'll up the article to the zone if you require it

[Joe Maroni]

Quote:

Originally Posted by bippym

x_to: I don't mind scanning in the article from this asm book I have.. I'll scan the few pages and OCR them

The book is also available on an LSD doc disk and I'll up the article to the zone if you require it

not necessary...i already have tons of books here at home...

BTW: it would be nice if someone of the advanced coders can check the stuff in the first post...i hope i explained everything right...i´m not sure myself...

[NOB]

Here is an bootblock that moves itself to the upper
memory, entering the supervisormode via privilege violation
and moving a mini(crap) prog to $300 and jumps in..

Code:

 
go: dc.b "DOS",0
dc.l 0
dc.l "HOL."
move: lea start(pc),a0
lea $7fc00.l,a1 ;move to $7fc00
move.l a1,a4
move.w #end-start,d0
trans: move.b (a0)+,(a1)+
dbf d0,trans
jmp (a4) 
start:
lea $dff000,a6 ;stop interrupts
move.w #$7fff,d0
move.w d0,$9a(a6)
move.w d0,$96(a6)
move.w d0,$9e(a6)
move.w d0,$9c(a6)
lea $bfd100,a5
move.b #%10000001,(a5);Drive select turn off drive motors
nop ;wait a bit
nop
nop
move.b #%11111001,(a5);select all 
 
move.l $20.w,a5 ;privilege violation memory vektor adress-> rescue it
lea super(pc),a4 ;
move.l a4,$20.w ;move own address to $20 (privilege violation vektor)
super: move.w #$2700,sr 
 
;call an violation(usermode)	
;(writing to the sr in usermode is a privilege violation)
;and enters the supervisor mode
;$20 points here ..continue here in supervisor mode
;and set the status register 
 
 
move.l a5,$20.w ;write back old $20 Vector;(Vector number is 8)
 
lea $0000c0.l,a7 ;now SSP Supervisorstackpointer
lea $000200.l,a0 ;set userstackpointer 
move.l a0,usp ;don´t know if this is nescessary....
 
;dosomestuff....
move2: lea trap(pc),a0 ;move to $300
lea $00300.l,a1
move.l a1,a4
move.w #end-trap,d0
trans2: move.b (a0)+,(a1)+
dbf d0,trans2
jmp (a4) ;jmp to $300 
 
trap:
move d0,$dff180 ;blinken
addq #1,d0
btst #6,$bfe001
beq.s ende
bra.s trap
ende: rts ;crash......
 
 
end:

[musashi5150]

Is there a doc for ReSource somewhere... I don't know half of the options

[Codetapper]

Resource v1 had a nice example disassembling a program, LoadWB or some AmigaDos command like that. I learned a great deal from that doc! I think it might also be on one of the LSD docs disks. I'd have to dig it out to see if I have it, maybe someone else will beat me to upload it?

[gizmomelb]

seems an index for the LSD Docs Disks has been on here previously, according to this thread: http://eab.abime.net/showthread.php?t=13919

All of the LSD Docs Disks appear to be online here: http://borrowedtime.emuunlim.com/lsd/index.htm

so I downloaded disk 65, and luckily there's an index included on the disk - LSD Docs Disk #7 has the Resource docs, so I'm downloading it now to see if I can extract the powerpacked file and save it as a standard text file for easier reading on IBMs (no powerpacker compatible decruncher that I'm aware of).

Gizmomelb

EDIT: the file is in the Zone - both as an Amiga PowerPacked file and in plain text for Windows users.

[musashi5150]

Looks like a great doc - thanks guys