I want to understand this better and have a lot of questions so I'm starting a new topic. I downloaded the AA.BIN and the XDT2.BIN to look at. I use HHD Software's Hex Editor Neo to open up the BIN file and search around.
I noticed your address references appear to be the using the point of view of how the 8061 CPU sees things (adding 0x2000 to the addresses of the downloaded binary files). This makes sense but should I just add 0x2000 to the top of the binary files and fill them with zeros to help me keep things as the 8061 would see it?
I could not understand the address references for the XDT2 when you say
subroutine 0434a in 22CA confused me. I searched the XDT2 binary and found the HEX vales a1,00,20,3e in two places it starts at 0x164a9 and again at 0x164c0. Adding 0x2000 to theses address didn't help me in this case.An example subroutine is 0434a in 22CA for 4 banks (notice the rombank calls).
shown here is xdt2, shorter one as it has only 2 banks (1 and 8 ) ...
Is there a certain way to break the XDT2 into two seperate binary files that would help me match up the address references?
Thank you
J.W.S.
Re: FORD Custom EPROMs and Address range information
Post by tvrfan » Mon Nov 18, 2024 8:57 pm
Just a clarification on checksum. In all bins there is a start and an end address stored, and this defines what range the checksum uses. in A9L this is at 0x786a and 786c (two words, 0x2000 and 0x9ffe).
in AA bin, it's at 0x2050 and 0x205e. (0x2000 and 0x3fff).
Older bins like AA use a byte based add, later ones use word based. It's just a 'wrap around' addition calculation and end result should be zero.
In multibanks, addresses seem to be embedded in the code more, the checksum is calculated over all valid banks with a range for each bank. Code/hardware cannot do a 'global' pass of all addresses in one loop.
An example subroutine is 0434a in 22CA for 4 banks (notice the rombank calls).
shown here is xdt2, shorter one as it has only 2 banks (1 and 8 ) ...
Code: Select all
Sub_8a4a7:
8a4a7: 01,40 clrw R40 R40 = 0;
8a4a9: a1,00,20,3e ldw R3e,2000 R3e = 2000;
8a4ad: b1,ff,77 ldb R77,ff R77 = ff;
8a4b0: 10,08 rombk 8
8a4b2: 66,3f,40 ad2w R40,[R3e++] R40 += [R3e++];
8a4b5: 89,fe,ff,3e cmpw R3e,fffe
8a4b9: d3,f2 jnc 8a4ad if (R3e < fffe) goto 8a4ad;
8a4bb: 10,08 rombk 8
8a4bd: 66,3e,40 ad2w R40,[R3e] R40 += [R3e];
8a4c0: a1,00,20,3e ldw R3e,2000 R3e = 2000;
8a4c4: b1,ff,77 ldb R77,ff R77 = ff;
8a4c7: 66,3f,40 ad2w R40,[R3e++] R40 += [R3e++];
8a4ca: 89,fe,fe,3e cmpw R3e,fefe
8a4ce: d1,f4 jleu 8a4c4 if (R3e <= fefe) goto 8a4c4;
8a4d0: 88,00,40 cmpw R40,R0
8a4d3: df,02 je 8a4d7 if (R40 != 0) {
8a4d5: 17,44 incb R44 R44++; }
8a4d7: f0 ret return;
So you can see it does checksum from 0x2000 - 0xffff in bank 8 and 0x2000 - 0xfeff in bank 1.
(Yes, it's not directly obvious how to deal with the nailed on bank extension design.)