[A89] Re: Traps...

[A89] Re: Traps...

• To: <assembly-89@lists.ticalc.org>
• Subject: [A89] Re: Traps...
• From: "Zeljko Juric" <zjuric@utic.net.ba>
• Date: Tue, 24 Jul 2001 09:00:17 +0200
• Reply-To: assembly-89@lists.ticalc.org

Hi!

Here is what I know about traps:

* Trap 0: Execute various supervisor mode functions

  d0 = function code

  Some known functions:

   0  sets the power state, switches flash to low power mode
   1  idle
   2  ClearBreak
   3  CheckBreak
   4  Reset
   6  ErrorLockup

* Trap 1: Set status register
 
  d0 = new SR

* Trap 2: Reset

  Used internally in Trap 8, so it should be redirected to avoid
  reseting when Trap 8 is used.

* Trap 3: Unknown (but used for something)

* Trap 4: Turn the calculator off

* Trap 5, 6, 7: Unknown, maybe unused

* Trap 8: Runs a block in supervisor mode

  It  runs a block of the following form in supervisor mode:

  LE_WORD Size;
  BYTE Code[];

  The code is called (passed a5 with the end address), trap #2 is 
  then called (put on the stack as the return address)

* Trap 9: Pointers to various system functions and tables

  Input: d0.w = function id:

   0  OSContrastUp
   1  WinOpen
   2  OSLinkReset
   3  TIMERV *OSTimerVectors
   4  BYTE *OSContrast //end of LCD_MEMORY
   5  WinStr
   6  KEY_QUEUE *KeyBuffer
   7  OSqclear
   8  CHARTYPE* CharTbl;
   9  OSContrastUp
   10 OSContrastDn
   11 OSClearBreak;
   12 KEYCODE* KeyCodes;
   13 OSCheckBreak;
   14 LCD_MEM;
   15 Osdequeue
   16 RAMTest
   17 WinMoveTo

  Output: pointer to the function or table in a0.l

* Trap A: Self-test

* Trap B: Functions which works with protected memory

  This trap encapsulates various functions which have the common
  fact that all of them works under the flash memory protection
  _disabled_, like writing blocks into the flash memory, erasing
  blocks, etc. This is the most protected part of AMS, but
  fortunately it has some holes which allow us to bypass some
  protections and to take full control over the system. The
  function number is in d3, various parameters are in other regs,
  but the function numbers are not consistent between various AMS 
  versions, so I will not list them. AMS 2.xx uses one function
  to manage RAM execution protection just _before_ launching the
  RAM program, so there is an illusion that Trap B launches the
  program. Anyway, this trap is good for various "hookings".

* Trap C: Enter supervisor mode

* Trap D, E, F: Unused at least in AMS 1.xx, but they seems to
  be used in later versions

Cheers,

Zeljko Juric

• Prev: [A89] Re: Traps...
• Next: [A89] Re: Traps...
• Index(es):
  • Main
  • Thread