Emulator / decompiler Saturn - Paul Courbis


   

CAUTION !

Please read this...



You'll fin below this text a semi-automated translation of the original website. Texts will be gradually reviewed to make them as accurate as possible but it's strongly recommanded to read the original page (preview on the right side of this text) :

Link to the original article


(if this link is broken, please go to the original website's root page and look for wanted data. Sorry about that).


Some parts of this website will never be translated to English. Part of them are user's comments that are not transfered from the French (original) version to this version. Obvously, you can leave your own comments here but they wont be transfered to the French version.

You can send comments or suggestions to the webmaster.

   
Paul Courbis


Home > Achievements > Software > HP48 Software > Emulator / decompiler Saturn

Emulator / decompiler Saturn

Sunday 3 June 2007, by Paul Courbis

In 1992, when I am attacked in the writing of Journey to the Center of the HP48g/gx , my relationship with HP was good enough for the company tells me copies of the HP48 ROM before it so .. .

To exploit them, I made an emulator / decompiler. The objective was not performance (it took several minutes to boot the virtual machine), but able to list and understand the entry points of the system.

The sources of this program for Unix / Linux are here . The program also works with Windows tools cygwin ...

Installation:

- Extract the contents of the archive (tar xvzf emulator.tgz)

- Change into the directory created: cd emulator

- Compile with "make"

- Install a copy of the ROM of the HP48 as a hex dump in the file "Roma" (2369B108DAD. ..). For reasons of law, I do not obviously possible to include the Roma with the program.

- Run "mkdb" to create databases

- Run "emulator" to run the emulator

Manual of the emulator:

When the emulator is launched, in addition to the messages displayed in the console launched, two windows appear:

- A representation of the HP48 with its screen and keyboard. The keys are clickable (click for a push button, wait for the ILR, then a second click to release).

 

- A monitoring window

The latter provides:

- Start the execution (RUN button)

- To make the stepper mode stopped (STEP)

- The stop button (which replaces the STOP button STEP RUN)

- To force the update of the screen (CSP Update)

- To leave the emulator (QUIT)

- To "wake up" HP (SHUTDOWN mode output)

- To dump the information claculées (DUMP). This is done automatically when you leave the emulator.

Above the row of buttons, the disassembled code is displayed under éexécution (address, instruction).

Under the row of buttons are displayed decompilation of sysRPL running (if known symbol sequence and hexadecimal).

Finally there is the value of different registers (PC, D0, D1 ...).

For D0 and D1, the memory area pointed to is also displayed.

By clicking the square to the left of a record, it is possible to edit the value.

When the calculator has worked for some time, it is possible to convert the databases into a readable version using the program "decompile".

Other programs:

- ExtractObjects: extract the list of items used during emulation - used by the program "decompile"

- Decompile: Force decompilation symbols RPL / sysRPL known, fonts, etc. ...

- Peek (followed by the address to read) can read the contents of memory at a given address

- ExtractObjects retrieves a list of interesting articles

- Some programs are also available in (odXXX) od ondisk meaning, where the RAM is insufficient to achieve the performance by loading data into memory (obsolete).

- Print creates the files "Dump_xxx", corresponding to different banks xxx decoded readable form. Here, for example the beginning of the ROM 48:

 00000: p = 23 # 3 / Nibbles Used here: 5 (R)
00002: goto 69B1 # 001BC

------------
00006: F100 08DAD


------------
0000F: 85E st = 1 (14)
00012: 00022 # 4F0 goc

00015: 86F? St = 0 (15)
00018: 80 Goyes # 00020

0001A: 06 rstk = c
0001C: 6120 goto # 0003E

00020: 03 rtncc

00022: 87F? St = 1 (15)
00025: 5F Goyes # 0001A

We see that the first 6 quads were used during the boot but the 6 quartets located’adresse 00,006 have not been. Cons by the code 0000F himself has been used.

In addition, 5 quartets were played in 00000.

Bugs:

- Speed (it’s slow, but everything is emulated, including clock cycles)

- The context is not saved when exiting the emulator. Must repeat all of the boot sequence to reboot.

- The display is ugly. As the writing on the keyboard are not all times and must have a 48 under my eyes to know all the button assignments.

- Tested only with the HP48 for Roma versions A, D, J, M, N and L. - bugs of Saturn are not emulated.

- Management of the keyboard could be improved (just click a button to push, and then click again to release).

- The extinction of the screen is not supported (if the machine is turned off, the display is filled with parasites).

Trivia:

During development of the program, I came across a curious phenomenon: a pixel column missing from the display of function keys of "Try to Recover Memory?" (On the [NO] you it seems). After vainly trying to debug my progra ^ same, I finally realized that the bug was ... HP forgot the code to display the last column of pixels!

Comment on this article