Sprinter/mame
2
0
Fork 0
mirror of https://github.com/holub/mame synced 2025-10-05 16:50:57 +03:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

PGM2 driver work

Browse Source
This commit is contained in:
trap15 2017-02-11 01:08:56 -08:00
parent 2672fb6f8e
commit a421976911
1 changed files with 20 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/mame/drivers/pgm2.cpp
View File

@ -4,22 +4,15 @@
Motherboard is bare bones stuff, and does not contain any ROMs.
The IGS036 used by the games is an ARM based CPU, like IGS027A used on PGM1 it has internal ROM.
Decryption should be correct in most cases, but the ARM mode code at the start of the external
ROMs is a bit weird, with many BNV instructions rather than jumps. Maybe the ARM is customized,
the code has been 'NOPPED' out this way (BNV is Branch Never) or it's a different type of ARM?
- Some of the THUMB code looks like THUMB2 code
eg
f004 BL (HI) 00004000
e51f B #fffffa3e
0434 LSL R4, R6, 16
0000 LSL R0, R0, 0
should be a 32-bit branch instruction with the 2nd dword used as data.
Decryption should be correct in most cases.
The ARM appears to be ARMv5T, probably an ARM9.
We need to determine where VRAM etc. map in order to attempt tests on the PCBs.
We will also need to try to attack the internal ROM, as there are many many calls made into it.
Chances are it'll be possible to get it to copy itself out, or black-box the behavior.
All calls to the IROM are done through small shims, so it should also be possible to hack around
the IROM if we can't get the dump out.
PGM2 Motherboard Components:
@ -80,14 +73,16 @@ public:
void screen_eof_pgm2(screen_device &screen, bool state);
required_device<cpu_device> m_maincpu;
void pgm_create_dummy_internal_arm_region(int addr);
void pgm_create_dummy_internal_arm_region();
};
static ADDRESS_MAP_START( pgm2_map, AS_PROGRAM, 32, pgm2_state )
AM_RANGE(0x00000000, 0x00003fff) AM_ROM //AM_REGION("user1", 0x00000) // internal ROM
AM_RANGE(0x08000000, 0x087fffff) AM_ROM AM_REGION("user1", 0) // not 100% sure it maps here.
AM_RANGE(0xffff0000, 0xffffffff) AM_RAM
AM_RANGE(0x10000000, 0x107fffff) AM_ROM AM_MIRROR(0x0f800000) AM_REGION("user1", 0) // external ROM
AM_RANGE(0x20000000, 0x2007ffff) AM_RAM // main SRAM?
// This doesn't exist, it's just necessary because our stub IPL doesn't set SP
AM_RANGE(0xfff00000, 0xffffffff) AM_RAM
ADDRESS_MAP_END
static INPUT_PORTS_START( pgm2 )
@ -169,7 +164,7 @@ static GFXDECODE_START( pgm2 )
GFXDECODE_END
void pgm2_state::pgm_create_dummy_internal_arm_region(int addr)
void pgm2_state::pgm_create_dummy_internal_arm_region()
{
uint16_t *temp16 = (uint16_t *)memregion("maincpu")->base();
int i;
@ -180,9 +175,11 @@ void pgm2_state::pgm_create_dummy_internal_arm_region(int addr)
}
int base = 0;
int addr = 0x10000000;
// just do a jump to 0x080003c9 because there is some valid thumb code there with the current hookup..
// i'd expect valid non-thumb code at 0x08000000 tho?
// just do a jump to 0x10000000 because that looks possibly correct.
// we probably should be setting up stack and other things too, but we
// don't really know that info yet.
temp16[(base) / 2] = 0x0004; base += 2;
temp16[(base) / 2] = 0xe59f; base += 2;
@ -204,7 +201,6 @@ static MACHINE_CONFIG_START( pgm2, pgm2_state )
/* basic machine hardware */
MCFG_CPU_ADD("maincpu", ARM9, 20000000) // ?? ARM baesd CPU, has internal ROM.
MCFG_CPU_PROGRAM_MAP(pgm2_map)
// MCFG_DEVICE_DISABLE()
@ -503,7 +499,7 @@ DRIVER_INIT_MEMBER(pgm2_state,orleg2)
igs036_decryptor decrypter(orleg2_key);
decrypter.decrypter_rom(memregion("user1"));
pgm_create_dummy_internal_arm_region(0x80003c9);
pgm_create_dummy_internal_arm_region();
}
DRIVER_INIT_MEMBER(pgm2_state,kov2nl)
@ -516,7 +512,7 @@ DRIVER_INIT_MEMBER(pgm2_state,kov2nl)
igs036_decryptor decrypter(kov2_key);
decrypter.decrypter_rom(memregion("user1"));
pgm_create_dummy_internal_arm_region(0x8000069);
pgm_create_dummy_internal_arm_region();
}
DRIVER_INIT_MEMBER(pgm2_state,ddpdojh)
@ -529,7 +525,7 @@ DRIVER_INIT_MEMBER(pgm2_state,ddpdojh)
igs036_decryptor decrypter(ddpdoj_key);
decrypter.decrypter_rom(memregion("user1"));
pgm_create_dummy_internal_arm_region(0x80003c9);
pgm_create_dummy_internal_arm_region();
}
DRIVER_INIT_MEMBER(pgm2_state,kov3)
@ -542,7 +538,7 @@ DRIVER_INIT_MEMBER(pgm2_state,kov3)
igs036_decryptor decrypter(kov3_key);
decrypter.decrypter_rom(memregion("user1"));
pgm_create_dummy_internal_arm_region(0x80003c9);
pgm_create_dummy_internal_arm_region();
}