Author: Pete M. Wilson
			      README.DOC

	Brief description file for the TA disassembler system.


TA is a program the provides an interactive disassembler for the HP 48SX
ROM.  It is written in Microsoft C and should be fairly portable (I haven't
tried).

TA uses 5 data files:

HP48MAP.ROM is an ascii listing of the complete ROM contents, produced
	by downloading all of the ROM to your computer and processing
	it through the TOROMMAP filter.  This will strip all addresses
	from the dump file, creating a flat 524,288 byte file.

Two comment files are used by TA. Both have the same format. Each line
consists of the 5 nibble address being described, followed by a space and the one line comment describing the address. Lines beginning with a '-' are considered deleted.

REMC.MAP is the code comment file. It provides comments explaining what the
	code at a particular address is doing.  When the corresponding
	address is UnThreaded or UnAssembled, the comment is appended
	to the output line.

	For example, the RPL routine at 03188 executes the inner-most code
	for the DUP routine (i.e. after error checking and setup has been
	done). It is an assembler routine with an RPL entry point, and
	UnThreading the entry point yields:

		TA> ut 3188
			; *** RPL do DUP ***
		03188: 0318D ML ENTRY
		0318D: CF         D=D-1 A               ; room on stack?
		0318F: 41F        GOC 03181             ; if not,  make some
		03192: 143        A=DAT1 A              ; get obj @ TOS
		03195: 1C4        D1=D1- 5              ; push object again
		03198: 141        DAT1=A A
		0319B: 142        A=DAT0 A              ; cont RPL
		0319E: 164        D0=D0+ 5

	The comments following each disassembled line are stored in REMC.MAP.

	NOTE: The disassembler stops after outputting 8 lines - the
	routine above continues for one more line.


REMA.MAP is the address comment file. It provides comments explaining the
	purpose of address references. For example, the DUP routine is at
	1FB87.  UnThreading this yields:

		TA> ut 1fb87
			; *** XLIB: 10D002 DUP ***
		1fb87: 02D9D Type 8: RPL Program
		1fb8c: 18AA5 save Last RPL Token / verify DEPTH >= 1
		1fb91: 03188 RPL do DUP
		1fb96: 0312B End RPL Program

	Each comment following the threaded routine address is stored in
	REMA.MAP.  In addition, the comment line preceding 1FB87 (and in
	the above example, preceding 03188) is stored in REMA.MAP.
	As a further example, the RPL routine at 14039 is a very deep internal
	routine to the code for ERRN.  It pushes the Last Error Number as a
	short integer or address type.

		TA> ut 14039
			; *** Push Last Err# as Short Int ***
		14039: 1403E ML ENTRY
		1403E: 34FF607    LCHEX 706FF   ; Save Last Err#
		14045: 8D3B411    GOVLNG 114B3  ; Push @C.A as new Short Int

			; *** Push @C.A as new Short Int ***
		114B3: DA         A=C A
		114B5: 8FB9760    GOSBVL 0679B  ; Save Regs D, B, D1, D0 (uses C)
		114BC: 130        D0=A
		114BF: 142        A=DAT0 A
		114C2: 8DC7530    GOVLNG 0357C  ; Push A as new Short Int     

		The comments after 706FF, 114B3 0679B and 0357C are stored in
		REMA.MAP and are automatically appended to the disassembly.

REMA.INX and REMC.INC are index files for the .MAP files.  These are binary
	arrays of Adress, .MAP offset information in sorted order. A binary
	search on these arrays in core is used to lookup comment information.
	If the .MAP file is edited using a text editor, the corresponding
	.INX file must be deleted. The TA program will automatically
	re-create them correctly.



A number of features of TA disassembly should be apparent from the examples.
Here is a listing of some of the more significant features.

	1. Initial disassembly mode is set by the command used to start
	   disassembly.

	2. UnThread to UnAssemble mode switching is handled automatically.

	3. Disassembly/unthreading is stopped automatically when a termination
	   point is reached.

	4. Absolute GOTOs in assembly are followed automatically.

	5. The HP-71 style mnemonics are used. (but see notes at end)

	6. Currently, disassembly is only available for the ROM. Other Binary
	   files cannot be handled (i.e. I'm working on the USAG command).

	7. In-line literal RPL Objects are not handled by the UnThreader.

	8. Only the HP-71 instruction set is currently understood. I don't
	   have access to Alonzo's notes on the 28 or the new instructions
	   in the 48 - if anyone can tell me these, I'd be overjoyed to add
	   them to the program.


		       SHORT COMMAND REFERENCE

UT	UnThread

	UT addr

	Example: UT 3188

	The UnThread command begins disassembly in UnThread mode at a given
	address. Up to 8 lines of mixed RPL/assembly output will be produced.
	If an RPL end program is encountered, output will stop. If RPL CODE or
	ML Entry is encountered, disassembly mode will be switched to
	UnAssemble automatically.

UA	UnAssemble

	UA addr

	Example: UA 114B3

	The UnAssemble command begins disassembly in UnAssemble mode at a
	given address. Up to 8 lines of assembly will be produced. If an
	Unconditional Return or an indirect Goto (i.e. PC=(A)) is encounterd,
	disassembly will be stopped. If an unconditional Goto is encountered,
	it will be followed.

U	Un-continue

	U

	The Unassemble command continues at the last unassembled address, in
	the last used mode, for another 8 lines or until a stop condition is
	reached.

CA	Comment Address

	CA addr text

	Example: CA 114b3 Push @C.A as new Short Int

	The Comment Address command creates a new comment on an address. Any
	reference to the address will automatically have the comment appended
	to the line. Any existing address comment for the address is replaced.

CC	Comment Code

	CC addr text

	Example: CC 318d room on stack?

	The Comment Code command creates a new comment on the code at an
	address. Any disassembly of the address will have the comment
	appended to it. Any existing code comment for the address is replaced.

CCD	Comment Code Delete

	CCD addr

	Example: CCD 318d

	The Comment Code Delete command removes a code comment for an address.

CAD	Comment Address Delete

	CAD addr

	Example: CAD 114b3

	The Comment Address Delete command removes an address comment for an
	address.

D	Dump

	D addr

	Example: D 71AD8

		TA> d 71ad8
		71ad8: E06556273796F6E6 0284054383D22411  .Version  HP48-B.
		71af8: 34F6079727967686 4702840502139383  Copyrigh t HP 198

	The Dump nibbles command outputs the nibbles at a particular ROM
	address in Hex and ASCII format. It produces 8 lines of output.

Q	Quit

	Q

	The Quit command exits TA.  If any .INX files have been changed or
	were missing, they are written out automatically.



Future Enhancements

These are some things I'm hoping to add to the program.  Please feel free to
make suggestions.

A utility program to merge REMC/REMA files from different people.

Automatic recovery of space in REMC/REMA.

Complete instruction set support (if someone will tell me what the new
instructions are).

A switch to support Alonzo's mnemonics (if I find out what they are).

A type file that marks the type of code at addresses so RPL/Assembly mode
is known for some addresses (i.e. for U addr).

The ability to work with Binary (or ASCII translated) 48 program files, with
separate comment files for these and automatic connection to the ROM MAP.

A type file for data area so the Dump command can be told the format of ROM
Data Tables (i.e. the command area, the version string, ...).

A notes system to record questions and comments that will store speculations
on code purposes before its been completely understood.

An address stack to allow following RPL calls and returns and assembly gosubs.


					Pete M. Wilson
					07/14/90

					on HP BBS as wilsonpm