AOH :: G09.TXT
What happens when you execute invalid 6502/6510 opcodes
|
SUBMITTED BY: SIR SKULL
------------------------------------------------------------------------
I Invalid OpCodes I
I I
I Compiled By: I
I I
I Sir Skull I
I --- ----- I
I I
I (for the 6502/6510 chips) I
------------------------------------------------------------------------
Well.. As yu all know, there are some ML instructions not
documented for yur C64 or 6502/6510 chips... So here they are!! Fuck
the spelling ok? I've been kind enough to compile them...
Time, dudes.
Sir Skull.
------------
Generally, each bit in a 6502 opcode represents a different
instruction type or addressing mode. An opcode can be broken down with
the three most significant bits representing type, and the other bits
giving the mode. There are, of course, exceptions, but we can still
postulate what the 6502 thinks it sees when it encounters an undefined
number.
Here are the unofficial (Invalid) Opcodes in the following format:
HEX #3(Mnemonic, Addressing mode) Brief description, other addressing
modes.
04: (NTW,implied) This byte and byte after ignored.
1B: (NTH,implied) This byte and two bytes after ignored.
07: (SLO,Zeropage) This Command shifts memory left then ORA's the
Acc. with this memory.
OTHER MODES:
0F: (Absolute)
17: (Zpage,x)
1F: (Absolute,x)
27: (RLA,Zpage) Roll memory location left, then AND the Acc.
with Result.
OTHER MODES:
23: (indirect,x)
2F: (absolute)
37: (Zpage,x)
3B: (Absolute,y)
3F: (Absolute,x)
43: (SRL,indirect,x) Shifts memory right, LDA with the result
4B: (SRA,immediate) Shift Acc right, then AND Acc. with immediate
data.
47: (SRE,Zpage) Shift memory Right then EOR Acc with memory.
OTHER MODES:
4F: (Absolute)
57: (Zpage)
5F: (Absolute,x)
67: (RRA,Zpage) Roll memory right, then ADC memory to the acc.
OTHER MODES:
6F: (Absolute)
73: (indirect,y)
77: (Zpage,x)
7B: (Absolute,y)
7F: (absolute,x)
87: (AAX,Zpage) AND the Acc. with the X register.
OTHER MODES:
8F: (Absolute)
97: (Zpage,y)
8B: (AAX,Immediate) AND the Acc, X register, and Immediate data.
A3: (LAX,Indirect,x) LDA and LDX from the same location.
OTHER MODES:
A7: (Zpage)
AB: (Immediate)
AF: (Absolute)
B3: (Indirectly)
B7: (Zpage,x)
BF: (Absolute,x)
C3: (DCP,Indirect,x) DEC memory, then CMP it with the Acc.
OTHER MODES:
C7: (Zpage)
CF: (Absolute)
D3: (Indirect,y)
D7: (Zpage,x)
DF: (Absolute,x)
CB: (XAS,immediate) AND the X Reg. with 8, Then SBC immediate data
from X.
EB: (SOC,Immediate) SBC one from the Acc, and then Data immediately
following.
E3: (ISC,indirect,x) INC memory location, then SBC result from Acc.
OTHER MODES:
E7: (Zpage)
EF: (Absolute)
F3: (Indirect,y)
F7: (Zpage,x)
FB: (Absolute,y)
FF: (Absolute,x)
Note that the results for all of the above commands are stored in
the Accumulator(Ref 'Acc.' in the text) except as follows: AAX results
are stored in memory location given by data after AAX(Immediate mode)
results, and LAX results are placed in both the Acc. and in the X
Register. DCP results are shown in memory and in the processor's status
byte. XAS results are put in the X register only.
Presently, only a few Assemblers will accept these new Mnemonics.
If yur Assembler doesn't, Modify it, or, store the command as BYTE
statements...
I have not doccumented all the codes here. There are
others(Including Opcodes called 'DTH'. ie: DeaTH, Acid Crash, etc...)
This is just to point out that there are other ways of doing
multifunction commands... And yes, they are faster than doing it the
long way...
Anyway, Till next time.... Happy Hacking!!!!
Sir Skull
------------------------------------------------------------------------------
Oh ya, Phone:
Barataria BBS 613-234-4714
Make REAL money with your website!
The entire AOH site is optimized to look best in Firefox® 2.0 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2008 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.