WG: 6510/8500 Opcodes in hex?

From: Juergen Sievers (juergen.sievers_at_NADINE-Software.com)
Date: 2002-11-24 11:56:47

> -----Ursprόngliche Nachricht-----
> Von: Juergen Sievers [mailto:juergen.sievers@nadine-software.com]
> Gesendet: Sonntag, 24. November 2002 04:14
> An: cbm-hackers@cling.gu.se
> Betreff: AW: 6510/8500 Opcodes in hex?
>
>
>
> >
> > Is there either a list, or a good disassembly/tutorial
> analysing the ROMs'
> > layout? Perhaps explaining a bit about it's structure as well?
> >
> You should try the IDA (Interactiv disassembler) from
> http://www.datarescue.com/.
> Thise may be one of the best reengineering tool for reassembling Software.
>
> My hint!
> have a go on the IDA (Interactive disassembler) from
> http://www.datarescue.com/.
> This may be one of the best reengineering tool for reassembling Software.
> IDA supports many processors and libraries.
>
>
> Here a snapshot  from the project I'm working currently on.
> t is a DOS device driver which adds support for many CP/M disks formats
> to normal system drives and it is showing the first unmodified
> analyse output.
>
>
>
> seg000:0000 ;
> seg000:0000 ;
> +-----------------------------------------------------------------
> --------+
> seg000:0000 ; ¦     This file is generated by The Interactive
> Disassembler (IDA)        ¦
> seg000:0000 ; ¦     Copyright (c) 2001 by DataRescue sa/nv,
> <ida@datarescue.com>        ¦
> seg000:0000 ; ¦   Licensed to: Juergen Sievers, Nadine Software,
> 1 user, std, 11/2000   ¦
> seg000:0000 ;
> +-----------------------------------------------------------------
> --------+
> seg000:0000 ;
> seg000:0000 ; File Name   : C:\Dokumente und
> Einstellungen\jsievers\Eigene Dateien\Download\P2000C\CDRIVE.SYS
> seg000:0000 ; Format      : MS-DOS SYS-file (perhaps device driver)
> seg000:0000 ; Base Address: 1000h Range: 10000h-1149Ah Loaded
> length: 149Ah
> seg000:0000
> seg000:0000
> seg000:0000 ;
> ------------------------------------------------------------------
> ---------
> seg000:0000
> seg000:0000 ; Segment type: Pure code
> seg000:0000 seg000          segment byte public 'CODE' use16
> seg000:0000                 assume cs:seg000
> seg000:0000                 assume es:nothing, ss:nothing,
> ds:nothing, fs:nothing, gs:nothing
> seg000:0000 NextDevice_0    dw 0FFFFh               ; DATA XREF:
> Interrupt_Routine_0+19o
> seg000:0000                                         ; The last device
> seg000:0002 word_10002      dw 0FFFFh
> seg000:0004 DevAttr_0       dw 6000h                ; non-IBM block device
> seg000:0004                                         ; supports IOCTL
> seg000:0004                                         ; block device
> seg000:0006 Strategy_0      dw offset Strategy_Routine_0
> seg000:0008 Interrupt_0     dw offset Interrupt_Routine_0
> seg000:000A DeviceName_0    db    1 ;               ; May be device number
> seg000:000B aCdrive         db 'CDRIVE',0
> seg000:0012 unk_10012       db  36h ; 6
> seg000:0013                 db    1 ;
> seg000:0014 Computer        db 0                    ; DATA XREF:
> sub_105AB+9r
> seg000:0014
> ...
> ...
> ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E
> ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
> seg000:0B33
> seg000:0B33
> seg000:0B33 Strategy_Routine_0 proc far             ; DATA XREF:
> seg000:0006o
> seg000:0B33                 mov     word ptr cs:DevRequest_0, bx
> ; ES:BX -> Device Request Block
> seg000:0B38                 mov     word ptr cs:DevRequest_0+2, es
> seg000:0B3D                 retf
> seg000:0B3D Strategy_Routine_0 endp
> seg000:0B3D
> seg000:0B3E
> seg000:0B3E ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E
> ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
> seg000:0B3E
> seg000:0B3E
> seg000:0B3E Interrupt_Routine_0 proc near           ; DATA XREF:
> seg000:0008o
> seg000:0B3E                 pushf                   ; Device
> Request Block:
> seg000:0B3E                                         ; 0 db length
> seg000:0B3E                                         ; 1 db unit number
> seg000:0B3E                                         ; 2 db command code
> seg000:0B3E                                         ; 5 d? reserved
> seg000:0B3E                                         ; 0D d?
> command specific data
> seg000:0B3F                 push    es
> seg000:0B40                 push    ds
> seg000:0B41                 push    ax
> seg000:0B42                 push    bx
> seg000:0B43                 push    cx
> seg000:0B44                 push    dx
> seg000:0B45                 push    di
> seg000:0B46                 push    si
> seg000:0B47                 push    bp
> seg000:0B48                 mov     word ptr cs:SaveStack, sp
> seg000:0B4D                 mov     word ptr cs:SaveStack+2, ss
> seg000:0B52                 cld
> seg000:0B53                 mov     ax, cs
> seg000:0B55                 mov     ss, ax
> seg000:0B57                 assume ss:seg000
> seg000:0B57                 mov     sp, 7EA0h
> seg000:0B5A                 les     bx, cs:DevRequest_0
> seg000:0B5F                 push    bx
> seg000:0B60                 push    es
> seg000:0B61                 mov     al, es:[bx+SYSRequestHDR.unit]
> seg000:0B65                 cbw
> seg000:0B66                 shl     ax, 1
> seg000:0B68                 mov     di, offset d_tbl
> seg000:0B6B                 add     di, ax
> seg000:0B6D                 jmp     word ptr cs:[di]
> seg000:0B6D Interrupt_Routine_0 endp
> seg000:0B6D
> ...
>
> And the finally output, after all work was done, is shown here:
> ;
> ;
> ΙΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝ
> ΝΝΝΝΝΝΝΝ»
> ; Ί	This file is generated by The Interactive Disassembler
> (IDA)	    Ί
> ; Ί	Copyright (c) 2001 by DataRescue sa/nv,
> <ida@datarescue.com>	    Ί
> ; Ί   Licensed to: Juergen Sievers, Nadine Software, 1 user, std,
> 11/2000   Ί
> ;
> ΘΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝ
> ΝΝΝΝΝΝΝΝΌ
> ;
> ; File Name   :	C:\Dokumente und
> Einstellungen\jsievers\Eigene Dateien\Download\P2000C\CDRIVE.SYS
> ; Format      :	MS-DOS SYS-file	(perhaps device	driver)
> ; Base Address:	1000h Range: 10000h-1149Ah Loaded length: 149Ah
>
>
> ;
> ΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝΝ
> ΝΝΝΝΝΝΝΝΝ
>
> ; Segment type:	Pure code
> seg000		segment	byte public 'CODE' use16
> 		assume cs:seg000
> 		assume es:nothing, ss:nothing, ds:nothing,
> fs:nothing, gs:nothing
> NextDevice_0	dw 0FFFFh		; DATA XREF:
> Interrupt_Routine_0+19o
> 					; The last device
> word_10002	dw 0FFFFh
> DevAttr_0	dw 6000h		; non-IBM block	device
> 					; supports IOCTL
> 					; block	device
> Strategy_0	dw offset Strategy_Routine_0
> Interrupt_0	dw offset Interrupt_Routine_0
> DeviceName_0	db    1	;		; May be device	number
> aCdrive		db 'CDRIVE',0
> unk_10012	db  36h	; 6
> 		db    1	;
> Computer	db 0			; DATA XREF: sub_105AB+9r
> seg000:0AC5r ...
> Drive		db 0			; DATA XREF: GetReadParams+17r
> 					; sub_1068C+26r ...
> 		db  50h	; P
> ...
>
> Appending this mail is a  screen dump, so you may get a look
> about this tool.

look here for the screen-dump.
ftp://ftpadmin@ftp.nadine-software.com/pub/Computer/Windoof/IDA/idw.bmp

>
> here are some stuff for Z80n systems.
>
> ROM:E000 ;
> ROM:E000 ;
> +-----------------------------------------------------------------
> --------+
> ROM:E000 ; ¦     This file is generated by The Interactive
> Disassembler (IDA)        ¦
> ROM:E000 ; ¦     Copyright (c) 2001 by DataRescue sa/nv,
> <ida@datarescue.com>        ¦
> ROM:E000 ; ¦   Licensed to: Juergen Sievers, Nadine Software, 1
> user, std, 11/2000   ¦
> ROM:E000 ;
> +-----------------------------------------------------------------
> --------+
> ROM:E000 ;
> ROM:E000 ;
> ------------------------------------------------------------------
> ---------
> ROM:E000 ; File Name   : C:\Dokumente und
> Einstellungen\jsievers\Eigene
> Dateien\Download\P2000C\P2000CROM\P2000C3.BIN
> ROM:E000 ; Format      : Binary File
> ROM:E000 ; Base Address: 0000h Range: E000h - F000h Loaded length: 1000h
> ROM:E000
> ROM:E000 ; Processor:        z80
> ROM:E000 ; Target assembler: Zilog Macro Assembler
> ROM:E000
> ROM:E000 ;
> ------------------------------------------------------------------
> ---------
> ROM:E000
> ROM:E000 ; Segment type: Pure code
> ROM:E000                 segment ROM
> ROM:E000                 org 0E000h
> ROM:E000                 di
> ROM:E001                 ld      sp, 0D600h
> ROM:E004                 ld      hl, 5E8h
> ROM:E007                 ld      a, 0Eh
> ROM:E009
> ROM:E009 loc_E009:                               ; CODE XREF: ROM:E012j
> ROM:E009                 ld      b, (hl)
> ROM:E00A                 inc     hl
> ROM:E00B                 ld      c, (hl)
> ROM:E00C                 inc     hl
> ROM:E00D
> ROM:E00D loc_E00D:                               ; CODE XREF: ROM:E00Fj
> ROM:E00D                 outi
> ROM:E00F                 jr      nz, loc_E00D
> ROM:E011                 dec     a
> ROM:E012                 jr      nz, loc_E009
> ROM:E014                 in      a, (28h)
> ROM:E016                 in      a, (2Ah)
> ROM:E018                 in      a, (8)
> ROM:E01A                 ld      de, 0F606h
> ROM:E01D                 ld      bc, 57h ; 'W'
> ROM:E020                 ldir
> ROM:E022                 ld      de, 0FD40h
> ROM:E025                 ld      bc, 1CDh
> ROM:E028                 ldir
> ROM:E02A                 ld
>
>
>



       Message was sent through the cbm-hackers mailing list

Archive generated by hypermail 2.1.4.