|
Spectrofon #15
04 октября 1995 |
|
System - Continuing the theme of "Undocumented command processor Z-80.
SYSTEM
Continuing the theme of undocumented command processor,
raised in a previous numbers our magazine, today we publish the
response Stanislav Yefimov Sim's letter Oleg, in which
continuing discussion on this topic. The editorial staff is
ready to listen to other opinions on this account.
Stanislav V. Efimov
(Fanatic Stas)
E-Mail 2:5020 / 525.29 @ FIDOnetg
Who will "killed on the spot" or
Learn to read names as well as
EPILOGUE!
In early May, edited by
"Spectrophone received a letter
reader, some of which stala
response to published in
"S" N11 article in the "System" section. I read with interest
this letter. Individual items in this
letters have caused me some
(If not more) of bewilderment, and something that wanted to
comment on. It is hoped that readers of spectrophone will be
interesting ...
I'll start with P.P.S Oleg:
Sim O.R: "P.P.S: If you would
Interestingly, I would like to continue the theme of
undocumented teams and prepared material,
suggested below. If interested - do not look. "
FS: "Nothing like this - interesting!"
Oleg (O):
1995 Sim O.R. and SERGE,
Volgograd.
The reason for the preparation of this material was
practically simultaneous appearance of articles
Fanatic Stas'a in the journal spectrophone 'and information
program Volgograd programmer SERGE titled' Top Secret '.
Both of them are devoted to undocumented commands Z-80. First -
full of yawning gaps, the second -
very interesting, but contains
number of inaccuracies. Folds
interesting situation when a lot of people know about these
commands, they are actively ispoleuet, but no hurry to share
secrets. It is quite clear: the use of
undocumented commands the most efficient in the coding
programs (leave 'dark
Area "to protect"). But still
it is time to dispel some
fog. I aimed to organize the scattered information on this
issue and any Do not claim the laurels of a pioneer.
FS: As for the 'gaping
gaps': please read
afterword to the material ...
And in general: a little better finish, if not firmly convinced
of course, than to give a raw material which could give rise to
misleading or even make a
the other side (this I mean
an article on TRDOS, in one of the first issues of "S"). C
'Dark corners' do not agree:
All I saw from the program
(As well as based on
Registers VG93 - in the sense of disk) protection at the
moment, allow me to conclude that to know the undocumented
commands in general not necessarily! These teams are not able
to greatly impede access to the protected code, the only
important thing to know WHERE 'dig' and how. Any protection is
weak side, there to dig (and do not hit in the forehead).
In general, the reliability of protection in general determined
by the degree protect its weakest link
(I am quoting someone, but who
- I do not remember). It is very important
programmers know that
pose similar protection, although
"Spectrum" for such protection, apparently, fail to deliver. Can
only to obstruct the path
cracker ... Which is done in
freshest release Step'a -
Star Heritage ... I will not
continue this theme, because
I respect The author and do not want the fruit begins to
'hackers' (the term hacker, I in this If not use, because
all that is happening now
Spectrum refers exclusively to the term Software
Piracy).
O: To begin with, we will not
consider the plain-all on edge operations halves
index registers. They have long and
durable steel available to the general
public. With a team of SLI,
also seems to have understood and completed eight brazenly
empty cells in a table prefix CB. Therefore it makes sense to go
immediately to the commands, the description of which has not
yet been published anywhere (except, in part, in the program
'Top Secret').
LAMINATED COMMAND.
First of all, duplicate
team - these are tricky commands that do not appear to
one, but two or more codes
operation (CPC).
Teams are well known and descriptions do not require enough
look at the table. Team
NEG, for example, can be set to eight different CPC and
monitors, debuggers 'understand'
Only one: ED44! Despite
is all eight are doing one and the
just invert the battery. Pay attention to a couple of teams
that were not even suitable mnemokoda and action
these commands are explained in a footnote ...
FS: Here, I will suspend the account
Oleg and give my analogue
a large table, which has drawn the author. It is difficult to
include it in this text, there are many empty
places to the same line width in
32 characters greatly limited my
fantasy ...
I hope that my reading of this
table - the right, and any errors will be the 'conscience'
author. I also 'kicked' out of it
all the teams, their trite,
type EDB0 (LDIR) Thus, the undocumented command (all values -
hexadecimal). First, ED, further:
54,64,74,4 c, 5c, 6c, 7c - NEG;
55,65,75 - RETN;
5d, 6d, 7d - RETI;
66,4 e, 6e - IM 0;
76 - IM 1;
7e - IM 2;
70 - analog {IN A, (C); OR A}
by the result of OR exhibi
lyayutsya flags S, Z, P;
71 - analog {LD A, 0; OUT (C), A}
A register is maintained.
Execution time of the last two
teams - 12 cycles.
DVUHPREFIKSNYE COMMAND.
The most extensive set of commands. In general, the team of
This group is represented as:
1 byte - prefix DD or FD
2 bytes - the prefix CB
3 bytes - offset
4 byte - command code
These teams are working very
interesting. For example, a sequence of bytes: ddcb0100
will look RLC B, (IX +1).
First, the action (RLC, in this
case) is above the cell (IX +1), then the result
copied to the appropriate register. Team working
before with (HL) the result of Nowhere
do not overload.
Teams series BIT only tested bits of the address (IX + n) and
flag is set to F. Therefore,
They are duplicated eight times,
as insensitive over
who had made the team, there is substituted
(IX + n). Particularly 'lucky' team SLI. Moreover, it
itself is undocumented, but still
and can be done 'left' means.
Saying Fanatic Stas'a,
that these commands can be
use the utility does not
more NOP, kill me outright.
Interested in receiving NOP, if
He actively modifies the contents
memory and register!
FS: I can reiterate
phrase about 'utility', but in the context of previous
article. I hope that does not kill you
spot, if I say that to know
duplicate the team I do not necessarily. Why me
As a programmer, to know that there are a certain number of NEG
or IM2? Two teams, which
there was no entity, I do
I do not know where to 'stick' to their
program, and I am sure that few will find them used.
And about the RLC and co. I can say that these commands are
well known to me and are not in fact undocumented.
To them 'bite'
only necessary to make the step from
LD IX, nn, ie, from simple commands to the prefixes (obtained
LD IX, too, that is undocumented?).
A: Take, for example, the program S. Hantsisa 'Screen Manager',
'Super List', etc., and for the overall development decodes
them. If you get it, then you are greeted by a living example
of an encoder, perfectly fulfills its purpose, using just the
so-called, 'NOP'.
FS: I already wrote that in the previous article, as well as,
hopefully, in the all subsequent ones, rely on
programmers, not hackers.
In my opinion, the majority of
(Read - all) of those who do
had a hand in assembler, write these encoders only for
themselves, for their own self-assertion, because serious
brainstorming is not one of them (the coders) do not survive. I
as has long been 'in public
principles of 'do not do as staging, and removing (I confess -
not kick your feet) of all
protection ...
A: But what else can you expect from Hacker, who can not
properly switch page
mode 128k.
FS: Well, finally ... 'Hit' ...
And the more I hurt you so? Little
did you see my programs
Oleg, alas, once you do this
conclusion!
A couple of years ago bought a Spectrum?
About switching pages
two (Stifflip, Deactivators)
programs I will somehow
later, if they request, but
I swear, it's very instructive
story related to verification
some of my suspicions
honesty of some people ...
Let me just say that two weeks after the appearance of
'leftist' programs released their 'correct' version ... I was
not lucky "Spectrophone" Deactivators, as
however, and to me, so much.
Not reach a verdict in absentia, gentlemen!
O: Interesting concept, the application gives us dvuhprefiksnyh
two full tables of coding,
ie CPC 510 (why 510 and not
512, I do not understand ... - FS), nowhere
not really described.
Coupled with the matched teams, teams working with the halves
of the registers and commands SLI, undocumented commands
in numbers approaching
basic set of commands!
And, most likely it
not the limit, look at the table
ED, there are so many 'white spots', which is likely emergence
of new and emerging teams. Who before the end of the old days
knows Z80? In Currently, special interest
should provide undocumented bits of the flag register. As far
as I know, yet no one has made fundamental research in this
area. Fact only that some teams with some
conditions change these flags. Maybe someone favors
about this?
FS: I'd like to
someone 'digged' Z80, but
Alas, Oleg, your letter
only with material that is of interest. Feedback
however, much more - this is really fun! I have already
addressed the issue of flags in the previous article, although
apparently only slightly.
It is a pity that Oleg did not cited the sources of their
knowledge because his stuff, I hope, not entirely 'sketched' in
program 'Top Secret', I've never seen before. I would like to
know the sources from which such information appeared, also in
the 'Top Secret '. I am sure that such sources were just as
guess how many are performed
ED70 and ED71, I think, impossible. IM0 and IM1 is also bad
amenable to differentiation.
A similar situation is the case with
RETN, RETI, although here again,
though not without difficulty, I
will manage to distinguish ...
"S": We invite all those interested in this issue, to speak
from the pages of our magazine. We hope that common usliliyami
we get to the truth.
CALL LETTERS!
*
Other articles:
Similar articles:
В этот день... 5 May