Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
mg_notes:iie_card:weird_stuff [2017/08/06 02:43]
M.G. other weird instructions
mg_notes:iie_card:weird_stuff [2017/08/07 22:25] (current)
M.G. Slot scan/select description.
Line 38: Line 38:
 Here is what I found: Here is what I found:
  
-^ Routine ^ Address ^ Code    ^ Function ^ +In Routine ^ Address ^ Code    ^ Function ^ 
-RESET   | $FAB4   | $02 $02 | +PWRUP   | $FAB4   | $02 $02 | Loads A reg with $Cn+1 where n = startup slot or $C8 if scan. 
-RESET   | $FAC0   | $02 $03 | |+PWRUP   | $FAC0   | $02 $03 | Displays "​UNABLE TO BOOT FROM STARTUP SLOT" if A reg = $Cn-1 where n = startup slot or $c0 if scan.  Disappears if screen scrolls. ​| 
 +| APPLEII | $FB63   | $02 $04 | Display copyright message on screen, disappears if screen scrolls. | 
 +| BELL1   | $FBDD   | $02 $01 | Play system bell sound. | 
 +| GETLN1 ​ | $FD78   | $02 $06 | Key translation called right after rdchar. If A reg has <​key>​DELETE</​key>,​ converts it to <​key><​-</​key>​. | 
 +|         ​| ​        | $02 $05 | Not found in firmware, yet, but presumably this exists. | 
 + 
 +==== The Key Translation and the A register ==== 
 + 
 +Get to the monitor in your %%//%%e Card and try this: 
 + 
 +<​code>​ 
 +*! 
 +!300:jsr fd35 
 +! nop 
 +! nop 
 +! jmp fdda 
 +
 +*300G 
 +</​code>​ 
 + 
 +FD35 is the RDCHAR routine, FDDA is the print byte routine. ​ This routine reads a keypress and outputs its hex code.  Run it a few times to convince yourself there is no funny business. ​ Run it a final time and press <​key>​DELETE</​key>​. 
 + 
 +<​code>​ 
 +*300G 
 +FF    (appears after pressing delete) 
 +
 +</​code>​ 
 + 
 +FF is exactly what we expect to see with the Apple II delete key. 
 + 
 +Now want to see something interesting? ​ Change the NOPs to $02 $06 and run it again. ​ Try a few keys, then try it with <​key>​DELETE</​key>​. 
 + 
 +<​code>​ 
 +*303:02 06 
 +*300G 
 +88    (appears after pressing delete) 
 +
 +</​code>​ 
 + 
 +88 is the code for the left arrow key.  That's some serious magic, and in two bytes the Card converts <​key>​DELETE</​key>​ to <​key><​-</​key>​. 
 + 
 +==== The Two-Byte Copyright ==== 
 + 
 +Try this sequence of instructions:​ 
 + 
 +<​code>​ 
 +]HOME 
 +]CALL -151 
 +*300:02 04 60 
 +*300G 
 +</​code>​ 
 + 
 +Hit the left arrow a bunch of times until the display scrolls. **POOF!** 
 + 
 +==== Slot Scan Scam ==== 
 + 
 +The %%//%%e Card lets the user pick the startup slot in the control panel or "​Scan"​ which is the behavior of a standard %%//%%e. 
 + 
 +This is implemented by the sequences $02 $02 which replaces the LDA #$C8 at the start of the slot scan loop, and $02 $03 which replaces the CMP #$C0 instruction that decides loop termination. 
 + 
 +The $02 $02 sequence loads the accumulator with $C8 if scan is selected, or $Cn+1 if a specific slot is selected. 
 + 
 +<​code>​ 
 +*300:02 02 4C DA FD 
 +*300G 
 +C8   (if scan or slot 7 selected, "​Cx"​ if another slot is selected) 
 +
 +</​code>​ 
 + 
 +The $02 $03 sequence behaves as if CMP #$C0 or CMP #$Cn-1 has been executed and if it has, displays "​UNABLE TO BOOT FROM STARTUP SLOT" in the center of the screen in a similar manner to the copyright message. ​ The message is not in Apple II memory. ​ It returns with the flags set as executing the CMP instruction would have.