Unknown 8085 opcodes

Hayden Kroepfl perlpowers at gmail.com
Wed Jan 11 11:38:22 CST 2017


Well unless the code is running a disassembler has no real clue, because as
you can see ASCII corresponds mostly to completely valid instructions,
mainly the MOV reg,reg instructions. Depending on how the code's written it
could be basically impossible for a disassembler to tell.

 For example you could have code that calls a function that takes inline
arguments, as such you'd have a JSR (or whatever the 8085 equiv is)
followed by data, not instructions. In that subroutine it would change the
return pointer on the stack to jump over those instructions.

The other way a disassembler could do it would be to actually run the code
and see where the code path goes. But then there's no guarantee that it
actually reaches all code points. A smart disassembler can guess based off
jumps and a starting point, but it still doesn't help it the case I
mentioned above.

Disassembly always requires some human element as it can't possibly handle
all cases. Tools like IDA and such typically don't disassemble until you
manually pick and entry point, then it disassembles as far as it can safely
assume from there. You then have to find other code paths yourself. For a
static disassembler you may have to hand hold it, especially if there's
self modifying code which could mess up the disassembly of multi-byte
instructions for a few instructions past the invalid one.

Hayden

On Wed, Jan 11, 2017 at 10:31 AM, Adrian Graham <binarydinosaurs at gmail.com>
wrote:

> Hi all,
>
> Well, this is ROM dumps of a telephone system so that would make sense for
> some of it, but surely a disassembler should also recognise that it's ASCII
> string data and treat it accordingly? I can imagine a freeware disassembler
> maybe making that mistake but the second one is commercial.
>
> I'll have a closer look at DASMx's parameters when I get home, that's the
> freeware one but it seems to make a better job of it than the commercial
> version, though both the D8741A and ROM dumps produce the same unknown
> opcodes.
>
> If anyone knows of others please shout up.
>
> Cheers!
>
> On 11 January 2017 at 17:21, Hayden Kroepfl <perlpowers at gmail.com> wrote:
>
> > Sorry for the double reply.
> > It's definitely ASCII data and not code. There's also seems to be some
> > other constant data in the middle, but translating the byte values as
> ASCII
> > gives:
> > "Telephone Details [few odd bytes]Select "
> >
> > Where [few odd bytes] is 01 04 05 08 which is presumable some other
> > constant data, or some delimiters related to the strings.
> >
> > Hayden
> >
> > On Wed, Jan 11, 2017 at 10:16 AM, Hayden Kroepfl <perlpowers at gmail.com>
> > wrote:
> >
> > > Another possibility could be self-modifying mode, something somewhere
> > else
> > > could be writing over this code once it's running. Though that would be
> > > assuming it's in RAM. Though the code around these instructions seems
> > > confusing. Looking at the values it almost looks like it's ASCII text
> and
> > > not actual code data. I see numbers in the 0x40 and 0x60 range which
> are
> > > the ASCII lowercase and uppercase letters. Along with 0x20 which is a
> > > space. Perhaps try interpreting the data as data instead of code?
> > >
> > > On Wed, Jan 11, 2017 at 10:10 AM, Adrian Graham <
> > binarydinosaurs at gmail.com
> > > > wrote:
> > >
> > >> Hi folks,
> > >>
> > >> Any 8085 assembler geeks in the house?
> > >>
> > >> Official Intel docs don't seem to be helping with this one, I have
> 8085
> > >> and
> > >> D8741A peripheral controller dumps both containing several opcodes
> that
> > >> two
> > >> disassemblers aren't recognising and any docs I've been looking
> through
> > >> for
> > >> either 8085 instructions or the UPI instruction set don't seem to
> > feature
> > >> them either.
> > >>
> > >> The codes are 0x08, 0x10, 0x18, 0x28, 0x38,0xD9, 0xDD and 0xED.
> > >>
> > >> 0x08 nearly always follows a 0x01 LXI B instruction, the others don't
> > seem
> > >> to have an obvious pattern.
> > >>
> > >> I've pondered if 0x10 is INC @R0 because the binary for that is 0001
> > 000x
> > >> where x is either 0 or 1.
> > >> By the same reasoning 0xD9 could be XRL A,R1 (opcode 11011xxx) and
> 0xDD
> > >> could be XRL A,R5 but can't match the others. Also the surrounding
> code
> > >> doesn't mention those registers.
> > >>
> > >> Example 8085 code fragment:
> > >>
> > >> 3440   1792 09                  DAD B
> > >> 3441   1793 01 01 08            LXI B,0801H
> > >> 3442   1796 08                  UNRECOGNIZED
> > >> 3443   1797 12                  STAX D
> > >> 3444   1798 0D                  DCR C
> > >> 3445   1799 54                  MOV D,H
> > >> 3446   179A 65                  MOV H,L
> > >> 3447   179B 6C                  MOV L,H
> > >> 3448   179C 65                  MOV H,L
> > >> 3449   179D 70                  MOV M,B
> > >> 3450   179E 68                  MOV L,B
> > >> 3451   179F 6F                  MOV L,A
> > >> 3452   17A0 6E                  MOV L,M
> > >> 3453   17A1 65                  MOV H,L
> > >> 3454   17A2 20                  RIM
> > >> 3455   17A3 44                  MOV B,H
> > >> 3456   17A4 65                  MOV H,L
> > >> 3457   17A5 74                  MOV M,H
> > >> 3458   17A6 61                  MOV H,C
> > >> 3459   17A7 69                  MOV L,C
> > >> 3460   17A8 6C                  MOV L,H
> > >> 3461   17A9 73                  MOV M,E
> > >> 3462   17AA 01 04 05            LXI B,0504H
> > >> 3463   17AD 08                  UNRECOGNIZED
> > >> 3464   17AE 17                  RAL
> > >> 3465   17AF 53                  MOV D,E
> > >> 3466   17B0 65                  MOV H,L
> > >> 3467   17B1 6C                  MOV L,H
> > >> 3468   17B2 65                  MOV H,L
> > >> 3469   17B3 63                  MOV H,E
> > >> 3470   17B4 74                  MOV M,H
> > >> 3471   17B5 20                  RIM
> > >>
> > >> Cheers!
> > >>
> > >> --
> > >> adrian/witchy
> > >> Owner of Binary Dinosaurs, the UK's biggest home computer collection?
> > >> www.binarydinosaurs.co.uk
> > >>
> > >
> > >
> >
>
>
>
> --
> adrian/witchy
> Owner of Binary Dinosaurs, the UK's biggest home computer collection?
> www.binarydinosaurs.co.uk
>


More information about the cctalk mailing list