Date   : Tue, 13 Sep 1994 13:10:01 +0000
From   : lamcw <lamcw@...>
Subject: Re: Icky 6502 operations

Bonfield James wrote:

;Actually, things can get even more complicated. Reads from incorrect memory
;locations can occur during certain operations. Consider the case:

;LDX #&80
;LDA &FEE8,X

;This should access location &FF68, which is in ROM - so no extra hardware
;accesses. However before accessing FF68 it will also access FE68 and hence
;clear the IFR bit.


is this because E8 + 80 = &68 (plus carry) and so &FE68 is sitting in the
MPU before the carry is added to yield &FF68?



;Even more grotesque, the T2 IFR bit could be cleared in the following manner.

;write to FE66 and FE67 a "BNE &FE02". And set DDRB (FE02) to &60.
;No clear zero flag and jump to FE66. This will read bytes from FE66, FE67 (the
;BNE instruction) _and_ FE68 before performing the branch and RTS instruction.


wow, if any game does this then, quite frankly, it can stew in obscurity
for ever more.

;Are there any games out there that require these internal 'address fixes' to
;work? It'd slow down emulation considerably to be this accurate. I can't see
;anyone ever needing this techniques except for obfuscation ("obfsucation rules
;OK") purposes.


well, i quoted the BIT &FE68 one but i also saw CMP &FE69 (or &FE68). once
i emulated these, Frak! started to work (hooray!).

so to be safe, i will accomodate AND,ORA,EOR,SBC and ADC for absolute 
addressing in SHEILA. like you say, one can't afford to check ALL modes...
let's just hope beeb programmers were/are sensible folk.


chris lam.