Re: LZ:83 ASM

Subject: Re: LZ:83 ASM
From: barrym <barrym@neosoft.com>
Date: Sun, 1 Sep 1996 20:36:03 -0500 (CDT)
In-Reply-To: <96Aug30.181801bst.46157(2)@u-net.net>
I disasembled the _IPOINT routine but what I found doesn't make
any sense.  It could be a mistake on my part but I was fairly
careful.  It could be a mistake in TI83ASM.INC from TI.  Their
keycode chart got all the key codes wrong so that wouldn't
surprise me, or it could be a bug in my hex viewer, which would
surprise me a little, but not a lot.  I suspect TI but I'm not
sure of that.  I didn't have time to check any further today.
I may tomorrow.  I will if I can.


Here's what I got:


The entry 4AE8 goes into what is appearantly a jump table
with 4 byte calls and returns.  This entry is


4AE8  CD9133	call 3391
4AEB  C9	ret


3391  CD8B2E	call 2E8B
3394  C9	ret


2E8B  E5	push hl
2E8C  E5	push hl
2E8D  F5	push af
2E8E  D5	push de
2E8F  E5	push hl
2E90  210B00	ld hl,00B0
2E93  C9	ret


Which should crash the calculators.  Maybe it does.
When I can I'll double check my work and write something
that calls _IPOINT and see if it works and is really at
that address.  Of course I've reversed the addresses for
readability.


Barry


On Fri, 30 Aug 1996, Rob Taylor wrote:


> 
> > > KEs, that's what I was thinking (possibley two ports, one for byte 
> > > offset, one for byte to change? , meybe a flags port with a bit to 
> > > toggle??)
> > > it'd be pretty easy to  figure from the _IPoint routine...
> > > (p.s. you you fancy downloading that bit of the rom for me, so I can 
> > > dissasemble it and see how its done?)
> > 
> > Do you mean the _IPoint routine?  In the 83?  If that's what
> > your referring to I'll be glad to do it.  Let me know if
> > that's it.   I'll probably have some time to look at it this
> > weekend.
> > 
> Yup that's the one..  please do
> 
> Rob Taylor MAIL - mailto:rtaylor@ticalc.org 
>            WEB  - http://www.u-net.com/~rtaylor/    
>
References:
From: