Re: A85: questions

To: assembly-85@lists.ticalc.org
Subject: Re: A85: questions
From: Jimmy =?iso-8859-1?Q?M=E5rdell?= <yarin@acc.umu.se>
Date: Wed, 03 Sep 1997 21:57:17 +0200
In-Reply-To: <3.0.3.32.19980204190403.006bcdcc@pop3.wt.net>
Reply-To: assembly-85@lists.ticalc.org

At 19:04 1998-02-04 -0600, you wrote:
>
>I have 2 questions I would appreciate if someone could answer.
>
>1)  What exactly happens when you press <Custom> <F1> with a shell on yer
>calc?  as i understood it, the 85 is completely not made to run assembly
>stuff.  so what does the shell do that makes it able to do so.  also, how
>did the original authors of Zshell figure any of this out?

The contents of the custom menu is 15 pointers. When choosing something
from the custom menu, it reads the pointer and from that address
it reads some info which tells the calc what to do. Usually, this info
ends with a jump to some part in the ROM memory.

By changing, in a backup file - where these pointers are stored also -
the pointers to a location in the RAM (or rather, the JP instruction
at the end of the 'info' part), the execution will continue from that
instruction.

In ZShell 1.0, you had to recall ZShell (which was stored as an image)
into the graphmemory (at $8641) before running it using Custom+F1. That
was because at the time they (or rather, Dan Eble) knew of no safe place
to store the shell (which must be at a fixed location). I also believe
that you couldn't quit ZShell without crashing the calc :-/ Finding the
return address was a bit of a job I guess.

Later, they came up with the idea of hacking the VAT to store a string
in front of everything else which eliminated the need of recalling
ZShell into the graph mem. Download ZShell 1.0, 2.0, 3.0, 3.1 from ticalc.org
and read the docs for more info.

As for HOW they figured all this out, I'm not sure. Eble probably searched
for pointers in the RAM which was used by the ROM in that way. One
could suspect (or hope) that the Custom pointers were designed that
way, and try changing the custom pointers and compare backup files
and look for changes. This probably took QUITE some time though...

After figuring out how to execute assembly code, I suspect that
the first thing Dan tried to do was getting a ROM backup by copying
the ROM (page 0) to the RAM (into an variable) and sending it
to the computer. After that, disassembling it should give
answer to most questions.

At least, this is how I think ZShell were "discovered". Maybe
Dan Eble could write a history manuscript about it or something :)

--
Real name: Jimmy Mårdell                 
IRC......: Yarin                         
Email....: mailto:yarin@acc.umu.se      <-- NEW E-MAIL ADDRESS!!!!
Homepage.: http://www.algonet.se/~mja/

References:

A85: questions

From: Robby Gutmann <gutmann@planet-connect.com>