• Please review our updated Terms and Rules here

Model 6000 z80ctl disassembly

K

kb2syd

Veteran Member
Joined
Mar 7, 2005
Messages
1,843
Location
Wantage, NJ
I've been looking at the two different z80ctl files I found. I'm wondering how this file is laid out. Here are the first 256 bytes. Any thoughts on the file layout?
Code: 
02 06 00 14 00 00 3F A4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 40 00 86 00 00 01 00 00 00 00 00 00 00 00 00 00 3E 00 00 00 00 00 
00 00 00 00 54 68 65 20 75 73 65 20 6F 66 20 74 68 69 73 20 73 6F 66 74 
77 61 72 65 20 69 73 20 72 65 73 74 72 69 63 74 65 64 20 62 79 20 43 6F 
70 79 72 69 67 68 74 20 6C 61 77 73 20 61 6E 64 20 74 68 65 0A 6C 69 63 
65 6E 73 69 6E 67 20 61 67 72 65 65 6D 65 6E 74 2E 20 20 52 65 66 65 72 
20 74 6F 20 74 68 65 20 22 4C 69 6D 69 74 65 64 20 57 61 72 72 61 6E 74 
79 20 53 74 61 74 65 6D 65 6E 74 22 2C 0A 41 72 74 69 63 6C 65 20 49 56 
2C 20 50 61 72 74 73 20 44 2C 20 46 20 61 6E 64 20 47 2E 0A 54 68 69 73
20 73 6F 66 74 77 61 72 65 20 69 73 20 6E 6F 74 20 73 75 70 70 6F 72 74
65 64 20 69 66 20 61 6E 79 20 6D 6F 64 69 66 69 63 61 74 69 6F 6E 73 20 
61 72 65 20 6D 61 64 65 0A 74 68 61 74 20 77 65 72 65 20 6E 6F 74 20 73 
75 70 70 6C 69 65 64 20 62 79 20 54 61 6E 64 79 20 53 79 73 74 65 6D 20
 

Attachments

  • z80ctl.zip
    22.2 KB · Views: 1
In both files the 4 byte big endian number at offset 4 is the length of the file less 51 bytes.
0x3fd7 - 0x3fa4 = 51 = 0x33
0x40e6 - 0x40b3 = 51 = 0x33
That's close to the 0x34 bytes that appear in both cases before the copyright message in ascii (running from 0x34 to 0x1bf).

Both files start with 0x0206 0x0014. Adding those together gives you 0x21a. Not that close to the apparent start of code at 0x234. And there's the 3 bytes at 0x224 that differ between the two files that don't seem to have any obvious meaning.

Doubling the 0x14 (a word count?) gets 0x28 which is closer to the 0x34 position of the copyright notice.

At 0x234 both files have a Z-80 JP but to different addresses: 0x407e and 0x4079. Kinda looks like those are meant to jump over the ASCII message that immediately follows. Probably to the 0xf3 (Z-80 DI) at 0x2b2 and 0x2ad.

If 0x2b2 + x == 0x407e then x = 0x3dcc
If 0x2ad + x == 0x4079 then x = 0x3dcc

Thus the code at 0x234 is apparently loaded at 0x234 + 0x3dcc = 0x4000. Encouraging number.

As a first pass I'd chop off the first 0x234 bytes and see how that disassembles with a presumed load address of 0x4000.

Just a little bit later in the code I see ASCII "FDIV" -- a hallmark for Frank Durdra IV, legendary Tandy programmer and curmudgeon.

It may be the 0x00004000 at offset 0x14 is the load address. But I imagine details of the file format are not as important to you as the Z-80 code within?
 
Great start. Starting to make sense now. Based on what you parsed, 0x4405 is the beginning of the bugcheck service routine when the system halts.
 
You must log in or register to reply here.
Back
Top