| |
chatGPZ
Registered: Dec 2001
Posts: 11386 |
(Ab)use of dummy accesses
For the next release of my "No more Secrets" doc i am preparing a chapter related to the dummy access which happen when the CPU performs an internal operation. Once again i am looking for some examples on how to (ab)use it :) I guess everyone knows "inc $d019" - but i am sure there is more than this. And not only with RMW instructions. So if you have anything in your mind - just drop it here!
here are some related notes which i pasted together. feel free to proofread and point out mistakes :) |
|
... 55 posts hidden. Click here to view all posts....
|
| |
tlr
Registered: Sep 2003
Posts: 1790 |
You could always use RMW instructions to make double grey dots. |
| |
ChristopherJam
Registered: Aug 2004
Posts: 1409 |
Quoting GroepazQuote:The music routine from Fred Gray performs a read and write on IO
thats not abusing the dummy accesses though.... it relies on the floating bus value (what a terrible idea =P)
I though reads from SID were explicitly zero, rather than floating bus value?
I'm fairly sure one of the iterations in developing a stable hard restart used one cycle blips of the gate bit to allow RC to escape at known times, but it didn't turn out to be the most optimal. I'll have a rummage. |
| |
Fred
Registered: Feb 2003
Posts: 285 |
Quoting ChristopherJam
Quoting GroepazQuote:The music routine from Fred Gray performs a read and write on IO
I though reads from SID were explicitly zero, rather than floating bus value?
From the documentation of resid-fp:
Reading a write only register returns the last char written to any SID register. The individual bits in this value start to fade down towards zero after a few cycles. All bits reach zero within approximately $2000 - $4000 cycles. It has been claimed that this fading happens in an orderly fashion, however sampling of write only registers reveals that this is not the case. NB! This is not correctly modeled. The actual use of write only registers has largely been made in the belief that all SID registers are readable. To support this belief the read would have to be done immediately after a write to the same register (remember that an intermediate write to another register would yield that value instead). With this in mind we return the last value written to any SID register for $2000 cycles without modeling the bit fading. |
| |
ChristopherJam
Registered: Aug 2004
Posts: 1409 |
Oh, damn. Thanks for that, Fred.
I guess you could safely write 0 then 1 if you first wrote a zero to some other SID register before INC $d404, but this is all sounding a bit flaky now :) |
| |
tlr
Registered: Sep 2003
Posts: 1790 |
Are we counting things like inc $d016;dec $d016 in this btw? More related to BA i guess but if there weren't so many dummy cycles it wouldn't work. |
| |
Fred
Registered: Feb 2003
Posts: 285 |
Quote: Oh, damn. Thanks for that, Fred.
I guess you could safely write 0 then 1 if you first wrote a zero to some other SID register before INC $d404, but this is all sounding a bit flaky now :)
That's why the music routine of Fred Gray first writes to $D404 and then immediately increases it to toggle the gate bit like:
STA $D404
INC $D404 |
| |
CyberBrain
Administrator
Posts: 392 |
Quote: That's why the music routine of Fred Gray first writes to $D404 and then immediately increases it to toggle the gate bit like:
STA $D404
INC $D404
I wouldn't say so, since that snippet writes to the same register that it addresses with the INC afterwards, which doesn't really abuse the dummy-write.
In the snippet, the INC dummy-write just writes whatever was already there, which to my knowledge doesn't cause any side effect for $D404. (Am i wrong?)
But according to the resid-fp documentation, an INC doesn't necessarily have to set the register to the same value that the register already had in its first write cycle.
It can set the register to any value V you want in the first write cycle, and then set the register to V+1 one cycle later (at the second write cycle).
This could for example be used to toggle the gate and then toggle it again the next cycle. (Not sure if that's useful)
// Example - assume the gate-bit is 1 here
lda #%xxxxxxx0 // <- Select whatever waveform, etc, bits you want here, but keep bit 0 zero.
sta $D4xx // <- Some SID-register we don't use and is not audible (pulse-width for example)
inc $D404 // <- Cycle 5: set gate=0. Cycle 6: set gate=1.
Normally the minimum delay between toggling would be 4 cycles. Same could be done for any other write-only SID register (+ with ROL/ROR/ASL/LSR).
I wonder how reliable it is reading the write-only registers - it sounds like it is pretty reliable when done within "a few cycles" judging from the wording from resid-fp. |
| |
chatGPZ
Registered: Dec 2001
Posts: 11386 |
its pretty reliable even with a surprising number of cycles gap... see the "bitfade" tests :) |
| |
CyberBrain
Administrator
Posts: 392 |
Really interesting! There must be some use-case for this (perhaps controlling the internal counters as ChristopherJam mentioned)
An update to the example i posted: Since reading a write-only register returns the last written value to ANY register (not just to write-only registers), you don't even have to trash the value of a register for this trick to work. Just write to one of the read-only registers. |
| |
chatGPZ
Registered: Dec 2001
Posts: 11386 |
Also a good way to show the finger to shitty replacements =P |
| Previous - 1 | 2 | 3 | 4 | 5 | 6 | 7 - Next |
