ghidra icon indicating copy to clipboard operation
ghidra copied to clipboard

Published 20 hours ago verified publisher icon NationalSecurityAgency

8085 undocumented instructions are missing

Open RetroAND opened this issue 10 months ago • 5 comments

Intel microprocessor has two undocumented flags in their documentation and a series of instructions both to work with those flags, 16 bit operations and even a software interrupt. All 8085 have those instructions even if they weren't documented by the designers. As GHidra follows the original Intel documentation the instruction set is incomplete.

I would have implemented the missing parts, however my skills with sleigh is null. For this reason I would like to ask if more experienced GHidra developers would help having this part completed.

Personally I use GHidra to help documenting old computer systems and unfortunately I found a system that uses this set of undocumented instructions. If someone could help, it would be greatly appreciated.

Thanks in advance

RetroAND avatar Apr 07 '24 15:04 RetroAND

Can you provide any documentation on the instructions?

GhidorahRex avatar Apr 08 '24 12:04 GhidorahRex

Of course. The instructions were tested across batches and found to be working on all them. They were present in memos etc. but nobody knows why Intel decided to keep them a secret.

UnDoc85.pdf Undoc_8085.pdf

The mnemonics used for this small set of instructions is the one from the second document (JNK, RSTV, etc.) but left the other for reference.

RetroAND avatar Apr 08 '24 13:04 RetroAND

This case is also discussed here https://github.com/NationalSecurityAgency/ghidra/issues/2299 with some preliminary you could try @RetroAND https://github.com/NationalSecurityAgency/ghidra/commit/1577081196563fcb2a611a812ea3994d74fb0f06

For a thorough analysis how these flags are implemented: http://www.righto.com/2013/02/looking-at-silicon-to-understanding.html

hjanetzek avatar Apr 15 '24 22:04 hjanetzek

Hello @hjanetzek ,

The truth is while I would want to do it myself I don't have neither the knowledge in Sleight nor the time to implement the routines. I am designing spare parts for the machine whose code I'm studying and this plus the hardware reverse engineering take up my entire time. Sorry if that's a disapointment, but I'm constrained at this point.

In any case thanks for your intervention.

RetroAND avatar Apr 16 '24 07:04 RetroAND

Hi @RetroAND, no problem :) Just wanted to add some pointers - I'm a hobbyist reverse-engineer myself, specializing on mid-80s home organs. In case you considered to use MAME for development (it has quite a lot RC2014 parts implemented and is generally a great reference to understand (old) hardware) I've started work on a plugin to link MAME debugger with Ghidra - without this tool some things would have been impossible for me to figure out https://github.com/orgs/mamedev/discussions/54#discussioncomment-8573209

I'll probably get back to a 8085 device soon and then could try to bring the undocumented instruction code into shape for a PR.

hjanetzek avatar Apr 16 '24 21:04 hjanetzek