X-NEWS: cc.newcastle.edu.au alt.folklore.computers: 4976
Path: seagoon.newcastle.edu.au!metro!munnari.oz.au!spool.mu.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!rpi!uupsi!sunic!chalmers.se!etek.chalmers.se!f90angu
From: f90angu@etek.chalmers.se (Andreas Gunnarsson)
Newsgroups: alt.folklore.computers
Subject: 6502/6510 `illegal opcodes' - the list
Message-ID: <1991Mar14.232819.7815@etek.chalmers.se>
Date: 14 Mar 91 23:28:19 GMT
Organization: Chalmers University of Technology, G|teborg, Sweden
Lines: 122


     Since I've received lots of requests for this list, and since I haven't
     benn able to get it to all of you by email, I post it here...

     These are the 'illegal' 6502/6510 opcodes that I know of.
     I do NOT guarantee that these instructions works as I say, but they
     seem to be OK on my C64. I've also heard that the 6502 is almost
     identical to the 6510 internally, so they should work on them too.

     Most of them are mentioned in "Programming the Commodore 64" from
     COMPUTE! (ISBN 0-942386-50-7), so I used the same names as found in
     that book.

     I may have made some typos, but I've checked the list once, so I don't
     think so.

     ASO $HHLL      0F LL HH
     ASO $HHLL,X    1F LL HH
     ASO $HHLL,Y    1B LL HH
     ASO $ZZ        07 ZZ
     ASO $ZZ,X      17 ZZ
     ASO ($ZZ,X)    03 ZZ
     ASO ($ZZ),Y    13 ZZ
     ASO #$XX       0B XX
     RLA $HHLL      2F LL HH
     RLA $HHLL,X    3F LL HH
     RLA $HHLL,Y    3B LL HH
     RLA $ZZ        27 ZZ
     RLA $ZZ,X      37 ZZ
     RLA ($ZZ,X)    23 ZZ
     RLA ($ZZ),Y    33 ZZ
     RLA #$XX       2B XX
     LSE $HHLL      4F LL HH
     LSE $HHLL,X    5F LL HH
     LSE $HHLL,Y    5B LL HH
     LSE $ZZ        47 ZZ
     LSE $ZZ,X      57 ZZ
     LSE ($ZZ,X)    43 ZZ
     LSE ($ZZ),Y    53 ZZ
     RRA $HHLL      6F LL HH
     RRA $HHLL,X    7F LL HH
     RRA $HHLL,Y    7B LL HH
     RRA $ZZ        67 ZZ
     RRA $ZZ,X      77 ZZ
     RRA ($ZZ,X)    63 ZZ
     RRA ($ZZ),Y    73 ZZ
     AXS $HHLL      8F LL HH
     AXS $ZZ        87 ZZ
     AXS $ZZ,Y      97 ZZ
     AXS ($ZZ,X)    83 ZZ
     LAX $HHLL      AF LL HH
     LAX $HHLL,Y    BF LL HH
     LAX $ZZ        A7 ZZ
     LAX $ZZ,X      B7 ZZ
     LAX ($ZZ,X)    A3 ZZ
     LAX ($ZZ),Y    B3 ZZ
     DCM $HHLL      CF LL HH
     DCM $HHLL,X    DF LL HH
     DCM $HHLL,Y    DB LL HH
     DCM $ZZ        C7 ZZ
     DCM $ZZ,X      D7 ZZ
     DCM ($ZZ,X)    C3 ZZ
     DCM ($ZZ),Y    D3 ZZ
     INS $HHLL      EF LL HH
     INS $HHLL,X    FF LL HH
     INS $HHLL,Y    FB LL HH
     INS $ZZ        E7 ZZ
     INS $ZZ,X      F7 ZZ
     INS ($ZZ,X)    E3 ZZ
     INS ($ZZ),Y    F3 ZZ
     ALR #$XX       4B XX
     ARR #$XX       6B XX
     OAL #$XX       AB XX
     SAX #$XX       CB XX
     AXA #$XX       8B XX
     AXL ($ZZ),Y    93 ZZ
     SKB            80
     SKW            0C
     CRS            02

     I've also found another SBC #$XX: EB XX
     Undocumented NOPs: 1A, 3A, 5A, 7A, DA, FA
     More SKBs: 82, C2, E2, 04, 14, 34, 44, 54, 64, 74, D4, F4, 89
     More SKWs: 1C, 3C, 5C, 7C, DC, FC
     More CRSs: 12, 22, 32, 42, 52, 62, 72, 92, B2, D2, F2

     A short explanation of these opcodes:

     ASO: ASL then ORA the result with the accumulator
     RLA: ROL then AND the result with the accumulator
     LSE: LSR ther EOR the result with the accumulator
     RRA: ROR then ADC the result from the accumulator
     AXS: store the result of A AND X
     LAX: LDA and LDX with the same data
     DCM: DEC memory and CMP the result with the accumulator
     INS: INC memory then SBC the result with the accumulator
     ALR: AND the accumulator with data and LSR the result
     ARR: AND the accumulator with data and ROR the result
     OAL: ORA the accumulator with #$EE, AND the result with data, then TAX
     SAX: SBC data from A AND X and store result in X
     SKB: skip next byte
     SKW: skip next word (two bytes)
     AXA: X AND memory to accumulator
     AXL: accumulator AND X AND #$21
     CRS: crash (freeze computer)

     NOP and SBC works as usual (but some NOPs requires more than two clock
     cykles).

     I can also mention a (well-known) bug in 6502/6510: JMP ($XXFF) jumps
     to the location ($XXFF) + 256*($XX00) instead of
     ($XXFF) + 256*($XXFF+1).

     List assembled by JC of XAKK (f90angu@fy.chalmers.se)ation ($XXFF) + 256*($