Crashing a program with DFSZ pokes.

The place for codemasters or beginners to talk about programming any language for the Spectrum.
Post Reply
Nomad
Manic Miner
Posts: 600
Joined: Thu Dec 28, 2017 12:38 pm

Crashing a program with DFSZ pokes.

Post by Nomad »

Figured it was only fair to share and get some feedback.

Trade Secret talks about a method to cause a program to completely reset the machine on quit, no dumping the user back to the BASIC interpreter.

Code: Select all

10 BORDER 1 : POKE 23659,0 : POKE 23658,8
20 FOR I = 1 TO 24
30 PRINT I
40 NEXT I
50 IF INKEY$ = "S" THEN POKE 23659,2 : STOP
60 IF INKEY$ = "P" THEN STOP
70 GOTO 50
Image

Image

DFSZ variable is poked to manipulate BASIC to cause a system crash.

This works for both 128k and 48k BASIC systems.

What I would ask is, are there variations on this technique that can be used to achieve the same effect?

I want to try and gather as many methods to reliably crash/reset the system BASIC or assembly are welcome. I figure there must be more than breaking DFSZ.
dfzx
Manic Miner
Posts: 673
Joined: Mon Nov 13, 2017 6:55 pm
Location: New Forest, UK
Contact:

Re: Crashing a program with DFSZ pokes.

Post by dfzx »

I think I must be missing the purpose of this. What do these magic POKEs do which RANDOMIZE USR 0 doesn't?
Derek Fountain, author of the ZX Spectrum C Programmer's Getting Started Guide and various open source games, hardware and other projects, including an IF1 and ZX Microdrive emulator.
User avatar
djnzx48
Manic Miner
Posts: 729
Joined: Wed Dec 06, 2017 2:13 am
Location: New Zealand

Re: Crashing a program with DFSZ pokes.

Post by djnzx48 »

There was a well-known POKE you could use to crash the machine when the break key was pressed, but it only worked if you didn't use INPUT in your program at all. Is this the same sort of thing?
Nomad
Manic Miner
Posts: 600
Joined: Thu Dec 28, 2017 12:38 pm

Re: Crashing a program with DFSZ pokes.

Post by Nomad »

I don't know much about the RANDOMIZE USR 0 trick other than it was a way to fake microdrive support on a system that didn't have it?

My understanding is, its for BASIC use. By forcing the error output to have nowhere to print it triggers the crash.

This is what Trade Secret says
In BASIC programs, all inputs are made to be from an
INKEY$

command to ensure no messages, etc., are printed on the bottom two lines of the video, and the Spectrum is made to use all 24 lines for screen action. Under these conditions pressing the BREAK key, or an illegal key in the program, would make the Spectrum try to stop and print an error message on the bottom of the video. But, as the Spectrum is told it is to use all 24 lines, this results in the program 'crashing', usually with an all black screen.

If you look at the Spectrum manual, page 175 near the top, you'll see a system variable called DFSZ. This is normally set at two and tells the Spectrum to reserve the last two lines for error messages. DFSZ is location 23659 and can be POKEd to be 0, thus allowing all 24 lines to be used by the program. Let's try an experiment using DFSZ.

RUN it and you'll observe that we have printed on all 24 lines of video. Press the 'S' key to safely STOP the program. Now re-RUN the program and this time press the 'P' key.... they program will 'crash'. Why? In line 10 we POKEd 23659 to be 0, which told the Spectrum we will use all 24 lines for PRINTing (and therefore no room for error message printing).
The plan was to have not one but multiple techniques to achieve the same effect. This would slow down peasants gaining access to IP. Even if it wont stop someone who really wants to get at the code, it at least makes it non-trivial. All I want to do is stop the majority of peasants getting easy access to the IP.

Then combine that with other techniques to trigger different effects to protect the IP should come close to what programs back in the day would have featured.
User avatar
djnzx48
Manic Miner
Posts: 729
Joined: Wed Dec 06, 2017 2:13 am
Location: New Zealand

Re: Crashing a program with DFSZ pokes.

Post by djnzx48 »

I remembered there was this article which features a trick to disable the BREAK key, but it turned out to be the one you already mentioned. :lol:
Nomad
Manic Miner
Posts: 600
Joined: Thu Dec 28, 2017 12:38 pm

Re: Crashing a program with DFSZ pokes.

Post by Nomad »

This is fantastic having multiple sources for the same technique helps a lot in documenting the technique.

It is also useful in figuring out stuff like where a technique first emerged from.

The article you link is December 1984,

Trade Secret was published some time in 1984.

It makes me wonder if there is an earlier source for this technique in one of the newsletters or magazines. Lol I am trying to find the 'patient zero' for all these techniques.

Because I doubt that Trade Secret was the source for any of these methods (not to be mean to the fella..).
Last edited by Nomad on Wed Apr 18, 2018 8:58 am, edited 1 time in total.
User avatar
Alessandro
Dynamite Dan
Posts: 1908
Joined: Wed Nov 15, 2017 11:10 am
Location: Messina, Italy
Contact:

Re: Crashing a program with DFSZ pokes.

Post by Alessandro »

POKE 23659,0 was used in Mugsy's BASIC loader:

Code: Select all

5 CLEAR 24575
10 BORDER 0: PAPER 0: INK 0: CLS
20 POKE 23659,0: PRINT AT 22,0;;
25 FOR x = 23232 TO 23263: POKE x,0: NEXT X
30 LOAD "s" CODE 16384
40 POKE 23659,0: PRINT AT 22,0;;
50 LOAD "mugsy" CODE
60 PRINT USR 24576
In case of a BREAK or Tape loading error, the computer would crash.
User avatar
djnzx48
Manic Miner
Posts: 729
Joined: Wed Dec 06, 2017 2:13 am
Location: New Zealand

Re: Crashing a program with DFSZ pokes.

Post by djnzx48 »

How many of the magazines have actually been OCR'd or typed out? There used to be the Your Sinclair Rock 'n Roll Years site which had all the articles typed out, but it shut down recently and not everything seems to have been archived. There's also a somewhat legible OCR'd version of Sinclair User at archive.org, but Sinclair Programs seems to have been obscure enough to not appear on any of those websites...
Nomad
Manic Miner
Posts: 600
Joined: Thu Dec 28, 2017 12:38 pm

Re: Crashing a program with DFSZ pokes.

Post by Nomad »

Lol I have faith that at least one autist hoarder has archived the entire website. It's just a matter of finding that exceptional individual and convincing them to share.

I vaguely remembered a website that had listed of articles, but I couldn't find it. I guess this must have been it. I am not sure the reason behind the closure that seems a bit weird.

You raise a very good point, many of the best - highest level newsletters were low circulation. I doubt the professional level industry stuff would have been retained past a point where it was useful to the programmer who subscribed to the newsletter.

Companies that would have taken out subscriptions to these things would have liquidated the archive when they stooped development of 8-bit systems.

And the home user wouldn't have subscribed to them or been aware of their existence.

But they must have existed. There absence in current online archives makes sense. It would be weird if they survived. It's sad though none the less.

My theory was - information originally came from newsletters intended for professionals and a combination of the Zaks & Lance L books. this was then filtered into consumer level books and articles written for mainstream magazines.
User avatar
djnzx48
Manic Miner
Posts: 729
Joined: Wed Dec 06, 2017 2:13 am
Location: New Zealand

Re: Crashing a program with DFSZ pokes.

Post by djnzx48 »

Yeah, there's a lot of interesting stuff hidden away in those magazines. I just discovered this letters page from July 1983 that has a nice trick I hadn't heard of before. Instead of having to POKE 23692, 0 to get infinite scroll, you can just use INPUT INKEY$ or even INPUT "" so that it exits instantly without having to press a key.
Nomad
Manic Miner
Posts: 600
Joined: Thu Dec 28, 2017 12:38 pm

Re: Crashing a program with DFSZ pokes.

Post by Nomad »

Yea, that is also in Trade secret. But this article pre-dates the publication.

See I am starting to get the impression that Trade Secret was a combination of techniques from letters/articles that were published in newsletters/magazines.

*put on tin foil hat* Perhaps that's why it never got a review in any of the magazines it was sold in... *take off tin foil hat*
User avatar
djnzx48
Manic Miner
Posts: 729
Joined: Wed Dec 06, 2017 2:13 am
Location: New Zealand

Re: Crashing a program with DFSZ pokes.

Post by djnzx48 »

This might be interesting: https://archive.org/search.php?query=23 ... &sort=date
The earliest mention I can find is in PCW in late January 1983, but it doesn't seem like it was being used for copy protection then. Strangely enough there's an almost identical article in Sinclair User around the same time. Also some of the magazines are out of order so there could be an even earlier mention.
Nomad
Manic Miner
Posts: 600
Joined: Thu Dec 28, 2017 12:38 pm

Re: Crashing a program with DFSZ pokes.

Post by Nomad »

Honestly I never thought of using archive.org in that way :lol:

Yea you are right about wrong dates being entered into the meta data. For example INPUT gets listed as being published in the 90s..
Nomad
Manic Miner
Posts: 600
Joined: Thu Dec 28, 2017 12:38 pm

Re: Crashing a program with DFSZ pokes.

Post by Nomad »

djnzx48 wrote: Wed Apr 18, 2018 10:04 am This might be interesting: https://archive.org/search.php?query=23 ... &sort=date
The earliest mention I can find is in PCW in late January 1983, but it doesn't seem like it was being used for copy protection then. Strangely enough there's an almost identical article in Sinclair User around the same time. Also some of the magazines are out of order so there could be an even earlier mention.
This is...
Spoiler
Image
In fairness the info from this magazine is pretty sweet, next page also have some cool info.. This magazine is a goldmine.

Image
Nomad
Manic Miner
Posts: 600
Joined: Thu Dec 28, 2017 12:38 pm

Re: Crashing a program with DFSZ pokes.

Post by Nomad »

More interesting developments, the version of the manual that Trade Secret is referencing is the revision one. It was a little unclear what version was being used. This has now been resolved.

Big thanks to PeterJ for the assist.

You might be thinking 'well so what?' it clears up a question of attribution. Plus I can now be sure of what was being referenced. The plan on the new version is to have footnotes with the relevant information or for larger portions it will be featured as an appendix. This should reduce the amount of primary documents needed to use trade secret.

The next step is to find as many articles related to the techniques talked about in trade secret.
Luckily archive.org seems pretty good for this kind of data mining. Thank you to djnzx48 for the heads up on this.

Trying to create an attribution timeline to trace the spread of the technique would be interesting. Plus having this information available in a single document would be useful. It's a lot easier to look up an appendix than dig through multiple archives to find the relevant article.

Not being the sharpest pencil in the tin I appreciate screen shots to show whats going on, that is a major deficiency in trade secret some might say potato toxic :lol: . In the new edition there are extensive screenshots. (that's what I have been up to these past couple of days lol..)

Another thing that is badly needed is an index, this might take a little more time. But I think it would be worth it.

One thing that was removed was the blatant padding of having many pages of notes between each topic. It frustrated me because I felt it broke the flow of the document but what do you fellows think? Generally I would never write in books I owned. But perhaps I am weird.. :lol:
Post Reply