Difference between revisions of "MOS 6502"
m (added info, corected mistakes) |
(→Oddities) |
||
(582 intermediate revisions by 6 users not shown) | |||
Line 1: | Line 1: | ||
− | [[ | + | [[File:MOS 6502AD 4585 top.jpg|right|thumb|250px|The 6502 CPU]] |
− | + | ||
− | The MOS Technology 6502 is an 8-bit microprocessor designed by Chuck Peddle for MOS Technology | + | The '''MOS Technology 6502''' is an 8-bit microprocessor designed by Chuck Peddle in 1975 for MOS Technology (later purchased by Commodore). Along with the [[Zilog]] [[Z80]], it sparked off a series of computer projects that would eventually result in the home computer revolution of the 1980s. The 6502 design was originally second-sourced by Rockwell and Synertek and later licensed to a number of companies; it is still made for embedded systems. |
− | + | Originally the CPC was destined to be designed around the 6502 processor. But when Amstrad approached [[Locomotive Software]] to develop a Basic for it with a very tight deadline, Locomotive PLC, who already had a Z80 Basic in the works, urged and convinced Amstrad to switch to the Z80. | |
− | + | Although there were definitely other CPUs in use in the 1980s, the vast majority of microcomputers people had at home or at the office used either a [[MOS 6502]] (or one of its variants), a Zilog [[Z80]], an early member of the [[Intel 8086]] family, or a [[Motorola 68000]]. | |
− | + | <br> | |
− | + | == History == | |
− | + | In 1973, Peddle worked at Motorola on developing the 6800 processor. Peddle recognized a market for a very low price microprocessor and began to champion such a design to complement the Motorola 6800. His efforts were frustrated by Motorola management and he was told to drop the project. He then left for MOS Technology, where he headed the design of the 6501. | |
− | + | The 6501 was pin-compatible with the 6800, meaning it could be used in the same systems without any changes. However, this led to legal trouble with Motorola, who argued that the 6501 infringed on their patents. | |
− | + | To resolve this, MOS Technology stopped producing the 6501 and introduced the 6502. While the 6502 was similar in design to the 6501 and 6800, it was no longer pin-compatible with the 6800, avoiding further legal issues. | |
− | + | Priced initially at just $25, the 6502 drastically undercut the Motorola 6800 and other competing processors like the Intel 8080, which were priced around $179 at the time. Motorola must have learnt from this lesson when they decided to sell the 68000 at $15 to Apple for the Macintosh in 1984. | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | == | + | <br> |
+ | |||
+ | == Description == | ||
+ | |||
+ | The 6502 microprocessor is an 8-bit CPU with an 8-bit ALU and a 16-bit address bus capable of direct access to 64KB of memory space. | ||
+ | |||
+ | Like the Z80, the 6502 is a little-endian CPU, meaning it reads 16-bit values with the least significant byte first, followed by the most significant byte. The 6502 has 151 instructions, which are composed of 56 distinct opcodes across various addressing modes. | ||
+ | |||
+ | The 6502 is an 8-bit CPU in the purest sense. Unlike the Z80, the 6502 does not have any 16-bit instructions and cannot pair its registers. To work with a 16-bit number you will need to split it in two and work with each half individually. | ||
+ | |||
+ | Although it lacks the raw processing power of processors like the Intel 80x86 or the Motorola 68000 series, the 6502 was known for its efficiency and affordability, making it a popular choice for embedded systems and early home computers. Its simple design contributed to lower manufacturing costs and simplified integration. | ||
+ | |||
+ | The 6502 chip is made up of 4528 transistors (3510 enhancement transistors and 1018 depletion pullup transistors) [https://www.righto.com/2013/09/intel-x86-documentation-has-more-pages.html Source]. | ||
+ | To put it into perspective, 64KB of DRAM contains 524288 transistors, as 1 bit of DRAM needs 1 transistor. The 6502 is mid-1970s technology while the 64KB DRAM is early-1980s technology. | ||
+ | |||
+ | Despite having so few transistors, the 6502 is generally considered at least twice as fast as the Z80 for the same clock speed [https://www.cpcwiki.eu/forum/amstrad-cpc-hardware/the-cpc-revision-zero-article/msg243843/ Source]. Four reasons explain this: | ||
+ | * The 6502 has an 8-bit ALU, while the Z80 uses a 4-bit ALU. | ||
+ | * The 6502 features a built-in clock doubler, allowing it to perform 1 internal operation and 1 memory access per cycle. | ||
+ | * On average, a 2MHz 6502 can make 2 memory accesses per microsecond, while a 4MHz Z80 can only make 1. | ||
+ | * The Z80 has more registers but has to do pretty much everything with them whilst the 6502 can directly use the first 256 bytes of memory for those jobs. | ||
+ | |||
+ | The 6502 and Z80 exemplify the fundamental differences between what would become known as RISC and CISC architectures. The 6502 was designed with a streamlined, minimal instruction set to achieve high execution speed. The Z80, on the other hand, incorporated a larger, more complex instruction set, aiming to make assembly programming more accessible and to create more compact programs. | ||
+ | |||
+ | The 6502 comes in a 40-pin DIP package. It has been produced by various manufacturers and used in a wide range of applications, from gaming consoles like the [[Atari 2600|Atari VCS]], [[Atari Lynx]], [[Nintendo Entertainment System]] and [[PC-Engine]] to personal computers like the [[Apple II]], [[BBC Micro]], [[Atari XL]], [[Oric]], [[VIC20]] and [[Commodore 64]]. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Register File == | ||
+ | |||
+ | {| class="wikitable" style="white-space: nowrap;" | ||
+ | ! Register !! Size !! Description !! Notes | ||
+ | |- | ||
+ | | A (Accumulator) || 8-bit || Main register for arithmetic, logic, and data transfer || Most operations use this register | ||
+ | |- | ||
+ | | X (Index Register X) || 8-bit || Used for indexing memory and loop counters || Can be used for addressing modes like Indexed Indirect, Zero Page Indexed, and Absolute Indexed | ||
+ | |- | ||
+ | | Y (Index Register Y) || 8-bit || Used for indexing memory and loop counters || Often used in Absolute and Zero Page Indexed addressing | ||
+ | |- | ||
+ | | P (Processor Status) || 8-bit || | ||
+ | * bit7 - NF - Negative Flag: 1 when result is negative | ||
+ | * bit6 - VF - Overflow Flag: 1 on signed overflow | ||
+ | * bit5 - Unused: always set to 1 | ||
+ | * bit4 - BF - Break Flag: 1 when pushed by instructions (BRK / PHP) and 0 when pushed by interrupts (NMI / IRQ) | ||
+ | * bit3 - DF - Decimal Mode Flag: 1 when CPU is in Decimal Mode | ||
+ | * bit2 - IF - Interrupt Disable Flag: when 1, no interrupt will occur (except BRK and NMI) | ||
+ | * bit1 - ZF - Zero Flag: 1 when all bits of a result are 0 | ||
+ | * bit0 - CF - Carry Flag: 1 on unsigned overflow | ||
+ | || Flags are affected by most operations. | ||
+ | The BF bit does not actually exist inside the 6502. The BF bit only exists in the status flag byte pushed to the stack. | ||
+ | |||
+ | When the flags are restored (via PLP or RTI), the BF bit is discarded. | ||
+ | |||
+ | PHP (Push Processor Status) and PLP (Pull Processor Status) can be used to set or retrieve P directly via the stack. | ||
+ | |||
+ | Interrupts (BRK / NMI / IRQ) implicitly push P to the stack. Interrupts returning with RTI will implicitly pull P from the stack. | ||
+ | |||
+ | The effect of toggling the IF flag is delayed by 1 instruction when caused by SEI, CLI, or PLP. | ||
+ | |- | ||
+ | | S (Stack Pointer) || 8-bit || Points to the current location in the stack || Stack is located in page 1 ($0100-$01FF), 8-bit S register is offset to this base | ||
+ | |- | ||
+ | | PC (Program Counter) || 16-bit || Points to the next instruction to be executed || Automatically increments as instructions are executed | ||
+ | |} | ||
+ | |||
+ | The 6502 also has internal latches and buffers used for address handling and instruction execution. For example: | ||
+ | *ABL/ABH: Address Bus Low/High, latches for the address bus. | ||
+ | *AI/BI: Input Registers for the ALU. | ||
+ | *IR: Instruction Register, holds the fetched instruction opcode byte while the CPU decodes and executes it. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Memory Access == | ||
+ | |||
+ | The address space that the 6502 uses is split into pages. There are 256 pages and each page is 256 bytes in size, ranging from page 0 to page 255. | ||
+ | |||
+ | In order to make up for the lack of registers, the 6502 includes a zero page addressing mode ($0000-$00FF) that uses only 1 address byte in the instruction instead of the 2 that are needed to address the full 64 KB of memory. This provides fast access to the first 256 bytes of RAM by using shorter instructions. | ||
+ | |||
+ | The stack is permanently located in page 1 ($0100-$01FF) and managed by the 8-bit stack pointer (S), with an initial value of $FF. It grows downward as data is pushed onto the stack. The stack has a 256-byte limit, and overflow occurs if not managed properly. | ||
+ | |||
+ | Instructions PHA and PHP push the accumulator and processor status onto the stack, while PLA and PLP pull them back. Subroutine calls with JSR store the return address on the stack, and RTS retrieves it to continue execution. Similarly, interrupts (BRK) push the program counter and status, while RTI restores them. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == I/O Access == | ||
+ | |||
+ | All I/O operations are memory-mapped. There are no port-based I/O instructions. Memory-mapped ports often have different properties than normal RAM: | ||
+ | |||
+ | * The contents of a port can be updated by the hardware. Reading a port will not always return the same value each time it is read | ||
+ | |||
+ | * It is also possible that reading a port will alter its contents, or alter the contents of other related ports | ||
+ | |||
+ | * A read-only port is what it sounds like. Attempting to write to this address will not affect the contents | ||
+ | |||
+ | * A write-only port can be written to, but reading it will result in undefined behaviour | ||
+ | |||
+ | * Using the ports with instructions other than the Load/Store ones can be very unintuitive | ||
+ | |||
+ | This is not all negative though. Memory-mapped I/O means that: | ||
+ | |||
+ | * The familiar instructions for accessing memory can be used for I/O, instead of learning a new set of instructions | ||
+ | |||
+ | * No need to learn the weird partial I/O address decoding rules | ||
+ | |||
+ | * Chips are directly accessible instead of being chained, like how the [[PSG|PSG chip]] has to be clumsily accessed through the [[8255|PPI chip]] | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Interrupts == | ||
+ | |||
+ | 6502 machines use the last 6 bytes of their address space to hold a vector table containing (in order) the addresses of the NMI routine, the program's start, and the IRQ routine. | ||
+ | |||
+ | On a RESET, the CPU loads the vector from $FFFC/$FFFD into the program counter and continues fetching instructions from there. | ||
+ | |||
+ | On an NMI, the CPU pushes the low byte and the high byte of the program counter as well as the processor status onto the stack, disables interrupts and loads the vector from $FFFA/$FFFB into the program counter and continues fetching instructions from there. | ||
+ | |||
+ | On an IRQ, the CPU does the same as in the NMI case, but uses the vector at $FFFE/$FFFF. | ||
+ | |||
+ | On a BRK instruction, the CPU does the same as in the IRQ case, but sets BF in the copy of the status register that is saved on the stack. | ||
+ | |||
+ | The priority sequence for interrupts, from top priority to bottom, is as follows: RESET, BRK, NMI, IRQ. [https://www.westerndesigncenter.com/wdc/documentation/w65c816s.pdf Source at chapter 7.19] | ||
+ | |||
+ | <br> | ||
+ | |||
+ | === Interrupt hijacking === | ||
+ | |||
+ | On NMOS, if NMI is asserted during the first 4 ticks of a BRK instruction, the BRK instruction will execute normally at first (PC increments will occur and P will be pushed with BF set to 1), but execution will branch to the NMI vector instead of the IRQ/BRK vector, effectively skipping the BRK instruction. On CMOS, this situation is correctly handled by executing BRK and then servicing the interrupt. | ||
+ | |||
+ | An IRQ can also hijack a BRK, though it won't be as visible since they use the same interrupt vector. | ||
+ | |||
+ | Similarly, an NMI can hijack an IRQ. But this is not usually a problem because the IRQ will normally still be asserted when the NMI returns and generate a new interrupt. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | === Branch instructions and Interrupts === | ||
+ | |||
+ | The branch instructions have subtle interrupt polling behaviour. When executing a branch instruction, the 6502 checks for interrupts before fetching the operand (cycle 2). | ||
+ | |||
+ | If the branch is taken (i.e., the CPU decides to jump), it does not check for interrupts again before proceeding unless the branch crosses a page boundary (like moving from memory address $01FF to $0200). | ||
+ | |||
+ | If the branch crosses a page boundary, the CPU checks for interrupts once more before fixing the program counter. | ||
+ | |||
+ | If an interrupt is detected at any of these points (before the operand fetch or the page boundary fixup), the CPU will handle the interrupt immediately, interrupting the branch execution. | ||
+ | |||
+ | This behaviour has not been fixed in the CMOS 65C02 as this is not really a bug. It's just a subtlety that one has to keep in mind when working with time-sensitive code. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Decimal Mode == | ||
+ | |||
+ | Decimal Mode allows ADC and SBC instructions to use Binary-Coded Decimal (BCD), where each nibble (4 bits) represents a decimal digit (0-9), instead of binary. | ||
+ | |||
+ | On NMOS, when Decimal Mode is on, the ADC and SBC instructions update NF, VF and ZF based on the binary result before the decimal correction is applied. Only CF is updated correctly. On CMOS, all the flags are updated correctly, at the cost of 1 additional cycle. | ||
+ | |||
+ | On NMOS, DF is not defined after RESET. On CMOS, DF is automatically cleared on RESET. | ||
+ | |||
+ | On NMOS, DF is unchanged when entering an interrupt of any kind. This can cause unexpected bugs in the interrupt handler if Decimal Mode is on when an interrupt occurs. On CMOS, DF is automatically cleared on interrupt. Upon returning from an interrupt, the processor restores the status register from the stack, including DF. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Half Cycles == | ||
+ | |||
+ | The 6502 divides each clock cycle into two phases (ϕ1 and ϕ2): | ||
+ | * During the ϕ1 half-cycle, no bus access occurs. This phase is dedicated to internal CPU operations. | ||
+ | * During the ϕ2 half-cycle, the CPU accesses the external bus for memory reads/writes or I/O operations. | ||
+ | |||
+ | The use of half-cycles ensures that memory and I/O devices have predictable timing windows when the CPU will access the bus, while still allowing the CPU to perform internal operations in parallel. | ||
+ | |||
+ | Unlike most microprocessors, the 6502 does not make memory accesses on an "as needed" basis. It always does a fetch or store on every single clock cycle. When there isn't anything to be fetched or stored, a "garbage" fetch or store occurs. This is mainly of importance with the memory-mapped I/O devices: | ||
+ | * On NMOS, when adding a carry to the MSB of an address, a fetch occurs at a garbage address. On CMOS, the last byte of the instruction is refetched. | ||
+ | * On NMOS, when doing a fetch-modify-store instruction (INC, DEC, ASL, LSR, ROL, ROR), garbage is stored into the location during the "modify" cycle... followed by the "real" store cycle which stores the correct data. On CMOS, a second fetch is performed instead of a garbage store. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Pipelining == | ||
+ | |||
+ | We have to dispel the myth of pipelining in the 6502. If we analyze its operation in half-cycles, we see that instruction execution is tightly bound to memory operations without any overlap between different instructions. | ||
+ | |||
+ | Each instruction follows a rigid sequence of steps, with no ability to fetch the next instruction while executing the current one. This means that the CPU cannot prefetch opcodes or operands ahead of time in the way a pipelined architecture would. | ||
+ | |||
+ | If we invert our perspective and consider ϕ2 as the first half-cycle and ϕ1 as the second, it becomes evident why pipelining does not exist on the 6502. | ||
+ | |||
+ | In fact, it's the other way around. If the previous instruction ends with a memory write, the CPU has to wait for a half-cycle before being able to fetch the next instruction on the next ϕ2 half-cycle. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Adressing Modes == | ||
+ | |||
+ | The 6502 uses only one addressing mode per instruction. | ||
+ | |||
+ | {| class="wikitable" | ||
+ | ! Addressing Mode !! Example !! Operation | ||
+ | |- | ||
+ | | Immediate || LDA #$EA || A ← $EA | ||
+ | |- | ||
+ | | Absolute || LDA $0314 || A ← M($0314) | ||
+ | |- | ||
+ | | Absolute,X || LDA $0314,X || A ← M($0314+X) | ||
+ | |- | ||
+ | | Absolute,Y || LDA $0314,Y || A ← M($0314+Y) | ||
+ | |- | ||
+ | | Zeropage || LDA $02 || A ← M($02) | ||
+ | |- | ||
+ | | Zeropage,X || LDA $02,X || A ← M($02+X) | ||
+ | |- | ||
+ | | Zeropage,Y || LDA $02,Y || A ← M($02+Y) | ||
+ | |- | ||
+ | | (Zeropage,X) || LDA ($02,X) || A ← M(PTR($02+X)) | ||
+ | |- | ||
+ | | (Zeropage),Y || LDA ($02),Y || A ← M(PTR($02)+Y) | ||
+ | |} | ||
+ | |||
+ | The Zero Page on the 6502 is a special area of memory from addresses $0000 to $00FF that act like pseudo registers. The 6502 provides optimized instructions that operate more efficiently when using addresses within the Zero Page. | ||
+ | |||
+ | Fun fact: the TMS9900 CPU took this further by having no onboard registers, except PC & status register. Everything was in RAM. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Instruction Execution Sequence == | ||
+ | |||
+ | For an instruction to fully execute, the 6502 goes through these key phases in order: | ||
+ | |||
+ | #Opcode Fetch | ||
+ | #Operand Fetch (if needed) | ||
+ | #Memory Read / I/O Read (if needed) | ||
+ | #Operation | ||
+ | #Memory Write / I/O Write (if needed) | ||
+ | #At the end of every instruction, the IRQ (if the interrupt disable flag is clear) and NMI pins are checked. | ||
+ | |||
+ | As an example, let M[$42]=$80, M[$43]=$10 and Y=$F1. Then the instruction LDA ($42),Y will execute as follow, with ϕ2 as the first half-cycle and ϕ1 as the second half-cycle: | ||
+ | *T0: Fetch opcode $B1 (LDA (zp),Y) from memory then increment PC | ||
+ | *T1: Fetch operand byte $42 (zero page pointer address) then increment PC | ||
+ | *T2: Get low byte from zero page ($80) then increment the zero page address | ||
+ | *T3: Get high byte from next zero page location ($10) then add the Y register value ($F1) to $1080 | ||
+ | *T4: Garbage fetch from memory address $1071 then handle page boundary crossing (since $1080 + $F1 crosses a page) | ||
+ | *T5: Read the value from memory address $1171 into the accumulator then no operation in the last half-cycle | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == NMOS 6502 Instruction Set == | ||
+ | |||
+ | Cycles are shown in parenthesis for each opcode. p=1 if page is crossed. t=1 if branch is taken. | ||
+ | |||
+ | === ALU instructions === | ||
+ | |||
+ | {| class="wikitable" style="white-space: nowrap;" | ||
+ | |- | ||
+ | ! rowspan=2|Mnemonic !! colspan=13|Addressing Modes !! colspan=6|Flags !! rowspan=2|Operation !! rowspan=2|Description | ||
+ | |- | ||
+ | ! ''No arg'' !! A !! #$nn !! $nnnn !! $nnnn,X !! $nnnn,Y !! ($nnnn) !! $nn !! $nn,X !! $nn,Y !! ($nn,X) !! ($nn),Y !! rel !! N !! V !! D !! I !! Z !! C | ||
+ | |- | ||
+ | | BIT || || || || 2C (4) || || || || 24 (3) || || || || || || N || V || - || - || Z || - || A ∧ M, M<sub>7</sub> → NF, M<sub>6</sub> → VF || test BITs | ||
+ | |- | ||
+ | | AND || || || 29 (2) || 2D (4) || 3D (4+p) || 39 (4+p) || || 25 (3) || 35 (4) || || 21 (6) || 31 (5+p) || || N || - || - || - || Z || - || A ∧ M → A || bitwise AND with accumulator | ||
+ | |- | ||
+ | | EOR || || || 49 (2) || 4D (4) || 5D (4+p) || 59 (4+p) || || 45 (3) || 55 (4) || || 41 (6) || 51 (5+p) || || N || - || - || - || Z || - || A ⊻ M → A || bitwise Exclusive OR | ||
+ | |- | ||
+ | | ORA || || || 09 (2) || 0D (4) || 1D (4+p) || 19 (4+p) || || 05 (3) || 15 (4) || || 01 (6) || 11 (5+p) || || N || - || - || - || Z || - || A ∨ M → A || bitwise OR with Accumulator | ||
+ | |- | ||
+ | | ADC || || || 69 (2) || 6D (4) || 7D (4+p) || 79 (4+p) || || 65 (3) || 75 (4) || || 61 (6) || 71 (5+p) || || N || V || - || - || Z || C || A + M + CF → A, CF || ADd with Carry | ||
+ | |- | ||
+ | | SBC || || || E9 (2) || ED (4) || FD (4+p) || F9 (4+p) || || E5 (3) || F5 (4) || || E1 (6) || F1 (5+p) || || N || V || - || - || Z || C || A - M - (1 - CF) → A || SuBtract with Carry | ||
+ | |- | ||
+ | | CMP || || || C9 (2) || CD (4) || DD (4+p) || D9 (4+p) || || C5 (3) || D5 (4) || || C1 (6) || D1 (5+p) || || N || - || - || - || Z || C || A - M || CoMPare accumulator | ||
+ | |- | ||
+ | | CPX || || || E0 (2) || EC (4) || || || || E4 (3) || || || || || || N || - || - || - || Z || C || X - M || ComPare X register | ||
+ | |- | ||
+ | | CPY || || || C0 (2) || CC (4) || || || || C4 (3) || || || || || || N || - || - || - || Z || C || Y - M || ComPare Y register | ||
+ | |- | ||
+ | | ASL || || 0A (2) || || 0E (6) || 1E (7) || || || 06 (5) || 16 (6) || || || || || N || - || - || - || Z || C || CF ← /M<sub>7</sub>...M<sub>0</sub>/ ← 0 || Arithmetic Shift Left | ||
+ | |- | ||
+ | | LSR || || 4A (2) || || 4E (6) || 5E (7) || || || 46 (5) || 56 (6) || || || || || 0 || - || - || - || Z || C || 0 → /M<sub>7</sub>...M<sub>0</sub>/ → CF || Logical Shift Right | ||
+ | |- | ||
+ | | ROL || || 2A (2) || || 2E (6) || 3E (7) || || || 26 (5) || 36 (6) || || || || || N || - || - || - || Z || C || CF ← /M<sub>7</sub>...M<sub>0</sub>/ ← CF || ROtate Left | ||
+ | |- | ||
+ | | ROR || || 6A (2) || || 6E (6) || 7E (7) || || || 66 (5) || 76 (6) || || || || || N || - || - || - || Z || C || CF → /M<sub>7</sub>...M<sub>0</sub>/ → CF || ROtate Right | ||
+ | |- | ||
+ | | DEC || || || || CE (6) || DE (7) || || || C6 (5) || D6 (6) || || || || || N || - || - || - || Z || - || M - 1 → M || DECrement memory | ||
+ | |- | ||
+ | | INC || || || || EE (6) || FE (7) || || || E6 (5) || F6 (6) || || || || || N || - || - || - || Z || - || M + 1 → M || INCrement memory | ||
+ | |- | ||
+ | | DEX || CA (2) || || || || || || || || || || || || || N || - || - || - || Z || - || X - 1 → X || DEcrement X | ||
+ | |- | ||
+ | | DEY || 88 (2) || || || || || || || || || || || || || N || - || - || - || Z || - || Y - 1 → Y || DEcrement Y | ||
+ | |- | ||
+ | | INX || E8 (2) || || || || || || || || || || || || || N || - || - || - || Z || - || X + 1 → X || INcrement X | ||
+ | |- | ||
+ | | INY || C8 (2) || || || || || || || || || || || || || N || - || - || - || Z || - || Y + 1 → Y || INcrement Y | ||
+ | |} | ||
+ | |||
+ | === Move instructions === | ||
+ | |||
+ | {| class="wikitable" style="white-space: nowrap;" | ||
+ | |- | ||
+ | ! rowspan=2|Mnemonic !! colspan=12|Addressing Modes !! colspan=6|Flags !! rowspan=2|Operation !! rowspan=2|Description | ||
+ | |- | ||
+ | ! ''No arg'' !! #$nn !! $nnnn !! $nnnn,X !! $nnnn,Y !! ($nnnn) !! $nn !! $nn,X !! $nn,Y !! ($nn,X) !! ($nn),Y !! rel !! N !! V !! D !! I !! Z !! C | ||
+ | |- | ||
+ | | LDA || || A9 (2) || AD (4) || BD (4+p) || B9 (4+p) || || A5 (3) || B5 (4) || || A1 (6) || B1 (5+p) || || N || - || - || - || Z || - || M → A || LoaD Accumulator | ||
+ | |- | ||
+ | | LDX || || A2 (2) || AE (4) || || BE (4+p) || || A6 (3) || || B6 (4) || || || || N || - || - || - || Z || - || M → X || LoaD X register | ||
+ | |- | ||
+ | | LDY || || A0 (2) || AC (4) || BC (4+p) || || || A4 (3) || B4 (4) || || || || || N || - || - || - || Z || - || M → Y || LoaD Y register | ||
+ | |- | ||
+ | | STA || || || 8D (4) || 9D (5) || 99 (5) || || 85 (3) || 95 (4) || || 81 (6) || 91 (6) || || - || - || - || - || - || - || A → M || STore Accumulator | ||
+ | |- | ||
+ | | STX || || || 8E (4) || || || || 86 (3) || || 96 (4) || || || || - || - || - || - || - || - || X → M || STore X register | ||
+ | |- | ||
+ | | STY || || || 8C (4) || || || || 84 (3) || 94 (4) || || || || || - || - || - || - || - || - || Y → M || STore Y register | ||
+ | |- | ||
+ | | TAX || AA (2) || || || || || || || || || || || || N || - || - || - || Z || - || A → X || Transfer A to X | ||
+ | |- | ||
+ | | TXA || 8A (2) || || || || || || || || || || || || N || - || - || - || Z || - || X → A || Transfer X to A | ||
+ | |- | ||
+ | | TAY || A8 (2) || || || || || || || || || || || || N || - || - || - || Z || - || A → Y || Transfer A to Y | ||
+ | |- | ||
+ | | TYA || 98 (2) || || || || || || || || || || || || N || - || - || - || Z || - || Y → A || Transfer Y to A | ||
+ | |- | ||
+ | | TSX || BA (2) || || || || || || || || || || || || N || - || - || - || Z || - || S → X || Transfer Stack pointer to X | ||
+ | |- | ||
+ | | TXS || 9A (2) || || || || || || || || || || || || - || - || - || - || - || - || X → S || Transfer X to Stack pointer | ||
+ | |- | ||
+ | | PLP || 28 (4) || || || || || || || || || || || || N || V || D || I || Z || C || (S)↑ → P || PuLl Processor status | ||
+ | |- | ||
+ | | PLA || 68 (4) || || || || || || || || || || || || N || - || - || - || Z || - || (S)↑ → A || PuLl Accumulator | ||
+ | |- | ||
+ | | PHP || 08 (3) || || || || || || || || || || || || - || - || - || - || - || - || P↓ || PusH Processor status | ||
+ | |- | ||
+ | | PHA || 48 (3) || || || || || || || || || || || || - || - || - || - || - || - || A↓ || PusH Accumulator | ||
+ | |} | ||
+ | |||
+ | === Jump and Flag instructions === | ||
+ | |||
+ | {| class="wikitable" style="white-space: nowrap;" | ||
+ | |- | ||
+ | ! rowspan=2|Mnemonic !! colspan=12|Addressing Modes !! colspan=6|Flags !! rowspan=2|Operation !! rowspan=2|Description | ||
+ | |- | ||
+ | ! ''No arg'' !! #$nn !! $nnnn !! $nnnn,X !! $nnnn,Y !! ($nnnn) !! $nn !! $nn,X !! $nn,Y !! ($nn,X) !! ($nn),Y !! rel !! N !! V !! D !! I !! Z !! C | ||
+ | |- | ||
+ | | JMP || || || 4C (3) || || || 6C (5) || || || || || || || - || - || - || - || - || - || [PC + 1] → PCL, [PC + 2] → PCH || JuMP | ||
+ | |- | ||
+ | | JSR || || || 20 (6) || || || || || || || || || || - || - || - || - || - || - || PC + 2↓, [PC + 1] → PCL, [PC + 2] → PCH || Jump to SubRoutine | ||
+ | |- | ||
+ | | RTS || 60 (6) || || || || || || || || || || || || - || - || - || - || - || - || (S)↑ → PCL, (S)↑ → PCH, PC + 1 → PC || ReTurn from Subroutine | ||
+ | |- | ||
+ | | RTI || 40 (6) || || || || || || || || || || || || N || V || D || I || Z || C || (S)↑ → P, (S)↑ → PCL, (S)↑ → PCH || ReTurn from Interrupt | ||
+ | |- | ||
+ | | BRK || 00 (7) || || || || || || || || || || || || - || - || - || 1 || - || - || PC + 2↓, [FFFE] → PCL, [FFFF] → PCH || BReaK | ||
+ | |- | ||
+ | | SEI || 78 (2) || || || || || || || || || || || || - || - || - || 1 || - || - || 1 → IF || SEt Interrupt flag | ||
+ | |- | ||
+ | | CLI || 58 (2) || || || || || || || || || || || || - || - || - || 0 || - || - || 0 → IF || CLear Interrupt flag | ||
+ | |- | ||
+ | | SEC || 38 (2) || || || || || || || || || || || || - || - || - || - || - || 1 || 1 → CF || SEt Carry flag | ||
+ | |- | ||
+ | | CLC || 18 (2) || || || || || || || || || || || || - || - || - || - || - || 0 || 0 → CF || CLear Carry flag | ||
+ | |- | ||
+ | | SED || F8 (2) || || || || || || || || || || || || - || - || 1 || - || - || - || 1 → DF || SEt Decimal flag | ||
+ | |- | ||
+ | | CLD || D8 (2) || || || || || || || || || || || || - || - || 0 || - || - || - || 0 → DF || CLear Decimal flag | ||
+ | |- | ||
+ | | CLV || B8 (2) || || || || || || || || || || || || - || 0 || - || - || - || - || 0 → VF || CLear oVerflow flag | ||
+ | |- | ||
+ | | NOP || EA (2) || || || || || || || || || || || || - || - || - || - || - || - || No operation || No OPeration | ||
+ | |- | ||
+ | | BPL || || || || || || || || || || || || 10 (2+t+p) || - || - || - || - || - || - || Branch on NF = 0 || Branch on PLus | ||
+ | |- | ||
+ | | BMI || || || || || || || || || || || || 30 (2+t+p) || - || - || - || - || - || - || Branch on NF = 1 || Branch on MInus | ||
+ | |- | ||
+ | | BVC || || || || || || || || || || || || 50 (2+t+p) || - || - || - || - || - || - || Branch on VF = 0 || Branch on oVerflow Clear | ||
+ | |- | ||
+ | | BVS || || || || || || || || || || || || 70 (2+t+p) || - || - || - || - || - || - || Branch on VF = 1 || Branch on oVerflow Set | ||
+ | |- | ||
+ | | BCC || || || || || || || || || || || || 90 (2+t+p) || - || - || - || - || - || - || Branch on CF = 0 || Branch on Carry Clear | ||
+ | |- | ||
+ | | BCS || || || || || || || || || || || || B0 (2+t+p) || - || - || - || - || - || - || Branch on CF = 1 || Branch on Carry Set | ||
+ | |- | ||
+ | | BNE || || || || || || || || || || || || D0 (2+t+p) || - || - || - || - || - || - || Branch on ZF = 0 || Branch on Not Equal | ||
+ | |- | ||
+ | | BEQ || || || || || || || || || || || || F0 (2+t+p) || - || - || - || - || - || - || Branch on ZF = 1 || Branch on EQual | ||
+ | |} | ||
+ | |||
+ | === Illegal instructions === | ||
+ | |||
+ | A lot of these illegal instructions involve a bitwise AND operation, which is a side effect of the open-drain behavior of NMOS logic. When two instructions put a value on the bus at the same time, this creates a bus conflict resulting effectively in an AND operation. The lower voltage wins because transistors can pull down stronger than resistors can pull up. | ||
+ | |||
+ | {| class="wikitable" style="white-space: nowrap;" | ||
+ | |- | ||
+ | ! rowspan=2|Mnemonic !! colspan=10|Addressing Modes !! colspan=6|Flags !! rowspan=2|Operation !! rowspan=2|Description | ||
+ | |- | ||
+ | ! ''No arg'' !! #$nn !! $nnnn !! $nnnn,X !! $nnnn,Y !! $nn !! $nn,X !! $nn,Y !! ($nn,X) !! ($nn),Y !! N !! V !! D !! I !! Z !! C | ||
+ | |- | ||
+ | | DCP (DCM) || || || CF (6) || DF (7) || DB (7) || C7 (5) || D7 (6) || || C3 (8) || D3 (8) || N || - || - || - || Z || C || M - 1 -> M, A - M || DEC oper + CMP oper | ||
+ | |- | ||
+ | | ISC (ISB, INS) || || || EF (6) || FF (7) || FB (7) || E7 (5) || F7 (6) || || E3 (8) || F3 (8) || N || V || - || - || Z || C || M + 1 -> M, A - M - CF -> A || INC oper + SBC oper | ||
+ | |- | ||
+ | | RLA || || || 2F (6) || 3F (7) || 3B (7) || 27 (5) || 37 (6) || || 23 (8) || 33 (8) || N || - || - || - || Z || C || M = CF <- [76543210] <- CF, A AND M -> A || ROL oper + AND oper | ||
+ | |- | ||
+ | | RRA || || || 6F (6) || 7F (7) || 7B (7) || 67 (5) || 77 (6) || || 63 (8) || 73 (8) || N || V || - || - || Z || C || M = CF -> [76543210] -> CF, A + M + CF -> A, CF || ROR oper + ADC oper | ||
+ | |- | ||
+ | | SLO (ASO) || || || 0F (6) || 1F (7) || 1B (7) || 07 (5) || 17 (6) || || 03 (8) || 13 (8) || N || - || - || - || Z || C || M = CF <- [76543210] <- 0, A OR M -> A || ASL oper + ORA oper | ||
+ | |- | ||
+ | | SRE (LSE) || || || 4F (6) || 5F (7) || 5B (7) || 47 (5) || 57 (6) || || 43 (8) || 53 (8) || N || - || - || - || Z || C || M = 0 -> [76543210] -> CF, A EOR M -> A || LSR oper + EOR oper | ||
+ | |- | ||
+ | | LAX || || || AF (4) || || BF (4+p) || A7 (3) || || B7 (4) || A3 (6) || B3 (5+p) || N || - || - || - || Z || - || M -> A -> X || LDA oper + LDX oper | ||
+ | |- | ||
+ | | SAX (AXS, AAX) || || || 8F (4) || || || 87 (3) || || 97 (4) || 83 (6) || || - || - || - || - || - || - || A AND X -> M || Stores the bitwise AND of A and X | ||
+ | |- | ||
+ | | LAS (LAR) || || || || || BB (4+p) || || || || || || N || - || - || - || Z || - || M AND SP -> A, X, SP || LDA/TSX oper | ||
+ | |- | ||
+ | | TAS (XAS, SHS) || || || || || style="color: #CC0000;"|'''9B''' (5) || || || || || || - || - || - || - || - || - || A AND X -> SP, A AND X AND (H+1) -> M || Puts A AND X in SP and stores A AND X AND (high-byte of addr + 1) at addr | ||
+ | unstable: sometimes 'AND (H+1)' is dropped, page boundary crossings may not work | ||
+ | |- | ||
+ | | SHA (AHX, AXA) || || || || || style="color: #CC0000;"|'''9F''' (5) || || || || || style="color: #CC0000;"|'''93''' (6) || - || - || - || - || - || - || A AND X AND (H+1) -> M || Stores A AND X AND (high-byte of addr + 1) at addr | ||
+ | unstable: sometimes 'AND (H+1)' is dropped, page boundary crossings may not work | ||
+ | |- | ||
+ | | SHX (A11, SXA, XAS) || || || || || style="color: #CC0000;"|'''9E''' (5) || || || || || || - || - || - || - || - || - || X AND (H+1) -> M || Stores X AND (high-byte of addr + 1) at addr | ||
+ | unstable: sometimes 'AND (H+1)' is dropped, page boundary crossings may not work | ||
+ | |- | ||
+ | | SHY (SYA, SAY) || || || || style="color: #CC0000;"|'''9C''' (5) || || || || || || || - || - || - || - || - || - || Y AND (H+1) -> M || Stores Y AND (high-byte of addr + 1) at addr | ||
+ | unstable: sometimes 'AND (H+1)' is dropped, page boundary crossings may not work | ||
+ | |- | ||
+ | | ANE (XAA) || || style="color: #CC0000;"|'''8B''' (2) || || || || || || || || || N || - || - || - || Z || - || (A OR magic) AND X AND oper -> A || * AND X + AND oper | ||
+ | highly unstable: involves a 'magic' constant that depends on temperature, the chip series, and maybe other factors. | ||
+ | |||
+ | Turrican 3 on C64 requires a different magic constant than $EE for ANE. $EF is recommended by Groepaz (VICE team) | ||
+ | |- | ||
+ | | LXA (LAX) || || style="color: #CC0000;"|'''AB''' (2) || || || || || || || || || N || - || - || - || Z || - || (A OR magic) AND oper -> A -> X || Store * AND oper in A and X | ||
+ | highly unstable: involves a 'magic' constant that depends on temperature, the chip series, and maybe other factors. | ||
+ | |||
+ | Wizball on C64 requires a $EE magic constant for LXA | ||
+ | |- | ||
+ | | ALR (ASR) || || 4B (2) || || || || || || || || || 0 || - || - || - || Z || C || A AND oper, 0 -> [76543210] -> CF || AND oper + LSR | ||
+ | |- | ||
+ | | ARR || || 6B (2) || || || || || || || || || N || V || - || - || Z || C || A AND oper, CF -> [76543210] -> CF || AND oper + ROR | ||
+ | |- | ||
+ | | ANC || || 0B (2) || || || || || || || || || N || - || - || - || Z || C || A AND oper, bit(7) -> CF || AND oper + set CF as ASL | ||
+ | |- | ||
+ | | ANC2 || || 2B (2) || || || || || || || || || N || - || - || - || Z || C || A AND oper, bit(7) -> CF || AND oper + set CF as ROL | ||
+ | |- | ||
+ | | SBX (AXS, SAX) || || CB (2) || || || || || || || || || N || - || - || - || Z || C || (A AND X) - oper -> X || CMP and DEX at once, sets flags like CMP | ||
+ | |- | ||
+ | | USBC (SBC) || || EB (2) || || || || || || || || || N || V || - || - || Z || C || A - M - ~CF -> A || SBC oper + NOP | ||
+ | |- | ||
+ | | JAM (KIL, HLT) || 02, 12, 22, | ||
+ | 32, 42, 52, | ||
+ | |||
+ | 62, 72, 92, | ||
+ | |||
+ | B2, D2, F2 (X) | ||
+ | || || || || || || || || || || - || - || - || - || - || - || Stop execution || Halt the CPU. The processor will be trapped infinitely in T1 phase with $FF on the data bus. Reset required. | ||
+ | |- | ||
+ | | NOP (DOP, TOP) || 1A, 3A, 5A, | ||
+ | 7A, DA, FA (2) | ||
+ | || 80, 82, 89, | ||
+ | C2, E2 (2) | ||
+ | || 0C (4) || 1C, 3C, 5C, | ||
+ | 7C, DC, FC (4+p) | ||
+ | || || 04, 44, 64 (3) || 14, 34, 54, | ||
+ | 74, D4, F4 (4) | ||
+ | || || || || - || - || - || - || - || - || No operation || No Operation | ||
+ | |} | ||
+ | |||
+ | Opcodes in red are unstable. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Opcodes == | ||
+ | |||
+ | The 6502 follows a 3-3-2 opcode bit pattern. If we arrange the opcode table in a slightly different way than it is usually done, we can observe some interesting symmetries: | ||
+ | |||
+ | {| style="white-space: nowrap;" | ||
+ | |- | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 00 || BRK | ||
+ | |- | ||
+ | | 04 xx || '''NOP ''zpg''''' | ||
+ | |- | ||
+ | | 08 || PHP | ||
+ | |- | ||
+ | | 0C xx xx || '''NOP ''abs''''' | ||
+ | |- | ||
+ | | 10 xx || BPL ''rel'' | ||
+ | |- | ||
+ | | 14 xx || '''NOP ''zpg'',X''' | ||
+ | |- | ||
+ | | 18 || CLC | ||
+ | |- | ||
+ | | 1C xx xx || '''NOP ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 20 xx xx || JSR ''abs'' | ||
+ | |- | ||
+ | | 24 xx || BIT ''zpg'' | ||
+ | |- | ||
+ | | 28 || PLP | ||
+ | |- | ||
+ | | 2C xx xx || BIT ''abs'' | ||
+ | |- | ||
+ | | 30 xx || BMI ''rel'' | ||
+ | |- | ||
+ | | 34 xx || '''NOP ''zpg'',X''' | ||
+ | |- | ||
+ | | 38 || SEC | ||
+ | |- | ||
+ | | 3C xx xx || '''NOP ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 40 || RTI | ||
+ | |- | ||
+ | | 44 xx || '''NOP ''zpg''''' | ||
+ | |- | ||
+ | | 48 || PHA | ||
+ | |- | ||
+ | | 4C xx xx || JMP ''abs'' | ||
+ | |- | ||
+ | | 50 xx || BVC ''rel'' | ||
+ | |- | ||
+ | | 54 xx || '''NOP ''zpg'',X''' | ||
+ | |- | ||
+ | | 58 || CLI | ||
+ | |- | ||
+ | | 5C xx xx || '''NOP ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 60 || RTS | ||
+ | |- | ||
+ | | 64 xx || '''NOP ''zpg''''' | ||
+ | |- | ||
+ | | 68 || PLA | ||
+ | |- | ||
+ | | 6C xx xx || JMP ''ind'' | ||
+ | |- | ||
+ | | 70 xx || BVS ''rel'' | ||
+ | |- | ||
+ | | 74 xx || '''NOP ''zpg'',X''' | ||
+ | |- | ||
+ | | 78 || SEI | ||
+ | |- | ||
+ | | 7C xx xx || '''NOP ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 80 xx || '''NOP #''' | ||
+ | |- | ||
+ | | 84 xx || STY ''zpg'' | ||
+ | |- | ||
+ | | 88 || DEY | ||
+ | |- | ||
+ | | 8C xx xx || STY ''abs'' | ||
+ | |- | ||
+ | | 90 xx || BCC ''rel'' | ||
+ | |- | ||
+ | | 94 xx || STY ''zpg'',X | ||
+ | |- | ||
+ | | 98 || TYA | ||
+ | |- | ||
+ | | 9C xx xx ||style="color: #CC0000;"|'''SHY ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | A0 xx || LDY # | ||
+ | |- | ||
+ | | A4 xx || LDY ''zpg'' | ||
+ | |- | ||
+ | | A8 || TAY | ||
+ | |- | ||
+ | | AC xx xx || LDY ''abs'' | ||
+ | |- | ||
+ | | B0 xx || BCS ''rel'' | ||
+ | |- | ||
+ | | B4 xx || LDY ''zpg'',X | ||
+ | |- | ||
+ | | B8 || CLV | ||
+ | |- | ||
+ | | BC xx xx || LDY ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | C0 xx || CPY # | ||
+ | |- | ||
+ | | C4 xx || CPY ''zpg'' | ||
+ | |- | ||
+ | | C8 || INY | ||
+ | |- | ||
+ | | CC xx xx || CPY ''abs'' | ||
+ | |- | ||
+ | | D0 xx || BNE ''rel'' | ||
+ | |- | ||
+ | | D4 xx || '''NOP ''zpg'',X''' | ||
+ | |- | ||
+ | | D8 || CLD | ||
+ | |- | ||
+ | | DC xx xx || '''NOP ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | E0 xx || CPX # | ||
+ | |- | ||
+ | | E4 xx || CPX ''zpg'' | ||
+ | |- | ||
+ | | E8 || INX | ||
+ | |- | ||
+ | | EC xx xx || CPX ''abs'' | ||
+ | |- | ||
+ | | F0 xx || BEQ ''rel'' | ||
+ | |- | ||
+ | | F4 xx || '''NOP ''zpg'',X''' | ||
+ | |- | ||
+ | | F8 || SED | ||
+ | |- | ||
+ | | FC xx xx || '''NOP ''abs'',X''' | ||
+ | |} | ||
+ | |} | ||
+ | |||
+ | {| style="white-space: nowrap;" | ||
+ | |- | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 01 xx || ORA (''zpg'',X) | ||
+ | |- | ||
+ | | 05 xx || ORA ''zpg'' | ||
+ | |- | ||
+ | | 09 xx || ORA # | ||
+ | |- | ||
+ | | 0D xx xx || ORA ''abs'' | ||
+ | |- | ||
+ | | 11 xx || ORA (''zpg''),Y | ||
+ | |- | ||
+ | | 15 xx || ORA ''zpg'',X | ||
+ | |- | ||
+ | | 19 xx xx || ORA ''abs'',Y | ||
+ | |- | ||
+ | | 1D xx xx || ORA ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 21 xx || AND (''zpg'',X) | ||
+ | |- | ||
+ | | 25 xx || AND ''zpg'' | ||
+ | |- | ||
+ | | 29 xx || AND # | ||
+ | |- | ||
+ | | 2D xx xx || AND ''abs'' | ||
+ | |- | ||
+ | | 31 xx || AND (''zpg''),Y | ||
+ | |- | ||
+ | | 35 xx || AND ''zpg'',X | ||
+ | |- | ||
+ | | 39 xx xx || AND ''abs'',Y | ||
+ | |- | ||
+ | | 3D xx xx || AND ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 41 xx || EOR (''zpg'',X) | ||
+ | |- | ||
+ | | 45 xx || EOR ''zpg'' | ||
+ | |- | ||
+ | | 49 xx || EOR # | ||
+ | |- | ||
+ | | 4D xx xx || EOR ''abs'' | ||
+ | |- | ||
+ | | 51 xx || EOR (''zpg''),Y | ||
+ | |- | ||
+ | | 55 xx || EOR ''zpg'',X | ||
+ | |- | ||
+ | | 59 xx xx || EOR ''abs'',Y | ||
+ | |- | ||
+ | | 5D xx xx || EOR ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 61 xx || ADC (''zpg'',X) | ||
+ | |- | ||
+ | | 65 xx || ADC ''zpg'' | ||
+ | |- | ||
+ | | 69 xx || ADC # | ||
+ | |- | ||
+ | | 6D xx xx || ADC ''abs'' | ||
+ | |- | ||
+ | | 71 xx || ADC (''zpg''),Y | ||
+ | |- | ||
+ | | 75 xx || ADC ''zpg'',X | ||
+ | |- | ||
+ | | 79 xx xx || ADC ''abs'',Y | ||
+ | |- | ||
+ | | 7D xx xx || ADC ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 81 xx || STA (''zpg'',X) | ||
+ | |- | ||
+ | | 85 xx || STA ''zpg'' | ||
+ | |- | ||
+ | | 89 xx || '''NOP #''' | ||
+ | |- | ||
+ | | 8D xx xx || STA ''abs'' | ||
+ | |- | ||
+ | | 91 xx || STA (''zpg''),Y | ||
+ | |- | ||
+ | | 95 xx || STA ''zpg'',X | ||
+ | |- | ||
+ | | 99 xx xx || STA ''abs'',Y | ||
+ | |- | ||
+ | | 9D xx xx || STA ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | A1 xx || LDA (''zpg'',X) | ||
+ | |- | ||
+ | | A5 xx || LDA ''zpg'' | ||
+ | |- | ||
+ | | A9 xx || LDA # | ||
+ | |- | ||
+ | | AD xx xx || LDA ''abs'' | ||
+ | |- | ||
+ | | B1 xx || LDA (''zpg''),Y | ||
+ | |- | ||
+ | | B5 xx || LDA ''zpg'',X | ||
+ | |- | ||
+ | | B9 xx xx || LDA ''abs'',Y | ||
+ | |- | ||
+ | | BD xx xx || LDA ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | C1 xx || CMP (''zpg'',X) | ||
+ | |- | ||
+ | | C5 xx || CMP ''zpg'' | ||
+ | |- | ||
+ | | C9 xx || CMP # | ||
+ | |- | ||
+ | | CD xx xx || CMP ''abs'' | ||
+ | |- | ||
+ | | D1 xx || CMP (''zpg''),Y | ||
+ | |- | ||
+ | | D5 xx || CMP ''zpg'',X | ||
+ | |- | ||
+ | | D9 xx xx|| CMP ''abs'',Y | ||
+ | |- | ||
+ | | DD xx xx || CMP ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | E1 xx || SBC (''zpg'',X) | ||
+ | |- | ||
+ | | E5 xx || SBC ''zpg'' | ||
+ | |- | ||
+ | | E9 xx || SBC # | ||
+ | |- | ||
+ | | ED xx xx || SBC ''abs'' | ||
+ | |- | ||
+ | | F1 xx || SBC (''zpg''),Y | ||
+ | |- | ||
+ | | F5 xx || SBC ''zpg'',X | ||
+ | |- | ||
+ | | F9 xx xx || SBC ''abs'',Y | ||
+ | |- | ||
+ | | FD xx xx || SBC ''abs'',X | ||
+ | |} | ||
+ | |} | ||
+ | |||
+ | {| style="white-space: nowrap;" | ||
+ | |- | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 02 || '''JAM''' | ||
+ | |- | ||
+ | | 06 xx || ASL ''zpg'' | ||
+ | |- | ||
+ | | 0A || ASL A | ||
+ | |- | ||
+ | | 0E xx xx || ASL ''abs'' | ||
+ | |- | ||
+ | | 12 || '''JAM''' | ||
+ | |- | ||
+ | | 16 xx || ASL ''zpg'',X | ||
+ | |- | ||
+ | | 1A || '''NOP''' | ||
+ | |- | ||
+ | | 1E xx xx || ASL ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 22 || '''JAM''' | ||
+ | |- | ||
+ | | 26 xx || ROL ''zpg'' | ||
+ | |- | ||
+ | | 2A || ROL A | ||
+ | |- | ||
+ | | 2E xx xx || ROL ''abs'' | ||
+ | |- | ||
+ | | 32 || '''JAM''' | ||
+ | |- | ||
+ | | 36 xx || ROL ''zpg'',X | ||
+ | |- | ||
+ | | 3A || '''NOP''' | ||
+ | |- | ||
+ | | 3E xx xx || ROL ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 42 || '''JAM''' | ||
+ | |- | ||
+ | | 46 xx || LSR ''zpg'' | ||
+ | |- | ||
+ | | 4A || LSR A | ||
+ | |- | ||
+ | | 4E xx xx || LSR ''abs'' | ||
+ | |- | ||
+ | | 52 || '''JAM''' | ||
+ | |- | ||
+ | | 56 xx || LSR ''zpg'',X | ||
+ | |- | ||
+ | | 5A || '''NOP''' | ||
+ | |- | ||
+ | | 5E xx xx || LSR ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 62 || '''JAM''' | ||
+ | |- | ||
+ | | 66 xx || ROR ''zpg'' | ||
+ | |- | ||
+ | | 6A || ROR A | ||
+ | |- | ||
+ | | 6E xx xx || ROR ''abs'' | ||
+ | |- | ||
+ | | 72 || '''JAM''' | ||
+ | |- | ||
+ | | 76 xx || ROR ''zpg'',X | ||
+ | |- | ||
+ | | 7A || '''NOP''' | ||
+ | |- | ||
+ | | 7E xx xx || ROR ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 82 xx || '''NOP #''' | ||
+ | |- | ||
+ | | 86 xx || STX ''zpg'' | ||
+ | |- | ||
+ | | 8A || TXA | ||
+ | |- | ||
+ | | 8E xx xx || STX ''abs'' | ||
+ | |- | ||
+ | | 92 || '''JAM''' | ||
+ | |- | ||
+ | | 96 xx || STX ''zpg'',Y | ||
+ | |- | ||
+ | | 9A || TXS | ||
+ | |- | ||
+ | | 9E xx xx ||style="color: #CC0000;"|'''SHX ''abs'',Y''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | A2 xx || LDX # | ||
+ | |- | ||
+ | | A6 xx || LDX ''zpg'' | ||
+ | |- | ||
+ | | AA || TAX | ||
+ | |- | ||
+ | | AE xx xx || LDX ''abs'' | ||
+ | |- | ||
+ | | B2 || '''JAM''' | ||
+ | |- | ||
+ | | B6 xx || LDX ''zpg'',Y | ||
+ | |- | ||
+ | | BA || TSX | ||
+ | |- | ||
+ | | BE xx xx || LDX ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | C2 xx || '''NOP #''' | ||
+ | |- | ||
+ | | C6 xx || DEC ''zpg'' | ||
+ | |- | ||
+ | | CA || DEX | ||
+ | |- | ||
+ | | CE xx xx || DEC ''abs'' | ||
+ | |- | ||
+ | | D2 || '''JAM''' | ||
+ | |- | ||
+ | | D6 xx || DEC ''zpg'',X | ||
+ | |- | ||
+ | | DA || '''NOP''' | ||
+ | |- | ||
+ | | DE xx xx || DEC ''abs'',X | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | E2 xx || '''NOP #''' | ||
+ | |- | ||
+ | | E6 xx || INC ''zpg'' | ||
+ | |- | ||
+ | | EA || NOP | ||
+ | |- | ||
+ | | EE xx xx || INC ''abs'' | ||
+ | |- | ||
+ | | F2 || '''JAM''' | ||
+ | |- | ||
+ | | F6 xx || INC ''zpg'',X | ||
+ | |- | ||
+ | | FA || '''NOP''' | ||
+ | |- | ||
+ | | FE xx xx || INC ''abs'',X | ||
+ | |} | ||
+ | |} | ||
+ | |||
+ | {| style="white-space: nowrap;" | ||
+ | |- | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 03 xx || '''SLO (''zpg'',X)''' | ||
+ | |- | ||
+ | | 07 xx || '''SLO ''zpg''''' | ||
+ | |- | ||
+ | | 0B xx || '''ANC #''' | ||
+ | |- | ||
+ | | 0F xx xx || '''SLO ''abs''''' | ||
+ | |- | ||
+ | | 13 xx || '''SLO (''zpg''),Y''' | ||
+ | |- | ||
+ | | 17 xx || '''SLO ''zpg'',X''' | ||
+ | |- | ||
+ | | 1B xx xx || '''SLO ''abs'',Y''' | ||
+ | |- | ||
+ | | 1F xx xx || '''SLO ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 23 xx || '''RLA (''zpg'',X)''' | ||
+ | |- | ||
+ | | 27 xx || '''RLA ''zpg''''' | ||
+ | |- | ||
+ | | 2B xx || '''ANC #''' | ||
+ | |- | ||
+ | | 2F xx xx || '''RLA ''abs''''' | ||
+ | |- | ||
+ | | 33 xx || '''RLA (''zpg''),Y''' | ||
+ | |- | ||
+ | | 37 xx || '''RLA ''zpg'',X''' | ||
+ | |- | ||
+ | | 3B xx xx || '''RLA ''abs'',Y''' | ||
+ | |- | ||
+ | | 3F xx xx || '''RLA ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 43 xx || '''SRE (''zpg'',X)''' | ||
+ | |- | ||
+ | | 47 xx || '''SRE ''zpg''''' | ||
+ | |- | ||
+ | | 4B xx || '''ASR #''' | ||
+ | |- | ||
+ | | 4F xx xx || '''SRE ''abs''''' | ||
+ | |- | ||
+ | | 53 xx || '''SRE (''zpg''),Y''' | ||
+ | |- | ||
+ | | 57 xx || '''SRE ''zpg'',X''' | ||
+ | |- | ||
+ | | 5B xx xx || '''SRE ''abs'',Y''' | ||
+ | |- | ||
+ | | 5F xx xx|| '''SRE ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 63 xx || '''RRA (''zpg'',X)''' | ||
+ | |- | ||
+ | | 67 xx || '''RRA ''zpg''''' | ||
+ | |- | ||
+ | | 6B xx || '''ARR #''' | ||
+ | |- | ||
+ | | 6F xx xx || '''RRA ''abs''''' | ||
+ | |- | ||
+ | | 73 xx || '''RRA (''zpg''),Y''' | ||
+ | |- | ||
+ | | 77 xx || '''RRA ''zpg'',X''' | ||
+ | |- | ||
+ | | 7B xx xx || '''RRA ''abs'',Y''' | ||
+ | |- | ||
+ | | 7F xx xx || '''RRA ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | 83 xx || '''SAX (''zpg'',X)''' | ||
+ | |- | ||
+ | | 87 xx || '''SAX ''zpg''''' | ||
+ | |- | ||
+ | | 8B xx ||style="color: #CC0000;"|'''ANE #''' | ||
+ | |- | ||
+ | | 8F xx xx || '''SAX ''abs''''' | ||
+ | |- | ||
+ | | 93 xx ||style="color: #CC0000;"|'''SHA (''zpg''),Y''' | ||
+ | |- | ||
+ | | 97 xx || '''SAX ''zpg'',Y''' | ||
+ | |- | ||
+ | | 9B xx xx ||style="color: #CC0000;"|'''TAS ''abs'',Y''' | ||
+ | |- | ||
+ | | 9F xx xx ||style="color: #CC0000;"|'''SHA ''abs'',Y''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | A3 xx || '''LAX (''zpg'',X)''' | ||
+ | |- | ||
+ | | A7 xx || '''LAX ''zpg''''' | ||
+ | |- | ||
+ | | AB xx ||style="color: #CC0000;"|'''LXA #''' | ||
+ | |- | ||
+ | | AF xx xx || '''LAX ''abs''''' | ||
+ | |- | ||
+ | | B3 xx || '''LAX (''zpg''),Y''' | ||
+ | |- | ||
+ | | B7 xx || '''LAX ''zpg'',Y''' | ||
+ | |- | ||
+ | | BB xx xx || '''LAS ''abs'',Y''' | ||
+ | |- | ||
+ | | BF xx xx || '''LAX ''abs'',Y''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | C3 xx || '''DCP (''zpg'',X)''' | ||
+ | |- | ||
+ | | C7 xx || '''DCP ''zpg''''' | ||
+ | |- | ||
+ | | CB xx || '''SBX #''' | ||
+ | |- | ||
+ | | CF xx xx || '''DCP ''abs''''' | ||
+ | |- | ||
+ | | D3 xx || '''DCP (''zpg''),Y''' | ||
+ | |- | ||
+ | | D7 xx || '''DCP ''zpg'',X''' | ||
+ | |- | ||
+ | | DB xx xx || '''DCP ''abs'',Y''' | ||
+ | |- | ||
+ | | DF xx xx || '''DCP ''abs'',X''' | ||
+ | |} | ||
+ | | | ||
+ | {| class="wikitable" | ||
+ | ! Opcode !! Mnemonic | ||
+ | |- | ||
+ | | E3 xx || '''ISC (''zpg'',X)''' | ||
+ | |- | ||
+ | | E7 xx || '''ISC ''zpg''''' | ||
+ | |- | ||
+ | | EB xx || '''USBC #''' | ||
+ | |- | ||
+ | | EF xx xx || '''ISC ''abs''''' | ||
+ | |- | ||
+ | | F3 xx || '''ISC (''zpg''),Y''' | ||
+ | |- | ||
+ | | F7 xx || '''ISC ''zpg'',X''' | ||
+ | |- | ||
+ | | FB xx xx || '''ISC ''abs'',Y''' | ||
+ | |- | ||
+ | | FF xx xx || '''ISC ''abs'',X''' | ||
+ | |} | ||
+ | |} | ||
+ | |||
+ | Opcodes in bold are illegal. Opcodes in red are unstable. | ||
+ | |||
+ | Any instruction xxxxxx11 will execute the instructions at xxxxxx01 and xxxxxx10 at once, using the address mode of the instruction at xxxxxx01. | ||
+ | |||
+ | For example, "SAX abs” ($8F) is the composite of “STA abs” ($8D) and “STX abs” ($8E). | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Oddities == | ||
+ | |||
+ | * On NMOS, an indirect JMP will behave unexpectedly when the indirect address crosses a page boundary, because the 6502 does not add the carry to calculate the address of the high byte. For example, JMP ($19FF) will use the contents of $19FF and $1900 for the JMP address. On CMOS, this issue was fixed, at the cost of 1 additional cycle. In our example, JMP ($19FF) will use the contents of $19FF and $2000 for the JMP address. | ||
+ | * Some instructions, particularly those involving branches or indexed addressing modes, incur an extra cycle if the processor has to cross a memory page boundary. This is problematic for time-sensitive code. | ||
+ | * Conditional jumps are only 8-bit relative. And unconditional jumps are only 16-bit absolute. | ||
+ | * ADC is the only command for addition. To perform an addition without carry, the carry flag must be cleared manually first. Same with SBC for subtract. | ||
+ | * The TXS instruction does not affect any flag, while all other transfer instructions do. | ||
+ | * The BIT instruction copies bit 6 of the memory location to VF, regardless of any arithmetic overflow concept. | ||
+ | * The CLV (Clear Overflow Flag) instruction exist, but not the SEV (Set Overflow Flag) instruction. | ||
+ | * On NMOS, INC A and DEC A instructions do not exist. They do exist on CMOS. | ||
+ | * The NOP instruction takes 2 full-cycles. This is the minimum amount of cycles an instruction can take. It is necessary because, while the instruction itself does nothing, it still has to increment the 16-bit PC register. | ||
+ | * The alternate NOPs are not created equal. Some have one- or two-byte operands (which they don't do anything with), and they take different amounts of time to execute. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Compared behaviour == | ||
+ | |||
+ | * The 6502’s Decimal (BCD) mode automatically adjusts ADC and SBC results, while the Z80 requires a DAA instruction after each BCD addition and subtraction. | ||
+ | * The 6502 uses only one addressing mode per instruction, while the Z80 can combine two different addressing modes within a single instruction. | ||
+ | * The 6502 post-decrements on PHA and pre-increments on PLA, while the Z80 pre-decrements on PUSH and post-increments on POP. | ||
+ | * The 6502 saves flags automatically during interrupts; while the Z80 requires PUSH AF and POP AF. | ||
+ | * The 6502 only updates flags that are directly relevant to the operation's result. For example, EOR doesn't conceptually involve a carry, so the Carry flag is left untouched. On the Z80, XOR always clears the Carry flag to ensure a clean flag state. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Block Diagrams == | ||
+ | |||
+ | === Simple view === | ||
+ | [[File:Mcs6502-block-diagram.svg|500px]] | ||
+ | |||
+ | === Detailed view === | ||
+ | [[File:CPU 6502 Detailed Block Diagram.jpg|500px]] | ||
+ | |||
+ | See: [https://www.nesdev.org/wiki/Visual6502wiki/6502_datapath 6502 datapath signals] [https://www.nesdev.org/wiki/Visual6502wiki/6502_Timing_States 6502 timing states] [https://davidmjc.github.io/6502/ 6502 svg schematic] [[Media:6502 Schematic.pdf|Balazs' 6502 schematic]] | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == The Decode ROM (PLA) == | ||
+ | |||
+ | With 65xx family every instruction consumes multiple cycles. On the first cycle the opcode is fetched and saved internally, and in later cycles this determines the various corresponding actions which need to happen -- for example selecting an ALU function, or cueing an internal register to update itself from one of the internal buses. | ||
+ | |||
+ | The PLA coordinates this. It inputs the opcode and the counter that says which cycle is presently happening. Then the outputs of the PLA trigger whatever actions need to happen in that particular cycle for that particular instruction. [http://forum.6502.org/viewtopic.php?f=1&t=4914 Source] | ||
+ | |||
+ | |||
+ | The instruction register, which holds the opcode, and the current clock cycle within the instruction (T0 to T6) get fed into a 130×21 bit decode ROM, i.e. a ROM with 130 lines of 21 bits each. | ||
+ | |||
+ | While some other CPUs from the same era used microcode to interpret the instruction, the 6502 had this 130×21 bit PLA. All lines of the PLA compare the instruction and the current clock cycle, and if they match, the line fires. [https://www.pagetable.com/?p=39 Source] | ||
+ | |||
+ | |||
+ | The 6502 has a 'rather' simple structure built from a timing circuit counting instruction cycle and an instruction register, followed by a decoder PLA where instruction plus timing information is transformed into control signals which are fed into the execution units. | ||
+ | |||
+ | The cycle counter starts at 0 and shifts through the maximum 7 states. When an instruction ends, it gets reset to zero for the next one. The 6502 PLA is essentially a one-dimensional decoder transforming the combined instruction plus state into one or more control signals for the execution units. | ||
+ | |||
+ | Since the PLA allows partial decoding, one entry can fire on different instructions. For example, all instructions loading the second byte as immediate share one single PLA entry (microcode line). In comparison with textbook microcode engines, this is equivalent to a kind of compressed microcode. [https://retrocomputing.stackexchange.com/questions/6656/how-was-microcode-implemented-in-retro-processors Source] | ||
+ | |||
+ | |||
+ | A PLA is much more efficient than a ROM because it can take advantage of "don't care" entries. Specifically, the 6502 has a 130x21 PLA = 2730 entries. A ROM would need 11 inputs (instruction + timing) and 130 outputs, so 130*2^11 = 266240 entries plus the decoding logic. (You could reduce the ROM size by using tricks such as multiple levels of ROM or partially decoded ROMs.) | ||
+ | |||
+ | Instruction sets are usually defined so groups of bits have meanings and can be decoded separately. This makes the PLA a good fit. | ||
+ | |||
+ | For a specific example, the 6502 PLA decodes instructions matching 100XX1XX to the control line STY (ignoring the timing bits for simplicity). This takes 1 row in the PLA, but it would take 16 entries in a ROM. [https://news.ycombinator.com/item?id=13128074 Source] | ||
+ | |||
+ | See: [https://web.archive.org/web/20210519010632/http://visual6502.org/wiki/index.php?title=6507_Decode_ROM 6507 Decode ROM (PLA)] [https://pastraiser.com/cpu/65CE02/65CE02_rom.html 65CE02 Decode ROM (PLA)] [https://www.righto.com/2016/02/reverse-engineering-arm1-instruction.html ARM1, Z80, 6502 instruction sequencing compared] [https://www.pagetable.com/?p=410 Internals of BRK/IRQ/NMI/RESET on a MOS 6502] [https://www.pagetable.com/?p=39 How MOS 6502 illegal opcodes really work] [https://c74project.com/wp-content/uploads/2020/04/c74-6502-microcode.pdf 6502 microcode] [https://c74project.com/wp-content/uploads/2020/04/c74-6502-microinstructions.pdf 6502 microinstructions] | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == CPU Pinout == | ||
+ | |||
+ | [[File:6502CPU Pinout.gif]] | ||
+ | |||
+ | Notes: | ||
+ | * SYNC is an output signal. It is high at T0. | ||
+ | * S.O. is an input signal, which stands for Set Overflow. It allows the hardware to affect VF independently of the software. | ||
+ | * Some pins are modified in CPU variants. | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Chip Variants == | ||
+ | |||
+ | * The ROR instruction didn't exist in the very earliest (pre-1977) chips. See: [https://www.pagetable.com/?p=406 Measuring the ROR Bug in the Early MOS 6502] | ||
+ | |||
+ | * The 6502 core used inside the [[NES]] is missing the Decimal Mode feature. [https://archive.org/details/nes-programmers-reference-guide-by-electronic-arts-1989/ NES programmer's reference guide] [https://www.nesdev.org/NESDoc.pdf NESDoc] [https://www.nesdev.org/wiki/Mapper NES mappers] [https://problemkaputt.de/everynes.htm Noca$h's Everynes] [https://www.nesdev.org/wiki/Emulator_tests NES emulator tests] [https://tcrf.net/Category:Nintendo_Console_Testing_Software Official Nintendo testing software] | ||
+ | |||
+ | * The 6507 CPU, used in the [[Atari VCS]], has only 13 address lines. So it can only address 8KB instead of 64KB. It also lacks the IRQ and NMI interrupt lines. [https://youtu.be/qvpwf50a48E Atari VCS: The Ultimate Talk] [https://cdn.hackaday.io/files/1646277043401568/stella.pdf Stella programmer's guide] [https://www.atarimania.com/documents/stella_system_training_manual.pdf Stella system training manual] [https://problemkaputt.de/2k6specs.htm Noca$h's 2k6specs] | ||
+ | |||
+ | * The 6510 CPU, used in the [[Commodore 64]], is a 6502 with an additional AEC pin that puts the bus in high impedance mode. It also includes a 6-bit I/O port that occupies addresses 0 and 1. | ||
+ | |||
+ | * The disk drive of the Commodore 64 has its own 6502 processor that acts as a floppy disk controller (FDC) and as a disk operating system (DOS) processor. It can also be used as a general coprocessor for the main system. | ||
+ | |||
+ | * The 6502C used in [[Atari 8-bit]] computer range, adds an additional HALT pin for DMA. The 6502C is otherwise a regular NMOS 6502, not to be confused with the CMOS 65C02. | ||
+ | |||
+ | * The CMOS 65C02 fixed multiple bugs of the original NMOS 6502, but also removed access to all illegal instructions. Some cycle counts have been modified and some extra instructions have been added. In fact, there are multiple implementations of the 65C02 (WDC 65C02, WDC 65C02S, Rockwell R65C02, CSG 65CE02, ...), each with its own variant of the instruction set [https://www.pagetable.com/c64ref/6502/?tab=2 6502 Family CPU Reference]. | ||
+ | |||
+ | * The HuC6280, used in the [[PC-Engine]] gaming console, is an improved version of the CMOS 65C02. [[Media:HuC6280 - CMOS 8-bit Microprocessor Hardware Manual.pdf|HuC6280 hardware manual]] [[Media:HuC6260 - CMOS Video Color Encoder Manual.pdf|HuC6260 VCE manual]] [[Media:HuC6270 - CMOS Video Display Controller Manual.pdf|HuC6270 VDC manual]] | ||
+ | |||
+ | * The WDC 65C816, used in the [[SNES]] and the [[Apple IIGS]], is a 16-bit version of the 65C02 [https://archive.org/details/SNESDevManual/ SNES development manual] [https://problemkaputt.de/fullsnes.htm Noca$h's fullsnes] [https://snes.nesdev.org/wiki/SNESdev_Wiki SNESdev wiki]. The 65C816 contains a compatibillity mode, enabled by default upon reset, that makes it behave like a regular 65C02. The full 65C816 cycle-by-cycle steps are in the [https://www.westerndesigncenter.com/wdc/documentation/w65c816s.pdf 65C816 datasheet]. | ||
+ | |||
+ | * The Sony SPC700 sound CPU used inside the SNES also behaves similarly to a 6502 with some extensions. [https://wiki.superfamicom.org/spc700-reference Source] [https://www.youtube.com/watch?v=zrn0QavLMyo&list=PLHQ0utQyFw5JD2wWda50J8XuzQ2cFr8RX SPC700 Series] [https://github.com/gilyon/snes-tests SNES-tests] | ||
+ | |||
+ | <br> | ||
+ | |||
+ | == Links == | ||
+ | *{{EnWiki|MOS_Technology_6502}} | ||
+ | *[http://www.6502.org/ 6502.org] the 6502 microprocessor resource | ||
+ | *[[Media:Onthe6502.pdf|On the 6502 - A brillant or sloppy design?]] | ||
+ | *[https://youtu.be/acUH4lWe2NQ The 6502 CPU Powered a Whole Generation!] by [[The 8-Bit Guy]] | ||
+ | *[https://youtu.be/Ne1ApyqSvm0 Oral history of Bill Mensch] | ||
+ | *[https://www.chibiakumas.com/6502/ Learn Assembly Programming with ChibiAkumas] Multi-platform 6502 tutorial | ||
+ | *[https://www.nesdev.org/obelisk-6502-guide/ Obelisk 6502 Guide] | ||
+ | *[https://www.masswerk.at/6502/6502_instruction_set.html 6502 Instruction Set] [https://www.masswerk.at/nowgobang/2021/6502-illegal-opcodes 6502 illegal opcodes demystified] | ||
+ | *[[Media:NoMoreSecrets-NMOS6510UnintendedOpcodes-20212412.pdf|No more secrets - NMOS 6510 Unintended Opcodes]] | ||
+ | *[https://llx.com/Neil/a2/opcodes.html The 6502/65C02/65C816 Instruction Set Decoded] | ||
+ | *[https://pastraiser.com/cpu/6502/6502_opcodes.html 6502 opcodes] [https://pastraiser.com/cpu/65CE02/65CE02_opcodes.html 65CE02 opcodes] | ||
+ | *[https://www.nesdev.org/wiki/CPU_unofficial_opcodes Opcode matrix arrangement] | ||
+ | *[https://www.oxyron.de/html/opcodes.html Oxyron Opcode Matrices] | ||
+ | *[http://retro.hansotten.nl/uploads/books/Programming_the_6502.pdf Rodnay Zaks Programming the 6502] | ||
+ | *[http://www.6502.org/documents/datasheets/synertek/synertek_programming_manual.pdf Synertek SY650x programming manual (250 pages)] | ||
+ | *[http://www.6502.org/documents/datasheets/synertek/synertek_hardware_manual.pdf Synertek SY650x hardware manual (178 pages)] | ||
+ | *[[Media:SY6500 - SY65C02 datasheet.pdf]] - features a detailed breakdown of 65C02 instructions | ||
+ | *[https://xotmatrix.github.io/6502/ xotmatrix] 6502 instruction set and detailed cycle-by-cycle breakdown | ||
+ | *[[Media:6502 (65xx) Microprocessor Instant Reference Card.pdf]] | ||
+ | *[https://www.nesdev.org/wiki/CPU_interrupts 6502 Interrupts] | ||
+ | *[[Media:6502-dead-cycles.pdf]] | ||
+ | *[https://codebase64.org/doku.php?id=base:6510_instruction_timing 6510 Instruction Timing] | ||
+ | *[https://youtu.be/fWqBmmPQP40 Conference - Reverse Engineering the MOS 6502 CPU] | ||
+ | *[https://floooh.github.io/visual6502remix/ Visual6502remix] [https://www.nesdev.org/wiki/Visual6502wiki Visual6502wiki] | ||
+ | *[https://c74project.com/ C74-6502] [https://monster6502.com/ MOnSter 6502] Dis-integrated implementations of the 6502 microprocessor | ||
+ | *[https://hackaday.io/project/21496/logs FPGA NES] [https://floooh.github.io/visual2a03remix/ Visual2A03remix] [https://github.com/emu-russia/breaks/tree/master/BreakingNESWiki_DeepL Breaking NES wiki] | ||
+ | *[https://www.maizure.org/projects/decoded-bisqwit-nes-emulator/ Decoded: The Bisqwit NES emulator] [https://bugzmanov.github.io/nes_ebook/ Writing NES emulator in Rust] [https://emudev.de/ Emudev (nes-c64-snes)] | ||
+ | *[https://floooh.github.io/2019/12/13/cycle-stepped-6502.html Cycle-stepped 6502 emulation how-to] | ||
+ | *[https://github.com/SingleStepTests Tom Harte's SingleStepTests] | ||
+ | |||
+ | [[Category:Non CPC Computers]] | ||
+ | [[Category:Electronic Component]] |
Latest revision as of 17:10, 11 May 2025
The MOS Technology 6502 is an 8-bit microprocessor designed by Chuck Peddle in 1975 for MOS Technology (later purchased by Commodore). Along with the Zilog Z80, it sparked off a series of computer projects that would eventually result in the home computer revolution of the 1980s. The 6502 design was originally second-sourced by Rockwell and Synertek and later licensed to a number of companies; it is still made for embedded systems.
Originally the CPC was destined to be designed around the 6502 processor. But when Amstrad approached Locomotive Software to develop a Basic for it with a very tight deadline, Locomotive PLC, who already had a Z80 Basic in the works, urged and convinced Amstrad to switch to the Z80.
Although there were definitely other CPUs in use in the 1980s, the vast majority of microcomputers people had at home or at the office used either a MOS 6502 (or one of its variants), a Zilog Z80, an early member of the Intel 8086 family, or a Motorola 68000.
Contents
- 1 History
- 2 Description
- 3 Register File
- 4 Memory Access
- 5 I/O Access
- 6 Interrupts
- 7 Decimal Mode
- 8 Half Cycles
- 9 Pipelining
- 10 Adressing Modes
- 11 Instruction Execution Sequence
- 12 NMOS 6502 Instruction Set
- 13 Opcodes
- 14 Oddities
- 15 Compared behaviour
- 16 Block Diagrams
- 17 The Decode ROM (PLA)
- 18 CPU Pinout
- 19 Chip Variants
- 20 Links
History
In 1973, Peddle worked at Motorola on developing the 6800 processor. Peddle recognized a market for a very low price microprocessor and began to champion such a design to complement the Motorola 6800. His efforts were frustrated by Motorola management and he was told to drop the project. He then left for MOS Technology, where he headed the design of the 6501.
The 6501 was pin-compatible with the 6800, meaning it could be used in the same systems without any changes. However, this led to legal trouble with Motorola, who argued that the 6501 infringed on their patents.
To resolve this, MOS Technology stopped producing the 6501 and introduced the 6502. While the 6502 was similar in design to the 6501 and 6800, it was no longer pin-compatible with the 6800, avoiding further legal issues.
Priced initially at just $25, the 6502 drastically undercut the Motorola 6800 and other competing processors like the Intel 8080, which were priced around $179 at the time. Motorola must have learnt from this lesson when they decided to sell the 68000 at $15 to Apple for the Macintosh in 1984.
Description
The 6502 microprocessor is an 8-bit CPU with an 8-bit ALU and a 16-bit address bus capable of direct access to 64KB of memory space.
Like the Z80, the 6502 is a little-endian CPU, meaning it reads 16-bit values with the least significant byte first, followed by the most significant byte. The 6502 has 151 instructions, which are composed of 56 distinct opcodes across various addressing modes.
The 6502 is an 8-bit CPU in the purest sense. Unlike the Z80, the 6502 does not have any 16-bit instructions and cannot pair its registers. To work with a 16-bit number you will need to split it in two and work with each half individually.
Although it lacks the raw processing power of processors like the Intel 80x86 or the Motorola 68000 series, the 6502 was known for its efficiency and affordability, making it a popular choice for embedded systems and early home computers. Its simple design contributed to lower manufacturing costs and simplified integration.
The 6502 chip is made up of 4528 transistors (3510 enhancement transistors and 1018 depletion pullup transistors) Source. To put it into perspective, 64KB of DRAM contains 524288 transistors, as 1 bit of DRAM needs 1 transistor. The 6502 is mid-1970s technology while the 64KB DRAM is early-1980s technology.
Despite having so few transistors, the 6502 is generally considered at least twice as fast as the Z80 for the same clock speed Source. Four reasons explain this:
- The 6502 has an 8-bit ALU, while the Z80 uses a 4-bit ALU.
- The 6502 features a built-in clock doubler, allowing it to perform 1 internal operation and 1 memory access per cycle.
- On average, a 2MHz 6502 can make 2 memory accesses per microsecond, while a 4MHz Z80 can only make 1.
- The Z80 has more registers but has to do pretty much everything with them whilst the 6502 can directly use the first 256 bytes of memory for those jobs.
The 6502 and Z80 exemplify the fundamental differences between what would become known as RISC and CISC architectures. The 6502 was designed with a streamlined, minimal instruction set to achieve high execution speed. The Z80, on the other hand, incorporated a larger, more complex instruction set, aiming to make assembly programming more accessible and to create more compact programs.
The 6502 comes in a 40-pin DIP package. It has been produced by various manufacturers and used in a wide range of applications, from gaming consoles like the Atari VCS, Atari Lynx, Nintendo Entertainment System and PC-Engine to personal computers like the Apple II, BBC Micro, Atari XL, Oric, VIC20 and Commodore 64.
Register File
Register | Size | Description | Notes |
---|---|---|---|
A (Accumulator) | 8-bit | Main register for arithmetic, logic, and data transfer | Most operations use this register |
X (Index Register X) | 8-bit | Used for indexing memory and loop counters | Can be used for addressing modes like Indexed Indirect, Zero Page Indexed, and Absolute Indexed |
Y (Index Register Y) | 8-bit | Used for indexing memory and loop counters | Often used in Absolute and Zero Page Indexed addressing |
P (Processor Status) | 8-bit |
|
Flags are affected by most operations.
The BF bit does not actually exist inside the 6502. The BF bit only exists in the status flag byte pushed to the stack. When the flags are restored (via PLP or RTI), the BF bit is discarded. PHP (Push Processor Status) and PLP (Pull Processor Status) can be used to set or retrieve P directly via the stack. Interrupts (BRK / NMI / IRQ) implicitly push P to the stack. Interrupts returning with RTI will implicitly pull P from the stack. The effect of toggling the IF flag is delayed by 1 instruction when caused by SEI, CLI, or PLP. |
S (Stack Pointer) | 8-bit | Points to the current location in the stack | Stack is located in page 1 ($0100-$01FF), 8-bit S register is offset to this base |
PC (Program Counter) | 16-bit | Points to the next instruction to be executed | Automatically increments as instructions are executed |
The 6502 also has internal latches and buffers used for address handling and instruction execution. For example:
- ABL/ABH: Address Bus Low/High, latches for the address bus.
- AI/BI: Input Registers for the ALU.
- IR: Instruction Register, holds the fetched instruction opcode byte while the CPU decodes and executes it.
Memory Access
The address space that the 6502 uses is split into pages. There are 256 pages and each page is 256 bytes in size, ranging from page 0 to page 255.
In order to make up for the lack of registers, the 6502 includes a zero page addressing mode ($0000-$00FF) that uses only 1 address byte in the instruction instead of the 2 that are needed to address the full 64 KB of memory. This provides fast access to the first 256 bytes of RAM by using shorter instructions.
The stack is permanently located in page 1 ($0100-$01FF) and managed by the 8-bit stack pointer (S), with an initial value of $FF. It grows downward as data is pushed onto the stack. The stack has a 256-byte limit, and overflow occurs if not managed properly.
Instructions PHA and PHP push the accumulator and processor status onto the stack, while PLA and PLP pull them back. Subroutine calls with JSR store the return address on the stack, and RTS retrieves it to continue execution. Similarly, interrupts (BRK) push the program counter and status, while RTI restores them.
I/O Access
All I/O operations are memory-mapped. There are no port-based I/O instructions. Memory-mapped ports often have different properties than normal RAM:
- The contents of a port can be updated by the hardware. Reading a port will not always return the same value each time it is read
- It is also possible that reading a port will alter its contents, or alter the contents of other related ports
- A read-only port is what it sounds like. Attempting to write to this address will not affect the contents
- A write-only port can be written to, but reading it will result in undefined behaviour
- Using the ports with instructions other than the Load/Store ones can be very unintuitive
This is not all negative though. Memory-mapped I/O means that:
- The familiar instructions for accessing memory can be used for I/O, instead of learning a new set of instructions
- No need to learn the weird partial I/O address decoding rules
- Chips are directly accessible instead of being chained, like how the PSG chip has to be clumsily accessed through the PPI chip
Interrupts
6502 machines use the last 6 bytes of their address space to hold a vector table containing (in order) the addresses of the NMI routine, the program's start, and the IRQ routine.
On a RESET, the CPU loads the vector from $FFFC/$FFFD into the program counter and continues fetching instructions from there.
On an NMI, the CPU pushes the low byte and the high byte of the program counter as well as the processor status onto the stack, disables interrupts and loads the vector from $FFFA/$FFFB into the program counter and continues fetching instructions from there.
On an IRQ, the CPU does the same as in the NMI case, but uses the vector at $FFFE/$FFFF.
On a BRK instruction, the CPU does the same as in the IRQ case, but sets BF in the copy of the status register that is saved on the stack.
The priority sequence for interrupts, from top priority to bottom, is as follows: RESET, BRK, NMI, IRQ. Source at chapter 7.19
Interrupt hijacking
On NMOS, if NMI is asserted during the first 4 ticks of a BRK instruction, the BRK instruction will execute normally at first (PC increments will occur and P will be pushed with BF set to 1), but execution will branch to the NMI vector instead of the IRQ/BRK vector, effectively skipping the BRK instruction. On CMOS, this situation is correctly handled by executing BRK and then servicing the interrupt.
An IRQ can also hijack a BRK, though it won't be as visible since they use the same interrupt vector.
Similarly, an NMI can hijack an IRQ. But this is not usually a problem because the IRQ will normally still be asserted when the NMI returns and generate a new interrupt.
Branch instructions and Interrupts
The branch instructions have subtle interrupt polling behaviour. When executing a branch instruction, the 6502 checks for interrupts before fetching the operand (cycle 2).
If the branch is taken (i.e., the CPU decides to jump), it does not check for interrupts again before proceeding unless the branch crosses a page boundary (like moving from memory address $01FF to $0200).
If the branch crosses a page boundary, the CPU checks for interrupts once more before fixing the program counter.
If an interrupt is detected at any of these points (before the operand fetch or the page boundary fixup), the CPU will handle the interrupt immediately, interrupting the branch execution.
This behaviour has not been fixed in the CMOS 65C02 as this is not really a bug. It's just a subtlety that one has to keep in mind when working with time-sensitive code.
Decimal Mode
Decimal Mode allows ADC and SBC instructions to use Binary-Coded Decimal (BCD), where each nibble (4 bits) represents a decimal digit (0-9), instead of binary.
On NMOS, when Decimal Mode is on, the ADC and SBC instructions update NF, VF and ZF based on the binary result before the decimal correction is applied. Only CF is updated correctly. On CMOS, all the flags are updated correctly, at the cost of 1 additional cycle.
On NMOS, DF is not defined after RESET. On CMOS, DF is automatically cleared on RESET.
On NMOS, DF is unchanged when entering an interrupt of any kind. This can cause unexpected bugs in the interrupt handler if Decimal Mode is on when an interrupt occurs. On CMOS, DF is automatically cleared on interrupt. Upon returning from an interrupt, the processor restores the status register from the stack, including DF.
Half Cycles
The 6502 divides each clock cycle into two phases (ϕ1 and ϕ2):
- During the ϕ1 half-cycle, no bus access occurs. This phase is dedicated to internal CPU operations.
- During the ϕ2 half-cycle, the CPU accesses the external bus for memory reads/writes or I/O operations.
The use of half-cycles ensures that memory and I/O devices have predictable timing windows when the CPU will access the bus, while still allowing the CPU to perform internal operations in parallel.
Unlike most microprocessors, the 6502 does not make memory accesses on an "as needed" basis. It always does a fetch or store on every single clock cycle. When there isn't anything to be fetched or stored, a "garbage" fetch or store occurs. This is mainly of importance with the memory-mapped I/O devices:
- On NMOS, when adding a carry to the MSB of an address, a fetch occurs at a garbage address. On CMOS, the last byte of the instruction is refetched.
- On NMOS, when doing a fetch-modify-store instruction (INC, DEC, ASL, LSR, ROL, ROR), garbage is stored into the location during the "modify" cycle... followed by the "real" store cycle which stores the correct data. On CMOS, a second fetch is performed instead of a garbage store.
Pipelining
We have to dispel the myth of pipelining in the 6502. If we analyze its operation in half-cycles, we see that instruction execution is tightly bound to memory operations without any overlap between different instructions.
Each instruction follows a rigid sequence of steps, with no ability to fetch the next instruction while executing the current one. This means that the CPU cannot prefetch opcodes or operands ahead of time in the way a pipelined architecture would.
If we invert our perspective and consider ϕ2 as the first half-cycle and ϕ1 as the second, it becomes evident why pipelining does not exist on the 6502.
In fact, it's the other way around. If the previous instruction ends with a memory write, the CPU has to wait for a half-cycle before being able to fetch the next instruction on the next ϕ2 half-cycle.
Adressing Modes
The 6502 uses only one addressing mode per instruction.
Addressing Mode | Example | Operation |
---|---|---|
Immediate | LDA #$EA | A ← $EA |
Absolute | LDA $0314 | A ← M($0314) |
Absolute,X | LDA $0314,X | A ← M($0314+X) |
Absolute,Y | LDA $0314,Y | A ← M($0314+Y) |
Zeropage | LDA $02 | A ← M($02) |
Zeropage,X | LDA $02,X | A ← M($02+X) |
Zeropage,Y | LDA $02,Y | A ← M($02+Y) |
(Zeropage,X) | LDA ($02,X) | A ← M(PTR($02+X)) |
(Zeropage),Y | LDA ($02),Y | A ← M(PTR($02)+Y) |
The Zero Page on the 6502 is a special area of memory from addresses $0000 to $00FF that act like pseudo registers. The 6502 provides optimized instructions that operate more efficiently when using addresses within the Zero Page.
Fun fact: the TMS9900 CPU took this further by having no onboard registers, except PC & status register. Everything was in RAM.
Instruction Execution Sequence
For an instruction to fully execute, the 6502 goes through these key phases in order:
- Opcode Fetch
- Operand Fetch (if needed)
- Memory Read / I/O Read (if needed)
- Operation
- Memory Write / I/O Write (if needed)
- At the end of every instruction, the IRQ (if the interrupt disable flag is clear) and NMI pins are checked.
As an example, let M[$42]=$80, M[$43]=$10 and Y=$F1. Then the instruction LDA ($42),Y will execute as follow, with ϕ2 as the first half-cycle and ϕ1 as the second half-cycle:
- T0: Fetch opcode $B1 (LDA (zp),Y) from memory then increment PC
- T1: Fetch operand byte $42 (zero page pointer address) then increment PC
- T2: Get low byte from zero page ($80) then increment the zero page address
- T3: Get high byte from next zero page location ($10) then add the Y register value ($F1) to $1080
- T4: Garbage fetch from memory address $1071 then handle page boundary crossing (since $1080 + $F1 crosses a page)
- T5: Read the value from memory address $1171 into the accumulator then no operation in the last half-cycle
NMOS 6502 Instruction Set
Cycles are shown in parenthesis for each opcode. p=1 if page is crossed. t=1 if branch is taken.
ALU instructions
Mnemonic | Addressing Modes | Flags | Operation | Description | |||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
No arg | A | #$nn | $nnnn | $nnnn,X | $nnnn,Y | ($nnnn) | $nn | $nn,X | $nn,Y | ($nn,X) | ($nn),Y | rel | N | V | D | I | Z | C | |||
BIT | 2C (4) | 24 (3) | N | V | - | - | Z | - | A ∧ M, M7 → NF, M6 → VF | test BITs | |||||||||||
AND | 29 (2) | 2D (4) | 3D (4+p) | 39 (4+p) | 25 (3) | 35 (4) | 21 (6) | 31 (5+p) | N | - | - | - | Z | - | A ∧ M → A | bitwise AND with accumulator | |||||
EOR | 49 (2) | 4D (4) | 5D (4+p) | 59 (4+p) | 45 (3) | 55 (4) | 41 (6) | 51 (5+p) | N | - | - | - | Z | - | A ⊻ M → A | bitwise Exclusive OR | |||||
ORA | 09 (2) | 0D (4) | 1D (4+p) | 19 (4+p) | 05 (3) | 15 (4) | 01 (6) | 11 (5+p) | N | - | - | - | Z | - | A ∨ M → A | bitwise OR with Accumulator | |||||
ADC | 69 (2) | 6D (4) | 7D (4+p) | 79 (4+p) | 65 (3) | 75 (4) | 61 (6) | 71 (5+p) | N | V | - | - | Z | C | A + M + CF → A, CF | ADd with Carry | |||||
SBC | E9 (2) | ED (4) | FD (4+p) | F9 (4+p) | E5 (3) | F5 (4) | E1 (6) | F1 (5+p) | N | V | - | - | Z | C | A - M - (1 - CF) → A | SuBtract with Carry | |||||
CMP | C9 (2) | CD (4) | DD (4+p) | D9 (4+p) | C5 (3) | D5 (4) | C1 (6) | D1 (5+p) | N | - | - | - | Z | C | A - M | CoMPare accumulator | |||||
CPX | E0 (2) | EC (4) | E4 (3) | N | - | - | - | Z | C | X - M | ComPare X register | ||||||||||
CPY | C0 (2) | CC (4) | C4 (3) | N | - | - | - | Z | C | Y - M | ComPare Y register | ||||||||||
ASL | 0A (2) | 0E (6) | 1E (7) | 06 (5) | 16 (6) | N | - | - | - | Z | C | CF ← /M7...M0/ ← 0 | Arithmetic Shift Left | ||||||||
LSR | 4A (2) | 4E (6) | 5E (7) | 46 (5) | 56 (6) | 0 | - | - | - | Z | C | 0 → /M7...M0/ → CF | Logical Shift Right | ||||||||
ROL | 2A (2) | 2E (6) | 3E (7) | 26 (5) | 36 (6) | N | - | - | - | Z | C | CF ← /M7...M0/ ← CF | ROtate Left | ||||||||
ROR | 6A (2) | 6E (6) | 7E (7) | 66 (5) | 76 (6) | N | - | - | - | Z | C | CF → /M7...M0/ → CF | ROtate Right | ||||||||
DEC | CE (6) | DE (7) | C6 (5) | D6 (6) | N | - | - | - | Z | - | M - 1 → M | DECrement memory | |||||||||
INC | EE (6) | FE (7) | E6 (5) | F6 (6) | N | - | - | - | Z | - | M + 1 → M | INCrement memory | |||||||||
DEX | CA (2) | N | - | - | - | Z | - | X - 1 → X | DEcrement X | ||||||||||||
DEY | 88 (2) | N | - | - | - | Z | - | Y - 1 → Y | DEcrement Y | ||||||||||||
INX | E8 (2) | N | - | - | - | Z | - | X + 1 → X | INcrement X | ||||||||||||
INY | C8 (2) | N | - | - | - | Z | - | Y + 1 → Y | INcrement Y |
Move instructions
Mnemonic | Addressing Modes | Flags | Operation | Description | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
No arg | #$nn | $nnnn | $nnnn,X | $nnnn,Y | ($nnnn) | $nn | $nn,X | $nn,Y | ($nn,X) | ($nn),Y | rel | N | V | D | I | Z | C | |||
LDA | A9 (2) | AD (4) | BD (4+p) | B9 (4+p) | A5 (3) | B5 (4) | A1 (6) | B1 (5+p) | N | - | - | - | Z | - | M → A | LoaD Accumulator | ||||
LDX | A2 (2) | AE (4) | BE (4+p) | A6 (3) | B6 (4) | N | - | - | - | Z | - | M → X | LoaD X register | |||||||
LDY | A0 (2) | AC (4) | BC (4+p) | A4 (3) | B4 (4) | N | - | - | - | Z | - | M → Y | LoaD Y register | |||||||
STA | 8D (4) | 9D (5) | 99 (5) | 85 (3) | 95 (4) | 81 (6) | 91 (6) | - | - | - | - | - | - | A → M | STore Accumulator | |||||
STX | 8E (4) | 86 (3) | 96 (4) | - | - | - | - | - | - | X → M | STore X register | |||||||||
STY | 8C (4) | 84 (3) | 94 (4) | - | - | - | - | - | - | Y → M | STore Y register | |||||||||
TAX | AA (2) | N | - | - | - | Z | - | A → X | Transfer A to X | |||||||||||
TXA | 8A (2) | N | - | - | - | Z | - | X → A | Transfer X to A | |||||||||||
TAY | A8 (2) | N | - | - | - | Z | - | A → Y | Transfer A to Y | |||||||||||
TYA | 98 (2) | N | - | - | - | Z | - | Y → A | Transfer Y to A | |||||||||||
TSX | BA (2) | N | - | - | - | Z | - | S → X | Transfer Stack pointer to X | |||||||||||
TXS | 9A (2) | - | - | - | - | - | - | X → S | Transfer X to Stack pointer | |||||||||||
PLP | 28 (4) | N | V | D | I | Z | C | (S)↑ → P | PuLl Processor status | |||||||||||
PLA | 68 (4) | N | - | - | - | Z | - | (S)↑ → A | PuLl Accumulator | |||||||||||
PHP | 08 (3) | - | - | - | - | - | - | P↓ | PusH Processor status | |||||||||||
PHA | 48 (3) | - | - | - | - | - | - | A↓ | PusH Accumulator |
Jump and Flag instructions
Mnemonic | Addressing Modes | Flags | Operation | Description | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
No arg | #$nn | $nnnn | $nnnn,X | $nnnn,Y | ($nnnn) | $nn | $nn,X | $nn,Y | ($nn,X) | ($nn),Y | rel | N | V | D | I | Z | C | |||
JMP | 4C (3) | 6C (5) | - | - | - | - | - | - | [PC + 1] → PCL, [PC + 2] → PCH | JuMP | ||||||||||
JSR | 20 (6) | - | - | - | - | - | - | PC + 2↓, [PC + 1] → PCL, [PC + 2] → PCH | Jump to SubRoutine | |||||||||||
RTS | 60 (6) | - | - | - | - | - | - | (S)↑ → PCL, (S)↑ → PCH, PC + 1 → PC | ReTurn from Subroutine | |||||||||||
RTI | 40 (6) | N | V | D | I | Z | C | (S)↑ → P, (S)↑ → PCL, (S)↑ → PCH | ReTurn from Interrupt | |||||||||||
BRK | 00 (7) | - | - | - | 1 | - | - | PC + 2↓, [FFFE] → PCL, [FFFF] → PCH | BReaK | |||||||||||
SEI | 78 (2) | - | - | - | 1 | - | - | 1 → IF | SEt Interrupt flag | |||||||||||
CLI | 58 (2) | - | - | - | 0 | - | - | 0 → IF | CLear Interrupt flag | |||||||||||
SEC | 38 (2) | - | - | - | - | - | 1 | 1 → CF | SEt Carry flag | |||||||||||
CLC | 18 (2) | - | - | - | - | - | 0 | 0 → CF | CLear Carry flag | |||||||||||
SED | F8 (2) | - | - | 1 | - | - | - | 1 → DF | SEt Decimal flag | |||||||||||
CLD | D8 (2) | - | - | 0 | - | - | - | 0 → DF | CLear Decimal flag | |||||||||||
CLV | B8 (2) | - | 0 | - | - | - | - | 0 → VF | CLear oVerflow flag | |||||||||||
NOP | EA (2) | - | - | - | - | - | - | No operation | No OPeration | |||||||||||
BPL | 10 (2+t+p) | - | - | - | - | - | - | Branch on NF = 0 | Branch on PLus | |||||||||||
BMI | 30 (2+t+p) | - | - | - | - | - | - | Branch on NF = 1 | Branch on MInus | |||||||||||
BVC | 50 (2+t+p) | - | - | - | - | - | - | Branch on VF = 0 | Branch on oVerflow Clear | |||||||||||
BVS | 70 (2+t+p) | - | - | - | - | - | - | Branch on VF = 1 | Branch on oVerflow Set | |||||||||||
BCC | 90 (2+t+p) | - | - | - | - | - | - | Branch on CF = 0 | Branch on Carry Clear | |||||||||||
BCS | B0 (2+t+p) | - | - | - | - | - | - | Branch on CF = 1 | Branch on Carry Set | |||||||||||
BNE | D0 (2+t+p) | - | - | - | - | - | - | Branch on ZF = 0 | Branch on Not Equal | |||||||||||
BEQ | F0 (2+t+p) | - | - | - | - | - | - | Branch on ZF = 1 | Branch on EQual |
Illegal instructions
A lot of these illegal instructions involve a bitwise AND operation, which is a side effect of the open-drain behavior of NMOS logic. When two instructions put a value on the bus at the same time, this creates a bus conflict resulting effectively in an AND operation. The lower voltage wins because transistors can pull down stronger than resistors can pull up.
Mnemonic | Addressing Modes | Flags | Operation | Description | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
No arg | #$nn | $nnnn | $nnnn,X | $nnnn,Y | $nn | $nn,X | $nn,Y | ($nn,X) | ($nn),Y | N | V | D | I | Z | C | |||
DCP (DCM) | CF (6) | DF (7) | DB (7) | C7 (5) | D7 (6) | C3 (8) | D3 (8) | N | - | - | - | Z | C | M - 1 -> M, A - M | DEC oper + CMP oper | |||
ISC (ISB, INS) | EF (6) | FF (7) | FB (7) | E7 (5) | F7 (6) | E3 (8) | F3 (8) | N | V | - | - | Z | C | M + 1 -> M, A - M - CF -> A | INC oper + SBC oper | |||
RLA | 2F (6) | 3F (7) | 3B (7) | 27 (5) | 37 (6) | 23 (8) | 33 (8) | N | - | - | - | Z | C | M = CF <- [76543210] <- CF, A AND M -> A | ROL oper + AND oper | |||
RRA | 6F (6) | 7F (7) | 7B (7) | 67 (5) | 77 (6) | 63 (8) | 73 (8) | N | V | - | - | Z | C | M = CF -> [76543210] -> CF, A + M + CF -> A, CF | ROR oper + ADC oper | |||
SLO (ASO) | 0F (6) | 1F (7) | 1B (7) | 07 (5) | 17 (6) | 03 (8) | 13 (8) | N | - | - | - | Z | C | M = CF <- [76543210] <- 0, A OR M -> A | ASL oper + ORA oper | |||
SRE (LSE) | 4F (6) | 5F (7) | 5B (7) | 47 (5) | 57 (6) | 43 (8) | 53 (8) | N | - | - | - | Z | C | M = 0 -> [76543210] -> CF, A EOR M -> A | LSR oper + EOR oper | |||
LAX | AF (4) | BF (4+p) | A7 (3) | B7 (4) | A3 (6) | B3 (5+p) | N | - | - | - | Z | - | M -> A -> X | LDA oper + LDX oper | ||||
SAX (AXS, AAX) | 8F (4) | 87 (3) | 97 (4) | 83 (6) | - | - | - | - | - | - | A AND X -> M | Stores the bitwise AND of A and X | ||||||
LAS (LAR) | BB (4+p) | N | - | - | - | Z | - | M AND SP -> A, X, SP | LDA/TSX oper | |||||||||
TAS (XAS, SHS) | 9B (5) | - | - | - | - | - | - | A AND X -> SP, A AND X AND (H+1) -> M | Puts A AND X in SP and stores A AND X AND (high-byte of addr + 1) at addr
unstable: sometimes 'AND (H+1)' is dropped, page boundary crossings may not work | |||||||||
SHA (AHX, AXA) | 9F (5) | 93 (6) | - | - | - | - | - | - | A AND X AND (H+1) -> M | Stores A AND X AND (high-byte of addr + 1) at addr
unstable: sometimes 'AND (H+1)' is dropped, page boundary crossings may not work | ||||||||
SHX (A11, SXA, XAS) | 9E (5) | - | - | - | - | - | - | X AND (H+1) -> M | Stores X AND (high-byte of addr + 1) at addr
unstable: sometimes 'AND (H+1)' is dropped, page boundary crossings may not work | |||||||||
SHY (SYA, SAY) | 9C (5) | - | - | - | - | - | - | Y AND (H+1) -> M | Stores Y AND (high-byte of addr + 1) at addr
unstable: sometimes 'AND (H+1)' is dropped, page boundary crossings may not work | |||||||||
ANE (XAA) | 8B (2) | N | - | - | - | Z | - | (A OR magic) AND X AND oper -> A | * AND X + AND oper
highly unstable: involves a 'magic' constant that depends on temperature, the chip series, and maybe other factors. Turrican 3 on C64 requires a different magic constant than $EE for ANE. $EF is recommended by Groepaz (VICE team) | |||||||||
LXA (LAX) | AB (2) | N | - | - | - | Z | - | (A OR magic) AND oper -> A -> X | Store * AND oper in A and X
highly unstable: involves a 'magic' constant that depends on temperature, the chip series, and maybe other factors. Wizball on C64 requires a $EE magic constant for LXA | |||||||||
ALR (ASR) | 4B (2) | 0 | - | - | - | Z | C | A AND oper, 0 -> [76543210] -> CF | AND oper + LSR | |||||||||
ARR | 6B (2) | N | V | - | - | Z | C | A AND oper, CF -> [76543210] -> CF | AND oper + ROR | |||||||||
ANC | 0B (2) | N | - | - | - | Z | C | A AND oper, bit(7) -> CF | AND oper + set CF as ASL | |||||||||
ANC2 | 2B (2) | N | - | - | - | Z | C | A AND oper, bit(7) -> CF | AND oper + set CF as ROL | |||||||||
SBX (AXS, SAX) | CB (2) | N | - | - | - | Z | C | (A AND X) - oper -> X | CMP and DEX at once, sets flags like CMP | |||||||||
USBC (SBC) | EB (2) | N | V | - | - | Z | C | A - M - ~CF -> A | SBC oper + NOP | |||||||||
JAM (KIL, HLT) | 02, 12, 22,
32, 42, 52, 62, 72, 92, B2, D2, F2 (X) |
- | - | - | - | - | - | Stop execution | Halt the CPU. The processor will be trapped infinitely in T1 phase with $FF on the data bus. Reset required. | |||||||||
NOP (DOP, TOP) | 1A, 3A, 5A,
7A, DA, FA (2) |
80, 82, 89,
C2, E2 (2) |
0C (4) | 1C, 3C, 5C,
7C, DC, FC (4+p) |
04, 44, 64 (3) | 14, 34, 54,
74, D4, F4 (4) |
- | - | - | - | - | - | No operation | No Operation |
Opcodes in red are unstable.
Opcodes
The 6502 follows a 3-3-2 opcode bit pattern. If we arrange the opcode table in a slightly different way than it is usually done, we can observe some interesting symmetries:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Opcodes in bold are illegal. Opcodes in red are unstable.
Any instruction xxxxxx11 will execute the instructions at xxxxxx01 and xxxxxx10 at once, using the address mode of the instruction at xxxxxx01.
For example, "SAX abs” ($8F) is the composite of “STA abs” ($8D) and “STX abs” ($8E).
Oddities
- On NMOS, an indirect JMP will behave unexpectedly when the indirect address crosses a page boundary, because the 6502 does not add the carry to calculate the address of the high byte. For example, JMP ($19FF) will use the contents of $19FF and $1900 for the JMP address. On CMOS, this issue was fixed, at the cost of 1 additional cycle. In our example, JMP ($19FF) will use the contents of $19FF and $2000 for the JMP address.
- Some instructions, particularly those involving branches or indexed addressing modes, incur an extra cycle if the processor has to cross a memory page boundary. This is problematic for time-sensitive code.
- Conditional jumps are only 8-bit relative. And unconditional jumps are only 16-bit absolute.
- ADC is the only command for addition. To perform an addition without carry, the carry flag must be cleared manually first. Same with SBC for subtract.
- The TXS instruction does not affect any flag, while all other transfer instructions do.
- The BIT instruction copies bit 6 of the memory location to VF, regardless of any arithmetic overflow concept.
- The CLV (Clear Overflow Flag) instruction exist, but not the SEV (Set Overflow Flag) instruction.
- On NMOS, INC A and DEC A instructions do not exist. They do exist on CMOS.
- The NOP instruction takes 2 full-cycles. This is the minimum amount of cycles an instruction can take. It is necessary because, while the instruction itself does nothing, it still has to increment the 16-bit PC register.
- The alternate NOPs are not created equal. Some have one- or two-byte operands (which they don't do anything with), and they take different amounts of time to execute.
Compared behaviour
- The 6502’s Decimal (BCD) mode automatically adjusts ADC and SBC results, while the Z80 requires a DAA instruction after each BCD addition and subtraction.
- The 6502 uses only one addressing mode per instruction, while the Z80 can combine two different addressing modes within a single instruction.
- The 6502 post-decrements on PHA and pre-increments on PLA, while the Z80 pre-decrements on PUSH and post-increments on POP.
- The 6502 saves flags automatically during interrupts; while the Z80 requires PUSH AF and POP AF.
- The 6502 only updates flags that are directly relevant to the operation's result. For example, EOR doesn't conceptually involve a carry, so the Carry flag is left untouched. On the Z80, XOR always clears the Carry flag to ensure a clean flag state.
Block Diagrams
Simple view
Detailed view
See: 6502 datapath signals 6502 timing states 6502 svg schematic Balazs' 6502 schematic
The Decode ROM (PLA)
With 65xx family every instruction consumes multiple cycles. On the first cycle the opcode is fetched and saved internally, and in later cycles this determines the various corresponding actions which need to happen -- for example selecting an ALU function, or cueing an internal register to update itself from one of the internal buses.
The PLA coordinates this. It inputs the opcode and the counter that says which cycle is presently happening. Then the outputs of the PLA trigger whatever actions need to happen in that particular cycle for that particular instruction. Source
The instruction register, which holds the opcode, and the current clock cycle within the instruction (T0 to T6) get fed into a 130×21 bit decode ROM, i.e. a ROM with 130 lines of 21 bits each.
While some other CPUs from the same era used microcode to interpret the instruction, the 6502 had this 130×21 bit PLA. All lines of the PLA compare the instruction and the current clock cycle, and if they match, the line fires. Source
The 6502 has a 'rather' simple structure built from a timing circuit counting instruction cycle and an instruction register, followed by a decoder PLA where instruction plus timing information is transformed into control signals which are fed into the execution units.
The cycle counter starts at 0 and shifts through the maximum 7 states. When an instruction ends, it gets reset to zero for the next one. The 6502 PLA is essentially a one-dimensional decoder transforming the combined instruction plus state into one or more control signals for the execution units.
Since the PLA allows partial decoding, one entry can fire on different instructions. For example, all instructions loading the second byte as immediate share one single PLA entry (microcode line). In comparison with textbook microcode engines, this is equivalent to a kind of compressed microcode. Source
A PLA is much more efficient than a ROM because it can take advantage of "don't care" entries. Specifically, the 6502 has a 130x21 PLA = 2730 entries. A ROM would need 11 inputs (instruction + timing) and 130 outputs, so 130*2^11 = 266240 entries plus the decoding logic. (You could reduce the ROM size by using tricks such as multiple levels of ROM or partially decoded ROMs.)
Instruction sets are usually defined so groups of bits have meanings and can be decoded separately. This makes the PLA a good fit.
For a specific example, the 6502 PLA decodes instructions matching 100XX1XX to the control line STY (ignoring the timing bits for simplicity). This takes 1 row in the PLA, but it would take 16 entries in a ROM. Source
See: 6507 Decode ROM (PLA) 65CE02 Decode ROM (PLA) ARM1, Z80, 6502 instruction sequencing compared Internals of BRK/IRQ/NMI/RESET on a MOS 6502 How MOS 6502 illegal opcodes really work 6502 microcode 6502 microinstructions
CPU Pinout
Notes:
- SYNC is an output signal. It is high at T0.
- S.O. is an input signal, which stands for Set Overflow. It allows the hardware to affect VF independently of the software.
- Some pins are modified in CPU variants.
Chip Variants
- The ROR instruction didn't exist in the very earliest (pre-1977) chips. See: Measuring the ROR Bug in the Early MOS 6502
- The 6502 core used inside the NES is missing the Decimal Mode feature. NES programmer's reference guide NESDoc NES mappers Noca$h's Everynes NES emulator tests Official Nintendo testing software
- The 6507 CPU, used in the Atari VCS, has only 13 address lines. So it can only address 8KB instead of 64KB. It also lacks the IRQ and NMI interrupt lines. Atari VCS: The Ultimate Talk Stella programmer's guide Stella system training manual Noca$h's 2k6specs
- The 6510 CPU, used in the Commodore 64, is a 6502 with an additional AEC pin that puts the bus in high impedance mode. It also includes a 6-bit I/O port that occupies addresses 0 and 1.
- The disk drive of the Commodore 64 has its own 6502 processor that acts as a floppy disk controller (FDC) and as a disk operating system (DOS) processor. It can also be used as a general coprocessor for the main system.
- The 6502C used in Atari 8-bit computer range, adds an additional HALT pin for DMA. The 6502C is otherwise a regular NMOS 6502, not to be confused with the CMOS 65C02.
- The CMOS 65C02 fixed multiple bugs of the original NMOS 6502, but also removed access to all illegal instructions. Some cycle counts have been modified and some extra instructions have been added. In fact, there are multiple implementations of the 65C02 (WDC 65C02, WDC 65C02S, Rockwell R65C02, CSG 65CE02, ...), each with its own variant of the instruction set 6502 Family CPU Reference.
- The HuC6280, used in the PC-Engine gaming console, is an improved version of the CMOS 65C02. HuC6280 hardware manual HuC6260 VCE manual HuC6270 VDC manual
- The WDC 65C816, used in the SNES and the Apple IIGS, is a 16-bit version of the 65C02 SNES development manual Noca$h's fullsnes SNESdev wiki. The 65C816 contains a compatibillity mode, enabled by default upon reset, that makes it behave like a regular 65C02. The full 65C816 cycle-by-cycle steps are in the 65C816 datasheet.
- The Sony SPC700 sound CPU used inside the SNES also behaves similarly to a 6502 with some extensions. Source SPC700 Series SNES-tests
Links
- MOS 6502 at the English-language Wikipedia
- 6502.org the 6502 microprocessor resource
- On the 6502 - A brillant or sloppy design?
- The 6502 CPU Powered a Whole Generation! by The 8-Bit Guy
- Oral history of Bill Mensch
- Learn Assembly Programming with ChibiAkumas Multi-platform 6502 tutorial
- Obelisk 6502 Guide
- 6502 Instruction Set 6502 illegal opcodes demystified
- No more secrets - NMOS 6510 Unintended Opcodes
- The 6502/65C02/65C816 Instruction Set Decoded
- 6502 opcodes 65CE02 opcodes
- Opcode matrix arrangement
- Oxyron Opcode Matrices
- Rodnay Zaks Programming the 6502
- Synertek SY650x programming manual (250 pages)
- Synertek SY650x hardware manual (178 pages)
- Media:SY6500 - SY65C02 datasheet.pdf - features a detailed breakdown of 65C02 instructions
- xotmatrix 6502 instruction set and detailed cycle-by-cycle breakdown
- Media:6502 (65xx) Microprocessor Instant Reference Card.pdf
- 6502 Interrupts
- Media:6502-dead-cycles.pdf
- 6510 Instruction Timing
- Conference - Reverse Engineering the MOS 6502 CPU
- Visual6502remix Visual6502wiki
- C74-6502 MOnSter 6502 Dis-integrated implementations of the 6502 microprocessor
- FPGA NES Visual2A03remix Breaking NES wiki
- Decoded: The Bisqwit NES emulator Writing NES emulator in Rust Emudev (nes-c64-snes)
- Cycle-stepped 6502 emulation how-to
- Tom Harte's SingleStepTests