Alex Evans’ BASIC UTILS change everything – part 2

See also: part 1, part 2 and part 3.

In the first part of this series, I didn’t explain who Alex Evans is or what his BASIC UTILS are. And I may not in this part, either. Rest assured, Alex Evans fans, I will be getting to this soon eventually.

The focus right now is looking at ways to make BASIC program lines that are longer than the 249 characters we can type in to the 251-byte input buffer. One way to do that is manually.

Previously I showed a three-line BASIC program that did three PRINT commands. By PEEKing through the memory of that program, we could see how it was stored:

Now that I understand how those bytes are stored, it seems it would be easy to copy them somewhere else in memory, and adjust the BASIC pointers for “start of program” and “start of variables” to reference the new location and see if it works.

And it almost does… Here’s a program that does it:

20 ST=PEEK(25)*256+PEEK(26)
40 EN=PEEK(27)*256+PEEK(28)
85 'PRINT "ARYTAB: &H";HEX$(PEEK(29)*256+PEEK(30)),;
86 'PRINT "ARYEND: &H";HEX$(PEEK(31)*256+PEEK(32))
100 NS=ST+&H1000
130 FOR I=0 TO SZ
150 NEXT
190 END
200 PRINT "START: &H";HEX$(PEEK(25)*256+PEEK(26)),"END: &H";HEX$(PEEK(27)*256+PEEK(28))

This program will start by showing the start and end of the BASIC program, and then it will copy that memory to 4K higher in memory (current start plus &H1000). After that, it prints the new start/end locations and ENDs. After running, we’d manually do the POKEs to set locations 25/26 and 27/28 to those values, and then we could RUN 200 to see if it works.

I am using HEX so it’s easy to figure out the MSB (most significant byte) and LSB (least significant byte) of the addresses for the later POKEs. You can see that I POKE 25 and 26 to the first two and last two digits of the new “START” address, and the same with 27 and 28 and the new “END” address.

Then I RUN 200 and it prints where it thinks the program is. It works!

Sorta. If I attempt to EDIT this program or add a new line, I end up with a corrupt program. There’s clearly more that needs to be done for this to really work, but it’s a good proof-of-concept.

Rather than figure out what all I need to do to make this work, I tried using the PCLEAR command. I know it will relocate the current BASIC program and adjust variables as needed. By repeating the same steps as before, I can see the “new” program is higher in memory, then by doing a PCLEAR 4 (which is what it was already set to), it relocates the BASIC back to where it should have been. I can then add a line 81 END and RUN it to see it print the location — matching the original.

Okay, that’s cool. Probably not the correct way for it to be cool, but it does appear to work. For me. Sorta.

Creating BASIC where there was none

The real goal here is to create a BASIC program that has a line that goes well beyond the 249 character tapeable line length.

Going back to my earlier example that had PRINT”A”, we can see that the PRINT token was a value of 135 (&H87), and a quote is 34, then the character(s) to print, followed by another quote 34, then the zero at the end of the line. As a simple test, I will try to create a program that PRINTs the hex digits from 0 (&H0) to 255 (&HFF). I’ll add a semicolon at the end of each PRINT so each PRINT is on the same line. The program would look like this:

PRINT"0";:PRINT"1";: ... :PRINT"A";:PRINT"B";: ... PRINT"FF";

As a reminder a BASIC program has the format of…

  • 2 bytes – Address of next line
  • 2 bytes – Line number
  • n bytes – Tokenized line
  • 1 byte – 0 end of line marker.

To have BASIC create these bytes, I’ll first have it ask for the location in memory to begin creating the BASIC line(s).

Then I’ll use a variable that tracks the address each line starts and remember that so it can be filled in later when the address of the next line is known. I’ll then POKE out the two bytes representing the line number, and then POKE out the bytes for the tokenized line which will be the PRINT token, quote, the ASCII characters for the HEX$() of the number, another quote, then a semicolon and colon. This will repeat for all 255 hex values. Then the 0 will be stored, and after that, whatever address that is will be the start of the next line. That address will be stored back at the first two bytes of the line entry, then the program will end with two zeros marking the end of the program (no address for the next line).

I came up with this program:

10 CLEAR 300
20 PRINT "START: &H";HEX$(PEEK(25)*256+PEEK(26)),"END: &H";HEX$(PEEK(27)*256+PEEK(28))
60 LS=ST
80 POKE LS+2,0:POKE LS+3,10
100 AD=LS+4
120 ' PRINT"x";:
140 FOR I=0 TO 255
160 TK$=CHR$(&H87)+CHR$(34)+HEX$(I)+CHR$(34)+";:"
170 'PRINT TK$
180 FOR J=1 TO LEN(TK$)
190 POKE AD,ASC(MID$(TK$,J,1)):AD=AD+1
200 NEXT
210 NEXT
230 POKE AD,0:POKE AD+1,0
250 MS=INT(AD/256):LS=AD-(MS*256)
280 PRINT "START: &H";HEX$(ST),"END: &H";HEX$(AD+2)

Similar to the previous example, I RUN this program, then wait as it generates 256 PRINT statements on one huge line 10, and then do the POKEs for 25/26 and 27/28 shown on the screen, then a PCLEAR 4 to move this new program back to where it should be:

Once that is done, I can RUN to see it fill the screen with hex digits “0” to “FF” (more than fits on a screen), and attempting to LIST the program shows only one line, but only shows the first 249 or so bytes of it:

Checking the size of the program by doing:

PRINT (PEEK(27)*256+PEEK(28))-(PEEK(25)*256+PEEK(26))

…shows that this ONE LINE program is 1782 bytes! That’s quite the long program considering it’s only one line!

Due to the limit of the 251 byte input buffer, we cannot EDIT this line without losing everything after the 249 bytes we can type. If you EDIT and press ENTER, then LIST, you’ll see the program has been truncated.

But, it proves BASIC does indeed not care about how long a line can be.

Prove it!

By typing CSAVE”IMPOSS”,A (for tape) or SAVE”IMPOSS”,A (for disk), you can save the program out in ASCII (text). You could then transfer that file (using the toolshed decb utility or other similar program) to a PC/Mac and look at it in a text editor. This is what I see:


Pretty cool! A one line program that is 1700+ bytes long. Sweet!

There’s got to be an easier way…

And we’ll do that in the next part.

Until then…

Alex Evans’ BASIC UTILS change everything – part 1

See also: part 1, part 2 and part 3.

Or at least a lot of things.

Or perhaps just one thing, but it’s pretty darned spiffy thing.

I’ll get to that shortly eventually. But first…

Typing in BASIC in BASIC

When it came to typing in BASIC, my Commodore VIC-20 had a full screen editor that let you cursor around the screen and type, pretty much, anywhere you wanted. You could cursor up to a command you just typed, change it, then hit enter and run it again. You could LIST a program, cursor up to a line, make a change, hit ENTER and it would be modified.

Sky-Ape-Er loader, lines -25.

This was one thing I missed when I switched from my VIC to a 64K Extended Color BASIC CoCo. Fortunately, the EDIT command in Extended BASIC ended up being much faster for me than cursoring around the screen and inserting/deleting things. It sure would have been nice to have both.

Side note: The irony that the computer with full screen editing did not have arrow keys, and the computer that had no full screen editing did have arrow keys, was not lost on me, even as a kid.

The original Color BASIC did not have the EDIT command. If you had an error or typo in a line, your only option was to retype the whole line. Since a 1980 4K CoCo had very little space for BASIC programs, and since each new line took an extra 5 bytes of overhead, I suppose many programmers had to pack lines as much as possible just to make the program fit… For those writing smaller programs, or with upgraded memory (you could get a 16K upgrade!), maybe they stuck to writing shorter lines…especially if they were used to having errors in the program.

Side note: In addition to saving program memory, packing multiple instructions on a line also sped up the program since it no longer had to scan over line numbers moving from instruction to instruction.

Line length limit

When you begin typing a line on the CoCo, everything you type is going in to a buffer in memory. The Color BASIC Unravelled disassembly book labels this buffer as LINBUF, and describes it as follows:

After line header comes LINBUF which is a 251-byte buffer to store BASIC input line as it is being typed in. This 251-byte area is also used for several different functions but primarily it is used as a line input buffer.

Color BASIC Unravelled, page F3

In the disassembly, I see that this buffer is located just a bit before the 512 bytes used by the 32-column screen.

The buffer is at &H2DC (732), followed by a 41 byte “STRING BUFFER” (whatever that is for) at &H3D7 (983) and then the &H200 (512) bytes for video at &H400 (1024).

The disassembly reserves “LBUFMX+1” bytes for this buffer, but even without looking that up, we could figure out how big the buffer is by subtracting the start of the STRBUF after it (&H3D7) from the start of the LINBUF (&H2DC). That gives us 251 bytes. And, indeed, looking up what LBUFMX is, we find it is indeed 250:

…so “LBUFMX+1” would give us the 251.

I like it when the math checks out.

This means when you go to type in a BASIC program line, you shouldn’t be able to type any more than 251 characters. And, actually, it stops you after typing in the 249th character:

Above, you can see I was able to type seven (7) full 32-character lines (224 characters) and then twenty-five (25) more characters on the final line before BASIC stopped me. 224 + 25 is 249, with the cursor sitting at the 250th position. I’d have to look at the code to see why it stops there, since 249 isn’t the 251 I expected.

Something interesting happens when you press ENTER. That line will get tokenized, and BASIC keywords will be changed from the full word (such as “PRINT”) in to a one or two byte token that represents them. In this case, the PRINT keyword will become a one byte token, so the five bytes I typed for PRINT will become one byte. And then if I try to EDIT the line again, I should be able to “X”tend the line and add four more characters:

You can see after I typed “EDIT 10” and then typed “X” to extend to the end of the line, I could type four more characters.

BUT, if I then LIST the program, you won’t see all four of them — only three:

This is a bug in LIST. The four dots actually are still there, and you can see them PRINT when I run this program:

I suppose the point is, no matter what you do, you can’t enter more than 249 characters on a BASIC line.

Or can you?

Defining the limits

What was the limit set to 251? Why not 256 or 200 or something else? It seems to me that the LINBUF length limit may have been arbitrary based on how much memory was available. I suppose back in 1980 on a 4K machine, you didn’t want to take up half your memory for an input buffer that was unused any time you weren’t actually typing stuff in.

But, the actual BASIC interpreter doesn’t seem to care about line length. Looking at the Unravelled disassembly, here is the description of how a BASIC program is stored in memory:

Let’s ignore #1 for the moment. We’ll use this simple program as an example:


If I type that in, somewhere in memory it will be stored. The keyword PRINT will be turned in to a one byte token, and the rest — the quotes and letters — will be be stored as-is. The somewhere we can figure out by checking some memory locations:

Above, TXTTAB represents two bytes in memory at &H19 (25) and &H20 (26) that contain the address where the BASIC program is in memory. Since variables are stored directly after the BASIC program, we can use VARTAB (the start of variables) to figure out where BASIC ends.

PRINT PEEK(25)*256+PEEK(26)

PRINT PEEK(27)*256+PEEK(28)

This shows that my three line program is in memory from 9729 to 9758. Well, actually, 9757 would be the last byte of the BASIC program, since 9758 is the first byte of variable storage. But close enough!

If I were to PEEK the bytes in that range, I could see what the tokenized program looks like.

FOR I=PEEK(25)*256+PEEK(26) TO PEEK(27)*256+PEEK(28):PRINT PEEK(I);:NEXT

Or, print the two sets of PEEKs first and just use those numbers in the FOR loop:

Above we see the series of bytes that make up the BASIC program. In the earlier list…

…number 4 said the program ends with “two zero link bytes”, and we see a 73. Why? Because that 73 is the first byte of the variables after the program. #TheMoreYouKnow

Looking at those bytes, here is what they represent:

38 10 - address of next line
00 10 - line number 10
135   - PRINT keyword token
34    - quote
64    - A
34    - quote
0     - end of line
38 19 - address of next line
00 20 - line number 20
135   - PRINT keyword token
34    - quote
66    - B
34    - quote
0     - end of line
38 28 - address of next line
00 30 - line number 30
135   - PRINT keyword token
34    - quote
67    - C
34    - quote
0     - end of line
00 00 - address of next line (0 0 means end of program)

The “line number” ones are pretty simple. That’s the line number represented as two bytes.

Side note: Two bytes should allow for lines 0 to 65535, but BASIC only allows lines 0 to 63999. If you try to make a line 64000 or higher, you will get a ?SN ERROR. I guess they didn’t have room for a special “Line Number Too Large” error.

The “address of next line” one corresponds to the location in memory where the next line’s “address of next line” bytes will be. Thus, if you had a BASIC program starting in memory at 10000 (to to make the numbers look nice), it might look like this:

 Mem.        +----- 6 bytes of data ------+
 Addr        |                            |
10000: [4006][10][PRINT_TOKEN]["][A]["][00]
10006: [4013][10][PRINT_TOKEN]["][B]["][00]
10013: [40xx][10][PRINT_TOKEN]["][C]["][00]
10019: [0000]

At least, I think that’s pretty close.

You will notice that BASIC knows the address for the start of the next line, and uses a zero to represent end-of-line. There is no “line length” in there, which means BASIC is kind of like the honey badger… it doesn’t care about line length!

This makes me think that the limit is primarily the LINBUF buffer size. If we had a way to type longer lines, BASIC seems like it would handle them just fine. And this gives me a few ideas:

  1. Patch BASIC to use a larger input buffer so longer lines can be typed. This might also require patching other routines I haven’t looked at. For example, I think there’s some limit to what LIST does. This sounds like work and something that requires more knowledge than I have.
  2. Manually manipulate the BASIC program to create larger lines that can’t be typed. Programs such as Carl England’s CRUNCH will pack lines together to make them longer than you could actually type. (But how long? I dig in to this in a later article.)
  3. Something else…

In the next installment, we will explore some of these options…

Until then…

What is a CoCo? ChatGPT has some thoughts…

Meanwhile, over at… I told it:

The CoCo is the nickname for the Radio Shack TRS-80 Color Computer. Can you come up with something that “COCO” stands for, that would be related?

– Me, to ChatGPT

It responded with some interesting suggestions…

Interesting question! The CoCo is indeed a nickname for the Radio Shack TRS-80 Color Computer, a line of home computers developed and sold by Tandy Corporation from 1980 to 1991¹. It was based on the Motorola 6809E processor and used the MC6847 Video Display Generator (VDG) chip¹³. It was also compatible with Microsoft BASIC and OS-9 operating system¹.

Some possible things that COCO could stand for, related to this computer, are:

  • Color Operating Computer Organization: A name for a group of enthusiasts or hobbyists who use or collect CoCo computers.
  • Colorful Objects with Computational Outputs: A description of the graphical capabilities of the CoCo, which could display up to 16 colors on screen⁴.
  • Commonly Observed Computerized Oracle: A humorous way of referring to the CoCo as a source of information or entertainment for its users.
  • Cooperative Online Colorful Operations: A term for multiplayer games or applications that could run on the CoCo using its serial port or modem⁴.

Source: Conversation with Bing, 3/16/2023
(1) TRS-80 Color Computer – Wikipedia. Accessed 3/16/2023.
(2) TRS-80 Color Computer – CoCopedia – The Tandy/Radio Shack Color …. Accessed 3/16/2023.
(3) Radio Shack TRS-80 Color Computer. Accessed 3/16/2023.
(4) trs 80 computer products for sale | eBay. Accessed 3/16/2023.


And, there was more…

  • Colorful Output with Creative Options: A way of highlighting the CoCo’s versatility and potential for different types of programs and projects.
  • Computerized Optical Colorful Oscilloscope: A reference to the CoCo’s ability to display graphics and sound using its VDG chip and 6-bit DAC.
  • Compact Original Colorful Object: A simple description of the CoCo’s physical appearance and design.

There are only some many words beginning with C or O that make sense for this topic, but it might be fun to keep asking it until we find the ultimate backronym.

Until then…

These lines are just too long (for Color BASIC)!

These lines are just too long!

– Me at Walt Disney World

There is a limit to how long of a line you can type in Color BASIC, whether that be entering a program line, or typing at an INPUT prompt. The input buffer is defined as 251 bytes, as shown in the Color BASIC Unraveled book:

LINBUF is defined as 250.

So of course, as you type in really long lines, it stops after the … 249th character. The reason why is beyond the scope of this posting, but this topic will be discussed in an upcoming article series.

Here is an example:

The same is true for using the LINE INPUT command.

Even if the input buffer were larger, the largest string variable you can have is 255 characters, so that would be the maximum input size to avoid an ?LS ERROR (length of string). Here’s a short program to verify that, which uses the STRING$() function to create a string of a specified length containing a specified character.


Something I had not thought about until today was that this length impacts anything that INPUTs, whether it is from the user typing on the keyboard, or reading data from a file.

When reading from a tape or disk file, INPUT and LINE INPUT expect to see zero or more characters with an ENTER at the end. But when creating a file, you can make a line as long as you want simply by using the semi-colon at the end of a PRINT command so it does not output an ENTER. Consider this example that prints a 510 character string with an ENTER at the end:

10 OPEN "O",#1,"510LINE"
20 PRINT #1,STRING$(255,"X");STRING$(255,"X")
30 CLOSE #1

That works fine, but how do you read it back? The string is now too long to be read in to INPUT or LINE INPUT. What will it do?

10 OPEN "I",#1,"5120LINE"
30 CLOSE #1

In this case, the disk input routine reads as much data as will fill the input buffer, then keeps scanning forward looking for the ENTER. The rest of the data on that string appears to be discarded.

If you were to count the Xs, or just PRINT LEN(A$), you would see that A$ contains the first 249 characters of the 510 string that was written to the file.

But what if the ENTER was not at the end? By adding a semi-colon to the end of the PRINT:

10 OPEN "O",#1,"510LINE"
20 PRINT #1,STRING$(255,"X");STRING$(255,"X");
30 CLOSE #1

…what would the input program do? (Same code as before, just now it’s reading from a file that has a 510 character line with no ENTER at the end.)

10 OPEN "I",#1,"5120LINE"
30 CLOSE #1

…the behavior will change. We will now get an ?IE ERROR (Input Past End of File). The INPUT and LINE INPUT routines need an ENTER, so while it scans forward looking for the end of the line, it hits the end of file before an ENTER, and that’s what it reports.

This tells us two things:

  1. Always have an ENTER at the end of a line.
  2. Don’t have the line longer than 249 bytes or any characters after it will be ignored.

Here is an example that creates a file with a 250-character line that contains 248 “X” characters followed by “YZ”. When read back, it only gets up to the Y (249 characters):

5 CLEAR 300
10 OPEN "O",#1,"250LINE"
20 PRINT #1,STRING$(248,"X");"YZ"
30 CLOSE #1
40 OPEN "I",#1,"250LINE"
60 CLOSE #1

And, since BASIC appears to keep scanning INPUT looking for an ENTER, you could make your tape or disk I/O take a really long time if you created some really huge line with no ENTER at the end, then tried to read it later.

Here is a program that writes 65,025 “X”s to a file with no ENTER at the end, and then tries to read it back:

10 CLEAR 300
30 OPEN "O",#1,"LINE2BIG"
40 FOR I=1 TO 255
60 PRINT #1,STRING$(255,"X");
80 CLOSE #1
100 OPEN "I",#1,"LINE2BIG"
120 CLOSE #1

If you run that, it will eventually try to read (and take a really long time) before erroring out with ?IE ERROR. Add “75 PRINT #1” to insert an ENTER at the end of the PRINT loop, and then it will just take a really long time trying to read, and print the first 249 characters of that 65,025 character string.

And that’s it for today, but I hope you took notes. LINBUF will return.

Until then…

Color BASIC program line info dump program

These days, I feel like I am regularly saying “I’ve learned more this week about X than I learned in Y years of using it back in the 1980s!”.

This is another one of those.

Each line of a Color BASIC program is tokenized (changing keywords like PRINT to a one or two byte token representing them) and then stored as follows:

  • 2-Bytes – Address in memory where next line starts
  • 2-Bytes – Line number (0-63999)
  • n-Bytes – Tokenized program line.
  • 1-Byte – Zero (0), indicating the end of the line

The four byte header and the 1 byte zero terminator mean that each line has an overhead of 5-bytes. You can see this by printing free memory and then adding a line that has a one byte token, such as “REM” or “PRINT”:

Above, you see the amount of memory decreases by 6 bytes after adding a line. That’s five bytes for the overhead, and one byte for the “REM” token.

The BASIC program starts in memory at a location stored in memory locations 25 and 26. You can see this by typing:

PRINT PEEK(25)*256+PEEK(27)

There are other such addresses that point to where variables start (directly after the program), and where string memory is. Here is an example program from an earlier article I wrote that shows them all. (The comments explain what each location is.)


20 ' PEEK(25)*256+PEEK(26)

40 ' PEEK(27)*256+PEEK(28)

60 ' PEEK(29)*256+PEEK(30)

70 ' END OF ARRAYS (+1)
80 ' PEEK(31)*256+PEEK(32)

100 ' PEEK(33)*256+PEEK(34)

120 ' PEEK(35)*256+PEEK(36)

140 ' PEEK(39)*256+PEEK(40)

160 PRINT "PROG  SIZE";(PEEK(27)*256+PEEK(28))-(PEEK(25)*256+PEEK(26)),;
170 PRINT "STR SPACE";(PEEK(39)*256+PEEK(40))-(PEEK(33)*256+PEEK(34))
180 PRINT "ARRAY SIZE";(PEEK(31)*256+PEEK(32))-(PEEK(29)*256+PEEK(30)),;
190 PRINT " STR USED";(PEEK(39)*256+PEEK(40))-(PEEK(35)*256+PEEK(36))
200 PRINT " VARS SIZE";(PEEK(29)*256+PEEK(30))-(PEEK(27)*256+PEEK(28)),;
210 PRINT " FREE MEM";(PEEK(33)*256+PEEK(34))-(PEEK(31)*256+PEEK(32))

I thought it might be interesting to write a BASIC program that displays information on each line of the BASIC program. That information would include:

  • Start address of the line
  • Address of the next line
  • Line number of the line

Here is what I came up with. It can use generic PRINT in lines 40 and 70 (for Color BASIC) or a nicer formatted PRINT USING (for Extended Color BASIC) in lines 50 an 80.

20 L=PEEK(25)*256+PEEK(26)
30 NL=PEEK(L)*256+PEEK(L+1)
50 PRINT USING"##### #####";L;NL;
70 'PRINT PEEK(L+2)*256+PEEK(L+3);NL-L
80 PRINT USING" ##### ###";PEEK(L+2)*256+PEEK(L+3);NL-L
90 L=NL:GOTO 30

For this program, as shown, running on a virtual 32K Extended Color BASIC CoCo in the XRoar emulator, I see:

The first column (ADDR) is the address of the BASIC line in memory. After that is the address of where the next line begins (NADDR), and it will match the address shown at the start of the following line. The third column is the line number (LINE#), and last is the size of the line (SIZ) which includes the tokenized line AND the terminating zero byte at the end of it.

The final line has a “next address” of zero, indicating the end of the file.

At the start of the program I included three comments:


In the output of the program, you see them described as:

 9729  9747     0  18  <- [0 'BASINFO.BAS]
 9747  9765     1  18  <- [1 REM BASINFO.BAS]
 9765  9782     2  17  <- [2 REMBASINFO.BAS]

You can see that the length of lines 0 and 1 are both 18, even though one looks like it should be shorter. In this case, the apostrophe (‘) abbreviation for REM seems to take as much space as “REM ” (with a space after it). This is because the apostrophe is encoded as a “:REM” (colon then REM). Alex Evans recently reminded me of this. This behavior would allow you to use it at the end of a line like this:


…instead of having to do:


But don’t do either! REMs at the end of the line can be the worst place to have REMs, since BASIC will have to scan past them to get to the next line, even if they are after a GOTO. This makes them slower. (Reminder to self: do an article on this since I’ve learned more since I original covered the topic in one of my Benchmarking BASIC articles…)

But I digress…

If you wanted to run this on your own program, you could do so by making this routine load at a high line of BASIC (higher than any lines you might be using), then you could save it as ASCII (SAVE”BASINFO”,A) and then use MERGE”BASINFO” (from disk) to bring those lines in to your program.

63001 NL=PEEK(L)*256+PEEK(L+1):PRINT USING"##### #####";L;NL;:IF NL=0 THEN END ELSE PRINT USING" ##### ###";PEEK(L+2)*256+PEEK(L+3);NL-L:L=NL:GOTO 63001

Now you could do RUN 63000 to see what your program looks like. (The highest line number Color BASIC allows is 63999 so you could change that to 63998 and 63999 if you wanted absolutely the most line numbers available for your program ;-)

You could also add “IF L=63000 THEN END” somewhere and have it stop when it hits that routine.

What use is this?

For an upcoming article, I expect to use a version of this code to “prove” something as it relates to BASIC and the length of lines.

But, it might also be fun to generate some statistics — longest line, shortest line, a graph of the different line lengths, etc.

Until next time…

FreeRTOS: Virus?

The discussion about using FreeRTOS has come up at my day job in recent years, so a month or two ago I downloaded it from the official website with plans to take a look at it.

I never got around to it, but today our IT department contacted me about its removal from my system. The download was flagged to contain a virus. I am sharing this information here so it will show up in search engines:

Severe Gen:Variant.Tedy.307215 - Virus.Generic - Deleted

File - C:Users<username>DownloadsFreeRTOSv202212.00FreeRTOSv202212.00FreeRTOSDemoWIN32-MSVCDebugRTOSDemo.exe

md5: 2F1699A8E9DE9D946FD6DDCC4BCC2F45

It appears all I did was open the project and build it in Visual Studio. Nothing else on the system was flagged, and we use Visual Studio to build two of our in-house apps, so I am curious why this happened.

Anyone seen this? Please leave a comment.

Stay safe :)

An adventure game rabbit hole…

From the “this is how my mind works sometimes” department…

Some definitions, as they relate to my career as an embedded programmer:

  • Can of Worms – when you go to fix something that should be simple and quick, but as you try to fix it, you realize it’s tied to other things that will also need fixes and thus your one quick fix turns in to days of many not-so-quick fixes.
  • Whac-A-Mole(tm) – when you fix a bug only to find that it manifests another bug, and then you fix that bug and it causes yet another bug, and then… (See also: Unintended Consequences)
  • Rabbit Hole – when you think something will be simple, then you look, and have to go to another section of code to find what you are looking for, but that sends you to another section of code which also sends you to another section of code and that…

Today, a quick rabbit hole in relation to text adventure games.

Down the rabbit hole: the beginning of playing

I was fascinated with text adventure games when I first learned of them back around 1981 or 1982. I do not recall what the first one I saw was, but it was likely something at the local Radio Shack playing on a TRS-80 Model 3. I definitely remember buying Mission Impossible by Scott Adams on a cartridge for my Commodore VIC-20.

This led me to trying to write my own text adventures. The “most successful” one was probably a custom game I wrote for the *TALK TO ME* BBS in Houston, Texas. The game was a recreation of the SysOp’s (system operator) apartment, and the goal was go roam around the apartment collecting parts of the system that ran the BBS and hook them all back up. It was a very simple game, with the only challenge being something random you couldn’t do anything about — a killer cockroach (if I recall) that would randomly show up and scatter all your work back randomly across the apartment. Randomly. One day, I hope to find this program on a cassette tape somewhere.

But I digress…

Down the rabbit hole: the beginning of coding

Over the years, I wrote various routines for doing text adventures — word wrap, verb/noun input, moving from room to room, getting and dropping objects, etc. When I started going through my old CoCo stuff years ago, I found notes on old games I’d forgotten I had been working on. The most complete one was “The ODDyssey” which I was co-writing with my MC-10 buddy Paul T. (We had intended it to run on both CoCo and MC-10.) I have the engine of that game and the complete map, but we never finished the goals and objects beyond some early test ones.

Still, it looked pretty good, and using a trick I think I read about in The Rainbow magazine, you could type in “get the black book” instead of just “get book.”

The ODDyssey, my uncompleted text adventure from around 1984.

In addition to various CoCo adventures, I also tried writing one in Java that would run as an applet on a web browser. That game, based on Disneyland/Disney World’s Haunted Mansion, even included background music :)

Heck, I even wrote a “WebVenture Generator” MS-DOS program that would let me make simple walk-through web pages using digital photos I took. Here is one from Disneyland using photos I took in August 1996:

None of this has anything to do with today’s topic except to say that I’ve toyed with adventure games numerous times over the years in several different languages.

Down the rabbit hole: the beginning of the point

When I’m starting a new adventure game, I usually make a test map. Ideally I have rooms that have exits in different directions so I can verify all of that works. It might start as something very simple like this:

[ 1 ] --- [ 2 ]
  |         |
[ 3 ] --- [ 4 ] --- [ 5 ]

That has rooms that have exits leading North, South, West and East, but it doesn’t truly exercise all the possibilities. A proper “engine” shouldn’t care, but if one wanted to be thorough, you’d want to make sure you have every possible combination of room exits covered in a test map.

How many exits can one room have?

For simplicity, we will limit our exits to the four compass directions – North, South, West and East. A fancier adventure game might allow diagonals (Northwest, Southeast) and vertical (Up and Down). But for now, we’ll stick to the four basic directions.

Initially I started drawing out a map by hand, trying to make sure I had a room with only an exit East, a room that had only an exit West, etc. I quickly lost track of what I was trying to do…

So I wrote a program to show me all the combinations. Since there are four exits that can either exist or not exist, I decided to use four bits to represent them.

  • Bit 0 – North
  • Bit 1 – South
  • Bit 2 – West
  • Bit 3 – East

Side Note: I am using NSWE here, but I recall, when I first learned about writing adventure games from some VIC-20-era magazine I had, they used the order of NEWS – North, East, West, South. That might be easier to remember, but the order doesn’t matter for this example.

Here are what those bits would look like:

0001 - Exit North
0010 - Exit South
0100 - Exit West
1000 - Exit East

…then all the other combinations. Once I thought about it this way, it was easy to see I had everything from 0000 (0, no exits) to 1111 (15, exit in all four directions). Thus, there would be 16 possible room types.

I wrote this program to print them all out:

20 FOR D=1 TO 15:PRINT D;
70 PRINT,;

Side note: If you wanted to include the diagonal directions of NW, NE, SE and SW, you’d expand that to eight bits. If you were also including Up and Down, add two more bits. That would make 1024 possible room types — and now you see why I limited it to just four directions.

And from there, I started drawing a map, making sure that I had at least one room of each of the 15 times listed above. (A room with no exits would also be possible, though maybe not useful.)

And this led me even further down this rabbit hole… I wanted to make the most compact map I could that had a room of each type in it. That would be my “test map” for the adventure game project.

Down the rabbit hole: the beginning of brute force

After initially trying to map out all the combinations using brute-force…

[10]-[6]  [2]  [10]-[4]
 |    |    |    |
[3]  [11]-[15]-[7]
 |    |    |    |
[1]  [9]--[15]--[5]

TODO: 13 NWE, 14 SWE

…I wondered if there might be an easier way. Instead of just spending ten minutes drawing this by hand, I could probably spend a few hours or days to come up with a program that would help me create the map.

And as I thought about that, it sorta sounded like one of those sliding puzzle games I enjoyed as a kid.

Micha L. Rieser, via Wikipedia

In a number puzzle, the goal is to get the numbers in order. For a photo puzzle, it was to get the photo assembled. For my project, there could be multiple solutions — just as long as all rooms had a/an exit(s) that connected to another room’s exit(s).

And that reminded me of a game I had for my Sega Genesis called Junction. Or the relatively new CoCo game Pipes by Nick Marantes.

In those games, you are either sliding pieces around to complete a track for some object to follow, or you are placing pieces down (ala Tetris) to create a track.

For my use, instead of having the “playfield” be locked to some fixed width and height, it could be anything — very wide, very tall, or both. The more compact, the higher the score. The score might be calculated by the fewest number of duplicate pieces (15 being the least you could use, since you had to have at least one of each room type) and the least amount of empty spaces in the final map. For example, if there were only four pieces, they could be represented in a 4×4 grid with no empty spaces — a perfect score:

 |    |

But if the same four pieces had been represented like this:

[1]--[2]  xxx
xxx  [3]--[4]

…it is now using a 3×2 grid with two empty spaces and that would be a lower score. Somehow.

And if I could create something like this, and get people to play it, they could work out the best and most efficient way(s) to represent a text adventure demo map that covered all possible room types.

And that, my friends, sounds like even more work than just brute forcing a map until I am happy with it.

So naturally, I may just have to do this.

Until next time…

POKE 113,0:EXEC 40999 (and DLOAD)

If you recognize this, you must have been a Radio Shack Color Computer owner. If not, these two instructions would reboot a CoCo, starting it back over at the boot up screen just like when it is first powered on.

When the CoCo 3 was introduced, a different shortcut for rebooting was discovered thanks to a hidden easter egg. The egg was a hidden graphic showing a digitized photo of there three programmers who worked on the BASIC ROM. To make it display, you held down CTRL and ALT while powering on the machine. (A nod to Ctrl-Alt-Del reset on a PC, perhaps?)

We quickly discovered that the easter egg would also show if you held down CTRL+ALT and hit the reset button. Once the image was on the screen, pressing the reset button would reboot the computer back to the startup screen!

Thus, on a CoCo 3, POKE 113,0:EXEC 40999 was replaced by “CTRL+ALT+RESET, RESET” saving much typing.

But I digress…

Have you ever wondered just what that POKE and EXEC were doing? Neither did I, but I decided to find out anyway.

POKE 113,0

To figure this out, I turn to the book Color BASIC Unravelled by Spectral Associates. This book contains a disassembly of the Color BASIC ROM, fully commented with explanations of what everything does.

113 in decimal is hexadecimal &H71, which we need to know because the disassembly uses HEX instead of decimal for memory locations. Looking at memory location &H71 shows us this:

Spectral Associates named it RSTFLG (Reset Flag) and based on the value there, the system will either WARM start or COLD start when the reset button is pressed. By default, this value has &H55 there:

When the reset button is pressed, the CoCo’s 6809 processor jumps to a reset vector that is in memory at the last two bytes — &HFFFE-&HFFFF. Whatever address is stored there will be where the 6809 starts executing code. This address comes from the last two bytes of the 8K Color BASIC ROM at memory location &HBFFE-&HFFFF. For “reasons” beyond the scope of this article, the upper memory is ghosted so that value also appears at &HFFFE-&HFFFF.

Thus, when reset is pressed, execution begins at whatever address RESVEC is which you can see in the left columns of the disassembly is at &HA027 in the Color BASIC ROM. Searching in the Unraveled book for &HA027 (or better, the RESVEC label) shows us initialization code that eventually jumps to this:

There you can see an LDA RSTFLAG which is loading register A with whatever is at memory location 113 and comparing it to &H55. Based on the result, it either jumps to the cold start routine or warm start routine.

POKE 113,0 just puts the 0 in there so the code ends up jumping to BACDST which is what starts everything up and displays the BASIC copyright screen.

Thus, if you do POKE 113,0 and then press RESET, the CoCo will cold start.

EXEC 40999

By now, you may realize what code is at 40999. In HEX that is &HA027 … does that look familiar? That’s the address that the reset vector points to, which eventually leads to the routine at &HA00E which checks the RSTFLG (memory location 113) to decide what to do.

EXEC 40999 just jumps to the location that the reset button would causes the 6809 to jump to.

Thus, POKE 113,0 sets the “cold start” flag, and EXEC 40999 (or pressing reset) invokes the code that checks that flag and acts upon it.

You are welcome.

Bonus – DLOAD

There was another shortcut discovered on the CoCo 3 which allowed a cold start to be done without using EXEC 40999. Instead, you can type:


…and the CoCo 3 will cold start. Typing DLOAD by itself will cause the CoCo 3 to pause and then clear the screen. Any guess at what is going on?

DLOAD was a command that came with Extended Color BASIC, and it is a command I recall using exactly one time back then, though I later used it often on the CoCo 3 — just not for its original purpose.

I do not have a copy of the original TRS-80 Color Computer Getting Started with Extended Color BASIC manual for the CoCo 1, but since DLOAD is not mentioned in the 1984 version of the same manual for the CoCo 2, I suspect it may not have ever been documented in those manuals. (Leave a comment if you have information about this.)

It is, however, listed in the spiral-bound TRS-80 Color Computer Quick Reference Guide that I probably consulted more than any other book I have ever owned.

DLOAD was similar to the cassette CLOAD command, except it loaded via the Serial I/O port at either 300 or 1200 baud. If you had a serial cable connected to another CoCo, or a modem dialed in to another CoCo, it was possible to DLOAD a program that way.

And this is how I downloaded my first real terminal program on my CoCo 1 — someone sent it to me via DLOAD!

The only problem with this command is that there was no DSAVE command built in, so the only way to upload to DLOAD was using a special program. I no longer recall what that program was, or who wrote it, or where it came from. (If you know, please leave a comment.)

In Extended Color BASIC Unravelled, there is this note about DLOAD:

DLOAD is the most obscure command in the Color Computer and absorbs a substantial amount of space in the ROM. DLOAD is so poorly understood because Tandy has never made the necessary companion routine, DSEND. DLOAD will DOWNLOAD a file over the RS 232 line from another system, however there is no companion routine, which will transmit a file over the RS 232 line to another Color Computer. Once a DSEND routine is built and made available to the masses, DLOAD will be much better understood.

– Extended Color BASIC Unravelled, page 5.

From looking at the source, it appears there was both DLOAD and DLOADM variations, just like there is CLOAD/CLOADM for tape and LOAD/LOADM for disk, with the “M” version being for machine language programs. If this is true, then that Quick Reference manual entry is incorrect and DLOAD does not load a machine-language program — it may have loaded a BASIC program, with DLOADM being the way to load machine language over the Serial I/O port.

But I digress.

But what does this have to do with the CoCo 3 and resetting the computer? I’m glad you asked! (You did ask, didn’t you?)

The lack of a DSAVE command (or DSEND as Unravelled called it, not matching the other existing commands) meant that DLOAD really wasn’t that useful. Heck, without it being documented in the manual, how would anyone even know it existed? This may have something to do with this command being removed from the CoCo 3. The memory for that command was repurposed for other patches to Extended Color Basic needed to support new features of the CoCo 3’s hardware.

DLOAD started at &H8C1B in the Extended BASIC ROM. On the CoCo 3, this space is used for a different purpose. Super Extended BASIC Unravelled has this note:

The initialization routine for the Color Computer 3 begins at $8C1B. This code writes over the DLOAD routine that was in the original Color Computer . . .

– Super Extended BASIC Unravelled, page 30

In the disassembly, that location is still labelled as DLOAD, and the original BASIC keyword of DLOAD is still in Extended BASIC pointing to it. BUT, the CoCo 3 (which copies all the ROMs in to RAM on startup) patches that location with new code. It also modifies the Interrupt Vectors so the RESET vector points there instead of the original routine in the Color BASIC ROM:

Thus, on a CoCo 3, pressing reset jumps to the location in memory where the DLOAD code used to be, but which is now the reset routine for the new CoCo 3 hardware.

The complete quote from the Unraveled book is actually…

The initialization routine for the Color Computer 3 begins at $8C1B. This code writes over the DLOAD routine that was in the original Color Computer (actually, typing DLOAD will simulate pressing the reset button). This initial- ization routine is used for both a warm start (simply getting control of the computer back from a runaway program) and a cold start (where the computer and Basic have to be reinitialized).

– Super Extended BASIC Unravelled, page 30

POKE 113,0:DLOAD on a CoCo 3 performs the same function as POKE 113:EXEC 40999 on a CoCo 1 or CoCo 2.

But … there is something different. If you do POKE 113,0:DLOAD on a CoCo 3, you get a short pause before the system cold starts. If you do POKE 113,0:EXEC 40999, it quickly restarts.

This is because EXEC 40999 is still jumping in to the original &HA027 routine in the Color BASIC ROM code. This bypasses all the new cold start code for the CoCo 3! Doing the old style POKE/EXEC may look like it reset the CoCo 3, but it wasn’t actually doing everything and, possibly, there could have been some instances where hardware configurations had changed that this would not reset/restore properly.

I most certainly did not realize that back then. I suppose the use of POKE 113,0:DLOAD (or POKE 113,0 then reset) was actually the “more appropriate” way to reset the CoCo 3, which is probably how I learned about it somewhere.

And now you know … more than you wanted to … about POKE 113,0 and EXEC 40999 and DLOAD on a CoCo 3.

Until next time…

P.S. While researching for this article, I started walking through all the things that go on during the CoCo 3 startup. It’s quite a lot with all the ROM to RAM and patching going on. Maybe I’ll have to dig in to that and write about it someday.

Synology NAS, DSL Modem firewalls, and OpenVPN

Ages ago, I started my blog mostly with the goal of posting research items that I couldn’t figure out by web searches. I figure, maybe someone else will be searching for the same thing one day and run in to my efforts and together we can figure it out.

This post is for that reason, so feel free to skip it. I have the solution, but it will not be in this post since I do not have the details with me at the moment.

Synology DS1522 NAS

The Synology NAS devices can install software, and support three types of VPNs. Choosing which one to use is a rabbit hole, but OpenVPN seems pretty common and cross platform.

OpenVPN can be enabled on the NAS, but if it is inside a network, you cannot access it. Some routers are directly supported by the NAS and it can open up holes in the router’s firewall (UPnP) and, I suppose, it just magically works. (We should really all turn that feature off, because if something naughty gets inside your network, it could potentially do the same, opening up your private network to the outside world.)

If you NAS is behind a cable modem, DSL modem, etc. you may have to manually open up ports and forward them to the IP address of your NAS.

Once that is done, a profile can be installed on a PC, Mac, Linux, iPad, Android, etc. and then you can run a VPN app and connect to your NAS. It can selectively allow access to other things inside your home network.

I plan to document some simple steps to make this happen, and save hours of watching YouTube videos and reading knowledge base articles.

But for now, I wanted to post this to get something in the search engines. In my case, I’ll be mentioning a specific CenturyLink DSL modem.

To be continued…

XRoar emulator ctrl/alt/f1/f2 keyboard config for CoCo 3

NOTE: This information requires XRoar 1.3.1 or later, as earlier versions had an issue remapping the Control key on Mac.

The XRoar emulator added support for the CoCo 3, but by default, the new CoCo 3 keys (alt, ctrl, f1 and f2) do not work for me — at least on the Mac. The author, Ciaran, pointed me to the “kbd-bind” configuration option. This allows remapping a host computer key and passing it through to the emulated machine. In my case, I want to do the following:

  • F1 key – F1 key on CoCo 3
  • F2 key – F2 key on CoCo 3
  • Left Control – CTRL key on CoCo 3
  • Left Option – ALT key on CoCo 3

The XRoar manual has the following information about kdb-bind:

-kbd-bind hkey=[pre:]dkey … Bind host key hkey to emulated key dkey.

When binding keys with -kbd-bind, if the emulated key dkey is prefixed with ‘preempt:’ or ‘pre:’, this binding preempts translation; useful for modifier keys. Interpretation of hkey depends on which user-interface toolkit is in use, and it might be useful to run with -debug-ui 1 to see what the toolkit calls your host keys.

Special values for dkey are: ‘colon’, ‘semicolon’, ‘comma’, ‘minus’, ‘fullstop’, ‘period’, ‘dot’, ‘slash’, ‘at’, ‘up’, ‘down’, ‘left’, ‘right’, ‘space’, ‘enter’, ‘clear’, ‘break’, ‘escape’, ‘shift’, ‘alt’, ‘ctrl’, ‘control’, ‘f1’, ‘f2’.

– XRoar manual

The “hkey” is the name of the key you are trying to remap, and I think it may be different between Mac and PC. By running xroar from the command line with the “-debug-ui 1” option, the terminal will print out keys as you type inside the emulator. I did this, and press the keys I wanted to remap.

% xroar -debug-ui 1

(...stuff omitted...)

sdl.key press   scan=224   sym=400000e0   mod=0040   unicode=0000   name=Left Ctrl
sdl.key release scan=224   sym=400000e0   mod=0000   unicode=0000   name=Left Ctrl

sdl.key press   scan=226   sym=400000e2   mod=0100   unicode=0000   name=Left Option
sdl.key release scan=226   sym=400000e2   mod=0000   unicode=0000   name=Left Option

sdl.key press   scan= 58   sym=4000003a   mod=0000   unicode=0010   name=F1
sdl.key release scan= 58   sym=4000003a   mod=0000   unicode=0000   name=F1

sdl.key press   scan= 59   sym=4000003b   mod=0000   unicode=0010   name=F2
sdl.key release scan= 59   sym=4000003b   mod=0000   unicode=0000   name=F2

Above, I can see that the “hkey” for pressing my Mac’s left control is “Left Ctrl“. My left option key is “Left Option” (spelled out, and not abbreviated like Ctrl was). F1 and F2 were simply “F1” and “F2“.

I went with Control and Option on the left side, since I have duplicates of those keys on the right side of my keyboard. I can remap just the left ones for CoCo 3 use, and still have the right ones for XRoar interface use.

NOTE: You could remap any key — like make F5 turn in to the CoCo 3’s F1, or whatever.

To remap those keys, I can pass the option in from the command line like this:

xroar -kbd-bind "Left Ctrl"=pre:ctrl -kbd-bind "Left Option"=pre:alt -kbd-bind F1=pre:f1 -kbd-bind F2=pre:f2

Or, I can place the following entries in the xroar.conf file:

kbd-bind "Left Ctrl"=pre:ctrl
kbd-bind "Left Option"=pre:alt
kbd-bind F1=pre:f1
kbd-bind F2=pre:f2

I actually made a special xroar.conf entry so I could get a customized CoCo 3 with RGB monitor:

machine coco3rgb
    machine-desc CoCo 3 RGB
    machine-arch coco3
    tv-input rgb
    kbd-bind "Left Ctrl"=pre:ctrl
    kbd-bind "Left Option"=pre:alt
    kbd-bind F1=pre:f1
    kbd-bind F2=pre:f2

If I run XRoar using the command line, or with those entries in the xroar.conf file, I can now boot in to the CoCo 3, and hold down my Left Control+Left Option then go to Hardware->Soft Reset and get the hidden CoCo 3 easter egg photo:

Though, the border color does not match that of a real CoCo 3, I don’t think.

I hope this helps someone else trying to use the XRoar in CoCo 3 mode with those four special CoCo 3 keys.

Until next time…