Trixter
Veteran Member
I had a desire to pull a digger with one of my favorite arcade game conversions, Robotron. I wanted to disassemble it, add dual-joystick routines, fix the speed, and release it. (The alternative, which I might still do someday, is write one from scratch.)
The code is a bit of a mess; it was written by someone who definitely wasn't familiar with the 8086 instruction set. DEC/JNZ pairs abound, while LOOP is nowhere to be found; that sort of thing. This is all understandable, but there's something completely confusing all throughout the code that I'd like some guidance on. I can't figure out what the guy was doing when he wrote sequences like this:
What in the heck is up with the INC reg/DEC reg pairs? Was he trying to set flags? If so, how come he didn't do anything with the flags? There's not a single conditional jump in that code block.
Before you think "that's data misinterpreted as code", it's not; the data is in a different part of the segment. Besides, the last four instructions are illustrative of other blocks of similarly odd, but deliberate, code. It is everywhere; here's a subroutine:
Can anyone get inside the mind of a guy from 1983 trying to write assembler code for a CPU he wasn't familiar with, and tell me what he was thinking? What is up with all the useless INC/DEC pairs? Was that a flag-setting procedure on 6502 or 6809 or z80 or something?
reenigne had some helpful suggestions offline:
It's not #3, as the INC/DEC sequences are part of the running program after all disk activity is finished. I'm thinking #2 is most likely.
The code is a bit of a mess; it was written by someone who definitely wasn't familiar with the 8086 instruction set. DEC/JNZ pairs abound, while LOOP is nowhere to be found; that sort of thing. This is all understandable, but there's something completely confusing all throughout the code that I'd like some guidance on. I can't figure out what the guy was doing when he wrote sequences like this:
Code:
seg000:5DE8 mov bl, al
seg000:5DEA inc al
seg000:5DEC dec al
seg000:5DEE mov al, [bx-7D70h]
seg000:5DF2 inc al
seg000:5DF4 dec al
seg000:5DF6 mov byte ptr ds:word_9E26, al
seg000:5DF9 mov al, [bx-7D6Fh]
seg000:5DFD inc al
seg000:5DFF dec al
seg000:5E01 mov byte ptr ds:word_9E26+1, al
seg000:5E04 mov si, cx
seg000:5E06 mov bl, [si-57EAh]
seg000:5E0A inc bl
seg000:5E0C dec bl
seg000:5E0E mov si, cx
seg000:5E10 mov al, [si-580Ah]
seg000:5E14 inc al
seg000:5E16 dec al
seg000:5E18 mov cl, al
seg000:5E1A inc al
seg000:5E1C dec al
seg000:5E1E call sub_6C5D
seg000:5E21 mov cl, ds:byte_9E20
seg000:5E25 inc cl
seg000:5E27 dec cl
seg000:5E29 mov si, cx
What in the heck is up with the INC reg/DEC reg pairs? Was he trying to set flags? If so, how come he didn't do anything with the flags? There's not a single conditional jump in that code block.
Before you think "that's data misinterpreted as code", it's not; the data is in a different part of the segment. Besides, the last four instructions are illustrative of other blocks of similarly odd, but deliberate, code. It is everywhere; here's a subroutine:
Code:
seg000:5E88 sub_5E88 proc near
seg000:5E88 mov si, cx
seg000:5E8A mov al, [si-574Ah]
seg000:5E8E inc al
seg000:5E90 dec al
seg000:5E92 rcl ah, 1
seg000:5E94 xor al, 3
seg000:5E96 rcr ah, 1
seg000:5E98 mov si, cx
seg000:5E9A mov [si-574Ah], al
seg000:5E9E retn
seg000:5E9E sub_5E88 endp
Can anyone get inside the mind of a guy from 1983 trying to write assembler code for a CPU he wasn't familiar with, and tell me what he was thinking? What is up with all the useless INC/DEC pairs? Was that a flag-setting procedure on 6502 or 6809 or z80 or something?
reenigne had some helpful suggestions offline:
- Some kind of automatic translation from a different CPU's machine code.
- Not originally written in assembler - artifacts of a compiler for a weird source language.
- Something to do with copy protection.
It's not #3, as the INC/DEC sequences are part of the running program after all disk activity is finished. I'm thinking #2 is most likely.