Author Topic: Disassembly Help  (Read 1536 times)

0 Members and 1 Guest are viewing this topic.

Offline OmerMor

Disassembly Help
« on: February 23, 2016, 02:24:56 PM »
Hi,
I'm trying to figure out some code in Pepper's Adventures in Time.
In script #0 (Main.sc), the following procedure failed to decompile, and I got the following assembly code:
Code: [Select]
(procedure (localproc_0ae6 param1 param2 &tmp temp0 temp1 temp2 temp3)
(asm
ldi      0
sat      temp0
code_0aec:
lst      temp0
lsp      argc
ldi      1
sub     
lt?     
bnt      code_0b5a
lat      temp0
lapi     param2
sat      temp1
push   
ldi      16
div     
sat      temp2
pushi    1
lst      temp1
ldi      16
mod     
shl     
sat      temp3
lsp      param1
dup     
ldi      1
eq?     
bnt      code_0b1a
jmp      code_0b5a
jmp      code_0b55
code_0b1a:
dup     
ldi      2
eq?     
bnt      code_0b2f
lat      temp2
lsgi     global134
lat      temp3
bnot   
and     
push   
lat      temp2
sagi     global134
jmp      code_0b55
code_0b2f:
dup     
ldi      0
eq?     
bnt      code_0b43
lat      temp2
lsgi     global134
lat      temp3
or     
push   
lat      temp2
sagi     global134
jmp      code_0b55
code_0b43:
dup     
ldi      3
eq?     
bnt      code_0b55
lat      temp2
lsgi     global134
lat      temp3
xor     
push   
lat      temp2
sagi     global134
code_0b55:
toss   
+at      temp0
jmp      code_0aec
code_0b5a:
lat      temp2
lsgi     global134
lat      temp3
and     
ret     
)
)

Any reverse engineering expert around who could decipher that?
Thanks!



Offline MusicallyInspired

Re: Disassembly Help
« Reply #1 on: February 23, 2016, 02:37:26 PM »
I wish I could read assembly...no idea where to begin!
Brass Lantern Prop Competition

Offline Kawa

Re: Disassembly Help
« Reply #2 on: February 23, 2016, 02:58:54 PM »
It'd help if you knew what those globals were. Any readable blocks that use them? If not that, it'd help to know where this procedure is used. Context, y'dig?

Offline OmerMor

Re: Disassembly Help
« Reply #3 on: February 23, 2016, 03:01:40 PM »
Well, the beginning goes something like:
Code: [Select]
f(*argv, argc) {
  if (argc > 1) {
    // ...
  } else {
    // ...
  }
}

I'm using the following resources for disassembly:

I have no idea what global134 is used for.
As for this function usage, I've got these unhelpful callers:
Code: [Select]
(procedure (proc0_4)
(localproc_0ae6 0 &rest)
)

(procedure (proc0_5)
(localproc_0ae6 1 &rest)
)

(procedure (proc0_6)
(localproc_0ae6 2 &rest)
)

Offline troflip

Re: Disassembly Help
« Reply #4 on: February 23, 2016, 03:33:04 PM »
Just from a quick glance, it looks like it takes a value and does a / 16 and mod 16 on it (which suggests it is a flags function, like Bset, Btest and Bclear), and mucks around with global134.

And there is switch statement with cases 1, 2, 0 and 3.

So my guess is proc0_4, proc0_5 and proc0_6 are basically Bset, Btest and Bclear (not in that order). Dunno what case 3 is. [edit: it's probably "toggle", since there's an xor in there]

And that the game's flags start at global 134.

Check out my website: http://icefallgames.com
Groundhog Day Competition

Offline OmerMor

Re: Disassembly Help
« Reply #5 on: February 23, 2016, 06:17:40 PM »
Thanks!
You're probably right.

It is also turned out to be not very interesting... :)
I found some kind of a debug check for enabling a shortcut in room 210:
Code: [Select]
      (and (== gTheRegister 100) (FileIO fiEXISTS {g}))
(proc0_4 132)
(proc0_6 219)
(proc0_4 96)
(proc0_4 217)
(= global193 3)
(= gTheRegister 230)
These procs clear and set various room specific flags.
The condition is that gTheRegister (which stores the previous room #) equals 100, and the there exists a file named "g".
I recreated these conditions in scummvm and it turned out to set the room's state such that the Hardy brothers quit their frisby game, and read a book instead.
The prevRoom == 100 condition was never natively set by the game, until I triggered the script debugger (by extracting 800.SCR). In this case, the game starts with an option to teleport, and if you teleport to room 210 directly, prevRoom is indeed 100.

So to summarize:
when both "g" and "800.SCR" files are present, you can teleport to room 210 and be in a more advanced state for debugging purposes.
*yawn*  ;)


SMF 2.0.14 | SMF © 2017, Simple Machines
Simple Audio Video Embedder

Page created in 0.084 seconds with 25 queries.