Exception errors WHDLOAD Slave Assembly routines

[field3d]

Hello. I have a program that is 2 disks that I needed to change the load routines as it detects and requires the DF0: real in amiga all is fine. I could make it run as I replaced the load routines until the intro, select some things in a menu, all the interactions in floppy 1. When it asks the floppy 2 I have assigned the same way modified with routines it uses different routines but here after I see the message insert the floppy number 2 I receive some trace errors.

*The first one trace error is:

HTML Code:

Exception "illegal Instruction" ($10) at $2840C occurred.

In the code posted the line $2840c line has ‘illegal’ command. If I enter a NOP there it bypass the error, however a little after I see a second error:

*The second error is:

HTML Code:

Exception "Trace" ($2024) at $28482 occurred.

In the code we can see the $28482 has ‘moveq #$85,d1’ and $28484 has ‘illegal’. If I enter NOP ‘s there still crashing with same error. But I detected that the error is triggered not there but in the line $2847c that has ‘addq.l #$06,$00000024’. Simply if executes that line crash. But I put NOP there in $2847c and also the $28482 and $28484 to test it crashes ahead with similar error, in other words something makes that zones as sensitive or something is causing the error.

What I found also was that the first line of a series of moves to the stack causes something weird. I mean this line:

HTML Code:

00028436  move.l #$4e730000,-(a7) [00002d68]

There we can see it shows the 2d68 and if executes the line the next line:

HTML Code:

0002843c  move.l #$00000010,-(a7) [00002d68]

Also has the 2d68 but after executes the $28436 it becomes to:

HTML Code:

0002843c  move.l #$00000010,-(a7) [00000000]

I don’t know if o previous its important or not but from 2d68 changed to 00000000. But this is the last routine after the program runs I note but I don’t know how to skip the erros or what is causing the problems. I see is as a protection, but also I don’t know if in first place it needs to reach that routine or skip totally as I note this routine is extremely erratic or with the intention to do this. But has in the middle of the code ‘illegal’ lines sounds as intentional maybe? The first error $2840c I simply bypassed with NOP thing I don;t know if was correct as almost immediately comes the next error.

What can be done? Or what is suggested in these cases?

This is the code of that whole routine that is called before with a BSR:

HTML Code:

000283f2 7000                     moveq #$00,d0
000283f4 7200                     moveq #$00,d1
000283f6 7600                     moveq #$00,d3
000283f8 2f0d                     move.l a5,-(a7) [00002d68]
000283fa 2f38 0010                move.l $0010.w [cccccccc],-(a7) [00002d68]
000283fe 2f38 0024                move.l $0024.w [cccccccc],-(a7) [00002d68]
00028402 487a 000a                pea.l (pc,$000a) == $0002840e
00028406 23df 0000 0010           move.l (a7)+ [00002dc4],$00000010 [cccccccc]
0002840c 4afc                     illegal
0002840e 48e7 ffff                movem.l d0-d7/a0-a7,-(a7)
00028412 487a 001a                pea.l (pc,$001a) == $0002842e
00028416 23df 0000 0010           move.l (a7)+ [00002dc4],$00000010 [cccccccc]
0002841c 204f                     movea.l a7,a0
0002841e 4e7a 0002                movec CACR,d0
00028422 2f40 003c                move.l d0,(a7,$003c) == $0000f36c [00008900]
00028426 0880 0000                bclr.l #$0000,d0
0002842a 4e7b 0002                movec d0,CACR
0002842e 2e48                     movea.l a0,a7
00028430 4cfa 7fff 0002           movem.l (pc,$0002) == $00028436,d0-d7/a0-a6
00028436 2f3c 4e73 0000           move.l #$4e730000,-(a7) [00002d68]
0002843c 2f3c 0000 0010           move.l #$00000010,-(a7) [00002d68]
00028442 2f3c 0004 ddb9           move.l #$0004ddb9,-(a7) [00002d68]
00028448 2f3c bd96 bdae           move.l #$bd96bdae,-(a7) [00002d68]
0002844e 2f3c b386 b586           move.l #$b386b586,-(a7) [00002d68]
00028454 2f3c d046 d246           move.l #$d046d246,-(a7) [00002d68]
0002845a 2f3c 0246 a71f           move.l #$0246a71f,-(a7) [00002d68]
00028460 2f3c 0002 3c17           move.l #$00023c17,-(a7) [00002d68]
00028466 2f3c 0004 2c6f           move.l #$00042c6f,-(a7) [00002d68]
0002846c 2f3c bd96 bdae           move.l #$bd96bdae,-(a7) [00002d68]
00028472 23cf 0000 0024           move.l a7,$00000024 [cccccccc]
00028478 007c a71f                or.w #$a71f,sr
0002847c 5cb9 0000 0024           addq.l #$06,$00000024 [cccccccc]
00028482 7285                     moveq #$85,d1
00028484 712c                     illegal
00028486 2f18                     move.l (a0)+ [0050ffff],-(a7) [00002d68]
00028488 6d85                     blt.b #$85 == $0002840f (T)
0002848a da2c 2f34                add.b (a4,$2f34) == $00004f24 [00],d5
0002848e 6d85                     blt.b #$85 == $00028415 (T)
00028490 8354                     or.w d1,(a4) [432f]
00028492 2f2c f6bd                move.l (a4,-$0943) == $000016ad [75206d00],-(a7) [00002d68]

[DJ Mike]

That looks like Rob Northen Copylock code to me.

The illegal line at $2840c you're trying to skip is meant to be there - it causes an illegal exception to occur which causes the CPU to jump to whatever address is specified at memory address $10, which you can see above is setup to be the line immediately after the illegal instruction.

You've then got code that is establishing a routine in what's called the Trace vector, which is a special exception the CPU can run after every single (non-trace) instruction is executed. All the lines from $28436 to $2846c are pushing code onto the stack, whose address is then moved to memory address $24 (which is the Trace vector).

I don't know how much familiarity you have with trace routines or Rob Northen Copylock but if you're new to this sort of stuff, then this is jumping in the deep end somewhat!

Ideally you want to decrypt the copylock, work out what it does, and apply the outcome directly in the code and skip the copylock protection altogether. It may be as simple as obtaining a key and wiring it in d0, or it may be much trickier and the copylock contains code for decrypting the rest of the game. There are tools like Mr. Larmer's CopyLockDecoder to assist with this sort of thing. You also need to take care that the game doesn't do further checks to see if the protection code has been tampered with etc.

What game is this?

[field3d]

The title is called ‘legend’ Mindscape. The game is 2 Floppy’s and it comes in files. The floppy’s has no label names as all the list of the files to load are inside the executables in a XXXX memory position. They call from the position memory as c/xxx or anyxxdir/aaa separated by bye 00 then I made the routines to load and they work apparently good. In A3 and A6 they store the file name and the destination position memory. I intercepted the main load routine at $2004 for Floppy 1 as is used a lot. For the second Floppy I detected the second load routine at $246be and both routines work good because they load all the files as should be. It’s exactly when is asking you for Floppy 2 when you click when crash. Meaning is not giving the program a chance to load more files from Floppy 2, is intercepted by this trashy routines. Previous to insert Floppy 2 message it loads files from Floppy 2 to prepare the game, is how I checked my load routine. Even not placing my load routine crash. I can turn off and on my load routines easily and is how I found is something checked outside the load routines modifications. Without my load routines simply the files are not loaded, the simply assign doesn’t work. But when the game will start when you are asked to click to insert floppy 2 there crash hard in that code of exceptions, even I note as I said that some files from Floppy 2 are prepared to load before this but this garbage is not allowing to move forward at any point.

What could be or the suggested to check on this? I see is the final routine before the games launch. But I’m lost now.

[field3d]

I bypassed that 2 problems making a simply return to test I made that but now is going to another place. Now is worst is in this memory position that it changes frequently and crash here in the $7831e:

HTML Code:

00078300 8021                     or.b -(a1) [00],d0
00078302 1432 edeb d9d5 d4d3 cbbd move.b ([$ffffd9d5],$d4d3cbbd) == $d4d3cbbd,d2
0007830c bab6 b3b2 adab aaa9 a7a4 cmp.l ([$adabaaa9,a3.w*2],$ffffa7a4) == $ffffa7a4,d5
00078316 9d97                     sub.l d6,(a7) [000146cb]
00078318 9695                     sub.l (a5) [00004400],d3
0007831a 8d85 6c6b                unpk d5,d6,#$6c6b
0007831e 6a69                     bpl.b #$69 == $00078389 (F)
00078320 5e5d                     addq.w #$07,(a5)+ [0000]
00078322 594f                     subaq.w #$04,a7
00078324 452b 0000                chk.l (a3,$0000) == $0003e632,d2

00078328 ebd9                     illegal
0007832a d5d4                     adda.l (a4) [000f000f],a2
0007832c edcb                     illegal
0007832e bdd3                     cmpa.l (a3) [50414353],a6
00078330 cbbd                     illegal
00078332 b6ff                     illegal
00078334 edfe                     illegal
00078336 00d3 d300                cmp2.b (a3),a5
0007833a b6ed ed80                cmpa.w (a5,-$1280) == $0002e164 [22d8],a3
0007833e c001                     and.b d1,d0
00078340 eb07                     asl.b #$05,d7
00078342 7fba                     illegal
00078344 8000                     or.b d0,d0
00078346 00b6 00ed eded eded edcb or.l #$00ededed,([$ffffedcb]) == $00000000 [00000000]
00078350 bded bdba                cmpa.l (a5,-$4246) == $0002b19e [70007a03],a6
00078354 b3ff                     illegal
00078356 cb01                     abcd.b d1,d5
00078358 80ba b3c0                or.l (pc,$b3c0) == $0007371a [00000000],d0
0007835c cbb2 a901                and.l d5,([a2,a2.l]) == $00000000 [00000000]
00078360 1fed                     illegal
00078362 6c00 6aba                bge.w #$6aba == $0007ee1e (F)
00078366 ffa9                     illegal
00078368 40bd                     illegal
0007836a b67f                     illegal
0007836c f0bd                     illegal
0007836e d307                     addx.b d7,d1
00078370 f096                     illegal
00078372 1ff8                     illegal
00078374 bdd3                     cmpa.l (a3) [50414353],a6
00078376 0ff8 96ff                bset.b d7,-$6901.w
0007837a fcbd                     illegal
0007837c d31f                     add.b d1,(a7)+ [00]
0007837e fc96                     illegal
00078380 0ffe                     illegal
00078382 bdd3                     cmpa.l (a3) [50414353],a6
00078384 7ffc                     illegal
00078386 960f                     illegal
00078388 ffbd                     illegal
0007838a d37f                     illegal

00078389 bdd3                     cmpa.l (a3) [50414353],a6
0007838b 7ffc                     illegal
0007838d ba06                     cmp.b d6,d5
0007838f 0f59                     bchg.b d7,(a1)+ [00]
00078391 baed fffc                cmpa.w (a5,-$0004) == $0002f3e0 [0032],a5
00078395 ba03                     cmp.b d3,d5
00078397 0f59                     bchg.b d7,(a1)+ [00]
00078399 9601                     sub.b d1,d3
0007839b fffc                     illegal
0007839d ba01                     cmp.b d1,d5