Strange code in JiffyDOS

ruud.baltissen_at_apg.nl
Date: 2008-03-07 11:59:02

Hallo allemaal,


Trying to understand/optimize some of the original source code I ran
into this piece of code located at $F7D9:

J_F7D9	pla
		cmp	#$AF
		bne	A_F7E4

		jsr	P_FB64		; $FB64
		cli

		lda	#$93
A_F7E4	pha

		rts


I ran into some code before where values were pushed to the stack and
pulled off again. But it is the first time I see the "PHA RTS"
combination in Commodore code. I know that the IBM XT uses this trick to
change the return address of a subroutine as well so the phenomene
itself isn't unfamiliar to me. 

But going backwards in the code I expected to find another PHA but
instead I ran into the above. IMHO this code checks were the subroutine
is called from and calls $FB64 if the return address is $??AF+1. The
above code is only jumped to from a routine found at $EF5F: 


;**  Mark block as free							
FreeSector				;
[EF5F]
		jsr	GetBitBAM	; get state of bit for sector in
BAM


; ==> Jiffydos

		bne	A_EF85

.......

		inc	NDBH,X		; increment number of blocks hi
A_EF85	jmp	J_F7D9		; $EF85 , $F7D9

; Jiffydos <==


FreeSector on its turn is only called at three places:


;**  Erase file								
DelSectorChain				;
[C87D]
		jsr	FreeSector	; free block in BAM
		jsr	ReadSeqFile
		jsr	GetBufNumBAM	; get buffer number in BAM

		lda	BUF0CH1zp,X
		cmp	#$FF		; buffer not used?
		beq	J_C894		; yes, ->

		lda	WBAM
		ora	#$40
		sta	WBAM

J_C894	lda	#$00
		jsr	SetBufPointer3	; buffer pointer to zero
		jsr	RdNxtBlock2	; get track
		sta	TRACK
		jsr	RdNxtBlock2	; get sector
		sta	SECTOR
		lda	TRACK		; track number
		bne	B_C8AD		; not equal to zero

		jsr	WriteBam	; write BAM
		jmp	CloseChannel	; close channel

B_C8AD	jsr	FreeSector	; free block in BAM
		jsr	RdNxtBlock	; read next block
		jmp	J_C894		; and continue


and


;**  B-F block free
E_CCF5	jsr	P_CDF5		; get track, sector and drive number
		jsr	FreeSector	; free block
		jmp	Out_Err_Msg	; done, prepare error message


The call at $C8AD is obviously the candidate were the code at $F7D9 is
meant for. So instead of returning to $C8B0 the CPU returns to $C894.
But what I don't understand is: wouldn't it have been much more simple
by replacing "jsr RdNxtBlock" by "jmp J_C894" or NOPs?
More weird, if "jsr RdNxtBlock" is skipped, where is the next block
read? Not reading the next block means the contents of the buffer isn't
changed and the routine stays in an eternal loop. But I haven't seen my
drive acting like this so my argument is wrong. But again: where?

If you wonder what the changes are in FreeSector, two bytes have been
removed so the "jmp	J_F7D9" fits on the place of the original RTS.

Also weird, I discovered this code only yesterday. So it can be found
as-is in my code for 1541IDE. But remember, I removed quite some
obselete code and the above routines are all found at other places. And
yet I didn't experience any problem.

Comment is more then welcome!


--
     ___
    / __|__
   / /  |_/     Groetjes, Ruud
   \ \__|_\
    \___|       URL: Ruud.C64.org

 
APG NV te Heerlen is ingeschreven in het handelsregister Limburg onder nummer 14099617.



       Message was sent through the cbm-hackers mailing list

Archive generated by hypermail pre-2.1.8.