From 7d81d76f6a38954af671824bb1372fa62a5df3c0 Mon Sep 17 00:00:00 2001
From: nmlgc <nmlgc@nmlgc.net>
Date: Mon, 1 Dec 2014 00:46:10 +0100
Subject: [PATCH] [th02/zun_res] Initial state
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Yep, we'll be needing some of those smaller executables embedded into ZUN.COM
after all in order to fully understand what's going on with things like that
persistent configuration structure used in each game, for example.

For now, I'll be keeping every one of these executables separately, for a
number of reasons:
窶｢ I can't get IDA to segment the code in a way that would reconstruct the
  layout of the individual executables, since it unfortunately requires
  segments to be aligned on paragraph boundaries...
窶｢ This, in turn, means that IDA can't apply FLIRT signatures, making
  identification of the Borland C++ functions a bit harder. Probably not that
  big of a deal at this point anymore, but still.
窶｢ There are bound to be multiple copies of Borland C++ and master.lib
  functions in these. We are still using the "slice model", meaning that *all*
  functions in an executable are part of the same namespace. Creating copies of
  some source files just to allow a second instance of that function is not
  too pretty.
窶｢ Lastly, we don't actually need to reproduce all executables. For example,
  TH02's version of ZUNSOFT.COM is bit-identical to TH01's.

Hence, adding a separate build step to wrap these smaller executables back
into a bit-perfect version of ZUN.COM at a later point is a much better
option. (And it would be even better if we could track down the program used
to wrap those in the first place!)
---
 th02_zun_res.asm | 4918 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 4918 insertions(+)
 create mode 100644 th02_zun_res.asm

diff --git a/th02_zun_res.asm b/th02_zun_res.asm
new file mode 100644
index 00000000..264bd469
--- /dev/null
+++ b/th02_zun_res.asm
@@ -0,0 +1,4918 @@
+;
+; +-------------------------------------------------------------------------+
+; |   This file has been generated by The Interactive Disassembler (IDA)    |
+; |        Copyright (c) 2009 by Hex-Rays, <support@hex-rays.com>           |
+; +-------------------------------------------------------------------------+
+;
+; Input	MD5   :	57FF9283F7BC1A6816D6181BBCEC5975
+
+; File Name   :	th02/ZUN.COM:ZUN_RES
+; Format      :	MS-DOS COM-file
+; Base Address:	0h Range: 100h-1C66h Loaded length: 1B66h
+; OS type	  :  MS	DOS
+; Application type:  Executable	16bit
+
+		.386
+		.model tiny
+
+; ===========================================================================
+
+; Segment type:	Pure code
+seg000		segment	byte public 'CODE' use16
+		assume cs:seg000
+		org 100h
+		assume es:nothing, ss:nothing, ds:seg000, fs:nothing, gs:nothing
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function noreturn
+
+		public start
+start		proc near
+		mov	dx, cs
+		mov	cs:DGROUP@, dx
+		mov	ah, 30h
+		int	21h		; DOS -	GET DOS	VERSION
+					; Return: AL = major version number (00h for DOS 1.x)
+		mov	bp, ds:2
+		mov	bx, ds:2Ch
+		mov	ds, dx
+		mov	word_1828, ax
+		mov	word_1826, es
+		mov	word_1822, bx
+		mov	word_183C, bp
+		call	sub_26E
+		mov	ax, word_1822
+		mov	es, ax
+		xor	ax, ax
+		mov	bx, ax
+		mov	di, ax
+		mov	cx, 7FFFh
+		cld
+
+loc_136:
+		repne scasb
+		jcxz	short loc_19B
+		inc	bx
+		cmp	es:[di], al
+		jnz	short loc_136
+		or	ch, 80h
+		neg	cx
+		mov	word_1820, cx
+		mov	cx, 1
+		shl	bx, cl
+		add	bx, 8
+		and	bx, 0FFF8h
+		mov	word_1824, bx
+		mov	dx, ds
+		sub	bp, dx
+		mov	di, word_1C2A
+		cmp	di, 200h
+		jnb	short loc_16D
+		mov	di, 200h
+		mov	word_1C2A, di
+
+loc_16D:
+		add	di, offset edata@
+		jb	short loc_19B
+		add	di, word_1BCC
+		jb	short loc_19B
+		mov	cl, 4
+		shr	di, cl
+		inc	di
+		cmp	bp, di
+		jb	short loc_19B
+		cmp	word_1C2A, 0
+		jz	short loc_190
+		cmp	word_1BCC, 0
+		jnz	short loc_19E
+
+loc_190:
+		mov	di, 1000h
+		cmp	bp, di
+		ja	short loc_19E
+		mov	di, bp
+		jmp	short loc_19E
+; ---------------------------------------------------------------------------
+
+loc_19B:
+		call	sub_B64
+; ---------------------------------------------------------------------------
+
+loc_19E:
+		mov	bx, di
+		add	bx, dx
+		mov	word_1834, bx
+		mov	word_1838, bx
+		mov	ax, word_1826
+		sub	bx, ax
+		mov	es, ax
+		mov	ah, 4Ah
+		push	di
+		int	21h		; DOS -	2+ - ADJUST MEMORY BLOCK SIZE (SETBLOCK)
+					; ES = segment address of block	to change
+					; BX = new size	in paragraphs
+		pop	di
+		shl	di, cl
+		cli
+		mov	ss, dx
+		mov	sp, di
+		sti
+		xor	ax, ax
+		mov	es, cs:DGROUP@
+		mov	di, offset bdata@
+		mov	cx, offset edata@
+		sub	cx, di
+		cld
+		rep stosb
+		cmp	word_1BA2, 14h
+		jbe	short loc_21F
+		cmp	byte ptr word_1828, 3
+		jb	short loc_21F
+		ja	short loc_1E8
+		cmp	byte ptr word_1828+1, 1Eh
+		jb	short loc_21F
+
+loc_1E8:
+		mov	ax, 5801h
+		mov	bx, 2
+		int	21h		; DOS -	3+ - GET/SET MEMORY ALLOCATION STRATEGY
+					; AL = function	code: set allocation strategy
+		jb	short loc_21C
+		mov	ah, 67h
+		mov	bx, word_1BA2
+		int	21h		; DOS -	3.3+ - SET HANDLE COUNT
+					; BX = desired number of handles (max 255)
+		jb	short loc_21C
+		mov	ah, 48h
+		mov	bx, 1
+		int	21h		; DOS -	2+ - ALLOCATE MEMORY
+					; BX = number of 16-byte paragraphs desired
+		jb	short loc_21C
+		inc	ax
+		mov	word_183C, ax
+		dec	ax
+		mov	es, ax
+		assume es:nothing
+		mov	ah, 49h
+		int	21h		; DOS -	2+ - FREE MEMORY
+					; ES = segment address of area to be freed
+		jb	short loc_21C
+		mov	ax, 5801h
+		mov	bx, 0
+		int	21h		; DOS -	3+ - GET/SET MEMORY ALLOCATION STRATEGY
+					; AL = function	code: set allocation strategy
+		jnb	short loc_21F
+
+loc_21C:
+		call	sub_B64
+; ---------------------------------------------------------------------------
+
+loc_21F:
+		xor	bp, bp
+		mov	es, cs:DGROUP@
+		assume es:nothing
+		mov	si, offset InitStart
+		mov	di, offset bdata@
+		call	sub_2DE
+		push	envp		; envp
+		push	argv		; argv
+		push	argc		; argc
+		call	_main
+		push	ax		; status
+		call	_exit
+; ---------------------------------------------------------------------------
+
+__cleanup:
+		mov	es, cs:DGROUP@
+		push	si
+		push	di
+		mov	si, offset bdata@
+		mov	di, offset bdata@
+		call	sub_322
+		pop	di
+		pop	si
+		retn
+start		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+__checknull	proc near
+		retn
+__checknull	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function noreturn	bp-based frame
+
+__terminate	proc near
+
+arg_0		= byte ptr  2
+
+		mov	bp, sp
+		mov	ah, 4Ch
+		mov	al, [bp+arg_0]
+		int	21h		; DOS -	2+ - QUIT WITH EXIT CODE (EXIT)
+					; AL = exit code
+; ---------------------------------------------------------------------------
+
+loc_25F:
+		mov	dx, offset aDivideError	; "Divide error\r\n"
+		push	dx		; buf
+		call	___ErrorMessage
+		pop	dx
+		mov	ax, 3
+		push	ax		; status
+		call	__exit
+__terminate	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_26E		proc near
+		push	ds
+		mov	ax, 3500h
+		int	21h		; DOS -	2+ - GET INTERRUPT VECTOR
+					; AL = interrupt number
+					; Return: ES:BX	= value	of interrupt vector
+		mov	word ptr dword_180A, bx
+		mov	word ptr dword_180A+2, es
+		mov	ax, 3504h
+		int	21h		; DOS -	2+ - GET INTERRUPT VECTOR
+					; AL = interrupt number
+					; Return: ES:BX	= value	of interrupt vector
+		mov	word ptr dword_180E, bx
+		mov	word ptr dword_180E+2, es
+		mov	ax, 3505h
+		int	21h		; DOS -	2+ - GET INTERRUPT VECTOR
+					; AL = interrupt number
+					; Return: ES:BX	= value	of interrupt vector
+		mov	word ptr dword_1812, bx
+		mov	word ptr dword_1812+2, es
+		mov	ax, 3506h
+		int	21h		; DOS -	2+ - GET INTERRUPT VECTOR
+					; AL = interrupt number
+					; Return: ES:BX	= value	of interrupt vector
+		mov	word ptr dword_1816, bx
+		mov	word ptr dword_1816+2, es
+		mov	ax, 2500h
+		mov	dx, cs
+		mov	ds, dx
+		mov	dx, offset loc_25F
+		int	21h		; DOS -	SET INTERRUPT VECTOR
+					; AL = interrupt number
+					; DS:DX	= new vector to	be used	for specified interrupt
+		pop	ds
+		retn
+sub_26E		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+__restorezero	proc near
+		push	ds
+		mov	ax, 2500h
+		lds	dx, dword_180A
+		int	21h		; DOS -	SET INTERRUPT VECTOR
+					; AL = interrupt number
+					; DS:DX	= new vector to	be used	for specified interrupt
+		pop	ds
+		push	ds
+		mov	ax, 2504h
+		lds	dx, dword_180E
+		int	21h		; DOS -	SET INTERRUPT VECTOR
+					; AL = interrupt number
+					; DS:DX	= new vector to	be used	for specified interrupt
+		pop	ds
+		push	ds
+		mov	ax, 2505h
+		lds	dx, dword_1812
+		int	21h		; DOS -	SET INTERRUPT VECTOR
+					; AL = interrupt number
+					; DS:DX	= new vector to	be used	for specified interrupt
+		pop	ds
+		push	ds
+		mov	ax, 2506h
+		lds	dx, dword_1816
+		int	21h		; DOS -	SET INTERRUPT VECTOR
+					; AL = interrupt number
+					; DS:DX	= new vector to	be used	for specified interrupt
+		pop	ds
+		retn
+__restorezero	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_2DE		proc near
+		mov	ax, 100h
+		mov	dx, di
+		mov	bx, si
+
+loc_2E5:
+		cmp	bx, di
+		jz	short loc_302
+		cmp	byte ptr es:[bx], 0FFh
+		jz	short loc_2FD
+		mov	cl, es:[bx+1]
+		xor	ch, ch
+		cmp	cx, ax
+		jnb	short loc_2FD
+		mov	ax, cx
+		mov	dx, bx
+
+loc_2FD:
+		add	bx, 6
+		jmp	short loc_2E5
+; ---------------------------------------------------------------------------
+
+loc_302:
+		cmp	dx, di
+		jz	short locret_321
+		mov	bx, dx
+		cmp	byte ptr es:[bx], 0
+		mov	byte ptr es:[bx], 0FFh
+		push	es
+		jz	short loc_31A
+		call	dword ptr es:[bx+2]
+		pop	es
+		jmp	short sub_2DE
+; ---------------------------------------------------------------------------
+
+loc_31A:
+		call	word ptr es:[bx+2]
+		pop	es
+		jmp	short sub_2DE
+; ---------------------------------------------------------------------------
+
+locret_321:
+		retn
+sub_2DE		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_322		proc near
+		mov	ah, 0
+		mov	dx, di
+		mov	bx, si
+
+loc_328:
+		cmp	bx, di
+		jz	short loc_343
+		cmp	byte ptr es:[bx], 0FFh
+		jz	short loc_33E
+		cmp	es:[bx+1], ah
+		jb	short loc_33E
+		mov	ah, es:[bx+1]
+		mov	dx, bx
+
+loc_33E:
+		add	bx, 6
+		jmp	short loc_328
+; ---------------------------------------------------------------------------
+
+loc_343:
+		cmp	dx, di
+		jz	short locret_362
+		mov	bx, dx
+		cmp	byte ptr es:[bx], 0
+		mov	byte ptr es:[bx], 0FFh
+		push	es
+		jz	short loc_35B
+		call	dword ptr es:[bx+2]
+		pop	es
+		jmp	short sub_322
+; ---------------------------------------------------------------------------
+
+loc_35B:
+		call	word ptr es:[bx+2]
+		pop	es
+		jmp	short sub_322
+; ---------------------------------------------------------------------------
+
+locret_362:
+		retn
+sub_322		endp
+
+; ---------------------------------------------------------------------------
+DGROUP@		dw 0
+__MMODEL	db 2 dup(0)
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_367		proc near
+
+var_6		= byte ptr -6
+arg_0		= byte ptr  4
+
+		enter	6, 0
+		push	si
+		push	di
+		mov	di, offset aHuuma_cfg ;	"huuma.cfg"
+		lea	ax, [bp+var_6]
+		push	ss
+		push	ax
+		push	ds
+		push	offset unk_183F
+		mov	cx, 5
+		call	N_SCOPY@
+		push	3D02h
+		push	di
+		call	sub_AAE
+		mov	si, ax
+		or	si, si
+		jle	short loc_398
+		push	ax
+		push	0
+		push	5
+		push	0
+		call	sub_B48
+		jmp	short loc_3AB
+; ---------------------------------------------------------------------------
+
+loc_398:
+		push	di
+		push	20h
+		call	sub_AC4
+		mov	si, ax
+		push	ax
+		push	ss
+		lea	ax, [bp+var_6]
+		push	ax
+		push	5
+		call	sub_B2E
+
+loc_3AB:
+		push	si
+		push	ss
+		lea	ax, [bp+arg_0]
+		push	ax
+		push	2
+		call	sub_B2E
+		push	si
+		push	ds
+		push	offset byte_183E
+		push	1
+		call	sub_B2E
+		push	si
+		call	sub_B00
+		pop	di
+		pop	si
+		leave
+		retn
+sub_367		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+; int __cdecl main(int argc, const char	**argv,	const char **envp)
+_main		proc near
+
+var_8		= dword	ptr -8
+var_4		= word ptr -4
+var_2		= word ptr -2
+_argc		= word ptr  4
+_argv		= word ptr  6
+_envp		= word ptr  8
+
+		enter	8, 0
+		push	si
+		push	di
+		mov	si, [bp+_argv]
+		mov	[bp+var_2], offset aMikoconfig ; "MIKOConfig"
+		push	[bp+var_2]
+		push	0Ah
+		push	3
+		call	sub_730
+		mov	di, ax
+		push	offset aUmx	; "\n\n東方封魔録用　 常駐プログラム　ZUN_RE"...
+		call	sub_AD8
+		call	sub_70C
+		call	sub_4BA
+		cmp	ax, 1
+		jnz	short loc_3F9
+		push	offset aGngcgxgrgagtg@ ; "ハイスコアファイルがおかしいの、もう一・...
+		jmp	loc_47E
+; ---------------------------------------------------------------------------
+
+loc_3F9:
+		cmp	[bp+_argc], 2
+		jnz	short loc_45F
+		mov	bx, [si+2]
+		cmp	byte ptr [bx], 2Dh
+		jz	short loc_40C
+		cmp	byte ptr [bx], 2Fh
+		jnz	short loc_434
+
+loc_40C:
+		mov	bx, [si+2]
+		cmp	byte ptr [bx+1], 52h
+		jz	short loc_41B
+		cmp	byte ptr [bx+1], 72h
+		jnz	short loc_434
+
+loc_41B:
+		or	di, di
+		jnz	short loc_427
+		push	offset aVavVBavVVvvVV ;	"わたし、まだいませんよぉ\n\n"
+		call	sub_AD8
+		jmp	short loc_481
+; ---------------------------------------------------------------------------
+
+loc_427:
+		push	di
+		call	sub_A9E
+		push	offset aVVcvVcbavVIqvj ; "さよなら、また会えたらいいな\n\n"
+		call	sub_AD8
+		jmp	loc_4B3
+; ---------------------------------------------------------------------------
+
+loc_434:
+		mov	bx, [si+2]
+		cmp	byte ptr [bx], 2Dh
+		jz	short loc_441
+		cmp	byte ptr [bx], 2Fh
+		jnz	short loc_457
+
+loc_441:
+		mov	bx, [si+2]
+		cmp	byte ptr [bx+1], 44h
+		jz	short loc_450
+		cmp	byte ptr [bx+1], 64h
+		jnz	short loc_457
+
+loc_450:
+		mov	byte_183E, 1
+		jmp	short loc_45F
+; ---------------------------------------------------------------------------
+
+loc_457:
+		push	offset aVV	; "そんなオプション付けられても、困るんで・...
+		call	sub_AD8
+		jmp	short loc_481
+; ---------------------------------------------------------------------------
+
+loc_45F:
+		or	di, di
+		jz	short loc_46B
+		push	offset aVavVBavVVVvvVV ; "わたし、すでにいますよぉ\n\n"
+		call	sub_AD8
+		jmp	short loc_481
+; ---------------------------------------------------------------------------
+
+loc_46B:
+		push	[bp+var_2]
+		push	0Ah
+		push	3
+		call	sub_778
+		mov	di, ax
+		or	di, di
+		jnz	short loc_486
+		push	offset aNVVVV	; "作れません、わたしの居場所がないの！\n\n"
+
+loc_47E:
+		call	sub_AD8
+
+loc_481:
+		mov	ax, 1
+		jmp	short loc_4B5
+; ---------------------------------------------------------------------------
+
+loc_486:
+		mov	word ptr [bp+var_8+2], di
+		mov	word ptr [bp+var_8], 0
+		push	offset aVVVVBavcvivVnv ; "それでは、よろしくお願いします\n\n"
+		call	sub_AD8
+		mov	[bp+var_4], 0Bh
+		jmp	short loc_4A8
+; ---------------------------------------------------------------------------
+
+loc_49B:
+		les	bx, [bp+var_8]
+		add	bx, [bp+var_4]
+		mov	byte ptr es:[bx], 0
+		inc	[bp+var_4]
+
+loc_4A8:
+		cmp	[bp+var_4], 30h
+		jl	short loc_49B
+		push	di
+		call	sub_367
+		pop	cx
+
+loc_4B3:
+		xor	ax, ax
+
+loc_4B5:
+		pop	di
+		pop	si
+		leave
+		retn
+_main		endp
+
+; ---------------------------------------------------------------------------
+		db 0
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_4BA		proc near
+		push	si
+		push	di
+		push	off_19A8
+		call	sub_91C
+		or	ax, ax
+		jnz	short loc_4CD
+		call	sub_6C1
+		jmp	loc_584
+; ---------------------------------------------------------------------------
+
+loc_4CD:
+		mov	byte ptr unk_1D1E, 0
+		jmp	loc_57A
+; ---------------------------------------------------------------------------
+
+loc_4D5:
+		call	sub_6CC
+		mov	al, 0
+		mov	byte_19AA, al
+		mov	byte_19AB, al
+		xor	ax, ax
+		mov	word_19AD, ax
+		mov	word_19AF, ax
+		mov	word_19B1, ax
+		mov	word_19B3, ax
+		xor	si, si
+		jmp	short loc_502
+; ---------------------------------------------------------------------------
+
+loc_4F2:
+		mov	al, [si+1C68h]
+		mov	ah, 0
+		add	word_19B1, ax
+		adc	word_19B3, 0
+		inc	si
+
+loc_502:
+		cmp	si, 0B2h
+		jl	short loc_4F2
+		xor	si, si
+		jmp	short loc_537
+; ---------------------------------------------------------------------------
+
+loc_50C:
+		mov	bx, si
+		shl	bx, 2
+		mov	dx, word_1C6C[bx]
+		mov	ax, word_1C6A[bx]
+		add	word_19AD, ax
+		adc	word_19AF, dx
+		mov	bx, si
+		imul	bx, 7
+		mov	al, byte_1C96[bx]
+		add	byte_19AA, al
+		mov	al, byte_1CDD[si]
+		add	byte_19AB, al
+		inc	si
+
+loc_537:
+		cmp	si, 0Ah
+		jl	short loc_50C
+		mov	dx, word_19AF
+		mov	ax, word_19AD
+		cmp	dx, word ptr unk_1C94
+		jnz	short loc_574
+		cmp	ax, word ptr unk_1C92
+		jnz	short loc_574
+		mov	al, byte_19AA
+		cmp	al, byte ptr unk_1CDC
+		jnz	short loc_574
+		mov	al, byte_19AB
+		cmp	al, byte ptr unk_1CE7
+		jnz	short loc_574
+		mov	dx, word_19B3
+		mov	ax, word_19B1
+		cmp	dx, word ptr unk_1D1C
+		jnz	short loc_574
+		cmp	ax, word ptr unk_1D1A
+		jz	short loc_576
+
+loc_574:
+		jmp	short loc_588
+; ---------------------------------------------------------------------------
+
+loc_576:
+		inc	byte ptr unk_1D1E
+
+loc_57A:
+		cmp	byte ptr unk_1D1E, 5
+		jge	short loc_584
+		jmp	loc_4D5
+; ---------------------------------------------------------------------------
+
+loc_584:
+		xor	ax, ax
+		jmp	short loc_594
+; ---------------------------------------------------------------------------
+
+loc_588:
+		push	off_19A8
+		call	sub_A4A
+		mov	ax, 1
+		jmp	short $+2
+
+loc_594:
+		pop	di
+		pop	si
+		retn
+sub_4BA		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_598		proc near
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		xor	si, si
+		mov	di, 10000
+		jmp	short loc_5F9
+; ---------------------------------------------------------------------------
+
+loc_5A4:
+		mov	word ptr bdata@, 0
+		mov	bx, si
+		shl	bx, 2
+		mov	word_1C6C[bx], 0
+		mov	word_1C6A[bx], di
+		sub	di, 1000
+		mov	ax, si
+		sar	ax, 1
+		mov	dl, 5
+		sub	dl, al
+		mov	byte_1CDD[si], dl
+		mov	bx, si
+		imul	bx, 7
+		mov	cx, 6
+
+loc_5D1:
+		mov	byte_1C96[bx], 0DAh
+		inc	bx
+		loop	loc_5D1
+		mov	byte_1C96[bx], 0
+		mov	bx, si
+		shl	bx, 2
+		mov	word_1CE8[bx], 1900
+		mov	byte_1CEA[bx], 1
+		mov	byte_1CEB[bx], 1
+		mov	byte_1D10[si], 1
+		inc	si
+
+loc_5F9:
+		cmp	si, 0Ah
+		jge	short loc_600
+		jmp	short loc_5A4
+; ---------------------------------------------------------------------------
+
+loc_600:
+		pop	di
+		pop	si
+		pop	bp
+		retn
+sub_598		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_604		proc near
+		push	bp
+		mov	bp, sp
+		push	si
+		mov	word ptr unk_1C94, 0
+		mov	word ptr unk_1C92, 0
+		mov	byte ptr unk_1CDC, 0
+		mov	byte ptr unk_1CE7, 0
+		mov	word ptr unk_1D1C, 0
+		mov	word ptr unk_1D1A, 0
+		xor	si, si
+		jmp	short loc_659
+; ---------------------------------------------------------------------------
+
+loc_62E:
+		mov	bx, si
+		shl	bx, 2
+		mov	dx, word_1C6C[bx]
+		mov	ax, word_1C6A[bx]
+		add	word ptr unk_1C92, ax
+		adc	word ptr unk_1C94, dx
+		mov	bx, si
+		imul	bx, 7
+		mov	al, byte_1C96[bx]
+		add	byte ptr unk_1CDC, al
+		mov	al, byte_1CDD[si]
+		add	byte ptr unk_1CE7, al
+		inc	si
+
+loc_659:
+		cmp	si, 0Ah
+		jl	short loc_62E
+		xor	si, si
+		jmp	short loc_67C
+; ---------------------------------------------------------------------------
+
+loc_662:
+		mov	al, bdata@[si]
+		mov	ah, 0
+		add	word ptr unk_1D1A, ax
+		adc	word ptr unk_1D1C, 0
+		mov	al, bdata@[si]
+		add	al, 12h
+		mov	bdata@[si], al
+		inc	si
+
+loc_67C:
+		cmp	si, 0B2h
+		jl	short loc_662
+		push	off_19A8
+		call	sub_A0E
+		push	ds
+		push	offset bdata@
+		push	0B6h
+		call	sub_968
+		push	ds
+		push	offset bdata@
+		push	0B6h
+		call	sub_968
+		push	ds
+		push	offset bdata@
+		push	0B6h
+		call	sub_968
+		push	ds
+		push	offset bdata@
+		push	0B6h
+		call	sub_968
+		push	ds
+		push	offset bdata@
+		push	0B6h
+		call	sub_968
+		call	sub_90E
+		pop	si
+		pop	bp
+		retn
+sub_604		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_6C1		proc near
+		push	bp
+		mov	bp, sp
+		call	sub_598
+		call	sub_604
+		pop	bp
+		retn
+sub_6C1		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_6CC		proc near
+		push	bp
+		mov	bp, sp
+		push	si
+		push	off_19A8
+		call	sub_932
+		mov	al, byte ptr unk_1D1E
+		cbw
+		imul	ax, 0B6h
+		push	0
+		push	ax
+		push	0
+		call	sub_A5C
+		push	ds
+		push	offset bdata@
+		push	0B6h
+		call	sub_7EE
+		xor	si, si
+		jmp	short loc_700
+; ---------------------------------------------------------------------------
+
+loc_6F5:
+		mov	al, bdata@[si]
+		add	al, 0EEh
+		mov	bdata@[si], al
+		inc	si
+
+loc_700:
+		cmp	si, 0B2h
+		jl	short loc_6F5
+		call	sub_90E
+		pop	si
+		pop	bp
+		retn
+sub_6CC		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_70C		proc near
+		mov	al, 80h
+		pushf
+		cli
+		out	7Ch, al
+		popf
+		xor	ax, ax
+		mov	dx, 7Eh
+		out	dx, al
+		out	dx, al
+		out	dx, al
+		out	dx, al
+		mov	bx, di
+		xor	di, di
+		mov	cx, word_1A20
+		mov	es, word_1A1E
+		assume es:nothing
+		rep stosw
+		mov	di, bx
+		out	7Ch, al
+		retn
+sub_70C		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_730		proc near
+
+arg_0		= word ptr  4
+arg_2		= word ptr  6
+arg_4		= word ptr  8
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	ah, 52h
+		int	21h		; DOS -	2+ internal - GET LIST OF LISTS
+					; Return: ES:BX	-> DOS list of lists
+		cld
+		mov	bx, es:[bx-2]
+
+loc_73E:
+		mov	es, bx
+		assume es:nothing
+		inc	bx
+		mov	ax, es:1
+		or	ax, ax
+		jz	short loc_75F
+		mov	ax, es:3
+		cmp	ax, [bp+arg_0]
+		jnz	short loc_75F
+		mov	cx, [bp+arg_2]
+		mov	si, [bp+arg_4]
+		mov	di, 10h
+		repe cmpsb
+		jz	short loc_770
+
+loc_75F:
+		mov	ax, es:3
+		add	bx, ax
+		mov	al, es:0
+		cmp	al, 4Dh
+
+loc_76B:
+		jz	short loc_73E
+		mov	bx, 0
+
+loc_770:
+		mov	ax, bx
+		pop	di
+		pop	si
+		pop	bp
+		retn	6
+sub_730		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_778		proc near
+
+arg_0		= word ptr  4
+arg_2		= word ptr  6
+arg_4		= word ptr  8
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		push	[bp+arg_4]
+		push	[bp+arg_2]
+		push	[bp+arg_0]
+		call	sub_730
+		or	ax, ax
+		jnz	short loc_7E7
+		mov	ax, 5800h
+		int	21h		; DOS -	3+ - GET/SET MEMORY ALLOCATION STRATEGY
+					; AL = function	code: get allocation strategy
+		mov	dx, ax
+		mov	ax, 5801h
+		mov	bx, 1
+		int	21h		; DOS -	3+ - GET/SET MEMORY ALLOCATION STRATEGY
+					; AL = function	code: set allocation strategy
+		mov	ah, 48h
+		mov	bx, [bp+arg_0]
+		int	21h		; DOS -	2+ - ALLOCATE MEMORY
+					; BX = number of 16-byte paragraphs desired
+		mov	cx, 0
+		jb	short loc_7DE
+		mov	bx, cs
+		cmp	bx, ax
+		jnb	short loc_7C3
+		mov	es, ax
+		assume es:nothing
+		mov	ah, 49h
+		int	21h		; DOS -	2+ - FREE MEMORY
+					; ES = segment address of area to be freed
+		mov	ax, 5801h
+		mov	bx, 2
+		int	21h		; DOS -	3+ - GET/SET MEMORY ALLOCATION STRATEGY
+					; AL = function	code: set allocation strategy
+		mov	ah, 48h
+		mov	bx, [bp+arg_0]
+		int	21h		; DOS -	2+ - ALLOCATE MEMORY
+					; BX = number of 16-byte paragraphs desired
+
+loc_7C3:
+		mov	cx, ax
+		push	ax
+		dec	cx
+		mov	es, cx
+		assume es:nothing
+		mov	ax, 0FFFFh
+		mov	es:1, ax
+		inc	cx
+		mov	es, cx
+		assume es:nothing
+		xor	di, di
+		mov	cx, [bp+arg_2]
+		mov	si, [bp+arg_4]
+		rep movsb
+		pop	cx
+
+loc_7DE:
+		mov	ax, 5801h
+		mov	bx, dx
+		int	21h		; DOS -	3+ - GET/SET MEMORY ALLOCATION STRATEGY
+					; AL = function	code: set allocation strategy
+		mov	ax, cx
+
+loc_7E7:
+		pop	di
+		pop	si
+		pop	bp
+		retn	6
+sub_778		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_7EE		proc near
+
+arg_0		= word ptr  4
+arg_2		= dword	ptr  6
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		cmp	word_1A34, 0
+		jz	short loc_872
+		mov	bx, [bp+arg_0]
+		les	di, [bp+arg_2]
+		assume es:nothing
+
+loc_800:
+		mov	ax, word ptr unk_1D2E
+		cmp	word ptr unk_1D2C, ax
+		jb	short loc_836
+		add	word ptr unk_1D28, ax
+		adc	word ptr unk_1D2A, 0
+		push	bx
+		push	ds
+		mov	cx, word_1A34
+		mov	bx, word_1A36
+		lds	dx, dword ptr unk_1D24
+		mov	ah, 3Fh
+		int	21h		; DOS -	2+ - READ FROM FILE WITH HANDLE
+					; BX = file handle, CX = number	of bytes to read
+					; DS:DX	-> buffer
+		pop	ds
+		pop	bx
+		cmc
+		sbb	dx, dx
+		and	ax, dx
+		mov	word ptr unk_1D2E, ax
+		jz	short loc_891
+		mov	word ptr unk_1D2C, 0
+
+loc_836:
+		mov	si, word ptr unk_1D2E
+		sub	si, word ptr unk_1D2C
+		sub	si, bx
+		sbb	ax, ax
+		and	si, ax
+		add	si, bx
+		mov	ax, es
+		or	ax, di
+		jz	short loc_867
+		or	si, si
+		jz	short loc_867
+		push	si
+		push	ds
+		mov	cx, si
+		mov	ax, word ptr unk_1D2C
+		lds	si, dword ptr unk_1D24
+		add	si, ax
+		shr	cx, 1
+		rep movsw
+		adc	cx, cx
+		rep movsb
+		pop	ds
+		pop	si
+
+loc_867:
+		add	word ptr unk_1D2C, si
+		sub	bx, si
+		jnz	short loc_800
+		jmp	short loc_897
+; ---------------------------------------------------------------------------
+		nop
+
+loc_872:
+		push	ds
+		mov	cx, [bp+arg_0]
+		mov	bx, word_1A36
+		lds	dx, [bp+arg_2]
+		mov	ah, 3Fh
+		int	21h		; DOS -	2+ - READ FROM FILE WITH HANDLE
+					; BX = file handle, CX = number	of bytes to read
+					; DS:DX	-> buffer
+		pop	ds
+		add	word ptr unk_1D28, ax
+		adc	word ptr unk_1D2A, 0
+		mov	bx, cx
+		sub	bx, ax
+		jz	short loc_897
+
+loc_891:
+		mov	word ptr unk_1D30, 1
+
+loc_897:
+		mov	ax, [bp+arg_0]
+		sub	ax, bx
+		pop	di
+		pop	si
+		pop	bp
+		retn	6
+sub_7EE		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_8A2		proc near
+		mov	bx, word_1A36
+		cmp	bx, 0FFFFh
+		jz	short locret_90C
+		mov	ax, word ptr unk_1D2C
+		cmp	word ptr unk_1D2E, ax
+		jnb	short loc_8E0
+		push	ds
+		mov	cx, word ptr unk_1D2C
+		lds	dx, dword ptr unk_1D24
+		mov	ah, 40h
+		int	21h		; DOS -	2+ - WRITE TO FILE WITH	HANDLE
+					; BX = file handle, CX = number	of bytes to write, DS:DX -> buffer
+		pop	ds
+		jb	short loc_8D3
+		add	word ptr unk_1D28, ax
+		adc	word ptr unk_1D2A, 0
+		cmp	word ptr unk_1D2C, ax
+		jz	short loc_8D9
+
+loc_8D3:
+		mov	word ptr unk_1D32, 1
+
+loc_8D9:
+		mov	word ptr unk_1D2C, 0
+		retn
+; ---------------------------------------------------------------------------
+
+loc_8E0:
+		cmp	word ptr unk_1D2E, 0
+		jz	short locret_90C
+		mov	dx, ax
+		mov	cx, 0
+		add	dx, word ptr unk_1D28
+		mov	word ptr unk_1D2E, cx
+		mov	word ptr unk_1D2C, cx
+		adc	cx, word ptr unk_1D2A
+		mov	ax, 4200h
+		mov	bx, word_1A36
+		int	21h		; DOS -	2+ - MOVE FILE READ/WRITE POINTER (LSEEK)
+					; AL = method: offset from beginning of	file
+		mov	word ptr unk_1D28, ax
+		mov	word ptr unk_1D2A, dx
+
+locret_90C:
+		retn
+sub_8A2		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_90E		proc near
+		call	sub_8A2
+		mov	ah, 3Eh
+		int	21h		; DOS -	2+ - CLOSE A FILE WITH HANDLE
+					; BX = file handle
+		mov	word_1A36, 0FFFFh
+		retn
+sub_90E		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_91C		proc near
+		mov	bx, sp
+		push	word ptr ss:[bx+2]
+		call	sub_B16
+		jb	short loc_92C
+		xchg	ax, bx
+		mov	ah, 3Eh
+		int	21h		; DOS -	2+ - CLOSE A FILE WITH HANDLE
+					; BX = file handle
+
+loc_92C:
+		sbb	ax, ax
+		inc	ax
+		retn	2
+sub_91C		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_932		proc near
+
+arg_0		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		xor	ax, ax
+		mov	bx, word_1A36
+		cmp	bx, 0FFFFh
+		jnz	short loc_964
+		push	[bp+arg_0]
+		call	sub_B16
+		sbb	bx, bx
+		or	ax, bx
+		mov	word_1A36, ax
+		xor	ax, ax
+		mov	word ptr unk_1D2E, ax
+		mov	word ptr unk_1D28, ax
+		mov	word ptr unk_1D2A, ax
+		mov	word ptr unk_1D2C, ax
+		mov	word ptr unk_1D30, ax
+		mov	word ptr unk_1D32, ax
+		lea	ax, [bx+1]
+
+loc_964:
+		pop	bp
+		retn	2
+sub_932		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_968		proc near
+
+arg_0		= word ptr  4
+arg_2		= dword	ptr  6
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		cmp	word_1A34, 0
+		jz	short loc_9DE
+		mov	bx, [bp+arg_0]
+		mov	si, word ptr [bp+arg_2]
+
+loc_97A:
+		mov	cx, word_1A34
+		sub	cx, word ptr unk_1D2C
+		sub	cx, bx
+		sbb	ax, ax
+		and	cx, ax
+		add	cx, bx
+		les	di, dword ptr unk_1D24
+		add	di, word ptr unk_1D2C
+		sub	bx, cx
+		add	word ptr unk_1D2C, cx
+		push	ds
+		mov	ds, word ptr [bp+arg_2+2]
+		shr	cx, 1
+		rep movsw
+		adc	cx, cx
+		rep movsb
+		pop	ds
+		or	ax, ax
+		jns	short loc_9D4
+		push	ds
+		push	bx
+		mov	cx, word_1A34
+		mov	bx, word_1A36
+		lds	dx, dword ptr unk_1D24
+		mov	ah, 40h
+		int	21h		; DOS -	2+ - WRITE TO FILE WITH	HANDLE
+					; BX = file handle, CX = number	of bytes to write, DS:DX -> buffer
+		pop	bx
+		pop	ds
+		jb	short loc_9F0
+		cmp	word_1A34, ax
+		jnz	short loc_9F0
+		mov	word ptr unk_1D2C, 0
+		add	word ptr unk_1D28, ax
+		adc	word ptr unk_1D2A, 0
+
+loc_9D4:
+		or	bx, bx
+		jnz	short loc_97A
+		mov	ax, 1
+		jmp	short loc_A06
+; ---------------------------------------------------------------------------
+		nop
+
+loc_9DE:
+		push	ds
+		mov	cx, [bp+arg_0]
+		mov	bx, word_1A36
+		lds	dx, [bp+arg_2]
+		mov	ah, 40h
+		int	21h		; DOS -	2+ - WRITE TO FILE WITH	HANDLE
+					; BX = file handle, CX = number	of bytes to write, DS:DX -> buffer
+		pop	ds
+		jnb	short loc_9F8
+
+loc_9F0:
+		mov	word ptr unk_1D32, 1
+		xor	ax, ax
+
+loc_9F8:
+		add	word ptr unk_1D28, ax
+		adc	word ptr unk_1D2A, 0
+		add	ax, 0FFFFh
+		sbb	ax, ax
+
+loc_A06:
+		pop	di
+		pop	si
+		mov	sp, bp
+		pop	bp
+		retn	6
+sub_968		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_A0E		proc near
+
+arg_0		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		mov	ax, 0
+		mov	bx, word_1A36
+		cmp	bx, 0FFFFh
+		jnz	short loc_A45
+		mov	cx, 20h
+		mov	ah, 3Ch
+		push	ax
+		push	[bp+arg_0]
+		call	sub_AAE
+		or	ax, dx
+		mov	word_1A36, ax
+		xor	ax, ax
+		mov	word ptr unk_1D2E, ax
+		mov	word ptr unk_1D2C, ax
+		mov	word ptr unk_1D30, ax
+		mov	word ptr unk_1D32, ax
+		mov	word ptr unk_1D28, ax
+		mov	word ptr unk_1D2A, ax
+		mov	ax, dx
+		inc	ax
+
+loc_A45:
+		pop	bp
+		retn	2
+sub_A0E		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_A4A		proc near
+		mov	bx, sp
+		mov	ah, 41h
+		push	ax
+		push	word ptr ss:[bx+2]
+		call	sub_AAE
+		sbb	ax, ax
+		inc	ax
+		retn	2
+sub_A4A		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_A5C		proc near
+		call	sub_8A2
+		cmp	bx, 0FFFFh
+		jz	short locret_A8C
+		push	bp
+		mov	bp, sp
+		mov	al, [bp+4]
+		mov	ah, 42h
+		mov	dx, [bp+6]
+		mov	cx, [bp+8]
+		int	21h		; DOS -	2+ - MOVE FILE READ/WRITE POINTER (LSEEK)
+					; AL = method:
+					; 0-from beginnig,1-from current,2-from	end
+		pop	bp
+		mov	ax, 4201h
+		mov	dx, 0
+		mov	cx, dx
+		int	21h		; DOS -	2+ - MOVE FILE READ/WRITE POINTER (LSEEK)
+					; AL = method: offset from present location
+		mov	word ptr unk_1D30, 0
+		mov	word ptr unk_1D28, ax
+		mov	word ptr unk_1D2A, dx
+
+locret_A8C:
+		retn	6
+sub_A5C		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_A90		proc near
+		mov	ax, word ptr unk_1D2C
+		xor	dx, dx
+		add	ax, word ptr unk_1D28
+		adc	dx, word ptr unk_1D2A
+		retn
+sub_A90		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_A9E		proc near
+
+arg_0		= word ptr  6
+
+		push	bp
+		push	es
+		mov	bp, sp
+		mov	es, [bp+arg_0]
+		mov	ah, 49h
+		int	21h		; DOS -	2+ - FREE MEMORY
+					; ES = segment address of area to be freed
+		pop	es
+		pop	bp
+		retn	2
+sub_A9E		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_AAE		proc near
+
+arg_0		= word ptr  4
+arg_2		= word ptr  6
+
+		push	bp
+		mov	bp, sp
+		mov	dx, [bp+arg_0]
+		mov	ax, [bp+arg_2]
+		int	21h		; DOS -
+		sbb	dx, dx
+		xor	ax, dx
+		sub	ax, dx
+		pop	bp
+		retn	4
+sub_AAE		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_AC4		proc near
+		mov	bx, sp
+		mov	ax, 3C00h
+		push	ax
+		push	word ptr ss:[bx+4]
+		mov	cx, ss:[bx+2]
+		call	sub_AAE
+		retn	4
+sub_AC4		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_AD8		proc near
+		mov	bx, sp
+		mov	cx, si
+		mov	si, ss:[bx+2]
+		lodsb
+		or	al, al
+		jz	short loc_AFA
+		mov	ah, 2
+
+loc_AE7:
+		cmp	al, 0Ah
+		jnz	short loc_AF1
+		mov	dl, 0Dh
+		int	21h		; DOS -	DISPLAY	OUTPUT
+					; DL = character to send to standard output
+		mov	al, 0Ah
+
+loc_AF1:
+		mov	dl, al
+		int	21h		; DOS -	DISPLAY	OUTPUT
+					; DL = character to send to standard output
+		lodsb
+		or	al, al
+		jnz	short loc_AE7
+
+loc_AFA:
+		mov	si, cx
+		retn	2
+sub_AD8		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_B00		proc near
+		mov	bx, sp
+		mov	ah, 3Eh
+		mov	bx, ss:[bx+2]
+		int	21h		; DOS -	2+ - CLOSE A FILE WITH HANDLE
+					; BX = file handle
+		mov	ax, 0
+		jnb	short locret_B12
+		mov	ax, 0FFF3h
+
+locret_B12:
+		retn	2
+sub_B00		endp
+
+; ---------------------------------------------------------------------------
+		nop
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_B16		proc near
+		mov	bx, sp
+		mov	ah, 3Dh
+		mov	al, byte_1A38
+		mov	dx, ss:[bx+2]
+		int	21h		; DOS -	2+ - OPEN DISK FILE WITH HANDLE
+					; DS:DX	-> ASCIZ filename
+					; AL = access mode
+					; 0 - read
+		jb	short loc_B28
+		retn	2
+; ---------------------------------------------------------------------------
+
+loc_B28:
+		mov	ax, 0FFFEh
+		retn	2
+sub_B16		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_B2E		proc near
+
+arg_0		= word ptr  4
+arg_2		= dword	ptr  6
+arg_6		= word ptr  0Ah
+
+		push	bp
+		mov	bp, sp
+		push	ds
+		mov	bx, [bp+arg_6]
+		lds	dx, [bp+arg_2]
+		mov	cx, [bp+arg_0]
+		mov	ah, 40h
+		int	21h		; DOS -	2+ - WRITE TO FILE WITH	HANDLE
+					; BX = file handle, CX = number	of bytes to write, DS:DX -> buffer
+		pop	ds
+		jnb	short loc_B44
+		neg	ax
+
+loc_B44:
+		pop	bp
+		retn	8
+sub_B2E		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_B48		proc near
+
+arg_0		= byte ptr  4
+arg_2		= word ptr  6
+arg_4		= word ptr  8
+arg_6		= word ptr  0Ah
+
+		push	bp
+		mov	bp, sp
+		mov	bx, [bp+arg_6]
+		mov	dx, [bp+arg_2]
+		mov	cx, [bp+arg_4]
+		mov	al, [bp+arg_0]
+		mov	ah, 42h
+		int	21h		; DOS -	2+ - MOVE FILE READ/WRITE POINTER (LSEEK)
+					; AL = method:
+					; 0-from beginnig,1-from current,2-from	end
+		jnb	short loc_B60
+		neg	ax
+		cwd
+
+loc_B60:
+		pop	bp
+		retn	8
+sub_B48		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: noreturn
+
+sub_B64		proc near
+		push	si
+		push	di
+		mov	ax, offset aAbnormalProgra ; "Abnormal program termination\r\n"
+		push	ax		; buf
+		call	___ErrorMessage
+		mov	ax, 3
+		push	ax		; status
+		call	__exit
+; ---------------------------------------------------------------------------
+		pop	cx
+		pop	cx
+		pop	di
+		pop	si
+		retn
+sub_B64		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl atexit(void (*func)(void))
+_atexit		proc near
+
+func		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		cmp	word_1A5A, 20h
+		jnz	short loc_B8A
+		mov	ax, 1
+		jmp	short loc_B9D
+; ---------------------------------------------------------------------------
+
+loc_B8A:
+		mov	bx, word_1A5A
+		add	bx, bx
+		mov	ax, [bp+func]
+		mov	word_1D34[bx], ax
+		inc	word_1A5A
+		xor	ax, ax
+
+loc_B9D:
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_atexit		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl __ErrorMessage(char *buf)
+___ErrorMessage	proc near
+
+buf		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		push	[bp+buf]	; s
+		call	_strlen
+		pop	cx
+		push	ax		; len
+		push	[bp+buf]	; buf
+		mov	al, byte_1A86
+		cbw
+		push	ax		; handle
+		call	__rtl_write
+		add	sp, 6
+		pop	di
+		pop	si
+		pop	bp
+		retn
+___ErrorMessage	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_BC0		proc near
+		push	si
+		push	di
+		pop	di
+		pop	si
+		retn
+sub_BC0		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+sub_BC5		proc near
+
+arg_0		= word ptr  4
+arg_2		= word ptr  6
+arg_4		= word ptr  8
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		cmp	[bp+arg_4], 0
+		jnz	short loc_BEE
+		jmp	short loc_BE0
+; ---------------------------------------------------------------------------
+
+loc_BD2:
+		dec	word_1A5A
+		mov	bx, word_1A5A
+		add	bx, bx
+		call	word_1D34[bx]
+
+loc_BE0:
+		cmp	word_1A5A, 0
+		jnz	short loc_BD2
+		call	__cleanup
+		call	off_1A5C
+
+loc_BEE:
+		call	__restorezero
+		call	__checknull
+		cmp	[bp+arg_2], 0
+		jnz	short loc_C0F
+		cmp	[bp+arg_4], 0
+		jnz	short loc_C08
+		call	off_1A5E
+		call	off_1A60
+
+loc_C08:
+		push	[bp+arg_0]
+		call	__terminate
+; ---------------------------------------------------------------------------
+		pop	cx
+
+loc_C0F:
+		pop	di
+		pop	si
+		pop	bp
+		retn	6
+sub_BC5		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function noreturn	bp-based frame
+
+; void __cdecl exit(int	status)
+_exit		proc near
+
+status		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		xor	ax, ax
+		push	ax
+		push	ax
+		push	[bp+status]
+		call	sub_BC5
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_exit		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function noreturn	bp-based frame
+
+; void __cdecl _exit(int status)
+__exit		proc near
+
+status		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	ax, 1
+		push	ax
+		xor	ax, ax
+		push	ax
+		push	[bp+status]
+		call	sub_BC5
+		pop	di
+		pop	si
+		pop	bp
+		retn
+__exit		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+; void _cexit(void)
+__cexit		proc near
+		push	si
+		push	di
+		xor	ax, ax
+		push	ax
+		mov	ax, 1
+		push	ax
+		xor	ax, ax
+		push	ax
+		call	sub_BC5
+		pop	di
+		pop	si
+		retn
+__cexit		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+; void _c_exit(void)
+__c_exit	proc near
+		push	si
+		push	di
+		mov	ax, 1
+		push	ax
+		push	ax
+		xor	ax, ax
+		push	ax
+		call	sub_BC5
+		pop	di
+		pop	si
+		retn
+__c_exit	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+__IOERROR	proc near
+
+arg_0		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	dx, [bp+arg_0]
+		or	dx, dx
+		jl	short loc_C83
+		cmp	dx, 58h
+		jle	short loc_C74
+
+loc_C71:
+		mov	dx, 57h
+
+loc_C74:
+		mov	word_1BCE, dx
+		mov	bx, dx
+		mov	al, byte_1BD0[bx]
+		cbw
+		mov	dx, ax
+		jmp	short loc_C91
+; ---------------------------------------------------------------------------
+
+loc_C83:
+		neg	dx
+		cmp	dx, word_1C46
+		jg	short loc_C71
+		mov	word_1BCE, 0FFFFh
+
+loc_C91:
+		mov	word_182A, dx
+		mov	ax, 0FFFFh
+		pop	di
+		pop	si
+		pop	bp
+		retn	2
+__IOERROR	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+__DOSERROR	proc near
+
+arg_0		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		push	[bp+arg_0]
+		call	__IOERROR
+		mov	ax, [bp+arg_0]
+		pop	di
+		pop	si
+		pop	bp
+		retn	2
+__DOSERROR	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl isatty(int handle)
+_isatty		proc near
+
+handle		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	ax, 4400h
+		mov	bx, [bp+handle]
+		int	21h		; DOS -	2+ - IOCTL - GET DEVICE	INFORMATION
+					; BX = file or device handle
+		xchg	ax, dx
+		and	ax, 80h
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_isatty		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; __int32 __cdecl lseek(int handle, __int32 offset, int	fromwhere)
+_lseek		proc near
+
+handle		= word ptr  4
+ofs		= word ptr  6
+arg_4		= word ptr  8
+fromwhere	= byte ptr  0Ah
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	bx, [bp+handle]
+		add	bx, bx
+		and	word_1BA4[bx], 0FDFFh
+		mov	ah, 42h
+		mov	al, [bp+fromwhere]
+		mov	bx, [bp+handle]
+		mov	cx, [bp+arg_4]
+		mov	dx, [bp+ofs]
+		int	21h		; DOS -	2+ - MOVE FILE READ/WRITE POINTER (LSEEK)
+					; AL = method:
+					; 0-from beginnig,1-from current,2-from	end
+		jb	short loc_CEB
+		jmp	short loc_CF0
+; ---------------------------------------------------------------------------
+
+loc_CEB:
+		push	ax
+		call	__IOERROR
+		cwd
+
+loc_CF0:
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_lseek		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+N_SCOPY@	proc near
+
+arg_0		= dword	ptr  4
+arg_4		= dword	ptr  8
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		push	ds
+		lds	si, [bp+arg_0]
+		les	di, [bp+arg_4]
+		cld
+		shr	cx, 1
+		rep movsw
+		adc	cx, cx
+		rep movsb
+		pop	ds
+		pop	di
+		pop	si
+		pop	bp
+		retn	8
+N_SCOPY@	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+__setupio	proc near
+		push	si
+		push	di
+		mov	dx, 5
+		jmp	short loc_D3C
+; ---------------------------------------------------------------------------
+
+loc_D17:
+		mov	bx, dx
+		add	bx, bx
+		mov	word_1BA4[bx], 0
+		mov	bx, dx
+		mov	cl, 4
+		shl	bx, cl
+		mov	byte_1A66[bx], 0FFh
+		mov	ax, dx
+		shl	ax, cl
+		add	ax, offset byte_1A62
+		mov	bx, dx
+		shl	bx, cl
+		mov	off_1A70[bx], ax
+		inc	dx
+
+loc_D3C:
+		cmp	dx, word_1BA2
+		jb	short loc_D17
+		mov	al, byte_1A66
+		cbw
+		push	ax		; handle
+		call	_isatty
+		pop	cx
+		or	ax, ax
+		jnz	short loc_D55
+		and	word_1A64, 0FDFFh
+
+loc_D55:
+		mov	ax, 200h
+		push	ax		; size
+		test	byte ptr word_1A64+1, 2
+		jz	short loc_D65
+		mov	ax, 1
+		jmp	short loc_D67
+; ---------------------------------------------------------------------------
+
+loc_D65:
+		xor	ax, ax
+
+loc_D67:
+		push	ax		; type
+		xor	ax, ax
+		push	ax		; buf
+		mov	ax, offset byte_1A62
+		push	ax		; stream
+		call	_setvbuf
+		add	sp, 8
+		mov	al, byte_1A76
+		cbw
+		push	ax		; handle
+		call	_isatty
+		pop	cx
+		or	ax, ax
+		jnz	short loc_D88
+		and	word_1A74, 0FDFFh
+
+loc_D88:
+		mov	ax, 200h
+		push	ax		; size
+		test	byte ptr word_1A74+1, 2
+		jz	short loc_D98
+		mov	ax, 2
+		jmp	short loc_D9A
+; ---------------------------------------------------------------------------
+
+loc_D98:
+		xor	ax, ax
+
+loc_D9A:
+		push	ax		; type
+		xor	ax, ax
+		push	ax		; buf
+		mov	ax, offset unk_1A72
+		push	ax		; stream
+		call	_setvbuf
+		add	sp, 8
+		pop	di
+		pop	si
+		retn
+__setupio	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+___brk		proc near
+
+arg_0		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	ax, [bp+arg_0]
+		mov	dx, sp
+		sub	dx, 200h
+		cmp	ax, dx
+		jnb	short loc_DC4
+		mov	off_1830, ax
+		xor	ax, ax
+		jmp	short loc_DCD
+; ---------------------------------------------------------------------------
+
+loc_DC4:
+		mov	word_182A, 8
+		mov	ax, 0FFFFh
+
+loc_DCD:
+		pop	di
+		pop	si
+		pop	bp
+		retn
+___brk		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+___sbrk		proc near
+
+arg_0		= word ptr  4
+arg_2		= word ptr  6
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	ax, [bp+arg_0]
+		mov	dx, [bp+arg_2]
+		add	ax, off_1830
+		adc	dx, 0
+		mov	cx, ax
+		or	dx, dx
+		jnz	short loc_DF9
+		add	cx, 200h
+		jb	short loc_DF9
+		cmp	cx, sp
+		jnb	short loc_DF9
+		xchg	ax, off_1830
+		jmp	short loc_E02
+; ---------------------------------------------------------------------------
+
+loc_DF9:
+		mov	word_182A, 8
+		mov	ax, 0FFFFh
+
+loc_E02:
+		pop	di
+		pop	si
+		pop	bp
+		retn
+___sbrk		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl brk(void *addr)
+_brk		proc near
+
+addr		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		push	[bp+addr]
+		call	___brk
+		pop	cx
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_brk		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; void *__cdecl	sbrk(int incr)
+_sbrk		proc near
+
+incr		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	ax, [bp+incr]
+		cwd
+		push	dx
+		push	ax
+		call	___sbrk
+		pop	cx
+		pop	cx
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_sbrk		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+; void __cdecl free(void *block)
+_free		proc near
+
+block		= word ptr  2
+
+		push	si
+		push	di
+		mov	si, sp
+		mov	bx, [si+6]
+		sub	bx, 4
+		jb	short loc_E44
+		cmp	bx, word_1C2E
+		jz	short loc_E41
+		call	sub_E81
+		jmp	short loc_E44
+; ---------------------------------------------------------------------------
+
+loc_E41:
+		call	sub_E47
+
+loc_E44:
+		pop	di
+		pop	si
+		retn
+_free		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_E47		proc near
+		cmp	word_1C2C, bx
+		jz	short loc_E70
+		mov	si, [bx+2]
+		test	byte ptr [si], 1
+		jz	short loc_E5B
+		mov	word_1C2E, si
+		jmp	short loc_E7B
+; ---------------------------------------------------------------------------
+
+loc_E5B:
+		cmp	si, word_1C2C
+		jz	short loc_E6E
+		mov	bx, si
+		call	sub_EBA
+		mov	ax, [bx+2]
+		mov	word_1C2E, ax
+		jmp	short loc_E7B
+; ---------------------------------------------------------------------------
+
+loc_E6E:
+		mov	bx, si
+
+loc_E70:
+		xor	ax, ax
+		mov	word_1C2C, ax
+		mov	word_1C2E, ax
+		mov	word_1C30, ax
+
+loc_E7B:
+		push	bx
+		call	___brk
+		pop	bx
+		retn
+sub_E47		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_E81		proc near
+		dec	word ptr [bx]
+		cmp	bx, word_1C2C
+		jz	short loc_EA1
+		mov	si, [bx+2]
+		mov	ax, [si]
+		test	al, 1
+		jnz	short loc_EA1
+		add	ax, [bx]
+		mov	[si], ax
+		mov	di, [bx]
+		add	di, bx
+		mov	[di+2],	si
+		mov	bx, si
+		jmp	short loc_EA4
+; ---------------------------------------------------------------------------
+
+loc_EA1:
+		call	sub_ED6
+
+loc_EA4:
+		mov	di, [bx]
+		add	di, bx
+		mov	ax, [di]
+		test	al, 1
+		jz	short loc_EAF
+		retn
+; ---------------------------------------------------------------------------
+
+loc_EAF:
+		add	[bx], ax
+		mov	si, di
+		add	si, ax
+		mov	[si+2],	bx
+		mov	bx, di
+sub_E81		endp ; sp-analysis failed
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_EBA		proc near
+		mov	di, [bx+6]
+		cmp	bx, di
+		jz	short loc_ECF
+		mov	word_1C30, di
+		mov	si, [bx+4]
+		mov	[di+4],	si
+		mov	[si+6],	di
+		retn
+; ---------------------------------------------------------------------------
+
+loc_ECF:
+		mov	word_1C30, 0
+		retn
+sub_EBA		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_ED6		proc near
+		mov	si, word_1C30
+		or	si, si
+		jz	short loc_EEE
+		mov	di, [si+6]
+		mov	[si+6],	bx
+		mov	[di+4],	bx
+		mov	[bx+6],	di
+		mov	[bx+4],	si
+		retn
+; ---------------------------------------------------------------------------
+
+loc_EEE:
+		mov	word_1C30, bx
+		mov	[bx+4],	bx
+		mov	[bx+6],	bx
+		retn
+sub_ED6		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+; void *__cdecl	malloc(size_t size)
+_malloc		proc near
+
+_size		= word ptr  2
+
+		push	si
+		push	di
+		mov	si, sp
+		mov	ax, [si+6]
+		or	ax, ax
+		jz	short loc_F56
+		add	ax, 5
+		jb	short loc_F3F
+		and	ax, 0FFFEh
+		cmp	ax, 8
+		jnb	short loc_F14
+		mov	ax, 8
+
+loc_F14:
+		cmp	word_1C2C, 0
+		jz	short loc_F3A
+		mov	bx, word_1C30
+		or	bx, bx
+		jz	short loc_F30
+		mov	dx, bx
+
+loc_F25:
+		cmp	[bx], ax
+		jnb	short loc_F43
+		mov	bx, [bx+6]
+		cmp	bx, dx
+		jnz	short loc_F25
+
+loc_F30:
+		call	sub_F99
+		jmp	short loc_F56
+; ---------------------------------------------------------------------------
+
+loc_F35:
+		call	sub_FC2
+		jmp	short loc_F56
+; ---------------------------------------------------------------------------
+
+loc_F3A:
+		call	sub_F59
+		jmp	short loc_F56
+; ---------------------------------------------------------------------------
+
+loc_F3F:
+		xor	ax, ax
+		jmp	short loc_F56
+; ---------------------------------------------------------------------------
+
+loc_F43:
+		mov	si, ax
+		add	si, 8
+		cmp	[bx], si
+		jnb	short loc_F35
+		call	sub_EBA
+		inc	word ptr [bx]
+		mov	ax, bx
+		add	ax, 4
+
+loc_F56:
+		pop	di
+		pop	si
+		retn
+_malloc		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_F59		proc near
+		push	ax
+		xor	ax, ax
+		push	ax
+		push	ax
+		call	___sbrk
+		pop	bx
+		pop	bx
+		and	ax, 1
+		jz	short loc_F71
+		xor	dx, dx
+		push	dx
+		push	ax
+		call	___sbrk
+		pop	bx
+		pop	bx
+
+loc_F71:
+		pop	ax
+		push	ax
+		xor	bx, bx
+		push	bx
+		push	ax
+		call	___sbrk
+		pop	bx
+		pop	bx
+		cmp	ax, 0FFFFh
+		jz	short loc_F95
+		mov	bx, ax
+		mov	word_1C2C, bx
+		mov	word_1C2E, bx
+		pop	ax
+		inc	ax
+		mov	[bx], ax
+		add	bx, 4
+		mov	ax, bx
+		retn
+; ---------------------------------------------------------------------------
+
+loc_F95:
+		pop	bx
+		xor	ax, ax
+		retn
+sub_F59		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_F99		proc near
+		push	ax
+		xor	bx, bx
+		push	bx
+		push	ax
+		call	___sbrk
+		pop	bx
+		pop	bx
+		cmp	ax, 0FFFFh
+		jz	short loc_FBE
+		mov	bx, ax
+		mov	ax, word_1C2E
+		mov	[bx+2],	ax
+		mov	word_1C2E, bx
+		pop	ax
+		inc	ax
+		mov	[bx], ax
+		add	bx, 4
+		mov	ax, bx
+		retn
+; ---------------------------------------------------------------------------
+
+loc_FBE:
+		pop	ax
+		xor	ax, ax
+		retn
+sub_F99		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_FC2		proc near
+		sub	[bx], ax
+		mov	si, bx
+		add	si, [bx]
+		mov	di, si
+		add	di, ax
+		inc	ax
+		mov	[si], ax
+		mov	[si+2],	bx
+		mov	[di+2],	si
+		add	si, 4
+		mov	ax, si
+		retn
+sub_FC2		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __fastcall sub_FDB(size_t	size)
+sub_FDB		proc near
+
+var_2		= word ptr -2
+
+		mov	bp, sp
+		push	bx
+		push	ax
+		push	cx
+		push	ax		; size
+		call	_malloc
+		pop	bx
+		mov	bx, ax
+		or	ax, ax
+		jz	short loc_100A
+		push	ds
+		pop	es
+		assume es:seg000
+		cld
+		mov	di, ax
+		mov	si, [bp+var_2]
+		mov	cx, [si]
+		add	si, 4
+		push	si		; block
+		sub	cx, 5
+		shr	cx, 1
+		rep movsw
+		mov	[bp+var_2], ax
+		call	_free
+		pop	bx
+		mov	bx, [bp+var_2]
+
+loc_100A:
+		add	sp, 6
+		retn
+sub_FDB		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function
+
+sub_100E	proc near
+		mov	ax, dx
+		add	dx, 8
+		cmp	dx, cx
+		ja	short loc_104C
+		mov	dx, cx
+		cmp	bx, word_1C2E
+		jnz	short loc_102E
+		mov	[bx], ax
+		inc	word ptr [bx]
+		add	ax, bx
+		push	bx
+		push	ax
+		call	___brk
+		pop	bx
+		pop	bx
+		jmp	short loc_104C
+; ---------------------------------------------------------------------------
+
+loc_102E:
+		mov	di, bx
+		add	di, ax
+		mov	[di+2],	bx
+		sub	dx, ax
+		sub	[bx], dx
+		mov	si, di
+		add	si, dx
+		mov	[si+2],	di
+		inc	dx
+		mov	[di], dx
+		mov	cx, bx
+		mov	bx, di
+		call	sub_E81
+		mov	bx, cx
+
+loc_104C:
+		add	bx, 4
+		retn
+sub_100E	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; void *__cdecl	realloc(void *block, size_t size)
+_realloc	proc near
+
+block		= word ptr  8
+_size		= word ptr  0Ah
+
+		push	si
+		push	di
+		push	bp
+		mov	bp, sp
+		mov	bx, [bp+block]
+		mov	ax, [bp+_size]
+		or	ax, ax
+		jz	short loc_1096
+		or	bx, bx
+		jz	short loc_1090
+		sub	bx, 4
+		mov	cx, [bx]
+		dec	cx
+		mov	dx, ax
+		add	dx, 5
+		and	dx, 0FFFEh
+		cmp	dx, 8
+		jnb	short loc_1079
+		mov	dx, 8
+
+loc_1079:
+		cmp	cx, dx
+		jb	short loc_1089
+		ja	short loc_1084
+		add	bx, 4
+		jmp	short loc_108C
+; ---------------------------------------------------------------------------
+
+loc_1084:
+		call	sub_100E
+		jmp	short loc_108C
+; ---------------------------------------------------------------------------
+
+loc_1089:
+		call	sub_FDB
+
+loc_108C:
+		mov	ax, bx
+		jmp	short loc_109D
+; ---------------------------------------------------------------------------
+
+loc_1090:
+		push	ax		; size
+		call	_malloc
+		jmp	short loc_109C
+; ---------------------------------------------------------------------------
+
+loc_1096:
+		push	bx		; block
+		call	_free
+		xor	ax, ax
+
+loc_109C:
+		pop	bx
+
+loc_109D:
+		pop	bp
+		pop	di
+		pop	si
+		retn
+_realloc	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_10A1	proc near
+		push	ax
+		push	cx
+		push	dx
+		push	bx
+		push	sp
+		push	bp
+		push	si
+		push	di
+		push	ds
+		push	es
+		mov	bp, sp
+		mov	ax, word ptr dword_1C32
+		or	ax, word ptr dword_1C32+2
+		jnz	short loc_10DC
+		mov	si, 0FFFFh
+		push	ds
+		mov	ax, 6300h
+		clc
+		int	21h		; DOS -	3.2+ only - GET	DOUBLE BYTE CHARACTER SET LEAD TABLE
+		mov	ax, ds
+		pop	ds
+		jb	short loc_10D0
+		mov	dx, ds
+		cmp	ax, dx
+		jz	short loc_10D0
+		cmp	si, 0FFFFh
+		jnz	short loc_10D5
+
+loc_10D0:
+		mov	si, offset byte_1C36
+		mov	ax, ds
+
+loc_10D5:
+		mov	word ptr dword_1C32, si
+		mov	word ptr dword_1C32+2, ax
+
+loc_10DC:
+		mov	sp, bp
+		pop	es
+		assume es:nothing
+		pop	ds
+		pop	di
+		pop	si
+		pop	bp
+		pop	bx
+		pop	bx
+		pop	dx
+		pop	cx
+		pop	ax
+		retn
+sub_10A1	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_10E9	proc near
+
+arg_0		= byte ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	al, [bp+arg_0]
+		xor	cx, cx
+		les	bx, dword_1C32
+
+loc_10F7:
+		mov	dx, es:[bx]
+		or	dx, dx
+		jz	short loc_1109
+		cmp	al, dl
+		jb	short loc_1109
+		inc	bx
+		inc	bx
+		cmp	al, dh
+		ja	short loc_10F7
+		inc	cx
+
+loc_1109:
+		xchg	ax, cx
+		pop	di
+		pop	si
+		pop	bp
+		retn
+sub_10E9	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: bp-based frame
+
+sub_110E	proc near
+
+var_2		= word ptr -2
+arg_0		= word ptr  4
+arg_2		= word ptr  6
+
+		push	bp
+		mov	bp, sp
+		sub	sp, 2
+		push	si
+		push	di
+		xor	dx, dx
+		mov	ax, [bp+arg_0]
+		mov	[bp+var_2], ax
+
+loc_111E:
+		mov	bx, [bp+var_2]
+		cmp	byte ptr [bx], 0
+		jnz	short loc_112A
+		xor	dx, dx
+		jmp	short loc_1155
+; ---------------------------------------------------------------------------
+
+loc_112A:
+		cmp	dx, 1
+		jnz	short loc_1134
+		mov	dx, 2
+		jmp	short loc_1148
+; ---------------------------------------------------------------------------
+
+loc_1134:
+		mov	bx, [bp+var_2]
+		push	word ptr [bx]
+		call	sub_10E9
+		pop	cx
+		or	ax, ax
+		jz	short loc_1146
+		mov	dx, 1
+		jmp	short loc_1148
+; ---------------------------------------------------------------------------
+
+loc_1146:
+		xor	dx, dx
+
+loc_1148:
+		mov	ax, [bp+var_2]
+		cmp	ax, [bp+arg_2]
+		jnb	short loc_1155
+		inc	[bp+var_2]
+		jmp	short loc_111E
+; ---------------------------------------------------------------------------
+
+loc_1155:
+		or	dx, dx
+		jnz	short loc_115E
+		mov	ax, 1
+		jmp	short loc_1160
+; ---------------------------------------------------------------------------
+
+loc_115E:
+		xor	ax, ax
+
+loc_1160:
+		pop	di
+		pop	si
+		mov	sp, bp
+		pop	bp
+		retn
+sub_110E	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl fflush(FILE *stream)
+_fflush		proc near
+
+var_2		= word ptr -2
+stream		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		sub	sp, 2
+		push	si
+		push	di
+		cmp	[bp+stream], 0
+		jnz	short loc_1179
+		call	_flushall
+		jmp	short loc_11EF
+; ---------------------------------------------------------------------------
+
+loc_1179:
+		mov	bx, [bp+stream]
+		mov	ax, [bx+0Eh]
+		cmp	ax, [bp+stream]
+		jnz	short loc_11EA
+		mov	bx, [bp+stream]
+		cmp	word ptr [bx], 0
+		jl	short loc_11B7
+		test	byte ptr [bx+2], 8
+		jnz	short loc_119D
+		mov	ax, [bp+stream]
+		add	ax, 5
+		cmp	[bx+0Ah], ax
+		jnz	short loc_11EF
+
+loc_119D:
+		mov	bx, [bp+stream]
+		mov	word ptr [bx], 0
+		mov	ax, [bp+stream]
+		add	ax, 5
+		cmp	[bx+0Ah], ax
+		jnz	short loc_11EF
+		mov	ax, [bx+8]
+		mov	[bx+0Ah], ax
+		jmp	short loc_11EF
+; ---------------------------------------------------------------------------
+
+loc_11B7:
+		mov	bx, [bp+stream]
+		mov	ax, [bx+6]
+		add	ax, [bx]
+		inc	ax
+		mov	[bp+var_2], ax
+		sub	[bx], ax
+		push	ax		; len
+		mov	ax, [bx+8]
+		mov	[bx+0Ah], ax
+		push	ax		; buf
+		mov	al, [bx+4]
+		cbw
+		push	ax		; handle
+		call	___write
+		add	sp, 6
+		cmp	ax, [bp+var_2]
+		jz	short loc_11EF
+		mov	bx, [bp+stream]
+		test	byte ptr [bx+3], 2
+		jnz	short loc_11EF
+		or	word ptr [bx+2], 10h
+
+loc_11EA:
+		mov	ax, 0FFFFh
+		jmp	short loc_11F1
+; ---------------------------------------------------------------------------
+
+loc_11EF:
+		xor	ax, ax
+
+loc_11F1:
+		pop	di
+		pop	si
+		mov	sp, bp
+		pop	bp
+		retn
+_fflush		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int flushall(void)
+_flushall	proc near
+
+var_6		= word ptr -6
+var_4		= word ptr -4
+stream		= word ptr -2
+
+		push	bp
+		mov	bp, sp
+		sub	sp, 6
+		push	si
+		push	di
+		mov	[bp+var_6], 0
+		mov	ax, word_1BA2
+		mov	[bp+var_4], ax
+		mov	[bp+stream], offset byte_1A62
+		jmp	short loc_1226
+; ---------------------------------------------------------------------------
+
+loc_1211:
+		mov	bx, [bp+stream]
+		test	byte ptr [bx+2], 3
+		jz	short loc_1222
+		push	bx		; stream
+		call	_fflush
+		pop	cx
+		inc	[bp+var_6]
+
+loc_1222:
+		add	[bp+stream], 10h
+
+loc_1226:
+		mov	ax, [bp+var_4]
+		dec	[bp+var_4]
+		or	ax, ax
+		jnz	short loc_1211
+		mov	ax, [bp+var_6]
+		pop	di
+		pop	si
+		mov	sp, bp
+		pop	bp
+		retn
+_flushall	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+sub_1239	proc near
+
+var_2		= word ptr -2
+arg_0		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		sub	sp, 2
+		push	si
+		push	di
+		mov	bx, [bp+arg_0]
+		cmp	word ptr [bx], 0
+		jge	short loc_1253
+		mov	dx, [bx+6]
+		add	dx, [bx]
+		inc	dx
+		mov	ax, dx
+		jmp	short loc_125F
+; ---------------------------------------------------------------------------
+
+loc_1253:
+		mov	bx, [bp+arg_0]
+		mov	ax, [bx]
+		cwd
+		xor	ax, dx
+		sub	ax, dx
+		mov	dx, ax
+
+loc_125F:
+		mov	[bp+var_2], ax
+		mov	bx, [bp+arg_0]
+		test	byte ptr [bx+2], 40h
+		jnz	short loc_129E
+		mov	bx, [bp+arg_0]
+		mov	cx, [bx+0Ah]
+		cmp	word ptr [bx], 0
+		jge	short loc_1297
+		jmp	short loc_1283
+; ---------------------------------------------------------------------------
+
+loc_1278:
+		dec	cx
+		mov	bx, cx
+		cmp	byte ptr [bx], 0Ah
+		jnz	short loc_1283
+		inc	[bp+var_2]
+
+loc_1283:
+		mov	ax, dx
+		dec	dx
+		or	ax, ax
+		jnz	short loc_1278
+		jmp	short loc_129E
+; ---------------------------------------------------------------------------
+
+loc_128C:
+		mov	bx, cx
+		inc	cx
+		cmp	byte ptr [bx], 0Ah
+		jnz	short loc_1297
+		inc	[bp+var_2]
+
+loc_1297:
+		mov	ax, dx
+		dec	dx
+		or	ax, ax
+		jnz	short loc_128C
+
+loc_129E:
+		mov	ax, [bp+var_2]
+		pop	di
+		pop	si
+		mov	sp, bp
+		pop	bp
+		retn	2
+sub_1239	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl fseek(FILE *stream, __int32 offset, int whence)
+_fseek		proc near
+
+stream		= word ptr  4
+ofs		= dword	ptr  6
+whence		= word ptr  0Ah
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		push	[bp+stream]	; stream
+		call	_fflush
+		pop	cx
+		or	ax, ax
+		jz	short loc_12BE
+		mov	ax, 0FFFFh
+		jmp	short loc_130E
+; ---------------------------------------------------------------------------
+
+loc_12BE:
+		cmp	[bp+whence], 1
+		jnz	short loc_12D7
+		mov	bx, [bp+stream]
+		cmp	word ptr [bx], 0
+		jle	short loc_12D7
+		push	bx
+		call	sub_1239
+		cwd
+		sub	word ptr [bp+ofs], ax
+		sbb	word ptr [bp+ofs+2],	dx
+
+loc_12D7:
+		mov	bx, [bp+stream]
+		and	word ptr [bx+2], 0FE5Fh
+		mov	word ptr [bx], 0
+		mov	ax, [bx+8]
+		mov	[bx+0Ah], ax
+		push	[bp+whence]	; fromwhere
+		push	word ptr [bp+ofs+2]
+		push	word ptr [bp+ofs] ; offset
+		mov	al, [bx+4]
+		cbw
+		push	ax		; handle
+		call	_lseek
+		add	sp, 8
+		cmp	dx, 0FFFFh
+		jnz	short loc_130C
+		cmp	ax, 0FFFFh
+		jnz	short loc_130C
+		mov	ax, 0FFFFh
+		jmp	short loc_130E
+; ---------------------------------------------------------------------------
+
+loc_130C:
+		xor	ax, ax
+
+loc_130E:
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_fseek		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; __int32 __cdecl ftell(FILE *stream)
+_ftell		proc near
+
+var_8		= word ptr -8
+var_6		= word ptr -6
+ofs		= dword	ptr -4
+stream		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		sub	sp, 8
+		push	si
+		push	di
+		mov	ax, 1
+		push	ax		; fromwhere
+		xor	ax, ax
+		push	ax
+		push	ax		; offset
+		mov	bx, [bp+stream]
+		mov	al, [bx+4]
+		cbw
+		push	ax		; handle
+		call	_lseek
+		add	sp, 8
+		mov	word ptr [bp+ofs+2],	dx
+		mov	word ptr [bp+ofs], ax
+		cmp	dx, 0FFFFh
+		jnz	short loc_1343
+		cmp	ax, 0FFFFh
+		jnz	short loc_1343
+		jmp	loc_13D3
+; ---------------------------------------------------------------------------
+
+loc_1343:
+		mov	bx, [bp+stream]
+		cmp	word ptr [bx], 0
+		jge	short loc_13C6
+		mov	al, [bx+4]
+		cbw
+		add	ax, ax
+		mov	bx, ax
+		test	byte ptr (word_1BA4+1)[bx], 8
+		jz	short loc_13B7
+		mov	ax, 2
+		push	ax		; fromwhere
+		xor	ax, ax
+		push	ax
+		push	ax		; offset
+		mov	bx, [bp+stream]
+		mov	al, [bx+4]
+		cbw
+		push	ax		; handle
+		call	_lseek
+		add	sp, 8
+		mov	[bp+var_6], dx
+		mov	[bp+var_8], ax
+		cmp	dx, 0FFFFh
+		jnz	short loc_1382
+		cmp	ax, 0FFFFh
+		jnz	short loc_1382
+		jmp	short loc_13D9
+; ---------------------------------------------------------------------------
+
+loc_1382:
+		xor	ax, ax
+		push	ax		; fromwhere
+		push	word ptr [bp+ofs+2]
+		push	word ptr [bp+ofs] ; offset
+		mov	bx, [bp+stream]
+		mov	al, [bx+4]
+		cbw
+		push	ax		; handle
+		call	_lseek
+		add	sp, 8
+		cmp	dx, 0FFFFh
+		jnz	short loc_13AB
+		cmp	ax, 0FFFFh
+		jnz	short loc_13AB
+		mov	dx, 0FFFFh
+		mov	ax, 0FFFFh
+		jmp	short loc_13D9
+; ---------------------------------------------------------------------------
+
+loc_13AB:
+		mov	dx, [bp+var_6]
+		mov	ax, [bp+var_8]
+		mov	word ptr [bp+ofs+2],	dx
+		mov	word ptr [bp+ofs], ax
+
+loc_13B7:
+		push	[bp+stream]
+		call	sub_1239
+		cwd
+		add	word ptr [bp+ofs], ax
+		adc	word ptr [bp+ofs+2],	dx
+		jmp	short loc_13D3
+; ---------------------------------------------------------------------------
+
+loc_13C6:
+		push	[bp+stream]
+		call	sub_1239
+		cwd
+		sub	word ptr [bp+ofs], ax
+		sbb	word ptr [bp+ofs+2],	dx
+
+loc_13D3:
+		mov	dx, word ptr [bp+ofs+2]
+		mov	ax, word ptr [bp+ofs]
+
+loc_13D9:
+		pop	di
+		pop	si
+		mov	sp, bp
+		pop	bp
+		retn
+_ftell		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl setvbuf(FILE *stream, char *buf, int type, size_t	size)
+_setvbuf	proc near
+
+stream		= word ptr  4
+buf		= word ptr  6
+_type		= word ptr  8
+_size		= word ptr  0Ah
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	bx, [bp+stream]
+		mov	ax, [bx+0Eh]
+		cmp	ax, [bp+stream]
+		jz	short loc_13F2
+		jmp	loc_149D
+; ---------------------------------------------------------------------------
+
+loc_13F2:
+		cmp	[bp+_type], 2
+		jle	short loc_13FB
+		jmp	loc_149D
+; ---------------------------------------------------------------------------
+
+loc_13FB:
+		cmp	[bp+_size], 7FFFh
+		jbe	short loc_1405
+		jmp	loc_149D
+; ---------------------------------------------------------------------------
+
+loc_1405:
+		cmp	word_1C44, 0
+		jnz	short loc_141B
+		cmp	[bp+stream], offset unk_1A72
+		jnz	short loc_141B
+		mov	word_1C44, 1
+		jmp	short loc_142F
+; ---------------------------------------------------------------------------
+
+loc_141B:
+		cmp	word_1C42, 0
+		jnz	short loc_142F
+		cmp	[bp+stream], offset byte_1A62
+		jnz	short loc_142F
+		mov	word_1C42, 1
+
+loc_142F:
+		mov	bx, [bp+stream]
+		cmp	word ptr [bx], 0
+		jz	short loc_1446
+		mov	ax, 1
+		push	ax		; whence
+		xor	ax, ax
+		push	ax
+		push	ax		; offset
+		push	bx		; stream
+		call	_fseek
+		add	sp, 8
+
+loc_1446:
+		mov	bx, [bp+stream]
+		test	byte ptr [bx+2], 4
+		jz	short loc_1456
+		push	word ptr [bx+8]	; block
+		call	_free
+		pop	cx
+
+loc_1456:
+		mov	bx, [bp+stream]
+		and	word ptr [bx+2], 0FFF3h
+		mov	word ptr [bx+6], 0
+		mov	ax, [bp+stream]
+		add	ax, 5
+		mov	[bx+8],	ax
+		mov	[bx+0Ah], ax
+		cmp	[bp+_type], 2
+		jz	short loc_14BE
+		cmp	[bp+_size], 0
+		jbe	short loc_14BE
+		mov	off_1A5C, offset __xfflush
+		cmp	[bp+buf], 0
+		jnz	short loc_14A2
+		push	[bp+_size]	; size
+		call	_malloc
+		pop	cx
+		mov	[bp+buf], ax
+		or	ax, ax
+		jz	short loc_149D
+		mov	bx, [bp+stream]
+		or	word ptr [bx+2], 4
+		jmp	short loc_14A2
+; ---------------------------------------------------------------------------
+
+loc_149D:
+		mov	ax, 0FFFFh
+		jmp	short loc_14C0
+; ---------------------------------------------------------------------------
+
+loc_14A2:
+		mov	bx, [bp+stream]
+		mov	ax, [bp+buf]
+		mov	[bx+0Ah], ax
+		mov	[bx+8],	ax
+		mov	ax, [bp+_size]
+		mov	[bx+6],	ax
+		cmp	[bp+_type], 1
+		jnz	short loc_14BE
+		or	word ptr [bx+2], 8
+
+loc_14BE:
+		xor	ax, ax
+
+loc_14C0:
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_setvbuf	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; size_t __cdecl strlen(const char *s)
+_strlen		proc near
+
+s		= word ptr  4
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	ax, ds
+		mov	es, ax
+		assume es:seg000
+		mov	di, [bp+s]
+		xor	ax, ax
+		cld
+		mov	cx, 0FFFFh
+		repne scasb
+		xchg	ax, cx
+		not	ax
+		dec	ax
+		pop	di
+		pop	si
+		pop	bp
+		retn
+_strlen		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl __write(int handle, void *buf, unsigned int len)
+___write	proc near
+
+var_8A		= byte ptr -8Ah
+var_8		= word ptr -8
+var_5		= byte ptr -5
+var_4		= word ptr -4
+var_2		= word ptr -2
+handle		= word ptr  4
+buf		= word ptr  6
+len		= word ptr  8
+
+		push	bp
+		mov	bp, sp
+		sub	sp, 8Ah
+		push	si
+		push	di
+		mov	ax, [bp+handle]
+		cmp	ax, word_1BA2
+		jb	short loc_14FC
+		mov	ax, 6
+		push	ax
+		call	__IOERROR
+		jmp	loc_15FF
+; ---------------------------------------------------------------------------
+
+loc_14FC:
+		mov	ax, [bp+len]
+		inc	ax
+		cmp	ax, 2
+		jnb	short loc_150A
+		xor	ax, ax
+		jmp	loc_15FF
+; ---------------------------------------------------------------------------
+
+loc_150A:
+		mov	bx, [bp+handle]
+		add	bx, bx
+		test	byte ptr (word_1BA4+1)[bx], 8
+		jz	short loc_1527
+		mov	ax, 2
+		push	ax		; fromwhere
+		xor	ax, ax
+		push	ax
+		push	ax		; offset
+		push	[bp+handle]	; handle
+		call	_lseek
+		add	sp, 8
+
+loc_1527:
+		mov	bx, [bp+handle]
+		add	bx, bx
+		test	byte ptr (word_1BA4+1)[bx], 40h
+		jnz	short loc_1545
+		push	[bp+len]	; len
+		push	[bp+buf]	; buf
+		push	[bp+handle]	; handle
+		call	__rtl_write
+		add	sp, 6
+		jmp	loc_15FF
+; ---------------------------------------------------------------------------
+
+loc_1545:
+		mov	bx, [bp+handle]
+		add	bx, bx
+		and	word_1BA4[bx], 0FDFFh
+		mov	ax, [bp+buf]
+		mov	[bp+var_8], ax
+		mov	ax, [bp+len]
+		mov	[bp+var_4], ax
+		jmp	short loc_15B7
+; ---------------------------------------------------------------------------
+
+loc_155E:
+		dec	[bp+var_4]
+		mov	bx, [bp+var_8]
+		inc	[bp+var_8]
+		mov	al, [bx]
+		mov	[bp+var_5], al
+		cmp	al, 0Ah
+		jnz	short loc_1576
+		mov	bx, cx
+		mov	byte ptr [bx], 0Dh
+		inc	cx
+
+loc_1576:
+		mov	bx, cx
+		mov	al, [bp+var_5]
+		mov	[bx], al
+		inc	cx
+		lea	ax, [bp+var_8A]
+		mov	dx, cx
+		sub	dx, ax
+		cmp	dx, 80h
+		jl	short loc_15BB
+		mov	dx, cx
+		sub	dx, ax
+		mov	[bp+var_2], dx
+		push	dx		; len
+		push	ax		; buf
+		push	[bp+handle]	; handle
+		call	__rtl_write
+		add	sp, 6
+		mov	dx, ax
+		cmp	ax, [bp+var_2]
+		jz	short loc_15B7
+		cmp	dx, 0FFFFh
+		jnz	short loc_15AF
+		mov	ax, 0FFFFh
+		jmp	short loc_15FA
+; ---------------------------------------------------------------------------
+
+loc_15AF:
+		mov	ax, [bp+len]
+		sub	ax, [bp+var_4]
+		jmp	short loc_15F5
+; ---------------------------------------------------------------------------
+
+loc_15B7:
+		lea	cx, [bp+var_8A]
+
+loc_15BB:
+		cmp	[bp+var_4], 0
+		jnz	short loc_155E
+		lea	ax, [bp+var_8A]
+		mov	dx, cx
+		sub	dx, ax
+		mov	[bp+var_2], dx
+		mov	ax, dx
+		or	ax, ax
+		jbe	short loc_15FC
+		push	dx		; len
+		lea	ax, [bp+var_8A]
+		push	ax		; buf
+		push	[bp+handle]	; handle
+		call	__rtl_write
+		add	sp, 6
+		mov	dx, ax
+		cmp	ax, [bp+var_2]
+		jz	short loc_15FC
+		cmp	dx, 0FFFFh
+		jnz	short loc_15F2
+		mov	ax, 0FFFFh
+		jmp	short loc_15FA
+; ---------------------------------------------------------------------------
+
+loc_15F2:
+		mov	ax, [bp+len]
+
+loc_15F5:
+		add	ax, dx
+		sub	ax, [bp+var_2]
+
+loc_15FA:
+		jmp	short loc_15FF
+; ---------------------------------------------------------------------------
+
+loc_15FC:
+		mov	ax, [bp+len]
+
+loc_15FF:
+		pop	di
+		pop	si
+		mov	sp, bp
+		pop	bp
+		retn
+___write	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl _rtl_write(int handle, const void	*buf, unsigned int len)
+__rtl_write	proc near
+
+handle		= word ptr  4
+buf		= word ptr  6
+len		= word ptr  8
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		mov	bx, [bp+handle]
+		add	bx, bx
+		test	byte ptr word_1BA4[bx],	1
+		jz	short loc_161C
+		mov	ax, 5
+		push	ax
+		jmp	short loc_163B
+; ---------------------------------------------------------------------------
+
+loc_161C:
+		mov	ah, 40h
+		mov	bx, [bp+handle]
+		mov	cx, [bp+len]
+		mov	dx, [bp+buf]
+		int	21h		; DOS -	2+ - WRITE TO FILE WITH	HANDLE
+					; BX = file handle, CX = number	of bytes to write, DS:DX -> buffer
+		jb	short loc_163A
+		push	ax
+		mov	bx, [bp+handle]
+		add	bx, bx
+		or	word_1BA4[bx], 1000h
+		pop	ax
+		jmp	short loc_163E
+; ---------------------------------------------------------------------------
+
+loc_163A:
+		push	ax
+
+loc_163B:
+		call	__IOERROR
+
+loc_163E:
+		pop	di
+		pop	si
+		pop	bp
+		retn
+__rtl_write	endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+; int __cdecl _write(int handle, const void *buf, unsigned int len)
+__write		proc near
+
+handle		= word ptr  4
+buf		= word ptr  6
+len		= word ptr  8
+
+		push	bp
+		mov	bp, sp
+		push	si
+		push	di
+		push	[bp+len]	; len
+		push	[bp+buf]	; buf
+		push	[bp+handle]	; handle
+		call	__rtl_write
+		add	sp, 6
+		pop	di
+		pop	si
+		pop	bp
+		retn
+__write		endp
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+; Attributes: library function bp-based	frame
+
+__xfflush	proc near
+
+var_4		= word ptr -4
+stream		= word ptr -2
+
+		push	bp
+		mov	bp, sp
+		sub	sp, 4
+		push	si
+		push	di
+		mov	[bp+var_4], 4
+		mov	[bp+stream], offset byte_1A62
+		jmp	short loc_1683
+; ---------------------------------------------------------------------------
+
+loc_166E:
+		mov	bx, [bp+stream]
+		test	byte ptr [bx+2], 3
+		jz	short loc_167C
+		push	bx		; stream
+		call	_fflush
+		pop	cx
+
+loc_167C:
+		dec	[bp+var_4]
+		add	[bp+stream], 10h
+
+loc_1683:
+		cmp	[bp+var_4], 0
+		jnz	short loc_166E
+		pop	di
+		pop	si
+		mov	sp, bp
+		pop	bp
+		retn
+__xfflush	endp
+
+; ---------------------------------------------------------------------------
+byte_168F	db 2 dup(0)
+
+; =============== S U B	R O U T	I N E =======================================
+
+; BCC v4.x/5.x DOS runtime
+; Attributes: library function
+
+unknown_libname_1 proc near
+
+; FUNCTION CHUNK AT 1777 SIZE 00000059 BYTES
+
+		pop	word_1C4C
+		pop	word_1C4E
+		pop	word_1C50
+		mov	word ptr cs:byte_168F, ds
+		mov	word_1C52, si
+		mov	word_1C54, di
+		cld
+		mov	es, word_1826
+		assume es:nothing
+		mov	si, 80h
+		xor	ah, ah
+		lods	byte ptr es:[si]
+		inc	ax
+		mov	bp, es
+		xchg	dx, si
+		xchg	ax, bx
+		mov	si, word_1820
+		inc	si
+		inc	si
+		mov	cx, 1
+		cmp	byte ptr word_1828, 3
+		jb	short loc_16DD
+		mov	es, word_1822
+		mov	di, si
+		mov	cl, 7Fh
+		xor	al, al
+		repne scasb
+		jcxz	short loc_1724
+		xor	cl, 7Fh
+
+loc_16DD:
+		push	ax
+		mov	ax, cx
+		add	ax, bx
+		inc	ax
+		and	ax, 0FFFEh
+		mov	di, sp
+		sub	di, ax
+		jb	short loc_1724
+		mov	sp, di
+		push	es
+		pop	ds
+		push	ss
+		pop	es
+		push	cx
+		dec	cx
+		rep movsb
+		xor	al, al
+		stosb
+		mov	ds, bp
+		xchg	si, dx
+		xchg	bx, cx
+		mov	ax, bx
+		mov	dx, ax
+		inc	bx
+
+loc_1704:
+		call	sub_1727
+		ja	short loc_1714
+
+loc_1709:
+		jb	short loc_1777
+		cmp	al, 0Dh
+		jz	short loc_1720
+		call	sub_1727
+		ja	short loc_1709
+
+loc_1714:
+		cmp	al, 20h
+		jz	short loc_1720
+		cmp	al, 0Dh
+		jz	short loc_1720
+		cmp	al, 9
+		jnz	short loc_1704
+
+loc_1720:
+		xor	al, al
+		jmp	short loc_1704
+; ---------------------------------------------------------------------------
+
+loc_1724:
+		jmp	sub_B64
+unknown_libname_1 endp ; sp-analysis failed
+
+
+; =============== S U B	R O U T	I N E =======================================
+
+
+sub_1727	proc near
+		or	ax, ax
+		jz	short loc_1732
+		inc	dx
+		stosb
+		or	al, al
+		jnz	short loc_1732
+		inc	bx
+
+loc_1732:
+		xchg	ah, al
+		xor	al, al
+		stc
+		jcxz	short locret_1776
+		lodsb
+		dec	cx
+		cmp	dh, 1
+		jz	short loc_175C
+		xor	dh, dh
+		push	ax
+		push	bx
+		push	cx
+		push	dx
+		push	ds
+		push	es
+		mov	ds, word ptr cs:byte_168F
+		push	ax
+		call	sub_10E9
+		or	ax, ax
+		pop	cx
+		pop	es
+		pop	ds
+		pop	dx
+		pop	cx
+		pop	bx
+		pop	ax
+		jz	short loc_175E
+
+loc_175C:
+		inc	dh
+
+loc_175E:
+		cmp	dh, 0
+		jnz	short loc_1774
+		sub	al, 22h
+		jz	short locret_1776
+		add	al, 22h
+		cmp	al, 5Ch
+		jnz	short loc_1774
+		cmp	byte ptr [si], 22h
+		jnz	short loc_1774
+		lodsb
+		dec	cx
+
+loc_1774:
+		or	si, si
+
+locret_1776:
+		retn
+sub_1727	endp
+
+; ---------------------------------------------------------------------------
+; START	OF FUNCTION CHUNK FOR unknown_libname_1
+
+loc_1777:
+		pop	cx
+		xor	dh, dh
+		add	cx, dx
+		mov	ds, word ptr cs:byte_168F
+		mov	word_1C48, bx
+		inc	bx
+		add	bx, bx
+		mov	si, sp
+		mov	bp, sp
+		sub	bp, bx
+		jb	short loc_1724
+		mov	sp, bp
+		mov	word_1C4A, bp
+
+loc_1796:
+		jcxz	short loc_17A6
+		mov	[bp+0],	si
+		add	bp, 2
+
+loc_179E:
+		lods	byte ptr ss:[si]
+		or	al, al
+		loopne	loc_179E
+		jz	short loc_1796
+
+loc_17A6:
+		xor	ax, ax
+		mov	[bp+0],	ax
+		mov	ds, word ptr cs:byte_168F
+		mov	si, word_1C52
+		mov	di, word_1C54
+		push	word_1C50
+		push	word_1C4E
+		mov	ax, word_1C48
+		mov	argc, ax
+		mov	ax, word_1C4A
+		mov	argv, ax
+		jmp	word_1C4C
+; END OF FUNCTION CHUNK	FOR unknown_libname_1
+; ---------------------------------------------------------------------------
+aBorlandCCopyri	db 'Borland C++ - Copyright 1993 Borland Intl.',0
+aDivideError	db 'Divide error',0Dh,0Ah,0
+dword_180A	dd 0
+dword_180E	dd 0
+dword_1812	dd 0
+dword_1816	dd 0
+; int argc
+argc		dw 0
+; char **argv
+argv		dw 0
+; char **envp
+envp		dw 0
+word_1820	dw 0
+word_1822	dw 0
+word_1824	dw 0
+word_1826	dw 0
+word_1828	dw 0
+word_182A	dw 0
+		db 0FFh
+		db 0FFh
+		dw offset edata@
+off_1830	dw offset edata@
+		db 0
+		db    0
+word_1834	dw 0
+		db 0
+		db    0
+word_1838	dw 0
+		db 0
+		db    0
+word_183C	dw 0
+byte_183E	db 0
+unk_183F	db    1
+		db    1
+		db    3
+		db    2
+		db    0
+aHuuma_cfg	db 'huuma.cfg',0
+aMikoconfig	db 'MIKOConfig',0
+aUmx		db 0Ah
+		db 0Ah
+		db '東方封魔録用　 常駐プログラム　ZUN_RES.com Version1.01       (c)zun 1997',0Ah,0
+aGngcgxgrgagtg@	db 'ハイスコアファイルがおかしいの、もう一度実行してね。',0Ah,0
+aVavVBavVVvvVV	db 'わたし、まだいませんよぉ',0Ah
+		db 0Ah,0
+aVVcvVcbavVIqvj	db 'さよなら、また会えたらいいな',0Ah
+		db 0Ah,0
+aVV		db 'そんなオプション付けられても、困るんですけど',0Ah
+		db 0Ah,0
+aVavVBavVVVvvVV	db 'わたし、すでにいますよぉ',0Ah
+		db 0Ah,0
+aNVVVV		db '作れません、わたしの居場所がないの！',0Ah
+		db 0Ah,0
+aVVVVBavcvivVnv	db 'それでは、よろしくお願いします',0Ah
+		db 0Ah,0
+		db    0
+off_19A8	dw offset aHuuhi_dat
+					; "huuhi.dat"
+byte_19AA	db 0
+byte_19AB	db 0
+		db 0
+word_19AD	dw 0
+word_19AF	dw 0
+word_19B1	dw 0
+word_19B3	dw 0
+aHuuhi_dat	db 'huuhi.dat',0
+		db 0
+aMasters_libVer	db 'MASTERS.LIB Version 0.23 Copyright (c)1995 A.Koizuka,Kazumi,steelman,iR,All rights reserved.',0
+		db 0
+word_1A1E	dw 0A800h
+word_1A20	dw 3E80h
+		db 90h
+		db 1
+		db 50h
+		db 0
+		db 0
+		db 0
+		dw 55h
+aPal98Grb	db 'pal98 grb',0
+word_1A34	dw 0
+word_1A36	dw 0FFFFh
+byte_1A38	db 0
+		db 0
+aAbnormalProgra	db 'Abnormal program termination',0Dh,0Ah,0
+		db 0
+word_1A5A	dw 0
+off_1A5C	dw offset sub_BC0
+off_1A5E	dw offset sub_BC0
+off_1A60	dw offset sub_BC0
+byte_1A62	db 0
+		db    0
+word_1A64	dw 209h
+byte_1A66	db 0
+		db 0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+off_1A70	dw offset byte_1A62
+unk_1A72	db    0
+		db    0
+word_1A74	dw 20Ah
+byte_1A76	db 1
+		db 0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		dw offset unk_1A72
+unk_1A82	db    0
+		db    0
+		db    2
+		db    2
+byte_1A86	db 2
+		db 0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		dw offset unk_1A82
+unk_1A92	db    0
+		db    0
+		db  43h	; C
+		db    2
+		db    3
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		dw offset unk_1A92
+unk_1AA2	db    0
+		db    0
+		db  42h	; B
+		db    2
+		db    4
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		dw offset unk_1AA2
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+word_1BA2	dw 14h
+word_1BA4	dw 6001h
+		dw 6002h
+		dw 6002h
+		dw 0A004h
+		dw 0A002h
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+		db    0
+word_1BCC	dw 0
+word_1BCE	dw 0
+byte_1BD0	db 0
+		db  13h
+		db    2
+		db    2
+		db    4
+		db    5
+		db    6
+		db    8
+		db    8
+		db    8
+		db  14h
+		db  15h
+		db    5
+		db  13h
+		db  0Eh
+		db    5
+		db    5
+		db  11h
+		db    2
+		db  1Eh
+		db  29h	; )
+		db  2Ch	; ,
+		db  28h	; (
+		db  28h	; (
+		db  28h	; (
+		db  28h	; (
+		db  28h	; (
+		db  29h	; )
+		db  2Ch	; ,
+		db  28h	; (
+		db  28h	; (
+		db  28h	; (
+		db    5
+		db    5
+		db  29h	; )
+		db  17h
+		db  17h
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Fh
+		db  2Ch	; ,
+		db  23h	; #
+		db    2
+		db  2Ch	; ,
+		db  0Fh
+		db  2Ah	; *
+		db  28h	; (
+		db  28h	; (
+		db  28h	; (
+		db  13h
+		db  1Bh
+		db  1Ch
+		db    2
+		db    2
+		db    5
+		db  0Fh
+		db    2
+		db  17h
+		db  28h	; (
+		db  2Ah	; *
+		db  13h
+		db  2Ah	; *
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  0Eh
+		db  23h	; #
+		db  0Eh
+		db  1Ch
+		db  28h	; (
+		db  17h
+		db  23h	; #
+		db  25h	; %
+		db  13h
+		db  28h	; (
+		db    0
+word_1C2A	dw 1000h
+word_1C2C	dw 0
+word_1C2E	dw 0
+word_1C30	dw 0
+dword_1C32	dd 0
+byte_1C36	db 0Ch dup(0)
+word_1C42	dw 0
+word_1C44	dw 0
+word_1C46	dw 30h
+word_1C48	dw 0
+word_1C4A	dw 0
+word_1C4C	dw 0
+word_1C4E	dw 0
+word_1C50	dw 0
+word_1C52	dw 0
+word_1C54	dw 0
+InitStart	db    0
+		db    2
+		dw offset __setupio
+		db    0
+		db    0
+		db    0
+		db  0Fh
+		dw offset sub_10A1
+		db    0
+		db    0
+		db    0
+		db  10h
+		dw offset unknown_libname_1 ; BCC v4.x/5.x DOS runtime
+		db    ?	;
+		db    ?	;
+bdata@		db ?
+		db    ?	;
+word_1C6A	dw ?
+word_1C6C	dw ?
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+unk_1C92	db    ?	;
+		db    ?	;
+unk_1C94	db    ?	;
+		db    ?	;
+byte_1C96	db ?
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+unk_1CDC	db    ?	;
+byte_1CDD	db ?
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+unk_1CE7	db    ?	;
+word_1CE8	dw ?
+byte_1CEA	db ?
+byte_1CEB	db ?
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+byte_1D10	db ?
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+unk_1D1A	db    ?	;
+		db    ?	;
+unk_1D1C	db    ?	;
+		db    ?	;
+unk_1D1E	db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+unk_1D24	db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+unk_1D28	db    ?	;
+		db    ?	;
+unk_1D2A	db    ?	;
+		db    ?	;
+unk_1D2C	db    ?	;
+		db    ?	;
+unk_1D2E	db    ?	;
+		db    ?	;
+unk_1D30	db    ?	;
+		db    ?	;
+unk_1D32	db    ?	;
+		db    ?	;
+word_1D34	dw ?
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+		db    ?	;
+edata@		db ?
+seg000		ends
+
+
+		end start