Rybka 1.0 vs. Strelka

Discussion of anything and everything relating to chess playing software and machines.

Moderator: Ras

chrisw

Re: Rybka 1.0 vs. Strelka

Post by chrisw »

Terry McCracken wrote:
Zach Wegner wrote:The topic came up in another thread about the issue of comparing Strelka to Fruit vs. comparing Rybka 1.0 to Fruit. I am doing some disassembling of Rybka 1.0, so I will post the assembly that is equivalent to the last piece of code I had in Fruit. Just to let you know, this is by no means complete. I have filled in most of the function names and some of the variable names, but there is a lot left to do. This is just the result of a few day's work, more will come later.

Code: Select all

.text:0040BCA0 start_search    proc near               ; CODE XREF:
start_go+35F p
.text:0040BCA0
.text:0040BCA0 var_44C         = dword ptr -44Ch
.text:0040BCA0 var_440         = dword ptr -440h
.text:0040BCA0 undo            = dword ptr -40h
.text:0040BCA0 var_8           = dword ptr -8
.text:0040BCA0 num_moves       = dword ptr -4
.text:0040BCA0
.text:0040BCA0                 push    ebp
.text:0040BCA1                 mov     ebp, esp
.text:0040BCA3                 sub     esp, 440h
.text:0040BCA9                 push    ebx
.text:0040BCAA                 push    esi
.text:0040BCAB                 push    edi
.text:0040BCAC                 push    offset dword_669C60
.text:0040BCB1                 mov     dword_667A0C, -500
.text:0040BCBB                 mov     dword_667A10, 500
.text:0040BCC5                 call    evaluate
.text:0040BCCA                 add     esp, 4
.text:0040BCCD                 test    al, al
.text:0040BCCF                 jz      short loc_40BD25
.text:0040BCD1                 mov     ecx, dword_669C6C
.text:0040BCD7                 mov     eax, dword_669C68
.text:0040BCDC                 not     ecx
.text:0040BCDE                 push    ecx
.text:0040BCDF                 not     eax
.text:0040BCE1                 push    eax
.text:0040BCE2                 push    offset list_root
.text:0040BCE7                 call    gen_evasions
.text:0040BCEC                 mov     ecx, list_root
.text:0040BCF2                 add     esp, 12
.text:0040BCF5                 xor     eax, eax
.text:0040BCF7                 test    ecx, ecx
.text:0040BCF9                 jz      short loc_40BD15
.text:0040BCFB                 jmp     short loc_40BD00
.text:0040BCFB ;
---------------------------------------------------------------------------
.text:0040BCFD                 align 10h
.text:0040BD00
.text:0040BD00 loc_40BD00:                             ; CODE XREF:
start_search+5B j
.text:0040BD00                                         ; start_search+73 j
.text:0040BD00                 mov     list_root[eax*4], ecx
.text:0040BD07                 mov     ecx, dword_66BC78[eax*8]
.text:0040BD0E                 add     eax, 1
.text:0040BD11                 test    ecx, ecx
.text:0040BD13                 jnz     short loc_40BD00
.text:0040BD15
.text:0040BD15 loc_40BD15:                             ; CODE XREF:
start_search+59 j
.text:0040BD15                 mov     list_root[eax*4], 0
.text:0040BD20                 jmp     loc_40BDC2
.text:0040BD25 ;
---------------------------------------------------------------------------
.text:0040BD25
.text:0040BD25 loc_40BD25:                             ; CODE XREF:
start_search+2F j
.text:0040BD25                 mov     edx, dword_667B9C
.text:0040BD2B                 mov     eax, dword_667B98
.text:0040BD30                 mov     ecx, dword_667B94
.text:0040BD36                 push    edx
.text:0040BD37                 mov     edx, dword_667B90
.text:0040BD3D                 push    eax
.text:0040BD3E                 push    ecx
.text:0040BD3F                 push    edx
.text:0040BD40                 push    offset dword_66C070
.text:0040BD45                 mov     eax, offset list_root
.text:0040BD4A                 call    gen_captures
.text:0040BD4F                 xor     esi, esi
.text:0040BD51                 add     esp, 20
.text:0040BD54                 cmp     list_root, esi
.text:0040BD5A                 jz      short loc_40BD6D
.text:0040BD5C                 lea     esp, [esp+0]
.text:0040BD60
.text:0040BD60 loc_40BD60:                             ; CODE XREF:
start_search+CB j
.text:0040BD60                 add     esi, 1
.text:0040BD63                 cmp     list_root[esi*4], 0
.text:0040BD6B                 jnz     short loc_40BD60
.text:0040BD6D
.text:0040BD6D loc_40BD6D:                             ; CODE XREF:
start_search+BA j
.text:0040BD6D                 mov     eax, dword_669C6C
.text:0040BD72                 mov     ecx, dword_669C68
.text:0040BD78                 push    -1
.text:0040BD7A                 push    -1
.text:0040BD7C                 push    -1
.text:0040BD7E                 push    eax
.text:0040BD7F                 push    ecx
.text:0040BD80                 lea     edx, [ebp+var_440]
.text:0040BD86                 push    edx
.text:0040BD87                 call    gen_quiet_moves
.text:0040BD8C                 mov     eax, [ebp+var_440]
.text:0040BD92                 add     esp, 24
.text:0040BD95                 xor     ecx, ecx
.text:0040BD97                 test    eax, eax
.text:0040BD99                 jz      short loc_40BDB5
.text:0040BD9B                 lea     edx, ds:66BC70h[esi*4]
.text:0040BDA2
.text:0040BDA2 loc_40BDA2:                             ; CODE XREF:
start_search+113 j
.text:0040BDA2                 add     ecx, 1
.text:0040BDA5                 mov     [edx], eax
.text:0040BDA7                 mov     eax, [ebp+ecx*4+var_440]
.text:0040BDAE                 add     edx, 4
.text:0040BDB1                 test    eax, eax
.text:0040BDB3                 jnz     short loc_40BDA2
.text:0040BDB5
.text:0040BDB5 loc_40BDB5:                             ; CODE XREF:
start_search+F9 j
.text:0040BDB5                 add     ecx, esi
.text:0040BDB7                 mov     list_root[ecx*4], 0
.text:0040BDC2
.text:0040BDC2 loc_40BDC2:                             ; CODE XREF:
start_search+80 j
.text:0040BDC2                 mov     esi, list_root
.text:0040BDC8                 xor     edi, edi
.text:0040BDCA                 test    esi, esi
.text:0040BDCC                 mov     [ebp+num_moves], edi
.text:0040BDCF                 jz      short loc_40BE4C
.text:0040BDD1                 mov     [ebp+num_moves], offset list_root
.text:0040BDD8
.text:0040BDD8 loc_40BDD8:                             ; CODE XREF:
start_search+1A7 j
.text:0040BDD8                 lea     eax, [ebp+undo]
.text:0040BDDB                 push    eax
.text:0040BDDC                 push    esi
.text:0040BDDD                 call    make_move
.text:0040BDE2                 push    offset pos_info_entry
.text:0040BDE7                 call    evaluate
.text:0040BDEC                 mov     ecx, dword_667C20
.text:0040BDF2                 lea     edx, ds:0[ecx*8]
.text:0040BDF9                 mov     ecx, offset dword_667BF8
.text:0040BDFE                 sub     ecx, edx
.text:0040BE00                 mov     eax, [ecx]
.text:0040BE02                 mov     ecx, [ecx+4]
.text:0040BE05                 and     eax, pos_info_entry
.text:0040BE0B                 and     ecx, dword_669C84
.text:0040BE11                 add     esp, 0Ch
.text:0040BE14                 or      eax, ecx
.text:0040BE16                 jnz     short loc_40BE1C
.text:0040BE18                 mov     bl, 1
.text:0040BE1A                 jmp     short loc_40BE1E
.text:0040BE1C ;
---------------------------------------------------------------------------
.text:0040BE1C
.text:0040BE1C loc_40BE1C:                             ; CODE XREF:
start_search+176 j
.text:0040BE1C                 xor     bl, bl
.text:0040BE1E
.text:0040BE1E loc_40BE1E:                             ; CODE XREF:
start_search+17A j
.text:0040BE1E                 lea     eax, [ebp+undo]
.text:0040BE21                 push    eax
.text:0040BE22                 push    esi
.text:0040BE23                 call    unmake_move
.text:0040BE28                 add     esp, 8
.text:0040BE2B                 test    bl, bl
.text:0040BE2D                 jz      short loc_40BE39
.text:0040BE2F                 mov     list_root[edi*4], esi
.text:0040BE36                 add     edi, 1          ; num_moves++
.text:0040BE39
.text:0040BE39 loc_40BE39:                             ; CODE XREF:
start_search+18D j
.text:0040BE39                 mov     eax, [ebp+num_moves]
.text:0040BE3C                 mov     esi, [eax+4]
.text:0040BE3F                 add     eax, 4          ; i++
.text:0040BE42                 test    esi, esi        ; list_root[i].move!=0
.text:0040BE44                 mov     [ebp+num_moves], eax
.text:0040BE47                 jnz     short loc_40BDD8
.text:0040BE49                 mov     [ebp+num_moves], edi
.text:0040BE4C
.text:0040BE4C loc_40BE4C:                             ; CODE XREF:
start_search+12F j
.text:0040BE4C                 xor     esi, esi
.text:0040BE4E                 cmp     edi, 1          ; if (num_moves <= 1)
.text:0040BE51                 mov     list_root[edi*4], esi ;
list_root[num_moves].move = 0
.text:0040BE58                 ja      short loc_40BE64
.text:0040BE5A                 mov     G_max_depth, 4  ; max_depth = 4;
.text:0040BE64
.text:0040BE64 loc_40BE64:                             ; CODE XREF:
start_search+1B8 j
.text:0040BE64                 push    esi
.text:0040BE65                 push    offset dword_667A28
.text:0040BE6A                 call    setjmp
.text:0040BE6F                 add     esp, 8
.text:0040BE72                 test    eax, eax        ; if
(setjmp(jmp_buffer) != 0) return;
.text:0040BE74                 jz      short loc_40BE87
.text:0040BE76                 mov     eax, offset byte_664E08
.text:0040BE7B                 call    sub_4092E0
.text:0040BE80                 pop     edi
.text:0040BE81                 pop     esi
.text:0040BE82                 pop     ebx
.text:0040BE83                 mov     esp, ebp
.text:0040BE85                 pop     ebp
.text:0040BE86                 retn
.text:0040BE87 ;
---------------------------------------------------------------------------
.text:0040BE87
.text:0040BE87 loc_40BE87:                             ; CODE XREF:
start_search+1D4 j
.text:0040BE87                 call    ds:GetTickCount  ; start_timer
.text:0040BE8D                 mov     start_time, eax
.text:0040BE92                 mov     eax, dword_66C490
.text:0040BE97                 add     eax, 1          ; All of this
stuff is trans_inc_date
.text:0040BE9A                 and     eax, 3
.text:0040BE9D                 mov     ecx, eax
.text:0040BE9F                 cmp     ecx, esi
.text:0040BEA1                 mov     dword_66C490, eax
.text:0040BEA6                 jge     short loc_40BEAB
.text:0040BEA8                 add     ecx, 4
.text:0040BEAB
.text:0040BEAB loc_40BEAB:                             ; CODE XREF:
start_search+206 j
.text:0040BEAB                 add     ecx, 1
.text:0040BEAE                 shl     ecx, 8
.text:0040BEB1                 mov     dword_66C498, ecx
.text:0040BEB7                 lea     ecx, [eax-1]
.text:0040BEBA                 cmp     ecx, esi
.text:0040BEBC                 jge     short loc_40BEC1
.text:0040BEBE                 add     ecx, 4
.text:0040BEC1
.text:0040BEC1 loc_40BEC1:                             ; CODE XREF:
start_search+21C j
.text:0040BEC1                 add     ecx, 1
.text:0040BEC4                 shl     ecx, 8
.text:0040BEC7                 mov     dword_66C49C, ecx
.text:0040BECD                 lea     ecx, [eax-2]
.text:0040BED0                 cmp     ecx, esi
.text:0040BED2                 jge     short loc_40BED7
.text:0040BED4                 add     ecx, 4
.text:0040BED7
.text:0040BED7 loc_40BED7:                             ; CODE XREF:
start_search+232 j
.text:0040BED7                 add     ecx, 1
.text:0040BEDA                 shl     ecx, 8
.text:0040BEDD                 add     eax, -3
.text:0040BEE0                 cmp     eax, esi
.text:0040BEE2                 mov     dword_66C4A0, ecx
.text:0040BEE8                 jge     short loc_40BEED
.text:0040BEEA                 add     eax, 4
.text:0040BEED
.text:0040BEED loc_40BEED:                             ; CODE XREF:
start_search+248 j
.text:0040BEED                 add     eax, 1
.text:0040BEF0                 shl     eax, 8
.text:0040BEF3                 mov     dword_66C4A4, eax
.text:0040BEF8                 xor     eax, eax
.text:0040BEFA                 lea     ebx, [ebx+0]
.text:0040BF00
.text:0040BF00 loc_40BF00:                             ; CODE XREF:
start_search+274 j
.text:0040BF00                 mov     killer1[eax], esi ; (Pos_info + i)->killer1 = 0;
.text:0040BF06                 mov     killer2[eax], esi ; (Pos_info + i)->killer2 = 0;
.text:0040BF0C                 add     eax, 32
.text:0040BF0F                 cmp     eax, 8192
.text:0040BF14                 jb      short loc_40BF00
.text:0040BF16                 mov     eax, 256
.text:0040BF1B                 mov     ecx, 768
.text:0040BF20                 mov     edi, offset History
.text:0040BF25                 rep stosd               ;
memset(History, 256, 12 * 64 * sizeof(int));
.text:0040BF27                 mov     eax, dword_667C40
.text:0040BF2C                 and     eax, dword_66C488
.text:0040BF32                 mov     ecx, dword_667C44
.text:0040BF38                 shl     eax, 4
.text:0040BF3B                 add     eax, dword_66C480
.text:0040BF41                 cmp     [eax], ecx
.text:0040BF43                 jnz     short loc_40BF4F
.text:0040BF45                 movzx   edx, word ptr [eax+4]
.text:0040BF49                 mov     dword_66C478, edx
.text:0040BF4F
.text:0040BF4F loc_40BF4F:                             ; CODE XREF:
start_search+2A3 j
.text:0040BF4F                 cmp     [eax+10h], ecx
.text:0040BF52                 jnz     short loc_40BF5E
.text:0040BF54                 movzx   edx, word ptr [eax+14h]
.text:0040BF58                 mov     dword_66C478, edx
.text:0040BF5E
.text:0040BF5E loc_40BF5E:                             ; CODE XREF:
start_search+2B2 j
.text:0040BF5E                 cmp     [eax+20h], ecx
.text:0040BF61                 jnz     short loc_40BF6D
.text:0040BF63                 movzx   edx, word ptr [eax+24h]
.text:0040BF67                 mov     dword_66C478, edx
.text:0040BF6D
.text:0040BF6D loc_40BF6D:                             ; CODE XREF:
start_search+2C1 j
.text:0040BF6D                 cmp     [eax+30h], ecx
.text:0040BF70                 jnz     short loc_40BF7B
.text:0040BF72                 movzx   eax, word ptr [eax+34h]
.text:0040BF76                 mov     dword_66C478, eax
.text:0040BF7B
.text:0040BF7B loc_40BF7B:                             ; CODE XREF:
start_search+2D0 j
.text:0040BF7B                 mov     eax, [ebp+num_moves]
.text:0040BF7E                 cmp     eax, 2
.text:0040BF81                 jb      loc_40C039
.text:0040BF87                 add     eax, -1
.text:0040BF8A                 mov     [ebp+var_8], eax
.text:0040BF8D                 js      loc_40C039
.text:0040BF93
.text:0040BF93 loc_40BF93:                             ; CODE XREF:
start_search+393 j
.text:0040BF93                 lea     ebx, ds:0[eax*4]
.text:0040BF9A                 mov     edi, list_root[ebx]
.text:0040BFA0                 cmp     edi, dword_66C478
.text:0040BFA6                 lea     edx, dword_66C074[ebx]
.text:0040BFAC                 jnz     short loc_40BFB5
.text:0040BFAE                 mov     ecx, 7FFFFFFFh
.text:0040BFB3                 jmp     short loc_40BFE1
.text:0040BFB5 ;
---------------------------------------------------------------------------
.text:0040BFB5
.text:0040BFB5 loc_40BFB5:                             ; CODE XREF:
start_search+30C j
.text:0040BFB5                 mov     ecx, edi
.text:0040BFB7                 and     ecx, 63
.text:0040BFBA                 mov     ecx, dword_667A90[ecx*4]
.text:0040BFC1                 test    ecx, ecx
.text:0040BFC3                 jz      short loc_40BFDF
.text:0040BFC5                 mov     esi, edi
.text:0040BFC7                 shr     esi, 6
.text:0040BFCA                 and     esi, 63
.text:0040BFCD                 shl     ecx, 4
.text:0040BFD0                 sub     ecx, dword_667A90[esi*4]
.text:0040BFD7                 add     ecx, 2147483391
.text:0040BFDD                 jmp     short loc_40BFE1
.text:0040BFDF ;
---------------------------------------------------------------------------
.text:0040BFDF
.text:0040BFDF loc_40BFDF:                             ; CODE XREF:
start_search+323 j
.text:0040BFDF                 xor     ecx, ecx
.text:0040BFE1
.text:0040BFE1 loc_40BFE1:                             ; CODE XREF:
start_search+313 j
.text:0040BFE1                                         ; start_search+33D j
.text:0040BFE1                 cmp     ecx, [edx]
.text:0040BFE3                 mov     esi, eax
.text:0040BFE5                 jnb     short loc_40C01F
.text:0040BFE7                 mov     eax, ebx
.text:0040BFE9                 lea     esp, [esp+0]
.text:0040BFF0
.text:0040BFF0 loc_40BFF0:                             ; CODE XREF:
start_search+37A j
.text:0040BFF0                 mov     ebx, dword_66BC74[eax]
.text:0040BFF6                 mov     edx, [edx]
.text:0040BFF8                 mov     list_root[eax], ebx
.text:0040BFFE                 mov     dword_66C070[eax], edx
.text:0040C004                 add     esi, 1
.text:0040C007                 lea     eax, ds:0[esi*4]
.text:0040C00E                 cmp     ecx, dword_66C074[eax]
.text:0040C014                 lea     edx, dword_66C074[eax]
.text:0040C01A                 jb      short loc_40BFF0
.text:0040C01C                 mov     eax, [ebp+var_8]
.text:0040C01F
.text:0040C01F loc_40C01F:                             ; CODE XREF:
start_search+345 j
.text:0040C01F                 sub     eax, 1
.text:0040C022                 mov     list_root[esi*4], edi
.text:0040C029                 mov     dword_66C070[esi*4], ecx
.text:0040C030                 mov     [ebp+var_8], eax
.text:0040C033                 jns     loc_40BF93
.text:0040C039
.text:0040C039 loc_40C039:                             ; CODE XREF:
start_search+2E1 j
.text:0040C039                                         ; start_search+2ED j
The interesting thing that I found is that for this piece of code, Rybka 1.0 is more similar to Fruit than Strelka. Here are the differences:
--Setjmp is called after the move generation, as in Fruit
--Something very strange: whereas in Strelka a failed setjmp call simply results in a return, in Rybka 1.0 it involves a function call, like in Fruit (there it is search_update_current()). The weird part is, it appears to be calling parse_position(). That is what the "call sub_4092E0" is for. Why would Rybka 1.0 be parsing the position after a setjmp call?
--The timer is started after the setjmp call
--depth is limited to 4 when there's only 1 legal move (commented out in Strelka, as noted in the other thread).
--I noted earlier that the history initialization was different. Strelka and Rybka 1.0 are the same here, using memset(History, 256, 12 * 64 * sizeof(int)); But what I didn't notice is, 256 is out of range for an unsigned char. So that code is the same as Fruit's memset(History, 0, 12 * 64 * sizeof(int)); Why would Rybka 1.0 have 256? Is it the optimizer gone wild, or a deliberate attempt at obfuscation?
Maybe not Bob...it gets lost fairly quickly.
Terry,

Can you explain how the above material demonstrates an equivalence between Rybka and Fruit?
Top
chrisw

Re: Wanted: some opposition to the provided evidence

Post by chrisw »

bob wrote:I would say "look here, your honor:"

http://www.talkchess.com/forum/viewtopi ... 67&t=23118
Your honour will tell you he doesn't understand a word you're talking about. He will ask you how that piece of text demonstrates an equivalence between Fruit and Rybka.

He'll say, yes, he knows he is not a programmer, but he can see that you have presented him with part of a computer program written with strange words. He'll say, where in the other program do these same strange words appear in the same order and in length. Then he'll ask the other side what they have to say.
Top
User avatar
Graham Banks
Posts: 44036
Joined: Sun Feb 26, 2006 10:52 am
Location: Auckland, NZ

Re: Rybka 1.0 vs. Strelka

Post by Graham Banks »

chrisw wrote:
Terry McCracken wrote:
Zach Wegner wrote:The topic came up in another thread about the issue of comparing Strelka to Fruit vs. comparing Rybka 1.0 to Fruit. I am doing some disassembling of Rybka 1.0, so I will post the assembly that is equivalent to the last piece of code I had in Fruit. Just to let you know, this is by no means complete. I have filled in most of the function names and some of the variable names, but there is a lot left to do. This is just the result of a few day's work, more will come later.

Code: Select all

.text:0040BCA0 start_search    proc near               ; CODE XREF:
start_go+35F p
.text:0040BCA0
.text:0040BCA0 var_44C         = dword ptr -44Ch
.text:0040BCA0 var_440         = dword ptr -440h
.text:0040BCA0 undo            = dword ptr -40h
.text:0040BCA0 var_8           = dword ptr -8
.text:0040BCA0 num_moves       = dword ptr -4
.text:0040BCA0
.text:0040BCA0                 push    ebp
.text:0040BCA1                 mov     ebp, esp
.text:0040BCA3                 sub     esp, 440h
.text:0040BCA9                 push    ebx
.text:0040BCAA                 push    esi
.text:0040BCAB                 push    edi
.text:0040BCAC                 push    offset dword_669C60
.text:0040BCB1                 mov     dword_667A0C, -500
.text:0040BCBB                 mov     dword_667A10, 500
.text:0040BCC5                 call    evaluate
.text:0040BCCA                 add     esp, 4
.text:0040BCCD                 test    al, al
.text:0040BCCF                 jz      short loc_40BD25
.text:0040BCD1                 mov     ecx, dword_669C6C
.text:0040BCD7                 mov     eax, dword_669C68
.text:0040BCDC                 not     ecx
.text:0040BCDE                 push    ecx
.text:0040BCDF                 not     eax
.text:0040BCE1                 push    eax
.text:0040BCE2                 push    offset list_root
.text:0040BCE7                 call    gen_evasions
.text:0040BCEC                 mov     ecx, list_root
.text:0040BCF2                 add     esp, 12
.text:0040BCF5                 xor     eax, eax
.text:0040BCF7                 test    ecx, ecx
.text:0040BCF9                 jz      short loc_40BD15
.text:0040BCFB                 jmp     short loc_40BD00
.text:0040BCFB ;
---------------------------------------------------------------------------
.text:0040BCFD                 align 10h
.text:0040BD00
.text:0040BD00 loc_40BD00:                             ; CODE XREF:
start_search+5B j
.text:0040BD00                                         ; start_search+73 j
.text:0040BD00                 mov     list_root[eax*4], ecx
.text:0040BD07                 mov     ecx, dword_66BC78[eax*8]
.text:0040BD0E                 add     eax, 1
.text:0040BD11                 test    ecx, ecx
.text:0040BD13                 jnz     short loc_40BD00
.text:0040BD15
.text:0040BD15 loc_40BD15:                             ; CODE XREF:
start_search+59 j
.text:0040BD15                 mov     list_root[eax*4], 0
.text:0040BD20                 jmp     loc_40BDC2
.text:0040BD25 ;
---------------------------------------------------------------------------
.text:0040BD25
.text:0040BD25 loc_40BD25:                             ; CODE XREF:
start_search+2F j
.text:0040BD25                 mov     edx, dword_667B9C
.text:0040BD2B                 mov     eax, dword_667B98
.text:0040BD30                 mov     ecx, dword_667B94
.text:0040BD36                 push    edx
.text:0040BD37                 mov     edx, dword_667B90
.text:0040BD3D                 push    eax
.text:0040BD3E                 push    ecx
.text:0040BD3F                 push    edx
.text:0040BD40                 push    offset dword_66C070
.text:0040BD45                 mov     eax, offset list_root
.text:0040BD4A                 call    gen_captures
.text:0040BD4F                 xor     esi, esi
.text:0040BD51                 add     esp, 20
.text:0040BD54                 cmp     list_root, esi
.text:0040BD5A                 jz      short loc_40BD6D
.text:0040BD5C                 lea     esp, [esp+0]
.text:0040BD60
.text:0040BD60 loc_40BD60:                             ; CODE XREF:
start_search+CB j
.text:0040BD60                 add     esi, 1
.text:0040BD63                 cmp     list_root[esi*4], 0
.text:0040BD6B                 jnz     short loc_40BD60
.text:0040BD6D
.text:0040BD6D loc_40BD6D:                             ; CODE XREF:
start_search+BA j
.text:0040BD6D                 mov     eax, dword_669C6C
.text:0040BD72                 mov     ecx, dword_669C68
.text:0040BD78                 push    -1
.text:0040BD7A                 push    -1
.text:0040BD7C                 push    -1
.text:0040BD7E                 push    eax
.text:0040BD7F                 push    ecx
.text:0040BD80                 lea     edx, [ebp+var_440]
.text:0040BD86                 push    edx
.text:0040BD87                 call    gen_quiet_moves
.text:0040BD8C                 mov     eax, [ebp+var_440]
.text:0040BD92                 add     esp, 24
.text:0040BD95                 xor     ecx, ecx
.text:0040BD97                 test    eax, eax
.text:0040BD99                 jz      short loc_40BDB5
.text:0040BD9B                 lea     edx, ds:66BC70h[esi*4]
.text:0040BDA2
.text:0040BDA2 loc_40BDA2:                             ; CODE XREF:
start_search+113 j
.text:0040BDA2                 add     ecx, 1
.text:0040BDA5                 mov     [edx], eax
.text:0040BDA7                 mov     eax, [ebp+ecx*4+var_440]
.text:0040BDAE                 add     edx, 4
.text:0040BDB1                 test    eax, eax
.text:0040BDB3                 jnz     short loc_40BDA2
.text:0040BDB5
.text:0040BDB5 loc_40BDB5:                             ; CODE XREF:
start_search+F9 j
.text:0040BDB5                 add     ecx, esi
.text:0040BDB7                 mov     list_root[ecx*4], 0
.text:0040BDC2
.text:0040BDC2 loc_40BDC2:                             ; CODE XREF:
start_search+80 j
.text:0040BDC2                 mov     esi, list_root
.text:0040BDC8                 xor     edi, edi
.text:0040BDCA                 test    esi, esi
.text:0040BDCC                 mov     [ebp+num_moves], edi
.text:0040BDCF                 jz      short loc_40BE4C
.text:0040BDD1                 mov     [ebp+num_moves], offset list_root
.text:0040BDD8
.text:0040BDD8 loc_40BDD8:                             ; CODE XREF:
start_search+1A7 j
.text:0040BDD8                 lea     eax, [ebp+undo]
.text:0040BDDB                 push    eax
.text:0040BDDC                 push    esi
.text:0040BDDD                 call    make_move
.text:0040BDE2                 push    offset pos_info_entry
.text:0040BDE7                 call    evaluate
.text:0040BDEC                 mov     ecx, dword_667C20
.text:0040BDF2                 lea     edx, ds:0[ecx*8]
.text:0040BDF9                 mov     ecx, offset dword_667BF8
.text:0040BDFE                 sub     ecx, edx
.text:0040BE00                 mov     eax, [ecx]
.text:0040BE02                 mov     ecx, [ecx+4]
.text:0040BE05                 and     eax, pos_info_entry
.text:0040BE0B                 and     ecx, dword_669C84
.text:0040BE11                 add     esp, 0Ch
.text:0040BE14                 or      eax, ecx
.text:0040BE16                 jnz     short loc_40BE1C
.text:0040BE18                 mov     bl, 1
.text:0040BE1A                 jmp     short loc_40BE1E
.text:0040BE1C ;
---------------------------------------------------------------------------
.text:0040BE1C
.text:0040BE1C loc_40BE1C:                             ; CODE XREF:
start_search+176 j
.text:0040BE1C                 xor     bl, bl
.text:0040BE1E
.text:0040BE1E loc_40BE1E:                             ; CODE XREF:
start_search+17A j
.text:0040BE1E                 lea     eax, [ebp+undo]
.text:0040BE21                 push    eax
.text:0040BE22                 push    esi
.text:0040BE23                 call    unmake_move
.text:0040BE28                 add     esp, 8
.text:0040BE2B                 test    bl, bl
.text:0040BE2D                 jz      short loc_40BE39
.text:0040BE2F                 mov     list_root[edi*4], esi
.text:0040BE36                 add     edi, 1          ; num_moves++
.text:0040BE39
.text:0040BE39 loc_40BE39:                             ; CODE XREF:
start_search+18D j
.text:0040BE39                 mov     eax, [ebp+num_moves]
.text:0040BE3C                 mov     esi, [eax+4]
.text:0040BE3F                 add     eax, 4          ; i++
.text:0040BE42                 test    esi, esi        ; list_root[i].move!=0
.text:0040BE44                 mov     [ebp+num_moves], eax
.text:0040BE47                 jnz     short loc_40BDD8
.text:0040BE49                 mov     [ebp+num_moves], edi
.text:0040BE4C
.text:0040BE4C loc_40BE4C:                             ; CODE XREF:
start_search+12F j
.text:0040BE4C                 xor     esi, esi
.text:0040BE4E                 cmp     edi, 1          ; if (num_moves <= 1)
.text:0040BE51                 mov     list_root[edi*4], esi ;
list_root[num_moves].move = 0
.text:0040BE58                 ja      short loc_40BE64
.text:0040BE5A                 mov     G_max_depth, 4  ; max_depth = 4;
.text:0040BE64
.text:0040BE64 loc_40BE64:                             ; CODE XREF:
start_search+1B8 j
.text:0040BE64                 push    esi
.text:0040BE65                 push    offset dword_667A28
.text:0040BE6A                 call    setjmp
.text:0040BE6F                 add     esp, 8
.text:0040BE72                 test    eax, eax        ; if
(setjmp(jmp_buffer) != 0) return;
.text:0040BE74                 jz      short loc_40BE87
.text:0040BE76                 mov     eax, offset byte_664E08
.text:0040BE7B                 call    sub_4092E0
.text:0040BE80                 pop     edi
.text:0040BE81                 pop     esi
.text:0040BE82                 pop     ebx
.text:0040BE83                 mov     esp, ebp
.text:0040BE85                 pop     ebp
.text:0040BE86                 retn
.text:0040BE87 ;
---------------------------------------------------------------------------
.text:0040BE87
.text:0040BE87 loc_40BE87:                             ; CODE XREF:
start_search+1D4 j
.text:0040BE87                 call    ds:GetTickCount  ; start_timer
.text:0040BE8D                 mov     start_time, eax
.text:0040BE92                 mov     eax, dword_66C490
.text:0040BE97                 add     eax, 1          ; All of this
stuff is trans_inc_date
.text:0040BE9A                 and     eax, 3
.text:0040BE9D                 mov     ecx, eax
.text:0040BE9F                 cmp     ecx, esi
.text:0040BEA1                 mov     dword_66C490, eax
.text:0040BEA6                 jge     short loc_40BEAB
.text:0040BEA8                 add     ecx, 4
.text:0040BEAB
.text:0040BEAB loc_40BEAB:                             ; CODE XREF:
start_search+206 j
.text:0040BEAB                 add     ecx, 1
.text:0040BEAE                 shl     ecx, 8
.text:0040BEB1                 mov     dword_66C498, ecx
.text:0040BEB7                 lea     ecx, [eax-1]
.text:0040BEBA                 cmp     ecx, esi
.text:0040BEBC                 jge     short loc_40BEC1
.text:0040BEBE                 add     ecx, 4
.text:0040BEC1
.text:0040BEC1 loc_40BEC1:                             ; CODE XREF:
start_search+21C j
.text:0040BEC1                 add     ecx, 1
.text:0040BEC4                 shl     ecx, 8
.text:0040BEC7                 mov     dword_66C49C, ecx
.text:0040BECD                 lea     ecx, [eax-2]
.text:0040BED0                 cmp     ecx, esi
.text:0040BED2                 jge     short loc_40BED7
.text:0040BED4                 add     ecx, 4
.text:0040BED7
.text:0040BED7 loc_40BED7:                             ; CODE XREF:
start_search+232 j
.text:0040BED7                 add     ecx, 1
.text:0040BEDA                 shl     ecx, 8
.text:0040BEDD                 add     eax, -3
.text:0040BEE0                 cmp     eax, esi
.text:0040BEE2                 mov     dword_66C4A0, ecx
.text:0040BEE8                 jge     short loc_40BEED
.text:0040BEEA                 add     eax, 4
.text:0040BEED
.text:0040BEED loc_40BEED:                             ; CODE XREF:
start_search+248 j
.text:0040BEED                 add     eax, 1
.text:0040BEF0                 shl     eax, 8
.text:0040BEF3                 mov     dword_66C4A4, eax
.text:0040BEF8                 xor     eax, eax
.text:0040BEFA                 lea     ebx, [ebx+0]
.text:0040BF00
.text:0040BF00 loc_40BF00:                             ; CODE XREF:
start_search+274 j
.text:0040BF00                 mov     killer1[eax], esi ; (Pos_info + i)->killer1 = 0;
.text:0040BF06                 mov     killer2[eax], esi ; (Pos_info + i)->killer2 = 0;
.text:0040BF0C                 add     eax, 32
.text:0040BF0F                 cmp     eax, 8192
.text:0040BF14                 jb      short loc_40BF00
.text:0040BF16                 mov     eax, 256
.text:0040BF1B                 mov     ecx, 768
.text:0040BF20                 mov     edi, offset History
.text:0040BF25                 rep stosd               ;
memset(History, 256, 12 * 64 * sizeof(int));
.text:0040BF27                 mov     eax, dword_667C40
.text:0040BF2C                 and     eax, dword_66C488
.text:0040BF32                 mov     ecx, dword_667C44
.text:0040BF38                 shl     eax, 4
.text:0040BF3B                 add     eax, dword_66C480
.text:0040BF41                 cmp     [eax], ecx
.text:0040BF43                 jnz     short loc_40BF4F
.text:0040BF45                 movzx   edx, word ptr [eax+4]
.text:0040BF49                 mov     dword_66C478, edx
.text:0040BF4F
.text:0040BF4F loc_40BF4F:                             ; CODE XREF:
start_search+2A3 j
.text:0040BF4F                 cmp     [eax+10h], ecx
.text:0040BF52                 jnz     short loc_40BF5E
.text:0040BF54                 movzx   edx, word ptr [eax+14h]
.text:0040BF58                 mov     dword_66C478, edx
.text:0040BF5E
.text:0040BF5E loc_40BF5E:                             ; CODE XREF:
start_search+2B2 j
.text:0040BF5E                 cmp     [eax+20h], ecx
.text:0040BF61                 jnz     short loc_40BF6D
.text:0040BF63                 movzx   edx, word ptr [eax+24h]
.text:0040BF67                 mov     dword_66C478, edx
.text:0040BF6D
.text:0040BF6D loc_40BF6D:                             ; CODE XREF:
start_search+2C1 j
.text:0040BF6D                 cmp     [eax+30h], ecx
.text:0040BF70                 jnz     short loc_40BF7B
.text:0040BF72                 movzx   eax, word ptr [eax+34h]
.text:0040BF76                 mov     dword_66C478, eax
.text:0040BF7B
.text:0040BF7B loc_40BF7B:                             ; CODE XREF:
start_search+2D0 j
.text:0040BF7B                 mov     eax, [ebp+num_moves]
.text:0040BF7E                 cmp     eax, 2
.text:0040BF81                 jb      loc_40C039
.text:0040BF87                 add     eax, -1
.text:0040BF8A                 mov     [ebp+var_8], eax
.text:0040BF8D                 js      loc_40C039
.text:0040BF93
.text:0040BF93 loc_40BF93:                             ; CODE XREF:
start_search+393 j
.text:0040BF93                 lea     ebx, ds:0[eax*4]
.text:0040BF9A                 mov     edi, list_root[ebx]
.text:0040BFA0                 cmp     edi, dword_66C478
.text:0040BFA6                 lea     edx, dword_66C074[ebx]
.text:0040BFAC                 jnz     short loc_40BFB5
.text:0040BFAE                 mov     ecx, 7FFFFFFFh
.text:0040BFB3                 jmp     short loc_40BFE1
.text:0040BFB5 ;
---------------------------------------------------------------------------
.text:0040BFB5
.text:0040BFB5 loc_40BFB5:                             ; CODE XREF:
start_search+30C j
.text:0040BFB5                 mov     ecx, edi
.text:0040BFB7                 and     ecx, 63
.text:0040BFBA                 mov     ecx, dword_667A90[ecx*4]
.text:0040BFC1                 test    ecx, ecx
.text:0040BFC3                 jz      short loc_40BFDF
.text:0040BFC5                 mov     esi, edi
.text:0040BFC7                 shr     esi, 6
.text:0040BFCA                 and     esi, 63
.text:0040BFCD                 shl     ecx, 4
.text:0040BFD0                 sub     ecx, dword_667A90[esi*4]
.text:0040BFD7                 add     ecx, 2147483391
.text:0040BFDD                 jmp     short loc_40BFE1
.text:0040BFDF ;
---------------------------------------------------------------------------
.text:0040BFDF
.text:0040BFDF loc_40BFDF:                             ; CODE XREF:
start_search+323 j
.text:0040BFDF                 xor     ecx, ecx
.text:0040BFE1
.text:0040BFE1 loc_40BFE1:                             ; CODE XREF:
start_search+313 j
.text:0040BFE1                                         ; start_search+33D j
.text:0040BFE1                 cmp     ecx, [edx]
.text:0040BFE3                 mov     esi, eax
.text:0040BFE5                 jnb     short loc_40C01F
.text:0040BFE7                 mov     eax, ebx
.text:0040BFE9                 lea     esp, [esp+0]
.text:0040BFF0
.text:0040BFF0 loc_40BFF0:                             ; CODE XREF:
start_search+37A j
.text:0040BFF0                 mov     ebx, dword_66BC74[eax]
.text:0040BFF6                 mov     edx, [edx]
.text:0040BFF8                 mov     list_root[eax], ebx
.text:0040BFFE                 mov     dword_66C070[eax], edx
.text:0040C004                 add     esi, 1
.text:0040C007                 lea     eax, ds:0[esi*4]
.text:0040C00E                 cmp     ecx, dword_66C074[eax]
.text:0040C014                 lea     edx, dword_66C074[eax]
.text:0040C01A                 jb      short loc_40BFF0
.text:0040C01C                 mov     eax, [ebp+var_8]
.text:0040C01F
.text:0040C01F loc_40C01F:                             ; CODE XREF:
start_search+345 j
.text:0040C01F                 sub     eax, 1
.text:0040C022                 mov     list_root[esi*4], edi
.text:0040C029                 mov     dword_66C070[esi*4], ecx
.text:0040C030                 mov     [ebp+var_8], eax
.text:0040C033                 jns     loc_40BF93
.text:0040C039
.text:0040C039 loc_40C039:                             ; CODE XREF:
start_search+2E1 j
.text:0040C039                                         ; start_search+2ED j
The interesting thing that I found is that for this piece of code, Rybka 1.0 is more similar to Fruit than Strelka. Here are the differences:
--Setjmp is called after the move generation, as in Fruit
--Something very strange: whereas in Strelka a failed setjmp call simply results in a return, in Rybka 1.0 it involves a function call, like in Fruit (there it is search_update_current()). The weird part is, it appears to be calling parse_position(). That is what the "call sub_4092E0" is for. Why would Rybka 1.0 be parsing the position after a setjmp call?
--The timer is started after the setjmp call
--depth is limited to 4 when there's only 1 legal move (commented out in Strelka, as noted in the other thread).
--I noted earlier that the history initialization was different. Strelka and Rybka 1.0 are the same here, using memset(History, 256, 12 * 64 * sizeof(int)); But what I didn't notice is, 256 is out of range for an unsigned char. So that code is the same as Fruit's memset(History, 0, 12 * 64 * sizeof(int)); Why would Rybka 1.0 have 256? Is it the optimizer gone wild, or a deliberate attempt at obfuscation?
Maybe not Bob...it gets lost fairly quickly.
Terry,

Can you explain how the above material demonstrates an equivalence between Rybka and Fruit?
Good question. Terry?
gbanksnz at gmail.com
Top
kranium
Posts: 2129
Joined: Thu May 29, 2008 10:43 am

Re: Rybka 1.0 vs. Strelka

Post by kranium »

Graham Banks wrote:
chrisw wrote:
Terry McCracken wrote:
Zach Wegner wrote:The topic came up in another thread about the issue of comparing Strelka to Fruit vs. comparing Rybka 1.0 to Fruit. I am doing some disassembling of Rybka 1.0, so I will post the assembly that is equivalent to the last piece of code I had in Fruit. Just to let you know, this is by no means complete. I have filled in most of the function names and some of the variable names, but there is a lot left to do. This is just the result of a few day's work, more will come later.

Code: Select all

.text:0040BCA0 start_search    proc near               ; CODE XREF:
start_go+35F p
.text:0040BCA0
.text:0040BCA0 var_44C         = dword ptr -44Ch
.text:0040BCA0 var_440         = dword ptr -440h
.text:0040BCA0 undo            = dword ptr -40h
.text:0040BCA0 var_8           = dword ptr -8
.text:0040BCA0 num_moves       = dword ptr -4
.text:0040BCA0
.text:0040BCA0                 push    ebp
.text:0040BCA1                 mov     ebp, esp
.text:0040BCA3                 sub     esp, 440h
.text:0040BCA9                 push    ebx
.text:0040BCAA                 push    esi
.text:0040BCAB                 push    edi
.text:0040BCAC                 push    offset dword_669C60
.text:0040BCB1                 mov     dword_667A0C, -500
.text:0040BCBB                 mov     dword_667A10, 500
.text:0040BCC5                 call    evaluate
.text:0040BCCA                 add     esp, 4
.text:0040BCCD                 test    al, al
.text:0040BCCF                 jz      short loc_40BD25
.text:0040BCD1                 mov     ecx, dword_669C6C
.text:0040BCD7                 mov     eax, dword_669C68
.text:0040BCDC                 not     ecx
.text:0040BCDE                 push    ecx
.text:0040BCDF                 not     eax
.text:0040BCE1                 push    eax
.text:0040BCE2                 push    offset list_root
.text:0040BCE7                 call    gen_evasions
.text:0040BCEC                 mov     ecx, list_root
.text:0040BCF2                 add     esp, 12
.text:0040BCF5                 xor     eax, eax
.text:0040BCF7                 test    ecx, ecx
.text:0040BCF9                 jz      short loc_40BD15
.text:0040BCFB                 jmp     short loc_40BD00
.text:0040BCFB ;
---------------------------------------------------------------------------
.text:0040BCFD                 align 10h
.text:0040BD00
.text:0040BD00 loc_40BD00:                             ; CODE XREF:
start_search+5B j
.text:0040BD00                                         ; start_search+73 j
.text:0040BD00                 mov     list_root[eax*4], ecx
.text:0040BD07                 mov     ecx, dword_66BC78[eax*8]
.text:0040BD0E                 add     eax, 1
.text:0040BD11                 test    ecx, ecx
.text:0040BD13                 jnz     short loc_40BD00
.text:0040BD15
.text:0040BD15 loc_40BD15:                             ; CODE XREF:
start_search+59 j
.text:0040BD15                 mov     list_root[eax*4], 0
.text:0040BD20                 jmp     loc_40BDC2
.text:0040BD25 ;
---------------------------------------------------------------------------
.text:0040BD25
.text:0040BD25 loc_40BD25:                             ; CODE XREF:
start_search+2F j
.text:0040BD25                 mov     edx, dword_667B9C
.text:0040BD2B                 mov     eax, dword_667B98
.text:0040BD30                 mov     ecx, dword_667B94
.text:0040BD36                 push    edx
.text:0040BD37                 mov     edx, dword_667B90
.text:0040BD3D                 push    eax
.text:0040BD3E                 push    ecx
.text:0040BD3F                 push    edx
.text:0040BD40                 push    offset dword_66C070
.text:0040BD45                 mov     eax, offset list_root
.text:0040BD4A                 call    gen_captures
.text:0040BD4F                 xor     esi, esi
.text:0040BD51                 add     esp, 20
.text:0040BD54                 cmp     list_root, esi
.text:0040BD5A                 jz      short loc_40BD6D
.text:0040BD5C                 lea     esp, [esp+0]
.text:0040BD60
.text:0040BD60 loc_40BD60:                             ; CODE XREF:
start_search+CB j
.text:0040BD60                 add     esi, 1
.text:0040BD63                 cmp     list_root[esi*4], 0
.text:0040BD6B                 jnz     short loc_40BD60
.text:0040BD6D
.text:0040BD6D loc_40BD6D:                             ; CODE XREF:
start_search+BA j
.text:0040BD6D                 mov     eax, dword_669C6C
.text:0040BD72                 mov     ecx, dword_669C68
.text:0040BD78                 push    -1
.text:0040BD7A                 push    -1
.text:0040BD7C                 push    -1
.text:0040BD7E                 push    eax
.text:0040BD7F                 push    ecx
.text:0040BD80                 lea     edx, [ebp+var_440]
.text:0040BD86                 push    edx
.text:0040BD87                 call    gen_quiet_moves
.text:0040BD8C                 mov     eax, [ebp+var_440]
.text:0040BD92                 add     esp, 24
.text:0040BD95                 xor     ecx, ecx
.text:0040BD97                 test    eax, eax
.text:0040BD99                 jz      short loc_40BDB5
.text:0040BD9B                 lea     edx, ds:66BC70h[esi*4]
.text:0040BDA2
.text:0040BDA2 loc_40BDA2:                             ; CODE XREF:
start_search+113 j
.text:0040BDA2                 add     ecx, 1
.text:0040BDA5                 mov     [edx], eax
.text:0040BDA7                 mov     eax, [ebp+ecx*4+var_440]
.text:0040BDAE                 add     edx, 4
.text:0040BDB1                 test    eax, eax
.text:0040BDB3                 jnz     short loc_40BDA2
.text:0040BDB5
.text:0040BDB5 loc_40BDB5:                             ; CODE XREF:
start_search+F9 j
.text:0040BDB5                 add     ecx, esi
.text:0040BDB7                 mov     list_root[ecx*4], 0
.text:0040BDC2
.text:0040BDC2 loc_40BDC2:                             ; CODE XREF:
start_search+80 j
.text:0040BDC2                 mov     esi, list_root
.text:0040BDC8                 xor     edi, edi
.text:0040BDCA                 test    esi, esi
.text:0040BDCC                 mov     [ebp+num_moves], edi
.text:0040BDCF                 jz      short loc_40BE4C
.text:0040BDD1                 mov     [ebp+num_moves], offset list_root
.text:0040BDD8
.text:0040BDD8 loc_40BDD8:                             ; CODE XREF:
start_search+1A7 j
.text:0040BDD8                 lea     eax, [ebp+undo]
.text:0040BDDB                 push    eax
.text:0040BDDC                 push    esi
.text:0040BDDD                 call    make_move
.text:0040BDE2                 push    offset pos_info_entry
.text:0040BDE7                 call    evaluate
.text:0040BDEC                 mov     ecx, dword_667C20
.text:0040BDF2                 lea     edx, ds:0[ecx*8]
.text:0040BDF9                 mov     ecx, offset dword_667BF8
.text:0040BDFE                 sub     ecx, edx
.text:0040BE00                 mov     eax, [ecx]
.text:0040BE02                 mov     ecx, [ecx+4]
.text:0040BE05                 and     eax, pos_info_entry
.text:0040BE0B                 and     ecx, dword_669C84
.text:0040BE11                 add     esp, 0Ch
.text:0040BE14                 or      eax, ecx
.text:0040BE16                 jnz     short loc_40BE1C
.text:0040BE18                 mov     bl, 1
.text:0040BE1A                 jmp     short loc_40BE1E
.text:0040BE1C ;
---------------------------------------------------------------------------
.text:0040BE1C
.text:0040BE1C loc_40BE1C:                             ; CODE XREF:
start_search+176 j
.text:0040BE1C                 xor     bl, bl
.text:0040BE1E
.text:0040BE1E loc_40BE1E:                             ; CODE XREF:
start_search+17A j
.text:0040BE1E                 lea     eax, [ebp+undo]
.text:0040BE21                 push    eax
.text:0040BE22                 push    esi
.text:0040BE23                 call    unmake_move
.text:0040BE28                 add     esp, 8
.text:0040BE2B                 test    bl, bl
.text:0040BE2D                 jz      short loc_40BE39
.text:0040BE2F                 mov     list_root[edi*4], esi
.text:0040BE36                 add     edi, 1          ; num_moves++
.text:0040BE39
.text:0040BE39 loc_40BE39:                             ; CODE XREF:
start_search+18D j
.text:0040BE39                 mov     eax, [ebp+num_moves]
.text:0040BE3C                 mov     esi, [eax+4]
.text:0040BE3F                 add     eax, 4          ; i++
.text:0040BE42                 test    esi, esi        ; list_root[i].move!=0
.text:0040BE44                 mov     [ebp+num_moves], eax
.text:0040BE47                 jnz     short loc_40BDD8
.text:0040BE49                 mov     [ebp+num_moves], edi
.text:0040BE4C
.text:0040BE4C loc_40BE4C:                             ; CODE XREF:
start_search+12F j
.text:0040BE4C                 xor     esi, esi
.text:0040BE4E                 cmp     edi, 1          ; if (num_moves <= 1)
.text:0040BE51                 mov     list_root[edi*4], esi ;
list_root[num_moves].move = 0
.text:0040BE58                 ja      short loc_40BE64
.text:0040BE5A                 mov     G_max_depth, 4  ; max_depth = 4;
.text:0040BE64
.text:0040BE64 loc_40BE64:                             ; CODE XREF:
start_search+1B8 j
.text:0040BE64                 push    esi
.text:0040BE65                 push    offset dword_667A28
.text:0040BE6A                 call    setjmp
.text:0040BE6F                 add     esp, 8
.text:0040BE72                 test    eax, eax        ; if
(setjmp(jmp_buffer) != 0) return;
.text:0040BE74                 jz      short loc_40BE87
.text:0040BE76                 mov     eax, offset byte_664E08
.text:0040BE7B                 call    sub_4092E0
.text:0040BE80                 pop     edi
.text:0040BE81                 pop     esi
.text:0040BE82                 pop     ebx
.text:0040BE83                 mov     esp, ebp
.text:0040BE85                 pop     ebp
.text:0040BE86                 retn
.text:0040BE87 ;
---------------------------------------------------------------------------
.text:0040BE87
.text:0040BE87 loc_40BE87:                             ; CODE XREF:
start_search+1D4 j
.text:0040BE87                 call    ds:GetTickCount  ; start_timer
.text:0040BE8D                 mov     start_time, eax
.text:0040BE92                 mov     eax, dword_66C490
.text:0040BE97                 add     eax, 1          ; All of this
stuff is trans_inc_date
.text:0040BE9A                 and     eax, 3
.text:0040BE9D                 mov     ecx, eax
.text:0040BE9F                 cmp     ecx, esi
.text:0040BEA1                 mov     dword_66C490, eax
.text:0040BEA6                 jge     short loc_40BEAB
.text:0040BEA8                 add     ecx, 4
.text:0040BEAB
.text:0040BEAB loc_40BEAB:                             ; CODE XREF:
start_search+206 j
.text:0040BEAB                 add     ecx, 1
.text:0040BEAE                 shl     ecx, 8
.text:0040BEB1                 mov     dword_66C498, ecx
.text:0040BEB7                 lea     ecx, [eax-1]
.text:0040BEBA                 cmp     ecx, esi
.text:0040BEBC                 jge     short loc_40BEC1
.text:0040BEBE                 add     ecx, 4
.text:0040BEC1
.text:0040BEC1 loc_40BEC1:                             ; CODE XREF:
start_search+21C j
.text:0040BEC1                 add     ecx, 1
.text:0040BEC4                 shl     ecx, 8
.text:0040BEC7                 mov     dword_66C49C, ecx
.text:0040BECD                 lea     ecx, [eax-2]
.text:0040BED0                 cmp     ecx, esi
.text:0040BED2                 jge     short loc_40BED7
.text:0040BED4                 add     ecx, 4
.text:0040BED7
.text:0040BED7 loc_40BED7:                             ; CODE XREF:
start_search+232 j
.text:0040BED7                 add     ecx, 1
.text:0040BEDA                 shl     ecx, 8
.text:0040BEDD                 add     eax, -3
.text:0040BEE0                 cmp     eax, esi
.text:0040BEE2                 mov     dword_66C4A0, ecx
.text:0040BEE8                 jge     short loc_40BEED
.text:0040BEEA                 add     eax, 4
.text:0040BEED
.text:0040BEED loc_40BEED:                             ; CODE XREF:
start_search+248 j
.text:0040BEED                 add     eax, 1
.text:0040BEF0                 shl     eax, 8
.text:0040BEF3                 mov     dword_66C4A4, eax
.text:0040BEF8                 xor     eax, eax
.text:0040BEFA                 lea     ebx, [ebx+0]
.text:0040BF00
.text:0040BF00 loc_40BF00:                             ; CODE XREF:
start_search+274 j
.text:0040BF00                 mov     killer1[eax], esi ; (Pos_info + i)->killer1 = 0;
.text:0040BF06                 mov     killer2[eax], esi ; (Pos_info + i)->killer2 = 0;
.text:0040BF0C                 add     eax, 32
.text:0040BF0F                 cmp     eax, 8192
.text:0040BF14                 jb      short loc_40BF00
.text:0040BF16                 mov     eax, 256
.text:0040BF1B                 mov     ecx, 768
.text:0040BF20                 mov     edi, offset History
.text:0040BF25                 rep stosd               ;
memset(History, 256, 12 * 64 * sizeof(int));
.text:0040BF27                 mov     eax, dword_667C40
.text:0040BF2C                 and     eax, dword_66C488
.text:0040BF32                 mov     ecx, dword_667C44
.text:0040BF38                 shl     eax, 4
.text:0040BF3B                 add     eax, dword_66C480
.text:0040BF41                 cmp     [eax], ecx
.text:0040BF43                 jnz     short loc_40BF4F
.text:0040BF45                 movzx   edx, word ptr [eax+4]
.text:0040BF49                 mov     dword_66C478, edx
.text:0040BF4F
.text:0040BF4F loc_40BF4F:                             ; CODE XREF:
start_search+2A3 j
.text:0040BF4F                 cmp     [eax+10h], ecx
.text:0040BF52                 jnz     short loc_40BF5E
.text:0040BF54                 movzx   edx, word ptr [eax+14h]
.text:0040BF58                 mov     dword_66C478, edx
.text:0040BF5E
.text:0040BF5E loc_40BF5E:                             ; CODE XREF:
start_search+2B2 j
.text:0040BF5E                 cmp     [eax+20h], ecx
.text:0040BF61                 jnz     short loc_40BF6D
.text:0040BF63                 movzx   edx, word ptr [eax+24h]
.text:0040BF67                 mov     dword_66C478, edx
.text:0040BF6D
.text:0040BF6D loc_40BF6D:                             ; CODE XREF:
start_search+2C1 j
.text:0040BF6D                 cmp     [eax+30h], ecx
.text:0040BF70                 jnz     short loc_40BF7B
.text:0040BF72                 movzx   eax, word ptr [eax+34h]
.text:0040BF76                 mov     dword_66C478, eax
.text:0040BF7B
.text:0040BF7B loc_40BF7B:                             ; CODE XREF:
start_search+2D0 j
.text:0040BF7B                 mov     eax, [ebp+num_moves]
.text:0040BF7E                 cmp     eax, 2
.text:0040BF81                 jb      loc_40C039
.text:0040BF87                 add     eax, -1
.text:0040BF8A                 mov     [ebp+var_8], eax
.text:0040BF8D                 js      loc_40C039
.text:0040BF93
.text:0040BF93 loc_40BF93:                             ; CODE XREF:
start_search+393 j
.text:0040BF93                 lea     ebx, ds:0[eax*4]
.text:0040BF9A                 mov     edi, list_root[ebx]
.text:0040BFA0                 cmp     edi, dword_66C478
.text:0040BFA6                 lea     edx, dword_66C074[ebx]
.text:0040BFAC                 jnz     short loc_40BFB5
.text:0040BFAE                 mov     ecx, 7FFFFFFFh
.text:0040BFB3                 jmp     short loc_40BFE1
.text:0040BFB5 ;
---------------------------------------------------------------------------
.text:0040BFB5
.text:0040BFB5 loc_40BFB5:                             ; CODE XREF:
start_search+30C j
.text:0040BFB5                 mov     ecx, edi
.text:0040BFB7                 and     ecx, 63
.text:0040BFBA                 mov     ecx, dword_667A90[ecx*4]
.text:0040BFC1                 test    ecx, ecx
.text:0040BFC3                 jz      short loc_40BFDF
.text:0040BFC5                 mov     esi, edi
.text:0040BFC7                 shr     esi, 6
.text:0040BFCA                 and     esi, 63
.text:0040BFCD                 shl     ecx, 4
.text:0040BFD0                 sub     ecx, dword_667A90[esi*4]
.text:0040BFD7                 add     ecx, 2147483391
.text:0040BFDD                 jmp     short loc_40BFE1
.text:0040BFDF ;
---------------------------------------------------------------------------
.text:0040BFDF
.text:0040BFDF loc_40BFDF:                             ; CODE XREF:
start_search+323 j
.text:0040BFDF                 xor     ecx, ecx
.text:0040BFE1
.text:0040BFE1 loc_40BFE1:                             ; CODE XREF:
start_search+313 j
.text:0040BFE1                                         ; start_search+33D j
.text:0040BFE1                 cmp     ecx, [edx]
.text:0040BFE3                 mov     esi, eax
.text:0040BFE5                 jnb     short loc_40C01F
.text:0040BFE7                 mov     eax, ebx
.text:0040BFE9                 lea     esp, [esp+0]
.text:0040BFF0
.text:0040BFF0 loc_40BFF0:                             ; CODE XREF:
start_search+37A j
.text:0040BFF0                 mov     ebx, dword_66BC74[eax]
.text:0040BFF6                 mov     edx, [edx]
.text:0040BFF8                 mov     list_root[eax], ebx
.text:0040BFFE                 mov     dword_66C070[eax], edx
.text:0040C004                 add     esi, 1
.text:0040C007                 lea     eax, ds:0[esi*4]
.text:0040C00E                 cmp     ecx, dword_66C074[eax]
.text:0040C014                 lea     edx, dword_66C074[eax]
.text:0040C01A                 jb      short loc_40BFF0
.text:0040C01C                 mov     eax, [ebp+var_8]
.text:0040C01F
.text:0040C01F loc_40C01F:                             ; CODE XREF:
start_search+345 j
.text:0040C01F                 sub     eax, 1
.text:0040C022                 mov     list_root[esi*4], edi
.text:0040C029                 mov     dword_66C070[esi*4], ecx
.text:0040C030                 mov     [ebp+var_8], eax
.text:0040C033                 jns     loc_40BF93
.text:0040C039
.text:0040C039 loc_40C039:                             ; CODE XREF:
start_search+2E1 j
.text:0040C039                                         ; start_search+2ED j
The interesting thing that I found is that for this piece of code, Rybka 1.0 is more similar to Fruit than Strelka. Here are the differences:
--Setjmp is called after the move generation, as in Fruit
--Something very strange: whereas in Strelka a failed setjmp call simply results in a return, in Rybka 1.0 it involves a function call, like in Fruit (there it is search_update_current()). The weird part is, it appears to be calling parse_position(). That is what the "call sub_4092E0" is for. Why would Rybka 1.0 be parsing the position after a setjmp call?
--The timer is started after the setjmp call
--depth is limited to 4 when there's only 1 legal move (commented out in Strelka, as noted in the other thread).
--I noted earlier that the history initialization was different. Strelka and Rybka 1.0 are the same here, using memset(History, 256, 12 * 64 * sizeof(int)); But what I didn't notice is, 256 is out of range for an unsigned char. So that code is the same as Fruit's memset(History, 0, 12 * 64 * sizeof(int)); Why would Rybka 1.0 have 256? Is it the optimizer gone wild, or a deliberate attempt at obfuscation?
Maybe not Bob...it gets lost fairly quickly.
Terry,

Can you explain how the above material demonstrates an equivalence between Rybka and Fruit?
Good question. Terry?
yes and conversely,
can you and/or chris please tell us how it doesn't apply?

and if the code above is converted to C or C++...would this then be enough? (because that is surely forthcoming...)

or should it go to psuedo-descriptive narrative text...

when will it be good enough?

please let us know, because we're ready to jump thru hoops...
Top
User avatar
WinPooh
Posts: 276
Joined: Fri Mar 17, 2006 8:01 am
Location: Russia
Full name: Vladimir Medvedev

Re: Rybka 1.0 vs. Strelka

Post by WinPooh »

Stop! Over!! Quoting!!! Please!!!!!
Top
kranium
Posts: 2129
Joined: Thu May 29, 2008 10:43 am

Re: Rybka 1.0 vs. Strelka

Post by kranium »

WinPooh wrote:Stop! Over!! Quoting!!! Please!!!!!
:D point taken
Top
chrisw

Re: Rybka 1.0 vs. Strelka

Post by chrisw »

SzG wrote:I am not Terry but I can tell you you were not listening. Zach (and Terry) was quoting the Rybka disassembly only, a part of it that is identical with Fruit (the Fruit part is missing because it is the same).
Then let's see it
Top
bob
Posts: 20943
Joined: Mon Feb 27, 2006 7:30 pm
Location: Birmingham, AL

Re: Wanted: some opposition to the provided evidence

Post by bob »

chrisw wrote:
bob wrote:I would say "look here, your honor:"

http://www.talkchess.com/forum/viewtopi ... 67&t=23118
Your honour will tell you he doesn't understand a word you're talking about. He will ask you how that piece of text demonstrates an equivalence between Fruit and Rybka.

He'll say, yes, he knows he is not a programmer, but he can see that you have presented him with part of a computer program written with strange words. He'll say, where in the other program do these same strange words appear in the same order and in length. Then he'll ask the other side what they have to say.
And when shown that the blocks of code are identical between two programs, and when expert witnesses testify that this is not just an improbable event, but an event of such rarity that one would be as likely to accept that a monkey typed one of them, he might begin go to "hmmm..."

There _might_ be a valid explanation. But in the absence of anything, the evidence defies explanation by just "random chance of two programmers coming up with the same code." We are not used to seeing duplication in 100 line programs, much less in programs of the complexity of computer chess. I suppose one could try a diff between pairs of open source programs and see how frequently you find one line, two consecutive lines, ..., N consecutive lines that are the same. For it to happen between these two specific examples, there must be _several_ other programs that would show some sort of significant match between pairs of them.

Of course that won't quite catch all copies since diff is unaware of equivalent names and equivalent expressions which are different syntactically (a=b+c opposed to a=c+b or a+=b; a+= c or any of a dozen other ways to do the same thing.

The only issue I have with any of this is that some want to say "this is just luck". I say "crapola to the luck idea". And I base that on grading assignments from 1970 to date, from programs that are only 30 lines or so long, to programs that are thousands of lines long. I remember worrying about this in a numerical analysis class I taught for the first time. We were looking at all sorts of traditional numerical analysis, and one example was the "Crout method" for solving systems of equations. As an UG, I wrote this in about 14 lines of code, total. Typical student was about 30 lines. I was afraid that given a specific algorithm, that the programs would be near copies. Wrong. No two were anywhere near "copies". And that has repeated in every course I have taken. If I were to ask a group of chess programmers to carefully and clearly explain SEE, no code, just an explanation anyone could use to write a piece of code, no two people would produce anywhere near the same text, although all would likely get most of the relevant explanation in. They would likely vary in which pieces to include (include pinned pieces or not, overloaded pieces or not, pieces behind pieces or not, etc). If, for something that simple, we can't get a high level of duplication, how will we do so in something as complex as a chess program?
Top
bob
Posts: 20943
Joined: Mon Feb 27, 2006 7:30 pm
Location: Birmingham, AL

Re: Wanted: some opposition to the provided evidence

Post by bob »

mclane wrote:
I started from absolute scratch in 1968
pretty amazing Bob. In 1968 i was 2 years old !
unbelievable !!
According to my kids, that was about 3 years after dirt was first discovered...
Top
bob
Posts: 20943
Joined: Mon Feb 27, 2006 7:30 pm
Location: Birmingham, AL

Re: Wanted: some opposition to the provided evidence

Post by bob »

kranium wrote:
Sven Schüle wrote:
Terry McCracken wrote:If Christophe or any other commercial programer wanted the source code of Rybka 3 they'd disassemble it. It's not that hard.
Just to get the wordings correct ...

1) "Disassembling" (as also used by some others in this thread) only refers to converting the binary program into assembler instructions, like with the MSVC(++) command "dumpbin /disasm". What you mean is either "decompiling" or "reverse engineering".

2) You cannot obtain "the source code" of a binary via reverse engineering if the binary comes without a symbol table that usually contains (some of!) the identifiers the original author has chosen, and without further input. Since I only looked at the free R1.0beta exe I can only confirm absence of the symbol table for that version. But you can be 100% sure that the commercial versions have the symtable stripped off, too.

3) So the reverse engineering is an ambiguous activity (i.e. there are many possible results being equivalent since they can be mapped to the same binary) which is in reality not fully automated, even if there might be some assisting tools for it. The reverse engineer has to assign identifiers to functions and (global/static) variables which are anonymous so far. And, what I personally consider to be the hardest job, he also has to deal quite a lot with local variables living either on the stack or in registers, and having no address that could simply be translated into an identifier.

So I propose to be very careful with a statement that describes reverse engineering of a bare executable as being "not that hard".

Just as additional info: the R1.0beta exe is about 2.4MB large (32 bit version). Strelka 2.0 32bit exe has about 180kB IIRC. Although the huge difference probably comes from the fact that Strelka 2.0 does not use some huge table that R1.0beta had used, this is still a lot, so IMO it _is_ hard work.

This remains true even with the help of available open source where you can borrow some function names from.

Just my 2 cents!

Sven
another possible explanation for the size difference:
one can take the same source code, compile with different optimizations, different options, and the size of the resulting executable can and usually will vary greatly.
In linux, a common idea is to use -static when linking so that you don't depend on particular shared libraries that might not be on the target you will run on. That is a quick way to bloat an executable. Of course initializing arrays when they are declared is another way to bloat them.
Top

Return to “Computer Chess Club: General Topics”