I'm interested in the M68000, and i was hoping that i could find a good dissasembler. Can the M68000 do calling through registers (virtual functions in c++) ex: call eax
Also is there a debugger with a tracer in it where you can run the game for a while and then exit and it will say all the lines where it ran instructions?
I'm hoping i can decode a specific rom and hopefully fix a few bugs and add few features as a patch file.
Disassembly
Moderator: BigEvilCorporation
-
HardWareMan
- Very interested
- Posts: 745
- Joined: Sat Dec 15, 2007 7:49 am
- Location: Kazakhstan, Pavlodar
Re: Disassembly
Might want to check some of the emulators for the tracer/debugger capabilities your looking for... its going to be tough to find the exact spot of the bug without disassembling the code first but not impossible. There should be some decent disassemblers out there....rtcvb32 wrote:I'm interested in the M68000, and i was hoping that i could find a good dissasembler. Can the M68000 do calling through registers (virtual functions in c++) ex: call eax
Also is there a debugger with a tracer in it where you can run the game for a while and then exit and it will say all the lines where it ran instructions?
I'm hoping i can decode a specific rom and hopefully fix a few bugs and add few features as a patch file.
Hehe, let me advertise my disasm 
http://shedevr.org.ru/ghost/segadasm.rar
Also some opinions about disasms you can find here:
viewtopic.php?t=561&postdays=0&postorder=asc&start=30
Also, good choice is IDA.
What about debuggers, plee has already answered, so I won't repeat his words.
http://shedevr.org.ru/ghost/segadasm.rar
Also some opinions about disasms you can find here:
viewtopic.php?t=561&postdays=0&postorder=asc&start=30
Also, good choice is IDA.
What about debuggers, plee has already answered, so I won't repeat his words.
-
HardWareMan
- Very interested
- Posts: 745
- Joined: Sat Dec 15, 2007 7:49 am
- Location: Kazakhstan, Pavlodar
And here my loader for IDA (wirks fine with 5.2.0.x versions).GManiac wrote:Also, good choice is IDA.
Then C++ code is possible, which could be harder to trace in certain circumstances. (But more often than not it would not be virtual) ThanksHardWareMan wrote:Yes, M68000 can do this. For example: jsr (a0)
I want to thank everyone for their responses
I'm not entirely what I'm doing just yet, however I'll look over the tracers for what I need. I'm almost thinking i will end up slowly converting the ASM to C/C++ code and then fix the portions that need it. Which brings a couple questions before i consider it.
To my understanding, the Genesis only has 64k working ram correct? However the running rom can have up to 4Mb of data/code correct? Say i were to extend a 2Mb rom to a 4Mb rom I could add compression/decompression code, more levels ect. Is there anything special i should be aware of?
I'm thinking this may turn into a 2 year project assuming i can follow the dis-assembly code and understand how it's running.
As I understood from your 2 posts, you want to fully decompile specified game, right? It's good idea, but unfortunatelly it's very hard to implement.
You want to decompile MD game to C code. I know only decompilers of x86, not 68k, one of them is Hex-Rays plugin for IDA, it's very expensive (2000+ bucks) and practically useless, especially for its price
As x86 is most popular architecture, I'm not sure if there are any decompilers of 68k in the world.
And there are also many pitfalls, for example, if .exe usually contains instructions and data in different sections, MD ROM contains them in any order.
So, at this point of progress maximum what you can get is full disassembly of ROM.
It let me to have an idea how much of code specified game contains. For example, old actions like Altered Beast or After Burner has about 7.5-8 thousands of instructions. The simplest official games like Flicky and Shove It have about 5.5 thousands of instrs. The most "technological" game is Contra - about 105 thousands. So now you have this idea too
I won't share my analyzer, but you can specify your game and I'll make "NLZ" of it.
Try Gens Tracer, it has instruction logger. I'm not sure about Gens Movie 11, but you can try it also.Also is there a debugger with a tracer in it where you can run the game for a while and then exit and it will say all the lines where it ran instructions?
You want to decompile MD game to C code. I know only decompilers of x86, not 68k, one of them is Hex-Rays plugin for IDA, it's very expensive (2000+ bucks) and practically useless, especially for its price
As x86 is most popular architecture, I'm not sure if there are any decompilers of 68k in the world.
And there are also many pitfalls, for example, if .exe usually contains instructions and data in different sections, MD ROM contains them in any order.
So, at this point of progress maximum what you can get is full disassembly of ROM.
Last year I wrote analyzer which automaticlly detects code and separates it from data, it shows error of about 3-5% of whole code and doesn't miss any instructions (even "buried"). How it shows results: it simply fills non-code bytes with 0xFF, that's all.I'm thinking this may turn into a 2 year project assuming i can follow the dis-assembly code and understand how it's running.
It let me to have an idea how much of code specified game contains. For example, old actions like Altered Beast or After Burner has about 7.5-8 thousands of instructions. The simplest official games like Flicky and Shove It have about 5.5 thousands of instrs. The most "technological" game is Contra - about 105 thousands. So now you have this idea too
I won't share my analyzer, but you can specify your game and I'll make "NLZ" of it.
That's the direction I hope to go towards. I looked over the Gens Tracer and i will have to study it more before i can make use of it, course i may end up not decompiling the whole game and may instead find the specific functions to fix.GManiac wrote:As I understood from your 2 posts, you want to fully decompile specified game, right? It's good idea, but unfortunatelly it's very hard to implement.
Try Gens Tracer, it has instruction logger. I'm not sure about Gens Movie 11, but you can try it also.Also is there a debugger with a tracer in it where you can run the game for a while and then exit and it will say all the lines where it ran instructions?
I'm aware of the lack of analyzers, since the 68000 is a depreciated chip, but I've done assembly work before. I may end up just borrowing some instruction decompiling functions and start on my own analyzer. I'd end up studying the 68000 Assembly a bit, and then study the code from the ROM.GManiac wrote: You want to decompile MD game to C code. I know only decompilers of x86, not 68k, one of them is Hex-Rays plugin for IDA, it's very expensive (2000+ bucks) and practically useless, especially for its price
As x86 is most popular architecture, I'm not sure if there are any decompilers of 68k in the world.
And there are also many pitfalls, for example, if .exe usually contains instructions and data in different sections, MD ROM contains them in any order.
So, at this point of progress maximum what you can get is full disassembly of ROM.
Last year I wrote analyzer which automaticlly detects code and separates it from data, it shows error of about 3-5% of whole code and doesn't miss any instructions (even "buried"). How it shows results: it simply fills non-code bytes with 0xFF, that's all.I'm thinking this may turn into a 2 year project assuming i can follow the dis-assembly code and understand how it's running.
<snip>
I won't share my analyzer, but you can specify your game and I'll make "NLZ" of it.
But any help would be great
My target ROM is 'ShadowRun'.Here you are.
http://www.fileden.com/files/2009/4/23/ ... 5D.nlz.zip
Copy the whole string to get a link.
http://www.fileden.com/files/2009/4/23/ ... 5D.nlz.zip
Copy the whole string to get a link.
-
MintyTheCat
- Very interested
- Posts: 484
- Joined: Sat Mar 05, 2011 11:11 pm
- Location: Berlin, Germany
MUSHA Aleste does this:I hope your analyzers and what not can handle that =P
The only real pitfall I can see in converting 68000 to C is that most games were written in 68000 assembly, not C — and those that were written in C don't follow the same compiler-generated-code rules... Yes, converters that worked on the original source existed (and Sega used them) but eh :/ For the record, I've done quite a bit of MD game disassembly and research (and I'm far from done with it all =P ).
Code: Select all
jsr NemDec
dc.w VRAMAddr
dc.l OffsetToArt
; next instruction hereThe only real pitfall I can see in converting 68000 to C is that most games were written in 68000 assembly, not C — and those that were written in C don't follow the same compiler-generated-code rules... Yes, converters that worked on the original source existed (and Sega used them) but eh :/ For the record, I've done quite a bit of MD game disassembly and research (and I'm far from done with it all =P ).
I moved to another OS and another HDDs All in mess, so now I "lost" some of my tools.
Here is nlz of MUSHA by old version of Analyzer (which I found in one of my numerous folders; new version is somewhere in archives).
http://shedevr.org.ru/ghost/musha.rar
Simply disasm this ROM. My disassembler command options:
Remember that it's solid analyzer. And it can mistake too.
andlabs,
All in mess, so now I "lost" some of my tools.Here is nlz of MUSHA by old version of Analyzer (which I found in one of my numerous folders; new version is somewhere in archives).
http://shedevr.org.ru/ghost/musha.rar
Simply disasm this ROM. My disassembler command options:
Code: Select all
segadasm.exe -a -h -x infile outfileandlabs,
Code: Select all
_00000F34: 4EB9 00001958 JSR ROM:$00001958
_00000F3A: 4EB9 00004472 JSR ROM:$00004472
_00000F40: FFFF Invalid
_00000F42: FFFF Invalid
_00000F44: FFFF Invalid
_00000F46: 43F9 0001CE7C LEA ROM:$0001CE7C,A1
_00000F4C: 203C 40000003 MOVE.L #$40000003,D0-
MintyTheCat
- Very interested
- Posts: 484
- Joined: Sat Mar 05, 2011 11:11 pm
- Location: Berlin, Germany