doctorclu Posted December 13, 2014 Share Posted December 13, 2014 Can I please get tips on how to disassemble and reassemble a rom or binary image? I am trying to modify the title of Space Battle to Battlestar Galactica and could use some pointers. And this would be fun to learn anyway. Thanks in advance. Quote Link to comment Share on other sites More sharing options...
+DZ-Jay Posted December 13, 2014 Share Posted December 13, 2014 I suggest you take a look at this thread. In it, I was trying to help someone disassemble, hack, and reassemble a ROM. I'll go through it later to see if I can find the salient posts. A few tips on disassembling that were pointed out in that thread: The disassembler has a bug that causes it to mangle some operations on the stack. These are easy to find, though I can't recall what it was exactly. The disassembler supports replacing addresses with EXEC symbols, but then does not provide a symbol table, making it impossible to re-assemble the resulting source. Attached find the EXEC symbol table I reconstructed, taken from the source code of the disassembler. And like with everything else in this forum, post your questions and we'll try to help. However, a word to the wise: make sure to do some leg work, experiment, and try to post questions that can be answered with technical information and guidance. Avoid generic inquiries with no focus, that suggest you are only looking for someone to do work for you. For instance, "what size of nails are best to secure a 2x4 to a wooden beam"; rather than "how do I build a house?" -dZ. exec_const.asm 1 Quote Link to comment Share on other sites More sharing options...
intvnut Posted December 14, 2014 Share Posted December 14, 2014 The disassembler has a bug that causes it to mangle some operations on the stack. These are easy to find, though I can't recall what it was exactly. The disassembler supports replacing addresses with EXEC symbols, but then does not provide a symbol table, making it impossible to re-assemble the resulting source. On the first point: As I recall, dis1600 disassembles all instructions that operate on the top of stack as PULR instructions. So, ADD@ R6, R0 turns into PULR R0. I thought I posted a corrected binary, but maybe I did not. The machine I do Windows builds on is currently dead, though, so... On the second point: You can disable EXEC symbols with a flag. dis1600 was never designed to "round-trip" a binary file to assembly and back. It was meant to be educational, at least to me, to understand how games work on the inside. If you are hacking a ROM, I do recommend you round-trip it (disassemble and reassemble) with no modifications, and then see if there are any differences. If there are, then you'll need to account for them (ie. hack the disassembly to fix them). And one other recommendation: If you are replacing something with something else that isn't the exact same size, you open yourself up for a world of hurt... 2 Quote Link to comment Share on other sites More sharing options...
+DZ-Jay Posted December 15, 2014 Share Posted December 15, 2014 You may have patched the first issue, I can't recall right now.<br /> <br /> On the second one, I thought there was also a bug the prevented the flag from working. Quote Link to comment Share on other sites More sharing options...
intvnut Posted December 16, 2014 Share Posted December 16, 2014 You may have patched the first issue, I can't recall right now.<br /> <br /> On the second one, I thought there was also a bug the prevented the flag from working. I believe I fixed both. Here's what's in my SVN log recently for dis1600.c: ------------------------------------------------------------------------ r1122 | im14u2c | 2014-10-02 01:04:26 -0500 (Thu, 02 Oct 2014) | 1 line document -e<ADDR> flag in dis1600 ------------------------------------------------------------------------ r1118 | im14u2c | 2014-07-06 13:56:54 -0500 (Sun, 06 Jul 2014) | 1 line Fix mapping xxx@ R6 other than MVI@ R6 from mapping to PULR ; fix -X flag I'm still working on fixing my Windows box. (It was hit by capacitor plague rather hard, and replacing the caps on the mobo is proving to be a greater challenge than I expected.) In the meantime, I've attached the latest dis1600.c file, which you should be able to drop into jzintv-1.0-beta4's source (which is available again now that I have spatula-city up again) and recompile, if you're up for such a thing. Just remove the .txt from it, drop it in jzintv/src/dasm/. and recompile. dis1600.c.txt Quote Link to comment Share on other sites More sharing options...
pimpmaul69 Posted December 16, 2014 Share Posted December 16, 2014 I believe I fixed both. Here's what's in my SVN log recently for dis1600.c: ------------------------------------------------------------------------ r1122 | im14u2c | 2014-10-02 01:04:26 -0500 (Thu, 02 Oct 2014) | 1 line document -e<ADDR> flag in dis1600 ------------------------------------------------------------------------ r1118 | im14u2c | 2014-07-06 13:56:54 -0500 (Sun, 06 Jul 2014) | 1 line Fix mapping xxx@ R6 other than MVI@ R6 from mapping to PULR ; fix -X flag I'm still working on fixing my Windows box. (It was hit by capacitor plague rather hard, and replacing the caps on the mobo is proving to be a greater challenge than I expected.) IMG_20141215_191337_020.jpg In the meantime, I've attached the latest dis1600.c file, which you should be able to drop into jzintv-1.0-beta4's source (which is available again now that I have spatula-city up again) and recompile, if you're up for such a thing. Just remove the .txt from it, drop it in jzintv/src/dasm/. and recompile. hey joe, if you need the help you can send the board to me. I can have it done in about ten minutes and have it shipped back the next day. I live in colorado so it would probably be here in two days. Quote Link to comment Share on other sites More sharing options...
intvnut Posted December 16, 2014 Share Posted December 16, 2014 (edited) hey joe, if you need the help you can send the board to me. I can have it done in about ten minutes and have it shipped back the next day. I live in colorado so it would probably be here in two days. I've already removed the dead capacitors (and hopefully didn't damage anything else in the process). The dang ground planes in the multilayer board seem to absorb all the heat my fine-tip soldering iron can deliver, though, so I can't get the remaining leads out so I can solder new caps in. If you really think you can get this rehabbed quickly, I'd be glad to send it your way. The original caps were 3300μF 6.3v electrolytics. The silkscreen on the board does indicate + vs. -, although counterintuitively. (I also 'dotted' the -ve terminal on the bottom of the board with a Sharpie, and marked the silkscreen to indicate which side is +.) That is, unless somehow all the caps were installed backward. (The silkscreen has a circle that's half filled in. The filled half was on the opposite half from the side with the "-" stripe on the cans.) Edited December 16, 2014 by intvnut Quote Link to comment Share on other sites More sharing options...
tacrec Posted December 16, 2014 Share Posted December 16, 2014 I speak from experience: it's not novice-friendly. I'm grateful for DZ-Jay's help for when I was doing it, but also sorry to put him through it. It was a lot more complex than I thought it would be. Quote Link to comment Share on other sites More sharing options...
+DZ-Jay Posted December 16, 2014 Share Posted December 16, 2014 I believe I fixed both. Here's what's in my SVN log recently for dis1600.c: Cool, thanks for that! I'm still working on fixing my Windows box. (It was hit by capacitor plague rather hard, and replacing the caps on the mobo is proving to be a greater challenge than I expected.) Wow, that's really hard-core. You know, most of us techies just replace the mobo. Impressive. -dZ. Quote Link to comment Share on other sites More sharing options...
+DZ-Jay Posted December 16, 2014 Share Posted December 16, 2014 I speak from experience: it's not novice-friendly. I'm grateful for DZ-Jay's help for when I was doing it, but also sorry to put him through it. It was a lot more complex than I thought it would be. No worries, mate. It was my pleasure, and I learned a few things. However, I just didn't want it to turn into my new hobby: I have a ton of other personal projects competing for my (admittedly rather feeble) attention. Quote Link to comment Share on other sites More sharing options...
freewheel Posted December 16, 2014 Share Posted December 16, 2014 Re-capping consumer gear that you can buy in a store? You guys are crazy(bus). I'd consider re-capping my Vectrxes (at least one of which needs it). But you can't just get a new one of those at Best Buy Quote Link to comment Share on other sites More sharing options...
intvnut Posted December 16, 2014 Share Posted December 16, 2014 (edited) Re-capping consumer gear that you can buy in a store? You guys are crazy(bus). Wow, that's really hard-core. You know, most of us techies just replace the mobo. Ordinarily, I would just replace the mobo. Or heck, I'd just pop over to NewEgg and spend $200-$300 and end up with an entire new machine that's 10x as powerful as this old K7 box that fits in 1/4th the space. But, this is my last Windows XP box, and I don't want to trigger a license reactivation or other nasty crap like that. I actually want an older, slower machine for building and testing jzIntv, so I can make sure I haven't messed it up, and that it runs on as wide a range of WIndows boxes as possible. (I have had requests for a Win98 build, but that's a bridge too far. And don't even mention WinMine... err... WinME.) Swerving back on topic: I speak from experience: it's not novice-friendly. I'm grateful for DZ-Jay's help for when I was doing it, but also sorry to put him through it. It was a lot more complex than I thought it would be. Yeah, there are quite a lot of gotchas. Some hacks (such as replacing a string in-place with another string of exactly the same length) are easier than others. Every so often, there's something clever in there that you miss and it all goes boing. For example, I once tried to extract Deadly Dogs from Dig Dug, and relocate it down to $5xxx from $9xxx. Turns out that there are some addresses packed in dispatch tables such that bits 0..7 of two consecutive words hold the address, but bits 8 and 9 of those words hold other flags. So, when you're scanning through memory for things that look like pointers / addresses, those guys hide from you unless you know to look for them. (And to know to look for them, you need to know the EXEC data structures and where pointers to dispatch tables live so you can find them, etc....) To really execute a largish hack, you really need to take the game apart back into something that feels more like source code. And that means taking the time to really understand it so you can effectively reprogram it. But that's only necessary if you want to make something like "Super Chef." That's not something I'm into. That's why I've mostly stuck to disassembly as a route to understanding the code, rather than for hacking it, such as in my Utopia Revealed article. The commented code that I posted will not reassemble, and that's purposeful. My aim wasn't to hack the game, but rather explain it. :-) Edited December 16, 2014 by intvnut Quote Link to comment Share on other sites More sharing options...
pimpmaul69 Posted December 16, 2014 Share Posted December 16, 2014 @intvnut funny your comment on wimine err winme. I cant tell you how many on site jobs i had to go do because people had winme. I have never seen an os plagued with so many problems. Im glad i was "in the know" and never put that pos install disc into my own computer. Thankfully now its just a faded memory. 1 Quote Link to comment Share on other sites More sharing options...
Like us on Facebook
Follow us on Twitter
AtariAge on Instagram
Watch us on YouTube
Chat on Discord
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.