It is currently Tue Dec 12, 2017 10:33 pm

All times are UTC - 7 hours





Post new topic Reply to topic  [ 12 posts ] 
Author Message
PostPosted: Mon Oct 05, 2015 12:43 pm 
Offline

Joined: Sat Sep 12, 2015 3:42 pm
Posts: 44
I guess this is kind of a stupid question, but I want to make sure I'm doing it right. The main questions I have are: what are the tools required, what processes are required to get the best results, and is there anything else besides those two things I need to know.


Top
 Profile  
 
PostPosted: Mon Oct 05, 2015 1:07 pm 
Offline
User avatar

Joined: Fri May 08, 2015 7:17 pm
Posts: 1866
Location: DIGDUG
These are the only disassemblers I could find in 5 minutes of google searching. They all look old.

http://www.devrs.com/gb/software.php#disass

Will probably give you a long list of Z80 ASM without understandable labels. And probably don't distinguish between code and data. If you don't know what all the Z80 ASM opcodes do, then these utilities will be a waste of time.

If these are really all there is for GB, then somebody needs to write a better disassembler. Please.

_________________
nesdoug.com -- blog/tutorial on programming for the NES


Last edited by dougeff on Mon Oct 05, 2015 4:40 pm, edited 1 time in total.

Top
 Profile  
 
PostPosted: Mon Oct 05, 2015 1:35 pm 
Offline
User avatar

Joined: Fri May 08, 2015 7:17 pm
Posts: 1866
Location: DIGDUG
BGB Emulator looks like it has a good debugger, which is like a disassembler, in a way.

http://bgb.bircd.org/

And No cash's GB Emulator too...

http://problemkaputt.de/gmb.htm

Though, I haven't used them.

_________________
nesdoug.com -- blog/tutorial on programming for the NES


Top
 Profile  
 
PostPosted: Mon Oct 05, 2015 4:12 pm 
Offline

Joined: Mon Oct 10, 2011 9:05 am
Posts: 22
I disassemble gameboy games by writing an emulator with a code/data logger and then write a gbz80 disassembler to take that cdl data and create a disassembled text file.


Top
 Profile  
 
PostPosted: Mon Oct 05, 2015 4:50 pm 
Offline
User avatar

Joined: Fri May 08, 2015 7:17 pm
Posts: 1866
Location: DIGDUG
Do you mean write a parser that goes line by line through the code, or write an actual emulator?

If you have written an emulator with CDL and written a disassembler...would you be willing to share it with the other kids?

_________________
nesdoug.com -- blog/tutorial on programming for the NES


Top
 Profile  
 
PostPosted: Mon Oct 05, 2015 9:29 pm 
Offline

Joined: Mon Oct 10, 2011 9:05 am
Posts: 22
There are a few things I need to fix on it to make it more user friendly. Once that's done ill post it.


Top
 Profile  
 
PostPosted: Tue Oct 06, 2015 9:39 am 
Offline

Joined: Sat Sep 12, 2015 3:42 pm
Posts: 44
The one sort of confident disassember I found recommended using No Cash's debugger for any serious work. So yeah, that kind of says something.


Top
 Profile  
 
PostPosted: Tue Oct 06, 2015 10:43 am 
Offline

Joined: Mon Nov 10, 2008 3:09 pm
Posts: 431
It's common in GB software to have inline data (function arguments, in high-level language terms) after certain call or rst instructions. Code/data logging in an emulator can help identify this to some extent, but when dealing with a large and complex game such as an RPG it's unrealistic to expect to log every bit of code in a ROM (especially since many games contain unused code--hello, TCRF!) It's handy just to be able to give the disassembler rules such as "after every call 017d or call 04bf, the next three bytes are the address and bank number of a routine to call" or "after every rst 18 the next byte is a signature byte, and if that byte is 05 then the 16 bytes after that are a jump table".

I've been working on a GB disassembler that supports this kind of extension (actually a whole series of disassemblers--currently GB, 6502 family, and uPD772x family) but it's not a standalone application, it's a python module designed to be called from a script that provides the game-specific rules along with code/data labelling, ROM-offset-to-CPU-address mapping, etc.


Top
 Profile  
 
PostPosted: Tue Oct 06, 2015 11:04 am 
Offline

Joined: Sun Mar 27, 2011 10:49 am
Posts: 219
Location: NYC
Can you give an example of this? I'm curious as to how these routines access their arguments and fix the return address.


Top
 Profile  
 
PostPosted: Tue Oct 06, 2015 12:47 pm 
Offline

Joined: Mon Oct 10, 2011 9:05 am
Posts: 22
Alright I have fixed what I needed to fix and here it is.


Attachments:
Gameboy Disasm Tools.rar [610.66 KiB]
Downloaded 394 times
Top
 Profile  
 
PostPosted: Tue Oct 06, 2015 1:23 pm 
Offline

Joined: Mon Nov 10, 2008 3:09 pm
Posts: 431
adam_smasher wrote:
Can you give an example of this? I'm curious as to how these routines access their arguments and fix the return address.


Both the examples I gave were from real games. call 017d is Final Fantasy Legend 2, and rst 18 is Final Fantasy Legend 3.

Accessing the arguments is pretty simple. FFL3 just does this, since there's only one argument byte and it doesn't care about preserving registers at this point:

Code:
pop hl
ldi a,(hl)
push hl


FFL2 is a bit more complicated:

Code:
push af
push hl
push de
ld hl,sp+06
ld a,(hl) ; LSB of return address
ld e,a
add a,03
ldi (hl),a ; adjusted return address
ld d,(hl) ; MSB of return address
jr nc,+
inc (hl) ; adjust MSB if carry occurred
+
ld l,e
ld h,d ; hl now points to the first argument byte


Top
 Profile  
 
PostPosted: Tue Oct 06, 2015 1:35 pm 
Offline

Joined: Sun Mar 27, 2011 10:49 am
Posts: 219
Location: NYC
Neat, thanks. The FFL3 trick is pretty classy but the FFL2 code is about as nasty as I expected this would be.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 12 posts ] 

All times are UTC - 7 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group