Static Disassembly: how could it be made?

Discuss emulation of the Nintendo Entertainment System and Famicom.

Moderator: Moderators

Post Reply
User avatar
Petruza
Posts: 311
Joined: Mon Dec 22, 2008 10:45 pm
Location: Argentina

Static Disassembly: how could it be made?

Post by Petruza »

I've seen that some people made a comprehensive disassembly of some Mario games and possibly others.
I've no experience disassembling NES games, but I know it's possible that the 6502, as any other CPU, interpret any byte as an opcode, so for example, it could interpret some instruction on some address in one way, and then jump back to it but into the second byte (the operand) and interpret that byte as the opcode, so the rest of the program from there until the next jump would be different. There's also interpreting data in ROM as both data and instructions, and executing RAM which changes, so statically disassembling a program that does all that is practically impossible.
But I guess at least most of NES games would only execute PRG-ROM and interpret all the instructions at the same offset always, so in that cases a static disassembly is possible.
I guess an emulator could run such a game, and log a disassembly of each instruction that it executes, looking out for repeated addresses and making sure that when the same address is executed more than once, it's always interpreted as the same instruction.
That way the emulator could make an automatic static disassembly at least of the code that was executed, possibly with some gapes that can be filled in subsequent runs of the game.
Is it done like this? is there any other methods?
Top
User avatar
MottZilla
Posts: 2835
Joined: Wed Dec 06, 2006 8:18 pm

Post by MottZilla »

Using the Code/Data Logs from an emulator like FCEUX can allow a disasm that will only make known code as code and the rest as data. From there you can hand edit it. You don't have to worry about instructions from RAM as they are loaded somewhere from ROM as data but with code somewhere and you'll just have to find that.

Basically there is no auto-magic way to do it but with a few things you can make it easier on you.
Top
User avatar
koitsu
Posts: 4203
Joined: Sun Sep 19, 2004 9:28 pm
Location: A world gone mad

Post by koitsu »

What you're describing already exists in IDA Pro.
Top
User avatar
thefox
Posts: 3139
Joined: Mon Jan 03, 2005 10:36 am
Location: Tampere, Finland
Contact:
Contact thefox

Post by thefox »

IDA pro isn't particularily good with identifying code/data in 6502 code though, there's a lot of manual work involved. It should be possible to write an IDC script for it to apply FCEUX code/data logs to the disassembly, I think that should work pretty well.
Download STREEMERZ for NES from fauxgame.com! — Some other stuff I've done: fo.aspekt.fi
Top
Post Reply

Return to “NESemdev”