Hi all,
I am working on an NES specific disassembler in Java. It is fully interactive, does code / data separation, and more... I wish I could upload a screenshot. I hope to have a beta release ready by the weekend. Anyone interested?
I's is interested! Will it disassemble iNES ROM's directly or will they have to be split into numerous bin files?
It loads the .NES file. However, it does nothing with the CHR-ROM. And, it is currently limited to 2 code blocks ($8000 bytes). This is mainly because I don't know how mappers work. If there is enough interest, I could implement these things.
if the loaded .NES file has more than 2 code blocks, it only disasms the last 2.
I have only been working on it for 4 days but, I think it is coming along quite nicely.
Send me an email and I'll send you a screenshot if you want.
psycho @ dnsonline dot net
The offer is for everyone. I don't have a page to upload them to
kevin
I put up a picasa web album for it. I dunno why but the shot looks fuzzy ???? Anyway, this is what showed up after loading tengentetris. Note that when this shot was taken, I had not even pressed a key in the disasm. it shows this right out of the box.
link :
http://picasaweb.google.com/wa9ave/DizzyNES
(both pics are the same on there - I will have to learn how to use picassa a little better.
Why to bother? IDA rules and can make EVERYTHING... Including ready-to-build asm6 sources!
D'oh! It's expensive =) But I don't know any IDA user which actually BOUGHT it...
(man, cracks ARE bad, but I had no choice)
griever wrote:
Why to bother? IDA rules
Because IDA is proprietary software.
For some people, that's reason enough.
The code and data separation is pretty easy to do, but it requires a few tricks, other than tracing the code. It can be traced using the reset vector, or "scanning" a bank located at $8000/$C000.
About the mappers, well... you should learn about them, but once you get it, the tracing becomes trivial.
Anyway, best luck with your program. ^_^;; I'm interested.
fceudxsp has a code/data logger that will spit out a mask of what is what in a rom. maybe you could have your program support loading a *.cdl file.
i'd be interested as well.
I like IDA, too. But, all I have is the free version. I don't have the Do'H! to get the full version.
As far as the code/data sep, I just follow the code through the reset, nmi & irq_brk vectors. I have an interactive jump table builder in there, too - i.e, you give the start address and num of entries.
I will look into the .cdl file right now - that may be a great feature.
About mappers & disasm, if I am thinking right, say the game megaman.nes was loaded. it has 26 code blocks, and uses mapper 2 (UNROM). the last block in this rom loads at C000. All of the other blocks would have an org of $8000, correct?
thanks,
psycho wrote:
About mappers & disasm, if I am thinking right, say the game megaman.nes was loaded. it has 26 code blocks
26? Where did you get that number? UNROM has up to 8 banks (128 KiB), and UOROM has up to 16 (256 KiB).
Quote:
and uses mapper 2 (UNROM). the last block in this rom loads at C000. All of the other blocks would have an org of $8000, correct?
Yes. In theory, it's also possible to switch the last bank into $8000 duplicating the bank fixed at $C000, but I don't see why any game would do that.
Mapper 180 (used for Crazy Climber) is like U*ROM, but it fixes the
first bank of the ROM at $8000 and allows switching $C000. This can change where the vectors point, so be careful.
Mappers 7 (A*ROM), 34a (B*ROM), and 34b (NINA-001) use 32 KiB switching: writing to the bank register puts a whole 32 KiB bank into $8000. So if you're going by 16 KiB banks, you'd use org $8000 for even banks and $C000 for odd banks.
Mapper 1 (S*ROM, MMC1 chip) has multiple modes. Most games use it like UNROM, but it can also act like B*ROM or (rarely) like Crazy Climber.
Your right... It only has 8 blocks... I was looking at the mappers.nfo file and for mapper number 2 it says
Notes: - When the cart is first started, the first 16K ROM bank in the cart
is loaded into $8000, and the LAST 16K ROM bank is loaded into
$C000. This last 16K bank is permanently "hard-wired" to $C000,
and it cannot be swapped.
- This mapper has no provisions for VROM; therefore, all carts
using it have 8K of VRAM at PPU $0000.
- Most carts with this mapper are 128K. A few, mostly Japanese
carts, such as Final Fantasy 2 and Dragon Quest 3, are 256K.
- Overall, this is one of the easiest mappers to implement in
a NES emulator.
So, from that, I got that all blocks except the last one would be mapped at $8000, no?
psycho wrote:
So, from that, I got that all blocks except the last one would be mapped at $8000, no?
As tepples said, the programmer can choose to map the last bank at $8000 (just like any other bank), in adition to it being already mapped at $c000. I doubt many games, if any, did this. But it's just good to know that it's possible.
Ahhh. OK, now I see what you were saying. I am poking through the source for FCEUXD to try and find the defs for the cdl file. Not having any luck so far.
Like this?
Quote:
The format of each byte is like so (in binary):
xPdcAADCC = Whether it was accessed as code.
D = Whether it was accessed as data.
AA = Into which ROM bank it was mapped when last accessed:
00 = $8000-$9FFF
01 = $A000-$BFFF
10 = $C000-$DFFF
11 = $E000-$FFFF
c = Whether indirectly accessed as code (e.g. as the destination of a JMP ($nnnn) instruction)
d = Whether indirectly accessed as data (e.g. as the destination of an LDA ($nn),Y instruction)
P = If logged as PCM audio data.
x = unused.
Yeah... Thanks. is there a repository of cdl files, by chance?
Welcome to NESDEV, Psycho!
A best choice for making your Interactive disassembler is to base it off of ''6502dis - Interactive Disassemler for Atari''. You can put iNES and possibly FDS (Famicom Disk System) support in it, The code is very portable (I Think).
But if you do not know C++, one of thoes Java-to-Exe converters are okay for your version
The reason is because: Java is hard to install to my SLOW computer!
If you are interested, the link of the C++ project for the other Interactive 6502 disassembler is in Sourceforge.net under ''Interactive Disassembler for 6502'', It's Open-Source for the LGPL!
Look under the CVS repository for the source code, Go in each folder and Download it one at a time
Note that the source is not mine, it is my friend's open source code
I'll have to check it out.
Anyone know of a game that uses a trainer?
Also, was there ever a "Mr. Do" made for the nes? That is one of my favorite games!
psycho wrote:
I'll have to check it out.
Anyone know of a game that uses a trainer?
Also, was there ever a "Mr. Do" made for the nes? That is one of my favorite games!
There is no Mr. Do for the NES, and Disch said Trainers are kinda not used anymore.
Also, If you are looking for CDL files for FDS: Try to go to Beneficii's page:
(In The URL, FCEUABS is best for CDL creation anyways)
HTTP://WWW.BENEFICII.NET/SMB2/
NOTE: FCEUABS also has the new feature called Address Use Logger, It might be useful too!
And if you are looking for a test CDL for NES, I will make and give you one soon when I have free time (if no one creates one before then)!
If you release an exe of it, can you also release the java code as well? I'm running Linux here & as you can probably guess, one of the benefits of Java is that it's interpreted (I think) & therefore runs on any OS that has the Java runtime.
Unfortunately, with the server that hosts my domain, filenames are case sensitive.
The following are a couple of the correct links to that:
http://www.beneficii.net/smb2
http://sm2.beneficii.net/