Menu
▾
▴
Re: [Freemint-discuss] Disassembly of TOS 1.00 with Ghidra
|
From: Thorsten O. <ad...@th...> - 2025-01-03 06:14:25
|
On Freitag, 3. Januar 2025 03:29:59 CET Vincent Rivière wrote: > Here is my present: > A (partial) disassembly of TOS 1.00 using Ghidra Nice work! Unfortunately, ghidra has another quirk: i'm currently not able to open the archive, because it was "created using an unknown version of ghidra" (i'm using a somewhat older version, 9.1.2). I have to check whether i can install a newer version of ghidra alongside, and try again. >Bad luck with AES/Desktop, >because due to the infamous Line-F obfuscation (to reduce code size), Yes, that is certainly a problem. Note that the Line-F dispatcher is used for 2 purposes: - replace function calls by a single trap instruction. The file https:// github.com/th-otto/tos1x/blob/master/bin/linux/lineftab.txt currently defines the mapping of these for TOS 1.04. If they are different in TOS 1.0, that can just be adjusted. Then you'll have to find a way to tell ghidra to understand those calls. Should be doable by a script (but maybe not that easy, you have to dig deep into ghidra documentation) - replace the function epilogue (movem; unlk; rts) I would expect that TOS 1.0 uses the same logic here as TOS 1.4. But for ghidra, this is still a problem, as it probably does not find the end of the function. Ghidra has some other quirks (most of them you already mention in your readme). One of them being, that it often tends to generate "equivalent" C- code, but not neccessarily what was originally written. Eg. It often changes code like "x > 0" to "x >= 1" or similar, and also reorders the bodies of if/ else. But of course, ghidra is only an intermediate tool to easier spot the differences. Ultimate goal would be to do the same as for tos 1.4, and get sources that can be compiled to binary identical images. A long way to go, though. >Or even some user programs such as FOLDRXXX.PRG for example. That is already available in the other repo: https://github.com/th-otto/tos3x/ blob/master/system/foldr100.S |
