Menu
▾
▴
[vba-developement] Prefetch Emulation
|
From: Labmaster <lab...@gm...> - 2004-09-09 23:18:06
|
This is just a general question to the developers: What's the plan of attack regarding Prefetch Emulation? As you may or may not know, the 'Emulator Detection' routines present in the NES Classic series, are based on self-modifying code which exploit the prefetch 'feature' in the processor (or lack thereof, in emulators). From NEiMOD's Tutorial: -> 06000264 e28fe008 add lr, pc, #0x8 -> 06000268 e51f0010 ldr r0, [$06000260] (=$e3a01000) -> 0600026c e58e0000 str r0, [lr] -> 06000270 e3a010ff mov r1, #0xff -> 06000274 e3a010ff mov r1, #0xff The code changes itself to -> 06000274 e3a01000 mov r1, #0x00 When the emulator reaches this point, it will read the instruction as mov r1,#0x00. However, an actual GBA will have already fetched this instruction, prior to the str at 0600026c, and will execute the original mov r1,#0xff. Obviously a cmp will follow this, and if it is equal to 0 then it will realise that it isn't running on hardware. I guess emulating it correctly would result in a slowdown which may be significant, so it wouldn't be a priority, but if these sorts of routines are more common it could become problematic (ending up in directing users to the patches from the various groups out there, who I doubt you would want to openly associate with). Anyway, just something to think about for the time being. -Labmaster lab...@gm... |
