Post by eternaljwh

Posted: 3/26/2016 10:59 PM
(Edited: 3/26/2016 11:15 PM)

Post subject: Reverse engineering code of console games

Quote

Ready_Steady_Yeti

He/Him

Editor, Player (120)

Joined: 8/3/2014
Posts: 204
Location: USA

There's something I've been wondering lately about the coding of video games. This may sound like a nooby question, but I really don't know all that much about the coding that developers use. I do know that, obviously, console video games were originally written with a programming language, sometimes a common one such as C++. I'm pretty sure the people who develop console games decompile the game into pure memory, as most of them know about ROM and ISO distribution as an existent thing. They want to hide the code so that people can't literally take the game and modify it and resell it, or something like that. Apologies, but I really don't know that well of how that sort of thing works, but I'm pretty sure this is how it is. I'm not much of a coder. I've done some searches online, but can't find much other than ROM hacks and such. I've been wondering if anyone was actually able to somehow "un-decompile" a console video game. I have no idea how someone would do that, but it seems like it would be possible. Though the memory and such is extremely difficult to read, wouldn't it be theoretically possible to find out a way to make it make sense to a person, and translate it all to C++ code or something? Or find some way to literally just take it back to the original code that the developers had (I know that may sound impossible, but I'm just telling you all the things I'm wondering). I also wonder if a person can judge based on certain patterns in the game engine and such, which programming language(s) was definitely used to develop it? I imagine that if someone has done this for a game, it would probably be of an NES or older game, since those seem to be much simpler than newer games such as with the N64. I know that it would most likely be highly illegal and nearly impossible to hack Nintendo and steal their code (lol), so let's not get into that. I've never heard of TASers especially doing anything like this, so I'm assuming it doesn't exactly work, or is just too time-consuming and/or useless to carry out. But if there was a way to quickly translate back the code somehow of a game through a ROM, wouldn't TASing be easier for some people, since they can see exactly how it works? Could someone please clarify how these sorts of things work to me, since I am curious about it especially now? And could someone please link any sort of code that someone found, if any, that anyone knows about? If it is legal, of course, since I know we're not allowed to distribute ROMs on this site either, so I'm respectful of that.

* http://tasvideos.org/ReadySteadyYeti.html - my user page on the TASVideos site * https://www.youtube.com/ReadySteadyYeti - my YouTube channel * My Discord username is "RSY#3799".

Posted: 3/26/2016 11:05 PM

Quote

xy2_

Editor, Experienced player (818)

Joined: 5/2/2015
Posts: 671
Location: France

https://en.wikipedia.org/wiki/Reverse_engineering https://en.wikipedia.org/wiki/Decompiler http://bisqwit.iki.fi/jutut/megamansource/

Youtube

Posted: 3/26/2016 11:14 PM

Quote

Ready_Steady_Yeti

He/Him

Editor, Player (120)

Joined: 8/3/2014
Posts: 204
Location: USA

Thanks, the code gathered from Bisqwit on Megaman is actually very interesting. It really shows that he knew the game so well that he can get at least a good idea of how it was programmed. I wonder if anyone has done this for any of the Mario games and posted it online.

* http://tasvideos.org/ReadySteadyYeti.html - my user page on the TASVideos site * https://www.youtube.com/ReadySteadyYeti - my YouTube channel * My Discord username is "RSY#3799".

Posted: 3/26/2016 11:20 PM

Quote

creaothceann

He/Him

Editor

Joined: 4/7/2005
Posts: 1874
Location: Germany

Yes.

Posted: 3/26/2016 11:26 PM

Quote

scrimpeh

Editor, Skilled player (1405)

Joined: 3/31/2010
Posts: 2086

First of all, most games in the NES era were written in assembly language, while newer games are usually written in C, C++ or another high level language. They are all compiled (or assembled) down to the CPU's own machine code, which is what you see when you try to open a ROM. This is not done to obscure the code, as you think, but because machine language is the only type of language the CPU natively understands. Disassembling a game is possible, but it's a lot of tedious, manual work. You can automate the process to some extent, but a disassembler cannot tell code and data apart, so you have to go through the entire source file to do that manually. Above all else, while you can translate the machine code back into ASM or even a higher level language, you're left with a blank, bare bones skeleton of the code without any of the extra information (comments, variable names) that the original developers had to work with. So, to answer your question, no you're not able to reconstruct the original source files from the ROM. However, it has been done before, and TASers have done it before (Disassembling at least parts of the code becomes very important for anything ACE-related). You can find disassemblies of Super Mario Bros., Metroid and Mega Man (by our own Bisqwit, linked in the thread) if you search online.

Posted: 3/26/2016 11:34 PM

Quote

creaothceann

He/Him

Editor

Joined: 4/7/2005
Posts: 1874
Location: Germany

Sometimes there were parts of the source code in some ROMs, probably because whatever tool was used to burn the ROM chips copied whole harddrive / floppy disk sectors, including previously deleted data. Sometimes the original developers released the source code years later, or it was leaked some other way. That's pretty rare though. For 6502 code you might find this talk interesting.

Posted: 3/27/2016 9:30 AM

Quote

feos

Site Admin, Skilled player (1237)

Joined: 4/17/2010
Posts: 11274
Location: RU

http://tasvideos.org/ReverseEngineering.html http://shrigley.com/source_code_archive/

Warning: When making decisions, I try to collect as much data as possible before actually deciding. I try to abstract away and see the principles behind real world events and people's opinions. I try to generalize them and turn into something clear and reusable. I hate depending on unpredictable and having to make lottery guesses. Any problem can be solved by systems thinking and acting.

Posted: 3/27/2016 6:23 PM

Quote

jlun2

Skilled player (1707)

Joined: 9/17/2009
Posts: 4952
Location: ̶C̶a̶n̶a̶d̶a̶ "Kanatah"

feos wrote:

http://tasvideos.org/ReverseEngineering.html http://shrigley.com/source_code_archive/

Not required, but a video guide of a "simple" disassembly of a glitch or RNG would be helpful for newcomers.

LLCoolDave wrote:

This seems to be competing for the "Worst looking TAS of 2011" Award.

Posted: 3/27/2016 6:37 PM

Quote

Invariel

He/Him

Editor, Site Developer, Player (169)

Joined: 8/11/2011
Posts: 539
Location: Toronto, Ontario

Adding to the body of knowledge, here's a partial disassembly of Faxanadu, with some commentary on the code too. http://www.the-interweb.com/serendipity/index.php?/archives/30-Faxanadu-Disassembly.html

I am still the wizard that did it. "On my business card, I am a corporate president. In my mind, I am a game developer. But in my heart, I am a gamer." -- Satoru Iwata <scrimpy> at least I now know where every map, energy and save room in this game is

Posted: 3/29/2016 7:18 PM

Quote

jlun2

Skilled player (1707)

Joined: 9/17/2009
Posts: 4952
Location: ̶C̶a̶n̶a̶d̶a̶ "Kanatah"

feos wrote:

http://tasvideos.org/ReverseEngineering.html http://shrigley.com/source_code_archive/

Then you set a breakpoint on Writing to that address. And launch the movie that changes it. It is important to know how often is it written to. In most cases the breakpoint will be hit only once in a certain time segment (say, once in a few seconds). And the value that is being written matches the one that you see in RAM afterwards. You should mark the frame it gets written to somehow, or note it in a text file, or make a savestate right before it.

http://imgur.com/WBwn2LN What should I even be doing now? All the options bordered in red is greyed out.

LLCoolDave wrote:

This seems to be competing for the "Worst looking TAS of 2011" Award.

Posted: 3/29/2016 7:22 PM

Quote

feos

Site Admin, Skilled player (1237)

Joined: 4/17/2010
Posts: 11274
Location: RU

You should be using a core that has those supported, or an emulator that has a debugger for your platform.

Warning: When making decisions, I try to collect as much data as possible before actually deciding. I try to abstract away and see the principles behind real world events and people's opinions. I try to generalize them and turn into something clear and reusable. I hate depending on unpredictable and having to make lottery guesses. Any problem can be solved by systems thinking and acting.

Posted: 6/4/2016 7:15 PM

Quote

Ferret_Warlord

Skilled player (1405)

Joined: 10/27/2004
Posts: 1977
Location: Making an escape

"It was built on top of the Simpsons games..." That explains the sound effects, at least.

A hundred years from now, they will gaze upon my work and marvel at my skills but never know my name. And that will be good enough for me.

Posted: 6/8/2016 6:00 PM

Quote

nesrocks

He/Him

Player (241)

Joined: 5/1/2004
Posts: 4096
Location: Rio, Brazil

I have often wondered why don't new games for the NES get made. I mean, yes, some people make some simple games, but we don't see something like a new ninja gaiden quality game. I often thought the problem was techinical, but from my recent research I found out that a lot of people currently know a lot about how the NES works. Still, no new awesome games. So I think it's because of how they were made. Commercial NES games were done in a professional environment, meaning there was a boss and a team of artists and programmers with their salaries. This meant that one person had the final word and that they worked full time. Nowadays whenever I see homebrew projects by more than one person, there's always the problem that they don't get along. Someone may suddenly quit or disappear for no reason, or someone will simply decide to kick another person from the project, etc. So homebrew nes games are usually done by a single person, and rarely that person is both a great programmer and a great artist and is able to do it is a full time project. It is a shame, really. But I guess it goes with the nature of the platform. It's way easier for someone to make a game for PC than for the NES.

aka Nesrocks http://www.youtube.com/user/UoBtExFODA https://nesrocks.com https://twitter.com/bitinkstudios

Posted: 6/8/2016 6:08 PM

Quote

feos

Site Admin, Skilled player (1237)

Joined: 4/17/2010
Posts: 11274
Location: RU

Right, it's just not worth it now. And even gamemaker can let people make awesome games if you are talented (Mystik Belle).

Warning: When making decisions, I try to collect as much data as possible before actually deciding. I try to abstract away and see the principles behind real world events and people's opinions. I try to generalize them and turn into something clear and reusable. I hate depending on unpredictable and having to make lottery guesses. Any problem can be solved by systems thinking and acting.

Posted: 6/8/2016 6:13 PM

Quote

scrimpeh

Editor, Skilled player (1405)

Joined: 3/31/2010
Posts: 2086

From my own experience, developing for the NES is tedious and hard work, and when you actually do want to do something fancy, the system's hardware limitations will bog you down. It's a fun technical challenge, and personally I definitely enjoy working in 6502, but if I ever seriously wanted to make a game with the intention of finishing it, I'd just learn Game Maker or C and save myself a whole lot of headache. That said, a few quality homebrew games for the NES have been developed, such as the Battle Kid series. They're no Ninja Gaidens to be sure, but they are pretty impressive for what they are.

Posted: 6/18/2016 4:13 AM

Quote

arflech

He/Him

Joined: 5/3/2008
Posts: 1120

The SMB3 thread links to this disassembly: http://sonicepoch.com/sm3mix/ (The main page is about a hack, but it links to both a disassembly and its documentation; the documentation does not link to the disassembly.) I also just found this disassembly for Mario 1: https://gist.github.com/1wErt3r/4048722 SonicRetro is disassembling the classic Sonic games: http://info.sonicretro.org/Disassemblies An older group called Hacking CulT has also released disassemblies: http://www.hacking-cult.org/?x/2

i imgur com/QiCaaH8 png