07 March 2021, 19:29 | #1 |
Registered User
Join Date: Jun 2020
Location: Druidia
Posts: 389
|
Winuae state disassembler
Hi there
I'd really like to look more closely at the code for some demos but find the Winuae debugger too narrow focused to get a sense for the bigger picture of what's going on. I thought maybe if I could simply disassemble the entire program to a file it would be easier to go through that where I can add my comments as I figure things out. However, as far as I can tell there's no way in Winuae to dump the entire thing disassembled. Am I missing something? Assuming not, is there a good tool that can disassemble a Winuae state file? While I'm asking questions, is there a way to tell what locations are currently being executed? I see a "heatmap" feature in the Winuae debugger, but I have no idea what that is? Thanks |
07 March 2021, 20:00 | #2 |
This cat is no more
Join Date: Dec 2004
Location: FRANCE
Age: 52
Posts: 8,403
|
save the block of memory and use IRA on it.
how heatmap works is still a mystery to me. |
07 March 2021, 20:02 | #3 |
Registered User
Join Date: Jun 2020
Location: Druidia
Posts: 389
|
What is IRA?
When you say to save the block of memory, is a state file good enough? I'm not sure how to get a memory block out of Winuae otherwise. |
07 March 2021, 20:10 | #4 |
This cat is no more
Join Date: Dec 2004
Location: FRANCE
Age: 52
Posts: 8,403
|
ah ok
IRA: disassembler: http://amiga-dev.wikidot.com/tool:ira savestates are compressed. Load them and use shift+F12 to pop up the winuae debugger. Then use S file start length to save the file, then apply IRA on it (as binary) with the offset set as start. |
07 March 2021, 20:16 | #5 |
Registered User
Join Date: Jun 2020
Location: Druidia
Posts: 389
|
Thanks, I'll give that a try and see how I come on.
|
07 March 2021, 20:24 | #6 |
WinUAE developer
Join Date: Aug 2001
Location: Hämeenlinna/Finland
Age: 49
Posts: 26,583
|
Debugger is not designed for that but above suggestions should work.
Note that you can create uncompressed statefile by clicking Windows file dialog "Save as type" field. Heatmap hightlights areas that have CPU or DMA memory access activity. |
07 March 2021, 23:44 | #7 |
Registered User
Join Date: Jun 2020
Location: Druidia
Posts: 389
|
I don't think I'm doing this right because I don't seem to be able to find the code I was looking for.
I'm saving a state .dat file and then running IRA with the following: ira -m68000 -binary -info -preproc mystate.dat I also tried saving a memory dump from Winuae using: S mystatechip.dat 0 80000 S mystateslow.dat c00000 80000 I had used "dm" to check the memory map matched my expectations. Then with IRA: ira -m68000 -binary -info -preproc -offset=0 mystatechip.dat ira -m68000 -binary -info -preproc -offset=c00000 mystatechip.dat Is any of that right? I'm no good at hacking! |
07 March 2021, 23:49 | #8 |
Registered User
Join Date: Jun 2020
Location: Druidia
Posts: 389
|
Okay I removed the: -preproc and it's looking more like I'd expect.
|
08 March 2021, 00:31 | #9 |
Registered User
Join Date: Jun 2020
Location: Druidia
Posts: 389
|
Any tips on how to zone in on the code that was actually running?
Does the Winuae heatmap give me hit rates for data reads/writes? Is there something equivalent for code reads or is it only for data or maybe it's all the same? Last edited by Jobbo; 08 March 2021 at 01:15. |
30 May 2024, 21:31 | #10 |
German Translator
Join Date: Aug 2018
Location: Drübeck / Germany
Age: 49
Posts: 203
|
there are multiple different ways to analyse a code, but it is not possible to get the source direct from a state
one way: - Shift+F12 - run the demo and break and open the debugger - d pc - where are we in the code? which code area? - m - look for the beginning of the code area in $10.000 or closer $1.000 bytes steps and narrowed it - m - go forward till area with no code or data - Strg+C - this memory part - Strg+F - look for Opcodes (4E75) or Copperlist (FFFE) what is code or data regions; get an overview - d - look if it is code or not - if the disassembling is messed then it is data or crypted - search for jsr, jmp, bsr, rts, rte - many more possibilitys.... The heatmap shows you the memory access as visual output in multiple colors and as a table for CPU and different DMA channels. - Shift+F12 - v-2 ; for the DMA Debugger >vhc Memwatch breakpoints enabled 0: 00DFF000 - 00DFF1FF (512) RWI NONE 1: 00000000 - 0007FFFF (524288) RWI NONE 2: 00C00000 - 00C7FFFF (524288) RWI NONE Heatmap enabled >x ; run demo Shift+F12 ; reopen debugger >vh >vh cop ; vh spr different dma channels are possible >vh 001: 000201b8 - 000202a7 000000ef (239) 64.91081% ; shows the memory area with the most access sorted 002: 000201c8 - 000201df 00000017 (23) 19.12065% - vhc ; heatmap data cleared for the next vh - vo ; close DMA debugger and heatmap my questions: 1. vh [<ratio> <lines>] "Heat map" ; what means <ratio> ? I believe this help is wrong 2. b Step to previous state capture position. How does this 'b' works? 3. idea: is it possible to get an disassembled output without bytecodes and addresses or values for easy copying? With a special disassemble option >d c ; c - code copying ? like this: 00020306 6100 1974 bsr.w #$1974 == $00021c7c 0002030a 5379 0002 001e subq.w #$01,$0002001e [0003] --> reduced to: bsr.w $00021c7c ; bsr.w #$1974 == $00021c7c subq.w #$01,$0002001e |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
winUAE save state | frx1 | support.WinUAE | 2 | 25 July 2020 22:34 |
WinUAE "save state" to include the current state of floppies. | seuden | request.UAE Wishlist | 2 | 03 February 2012 09:36 |
WinUAE Save State Problem | Raiser | support.WinUAE | 21 | 11 March 2008 16:46 |
WinUAE Save-state | misguided_fool | support.WinUAE | 3 | 22 August 2007 17:28 |
Save-State and Load State don't work | Klownk | support.WinUAE | 15 | 27 December 2002 14:24 |
|
|