maybe I'd be better at getting back into my reverse engineering projects if getting back into them didn't involve first figuring out which of the 13 Ghidra versions I have installed is for that project
-
but the next time it gets called, it's:
6E 7F 7F 00 44 00 04 02 00 00 00 00 00 00
-
ugh I think the thing that's weird here is the &0xfffffffc
It's doing alignment, adjusting pointers to only be on 4s
-
@foone is it using useless_boolean to check if the loop is run at all?
-
and that first bit of code is at 0x70, which is a multiple of 4, so 0x70+4 just equals 0x74.
but the second time, it's at 0x79!
so 0x79+4 is is 0x7D: but that turns into 0x7C when we apply the AND. -
so this is a bytecode that has variable padding in order to align to 4 bytes. ugh.
-
@nickzoic useless_boolean is never checked at any point
-
oh, I think I've got what EnterFrame is: It's a way to easily shove multiple typed variables onto the stack, so the function/script can use them.
and it's doing a fixup to know what the types are, since they're declared in the relocation header
-
yeah, it ends up looking like:
pvm_EnterFrame int, int, bool, GuiAnim
-
Ron Gilbert #KamalaHarrisreplied to Foone🏳️⚧️ last edited by
-
okay now I have a disassembler that can only disassemble the relocatable instructions (and can't fully do one of them, because it's complicated)
I now need to add the ones that don't relocate, which is a separate headache
-
Foone🏳️⚧️replied to Ron Gilbert #KamalaHarris last edited by
@grumpygamer @nickzoic it sure should, but since I'm looking at disassembly here... it didn't!
-
ugh. apparently EnterFrame also adds a frame pointer (somewhere) and then the pvm_PushLocal operates off it.
-
Food $200
Data $150
Rent $800
Stacks $3,600
Utility $150
someone who is good at interpreters please help me budget this. my scripting language is dying -
@foone reduce your stacks usage
-
@0xSim no
-
anyway I'm now at the point where I've written enough of a disassembler that I need to basically throw it away and make this thing better and more systematic, so I can eventually have it give me real source files (not log output) and even further on, so I can round-trip it and re-compile these scripts
-
@foone useless_boolean will detect if the for loop never ran at all, because of the stop requirement.
-
@RueNahcMohr useless_boolean is actually never read by any code. thus the "useless"
-
@foone .....huh, ok, maybe the author didn't turn out to actually need it in the end???
-
@RueNahcMohr yeah! and apparently their compiler didn't warn them about this. or they didn't care