Difference between revisions of "User:Buddha^/GSoC2007-ProjectDiary"

User:Buddha^/GSoC2007-ProjectDiary (view source)

Revision as of 00:13, 19 June 2007

1,523 bytes added , 00:13, 19 June 2007

Added done work on 2007-07-18.

Buddha^

417

edits

@@ Line 212: / Line 212: @@
 Commented almost all the differences between the original AGI 2.936's
 AGI.EXE and the hacked AGI256's AGI.EXE.
+== 2007-07-18 (Monday) - Reverse engineering AGI256 ==
+Got more into working with IDA. Using info from Sonneveld's IDBs
+for various AGI.EXE versions I could make out where in the memory
+the "DLL"-files are loaded (AGIDATA.OVL, AGIGRAF.OVL, AGIOBJS.OVL).
+So I made a flat AGI.EXE that has them included in the correct
+positions. It helps with IDA debugging because IDA can now see all
+the functions and give cross references between them etc.
+So after making the flattened AGI.EXE for the AGI256 hack inspection
+I read more of the Sonneveld's IDBs, commented and tried to understand
+parts of the flattened AGI.EXE, made some structs in IDA,
+fiddled with IDA's segments etc.
+Figured out some functions like the agi256ReadPic -function
+and also a weird looking function that did something with the
+palette... as a matter of fact it turned out to be a synchronized
+palette blinking effect that's called from the screen shaking routine
+(Command number 110: cmd_shake_screen).
+Learned a few things today... like that call pushes the location of the
+next instruction after it (In retrospect that's actually very rational)
+rather than the location of the call instruction itself. There was some
+interesting "call $+3 followed by a pop to get the IP" -usage in the agi256ReadPic
+routine and that's how I came to ponder the call instruction's true workings.
+[http://heim.ifi.uio.no/~stanisls/helppc/ HelpPC] helped.
+It looks like some call is jumping in the middle of a "shr al, 1" instruction.
+I'll see about that tomorrow...