search

hankmorgan / UWReverseEngineering

Repository for Reverse Engineering work on UW1/2
15 stars 1 forks source link

More details about setting up #4

Closed KarlClinckspoor closed 4 months ago

KarlClinckspoor commented 5 months ago

Sorry to bother you, but I'm quite new at this, and I've been having quite some trouble trying to get dosbox to break at the correct points so I can follow stuff. I followed many guides and tutorials online but things are always misaligned. For instance, following the post here, I can't get the game to break when loading the on what? string either using their breakpoint value of bp 34E0:1ACA or your breakpoint value from seg040_352B_1AC6 (which I assume is bp 352B:1AC6 or close). Could you provide an example, and mention your dosbox version? I'm using dosbox-x 2022.12.26. I don't know if different versions load stuff at different offsets, misaligning everything.

hankmorgan commented 5 months ago

Hi Karl,

you are correct in thinking dosbox version and dosbox conf is the cause of the issue. I'm using Dosbox-74-3 Debug. Here is the exe file. dosbox-74-3-debug.zip and my dosbox conf dosbox-0.74-debug - Copy.txt

The process is sensitive though. The offsets I've documented are what I get in the debugger that I can match up in IDA. Changes to the dosbox .conf can change the output conf and exe has been consistent for me on multiple devices.

When I write seg040_352B_1AC6 this means the code in Segment 40 at offset 1AC6. The 352B is where dosbox actually loads that segment into memory. I've found offset could be impacted by other code/drivers loaded into memory. So the breakpoint should be 352B:1AC6. I had to find out the segment offsets stepping through code, breaking on data changes etc. When I start the game i begin at 105F:0000 and the first command ran is mov dx,67D6 which stores the segment offset of the game data.

Other things to note

that any overlay segment prefixed OVRxx will always load at unpredictable offsets. This is due to how dos works. The only way to break into these is either break on a SEGxx that calls that overlay and step into that or find a bit of data that changes that you can break on.

Sometimes when stepping into a function the code will switch to Interupt 21 (INT21). Do not step over that code. Step into in and step until the IRET returns you to the function.

KarlClinckspoor commented 4 months ago

I just tested it now, and it worked! Thanks a lot. I'll be making another pull request soon with this information on the readme page, if that's ok, so others can poke around and contribute too.