Old Phar-Lap .EXP cannot recognized

uxmal / reko

Reko is a binary decompiler.

https://uxmal.github.io/reko

GNU General Public License v2.0

2.17k stars 253 forks source link

Old Phar-Lap .EXP cannot recognized #1169

Closed Lutepatious closed 2 years ago

Lutepatious commented 2 years ago

I'm disassembling old FM TOWNS binaries which use Phar-Lap 386 | DOS-Extender (run386 and any .EXP). But Reko cannot recognize it.

Reko cannot analysis 512bytes .EXP header.
Then, I've removed header but Reko said "unknown selector".

gbody commented 2 years ago

@Lutepatious are you able to give a link to a file that your trying to load that isn't being recognised.

Lutepatious commented 2 years ago

A.zip

uxmal commented 2 years ago

Commit 77df0a7 has simple support for EXP file. Thanks for reporting this!

Lutepatious commented 2 years ago

Thx for loading support. But, still remain "Selector xxxx has no known segment." and "Structure analysis stopped making progress".

386 | DOS-extender defined selectors. (from free386/ and EXE386 documents.)

GDTs Selector base address 0000h 0h for NULL selector 0028h system selector for load LDT 0030h LDT 0038h GDT 0050h IDT 0060h 0h for 1st 1MB

LDTs 0004h PSP 0024h same to 0004h 000Ch code segment 0014h data segment for DS, ES, GS, SS. (base address is equal to 000Ch) 002Ch DOS environment variable 0034h 0h for 1st 1MB 003Ch Weitek 3167 math processor interface for FS (if not exist, then FS must be 0014h). IBM compatible only?

FM TOWNS specific. GDT 0110h T-BIOS.

uxmal commented 2 years ago

すみません、日本語が読めません.... :)

Thanks for providing the translated info re: the segments. I'm assuming user programs always run in ring 0, based on the selectors always having their least significant bits set to 0b00.

uxmal commented 2 years ago

@Lutepatious : do you have documentation on the FM TOWNS segment? In particular, I'm seeing the following indirect calls (in Reko RTL):

     call Mem18[0110:0020:segptr32] (retsize: 4;)
     call Mem18[0110:0080:segptr32] (retsize: 4;)

They seem to be calling into a vector at the beginning of the 0x0110 segment, which you've specified as "T-BIOS". It's unclear what these calls are expected to do, so Reko can do much better than generating:

(tbios->*fn0020)();
(tbios->*fn0080)();

uxmal commented 2 years ago

You can ignore the warning "Structure analysis stopped making progress". There is a big rewrite of the scanner phase of Reko that should address that warning; for now you will have to "suffer" that a redundant goto statement will not be removed.

uxmal commented 2 years ago

I'm closing this as the original issue has been resolved. If you have further issues, please feel free to open new issues.