pSX Debugger

[jokyr]

Hello,

I'm very new to psx emulation. I'm trying my best, but for the life of me, I can't figure out how to use pSX Emulator's Debugger.

I know MIPS Assembly code, but I can't seem to get the debugger to display the assembly code that's actually being executed. Also, is there a way to jump to certain offsets, or single step through code?

My goal is to reverse engineer the PSX game Monster Rancher. Figure out exactly how it works and such.

If anyone has some info, or tips, I'd be incredibly appreciative.

-Thanks in advance!
Joseph Kyle Rogan
www.JoKyRandJesster.com

[richb]

Hi,

I'm having the same problem as jokyr -- I'm trying to reveng a game, but haven't been able to use psX's debugger to much effect.

As one example, in this thread: (1), ripper713 seems to have found the address offsets of the IO system calls. How can I find these? Is there a "kernel" as such providing IO calls? If not, how can I recognise an IO call?

Specifically, I'd like to be able to watch the game load a level from disk, so that I can see which sections of the file are headers & which is data etc. etc. I've been able to figure out a lot of that stuff by hand from looking through the files, but I think that watching things in a debugger might speed it up. Any hints on how to go about doing that?

I'm not adverse to looking things up and figuring things out for myself, but any shortcuts or pointers anyone could give me would be gretly appreciated.

Many thanks,


Rich

(1) psxemulator.proboards54.com/index.cgi?action=display&board=general&thread=1142397391

[ripper713]

For basic playstation information, do a google search with "Everything You Have Always Wanted to Know about the Playstation But Were Afraid to Ask" (beware though, as there are a few typos and a few errors). This is considered THE reference for the playstation (at least for the legal for home use crowd). There are other docs around but this is the best place to start. The debugger is very easy to use although there are a couple of things to remember. First, to step through code you need to be in interpreter mode (commandline option -ci). You can also enter the interpreter mode by manually breaking execution. Remember though, if the program is broken and then you hit run, make sure there is at least one breakpoint. If their are no breakpoints when you hit run, it will enter dynarec mode. Second, be careful with the addresses that you enter into the dialogs. The addresses need to start with 0x and you need to understand the memory map of the playstation because the debugger generally converts the address. Third, if you want to view the complete "boot up" of the playstation use command line options -b -ci. This will start pSX in interpreter mode and break on the first instruction. Fourth, there is a goto command for the memory and disassembly windows. To access it, simple click on the window and then press ctrl-g. I believe there is a way to automatically jump to the program counter but I forget how to do it. I normally just enter the value of the program counter into the goto dialog. That is pretty much all that you need to know (if you understand debuggers in general) and do not want/need to use advanced breakpoints. Lastly, reversing a game can take a considerable amount of time and can be extremely difficult (especially if this is your first time). You might want to do a web search and find games that people have already reversed and see if you can repeat their results. There are two main benefits to this. First, you can compare results and see if you are correct. Second, and most important, you can determine the level of reversing difficulty of the game in question. romhacking.net is a really good place to check although the majority of information of the site is geared towards 8 and 16-bit systems. I will close with the bad news, the debugger is not magical. It can not detect algorithms for you or detect when data is being decompressed or otherwise altered. You will need to do this all by yourselves. This is a mistake many make when they first see a debugger. They think/hope that it is just another program written for script kiddies to pretend they are "l33t".