Back to Page
Revision 15 (current)
Edited by zeromus on 12/4/2020 8:39 PM
!! Backgrounder
Currently supported for: PCE, GB/GBC, SMS/GG, Genesis, SNES
The CodeData (CD) Logger primarily tracks information for each byte in the ROM about how it's used by the game program: the most useful distinction is between code and data, but in some cases more fine-grained information is useful. This data is helpful for reverse engineering games, so that automated disassembly tools can produce .db tables for stuff known to be data, and disassemble stuff known to be code. Typically you will want to turn on the CD logger and play through as much of the game as possible, to trigger reading of every level, script, sound, and art, to get the coverage as near to 100% as you can.
!! File Format
! Type definitions
* A "string" is an LEB128 encoded number which is the number of bytes in the string, followed by that many bytes of UTF-8 character data.
* A "number" is a little endian 32 bit integer.
! File Format
Header:
* string id: file identifier, always "BIZHAWK-CDL-2"
* string sub-id: a string, padded at the end to a length of 15 with spaces, saying which platform the CDL file is for: PCE or GB
* number sub-version: another version number, in case the console-specifics change but not the overall format
* number NumberOfBlocks: number of memory areas represented in this file
For each block:
* string BlockName: identifying name of the block. These usually (but not always) follow the naming of a corresponding MemoryDomain. In the future we'll try to normalize these more.
* number bytelength: length of the block in bytes.
* byte data(bytelength): one byte of information for each byte in the original block.
! PCE
The PCE implementation is pretty complex due to the diversity of memory mapping options and the general thoroughness with which the CD logger has been designed. This core supports disassembling from the CD logger. Only the PCE implementation currently tracks writes (the remainder track only reads)
For PCE, the BlockNames are:
ROM
HUCard ROM, or syscard bios ROm
Cart Battery RAM
32K of battery backed ram in the Populous cart
Super System Card RAM
192K of ram in the super system card
TurboCD RAM
64K of ram in the turboCD
BRAM
8K of TurboCD backup RAM. The actual RAM is smaller, but the CDL will record all
activity in that 8K region.
Main Memory
8K or 32K (SGX) of main memory
MMIO
8K of space in block ff, containing system IO ports.
UNKNOWN
8K long area which any unknown block maps to.
Each byte has 8 bits of flags on what the byte has been observed to do:
// was fetched as an opcode
Code = 0x01,
// was read or written as data
Data = 0x02,
// was read and used as a pointer to data via indirect addressing
DataPtr = 0x04,
// was read or written as stack
Stack = 0x08,
// was read or written as data via indirect addressing
IndirectData = 0x10,
// was read and used as function pointer
// NB: there is no "IndirectCode"; all code is marked simply as code regardless of how it is reached
FcnPtr = 0x20,
// was used as a source or destination (either initial or during the loop) of a block xfer
BlockXFer = 0x40,
// was fetched as an operand byte to an opcode
CodeOperand = 0x80
! GB (gambatte)
CartRAM may or may not be present. Of course CartRAM may vary in size (and WRAM will depend on gb/gbc type)
Blocknames: ROM, CartRAM, WRAM, HRAM
Flags:
ExecFirst = 0x01
ExecOperand = 0x02
Data = 0x04
! GBHawk
CartRAM may or may not be present. Of course CartRAM may vary in size (and WRAM will depend on gb/gbc type)
Blocknames: ROM, CartRAM, WRAM, HRAM (note: these do not match the memory domain names)
Flags:
ExecFirst = 0x01
ExecOperand = 0x02
Data = 0x04
Write = 0x08 (this is used to distinguish data writes from data reads)
! Genesis
SRAM may or may not be present. I suppose it may vary in size. MD Cart will vary in size, of course. All the Sega CD stuff hasn't been analyzed yet.
Blocknames: MD Cart, 68K RAM, Z80 RAM, SRAM
Flags:
Exec68k = 0x01
Data68k = 0x04
ExecZ80First = 0x08
ExecZ80Operand = 0x10
DataZ80 = 0x20
DMASource = 0x40 -- Should be useful for identifying the origin of graphics data on the cart ROM.
! SMS/GG
Save RAM and Cart (Volatile) RAM may or may not be present, and most of it may vary in size.
Blocknames: ROM, Main RAM, Save RAM, Cart (Volatile) RAM
Flags:
ExecFirst = 0x01
ExecOperand = 0x02
Data = 0x04
! SNES
CARTRAM may be variable. APURAM is full 64KB despite some of the space being mapped to registers. The Exec* and CPUData flags are set for the S-CPU and SMP both. Since each CPU can only access its respective memories, there are no conflicts.
Blocknames: CARTROM, CARTRAM, WRAM, APURAM, SGB_CARTROM, SGB_CARTRAM, SGB_WRAM, SGB_HRAM
Flags:
ExecFirst = 0x01 //initial CPU instruction operand
ExecOperand = 0x02 //subsequent CPU instruction operands
CPUData = 0x04 //data was read by CPU instruction
DMAData = 0x08 //data was read by DMA
BRR = 0x80 //for SMP, data was read by DSP sampledata loading
CPUXFlag = 0x10 //for S-CPU along with ExecFirst and ExecOperand...
CPUMFlag = 0x20 //...these indicate whether the X and M flag were set at the time.
Additional blocknames: CARTROM-D, CARTROM-DB - for advanced users, these are word- and byte-sized mirrors of the CARTROM address space which contain the most recent D and DB registers when the CARTROM was accessed (word is little endian)
! NES
Use FCEUX