dfhack icon indicating copy to clipboard operation
dfhack copied to clipboard
verified publisher icon DFHack

Improve Memory-research.rst documentation

Open Bumber64 opened this issue 4 years ago • 3 comments

Give more guidance for how to get started on decompiling DF. For instance, the necessary steps for getting useful symbols in IDA Freeware 7.0 on Windows 64-bit:

  1. Run codegen.pl in df-structures to produce codegen/codegen.out.xml
  2. Run codegen_c_hdr.pl on codegen/codegen.out.xml to produce codegen.h
  3. Run ruby.exe dump_df_globals.rb --idc "..\path\to\Dwarf Fortress.exe" and save the MakeName statements
  4. Open Dwarf Fortress.exe in IDA, wait for it to finish analysis
  5. File -> Script file..., select ms_rtti64.idc, wait for script to finish
  6. File -> Script command..., paste in MakeName statements and run
  7. File -> Load File -> Parse C header file..., select codegen.h

Bumber64 avatar May 17 '21 13:05 Bumber64

Similar documentation could also be added for Ghidra, though @BenLubar might need to write that (since I don't recall how all of those scripts work).

quietust avatar May 17 '21 16:05 quietust

For Ghidra, it's:

  1. Run perl ./codegen.pl to produce codegen/codegen.out.xml (the ./ is important so it can find the perl modules)
  2. Make sure https://github.com/DFHack/df_misc/blob/master/import_df_structures.java is in ~/ghidra_scripts
  3. Optional: create import_df_structures.properties in the same directory as import_df_structures.java using the format specified by the comment at the top of the script so you don't have to navigate to the files manually every time
  4. Open Dwarf Fortress in Ghidra, and when it asks if you want to run auto analysis, either say no or cancel the next dialogue box.
  5. Run the script from the green circle with ▶️ in it (search for DFHack or find DFHack in the tree list on the left to find it faster).
  6. It will ask for two files (codegen.out.xml and symbols.xml), which will be auto-selected if you did step 3 above.
  7. Wait for it to finish. It will run auto analysis as part of the script.

BenLubar avatar May 18 '21 13:05 BenLubar

Similar documentation could also be added for Ghidra, though @BenLubar might need to write that (since I don't recall how all of those scripts work).

Would also love to see some guidance on using binary ninja with this even though it would only be static analysis.

maxinfet avatar Feb 13 '22 02:02 maxinfet