don't click here

68k instruction fix for IDA Pro

Discussion in 'Engineering & Reverse Engineering' started by kazblox, May 1, 2015.

  1. kazblox

    kazblox

    Member
    178
    27
    28
    Diassemblies and decompilations.
    The current(?) versions of IDA Pro have yet to correct a problem where the 68000 disassembler module does not reference to the program counter in some instructions, breaking bit perfect builds. A patch by drx for IDA 5.x has been released years back, but only patches some cases. A fix is provided below:

    FIX:

     
  2. flamewing

    flamewing

    Emerald Hunter Tech Member
    1,161
    65
    28
    France
    Sonic Classic Heroes; Sonic 2 Special Stage Editor; Sonic 3&K Heroes (on hold)
    I have been meaning to release this; guess this is as good a place as any.

    I have come up with a better solution than drx's fix: using an idc script. Save this file as "AddrFixup.idc" somewhere you will remember; then, at any point you want (preferably before exporting to text) run the script (File -> IDC File...). The script is safe for running it multiple times in the same disassembly.

    My script handles all problem opcodes:
    Code (Text):
    1.     jmp (XXX).w
    2.     jmp (XXX).l
    3.     jmp XXX(pc)
    4.     jsr (XXX).w
    5.     jsr (XXX).l
    6.     jsr XXX(pc)
    7.     lea XXX(pc)
    8.     pea XXX(pc)
    As can be seen, this includes opcodes not handled by drx's hack. But eh more important part is that the script works for all future versions of IDA as well, instead of being restricted to 5.x.
     
  3. kazblox

    kazblox

    Member
    178
    27
    28
    Diassemblies and decompilations.
    <br/><br/><br/>

    The problem opcodes are all fixed in Ti_'s patch. drx's only fixes lea and pea.

    But for those who are using future versions of IDA, use flamewing's script above.
     
  4. kazblox

    kazblox

    Member
    178
    27
    28
    Diassemblies and decompilations.
    Removed the IDA 5.x fix because Retro broke the link and I lost the file. Who still uses IDA 5, anyway?

    EDIT:
    http://ralakimus.byethost31.com/Public/IDA/mc68.w32

    Well, here it is. I wouldn't recommend recommend going back to IDA 5 now due to the bugfixes and many feature improvements in the UI, but the instructions are same as before. Place it where the original mc68.w32 lies (procs folder in IDA 5's Program Files directory).
     
  5. kazblox

    kazblox

    Member
    178
    27
    28
    Diassemblies and decompilations.
    I have updated the top of the post to include a newer update to the script that works in future versions of IDA starting from 6.8.
     
  6. Devon

    Devon

    Down you're going... down you're going... Tech Member
    1,218
    1,374
    93
    your mom
    Massive bump, but I've made a small modification to flamewing's IDC script to prevent erroneous duplications (i.e. "addr(pc)" -> "addr(pc)(pc)" or "(addr).w" -> "((addr).w).w", and also pull up to date label names.
     
    Last edited: Mar 5, 2024