The reverse engineering games
This post should have started with the words “last week” but unfortunately I was not able to follow the weekly cadence I had planned. Instead of just the trivial matters I announced then I will also cover more topics than initially planned, going from a very short entry to hopefully an entry that still qualifies as short.
The reason why I started the
xadec.dll reverse engineering game was as I
said in the first post of this series the prospect
of living in a bigger place with enough space to use my electronic drum kit.
One thought led to another and I remembered the fun I had playing GuitarFreaks
and DrumMania. The reason why this post is late is because in the process of
moving my laptop was stolen.
I’m not too worried about the contents of the laptop because it should be a brick to anyone but me. Considering the current trend among politicians against strong cryptography, I’m very glad to be in the other camp. However having the laptop stolen is not the only reason for a whole month delay: I also lost some of my backups, including the sources of this blog.
I have a NAS at home for local backups, and copies online (or as the sheeps say these days, in the cloud). Some of my things are inherently backed up, because hosted online: emails, source code. Stuff that is not important tend to live on only one device until I archive it just in case, that’s obviously gone. The big bummer is a couple of local backups that fail to restore, a procedure I usually test when I switch laptops (that is, not often enough) so the local backups are useless and the on-device archives are gone.
If you paid attention, source code should not be a problem, but I lost the
blog sources. I forgot for some reason to host a clone online and I had to
reverse engineer the HTML web site and figure all the changes I had made to
the theme to get it back. I guess I should talk about
vim in a future post
because it helped a lot in the process, but I digress… And with that this
post is already longer than the original one I had in mind.
The music games
Anothernother reason for being so late is the fact that I eventually moved, and this was the occasion to revisit my games collection.
On this picture you should see the boxes containing the guitar controller I ordered before Guitar Hero happened, the Guitar Hero controller I then bought along with the first game, two original games from Japan and one more controller. The Playstation 2 game is GuitarFreaks and DrumMania V3, and missing from that picture are the defunct drums controller, the defunct modded Playstation 2 and the defunct modded Wii.
So unless I manage to use those controllers on a PC beefy enough to emulate those consoles and manage to run such an emulator, at best they can be seen as geeky decoration, otherwise dead weight that belongs in the basement. But surely, running those games using an emulator would be piracy, right?
The music game
The game I’m interested in (DTXMania) is officially a piece of software that anyone can use to practice their Yamaha DTX electronic drum kits. If you look closer though, it’s a DrumMania and GuitarFreaks clone, because yes you can also play the guitar. But to be fair DTXMania goes beyond the arcade nature of DrumMania and can support many more elements on a drum kit, and even elements with multiple states such as a hi hat that can be either open or closed.
Out of curiosity I looked at the source code beyond the presence of
xadec.dll and found a well maintained copyright statement of its bundled
dependencies. It mentions that
xadec.dll can only be used free of charge, so
any paid for game would not be allowed to ship and use it. It’s a bit
challenging to find information in a code base maintained in Japanese, and
that goes for the web site too, but there are some English resources. In there
xa.exe apparently also shipped by the BandJam developer, and still
accessible thanks to projects like DTXMania.
xa.exe can both encode and
decode this XA format, and I was probably wrong to think that the BandJam
author was not behind this format. Now the question is the following: should I
also reverse engineer the encoder?
Disassembly of a static program
Unlike a library that needs an entry point for each public symbol of its API,
a quick try on
xa.exe gives no starting point. Worse, even though I
reinstalled the same OS,
objdump no longer gives me the useful all-in-one
output I was used to. That in itself is very puzzling.
One thing I could hope is to find the
xadec.dll code in
xa.exe since it
can both encode and decode. The problem is that even if the code is virtually
the same with identical optimizations for a similar output, it is likely that
the choice of registers would differ, and it is even more likely that
addresses wouldn’t match.
That would make an interesting coding exercise, trying to find the same code in two binaries with possibly slight differences, but for now I have other plans, like maybe playing some drums at some point, maybe?
Pouring some wine
Finally, I got hold of older versions of DTXMania, and managed to run them! At this point I should stop this reverse engineering game and fulfill my original goal of playing the game with my electronic drum kit. But that would imply sanity, a trait I do not claim. After all, when I initially tied to run the game I naturally went for the latest builds to no avail. I searched online and found that people tried to use Wine before and it failed miserably.
Well, Wine today can run DTXMania 067b just fine, even the version 061. In fact, those are versions that predate the open-sourcing of the game. And since I fail to build it on Fedora, I can’t assess when things broke today’s Wine.
$ dnf info wine Installed Packages Name : wine Version : 3.13 Release : 3.fc28 Arch : x86_64 Size : 0.0 Source : wine-3.13-3.fc28.src.rpm Repo : @System From repo : updates Summary : A compatibility layer for windows applications URL : https://www.winehq.org/ License : LGPLv2+ Description : Wine as a compatibility layer for UNIX to run Windows applications. This : package includes a program loader, which allows unmodified Windows : 3.x/9x/NT binaries to run on x86 and x86_64 Unixes. Wine can use native system : .dll files if they are available. : : In Fedora wine is a meta-package which will install everything needed for wine : to work smoothly. Smaller setups can be achieved by installing some of the : wine-* sub packages.
All I can say is that it broke somewhere between 067b and 087. Maybe in a
couple years Wine will catch up and run it like a champ! But I’m not here to
reverse engineer the Windows APIs, so in the next
post I will resume my report on
xadec.dll but I don’t expect to stick to one
post a week. While I still have my decompiled source code, I lost the
side-by-side decompilation with the assembly.