DazzleStar Workflow

A typical disassembly consists of two phases. First is the conversion of the object code to source code. Second is the interpretation of the raw source code, adding comments, meaningful label names, and formatting. Note that DazzleStar can generate assembly source code from the object code, but that the original program may have been written in some other (high-level) language. Identifying, and translating into, high-level languages is beyond the scope of DazzleStar.

The first phase is fairly mechanical, but still requires human guidance. DazzleStar TNG is intended to facilitate/automate the first phase. It is an iterative process, and a session can normally be saved and restarted later. Once the first phase is deemed "complete", a final copy of the assembly file will be generated and DazzleStar is typically not used again.

The second phase involves reading through the assembly code and determining the intent of the code, then adding comments, constants, and meaningful symbol names. Once the second phase begins, DazzleStar would not normally be used again on this program. It is recommended that the assembly file being modified in the second phase is periodically assembled and the resulting binary compared to the original, to ensure the assembly file maintains it's integrity. It is thus recommended that modifications/enhancements not be made during phase two, and instead wait until after a sufficiently manageable source file for the original program exists.

Starting from scratch

The general workflow when starting a new disassembly is:

  1. File->New->... (desired submenu for file type) and select program file. There is not normally a DZ file to accompany it.
  2. Identify/register functions that use inline parameters (parameters follow the CALL instruction). Use P (inline Parameters), when positioned on one of the call sites, to add these to the session. See Hint Syntax.
  3. Set location to entry point (normally at Shift+Home) and select Disas->Scan from here.
  4. Use F3 to locate each orphaned section of code, decide if it is code or data, and (if code) use the E key to add it to the list of code entries. If it is not code, then data breaks may be set.
  5. Use the G key to add the target of an instruction (or data identified as a label) to the code entries list. This is typically needed for LXI instructions that reference code entries, or tables (L, R, T, Q breaks) that reference code entries.
  6. Scan the list of added code entries (periodically) using Disas->Scan Hints, which may introduce more orphans.
  7. Each scan may introduce new orphaned sections, so repeat until no more exist.
  8. Use F4 to locate unknown sections and determine use. Run scan (add to code entries) or set data breaks as appropriate.
  9. Prior to generating ASM/PRN (at least) it is a good idea to regenerate the symbol table (Disas->Rebuild Symtab). This ensures that data which was formerly (incorrectly) interpretted as code will not pollute the symbol table.
  10. If disassembly is not complete, or if more disassembly may be required, or to simply record all disassembly data for posterity, follow procedures in "Saving disassembly" below.
  11. Generate ASN and/or PRN files.
  12. Continue editing the ASM file (outside of DazzleStar) to clean it up and prepare it for assembly and comparing to original binary.

Note that File->Load Hints or Disas->Apply Hint may also be used to introduce hints to the disassembly. "Apply Hint" both adds the hint to the list and perform a scan to apply it. "Load Hints" only adds to the list. Instead of adding a code entry to the list and scanning later, use Disas->Scan from here to scan that code entry now.

Note that inline-parameter hints are only used during scanning, where they result in insertion of breaks in instruction streams. Hints should be loaded before any scanning is done (or else scanning should be reset and started over).

Instructions that have been visited during a scan will have an asterisk '*' in column 21. Locations marked as "orphaned" will have an question mark '?' in column 21. Instruction operands marked as "constant" will have a hash '#' in column 21.

Also, it is not the intent of DazzleStar TNG produce an ASM file that will compile successfully and generate the original code. The final, manual, steps of disassembly are done outside of DazzleStar. This includes adding comments and making sensible names for labels (or changing to constants).

Saving disassembly

To save a complete record of the current disassembly, Use File->Save->Save DZ, File->Save->Save Hints (if hints were added), and File->Save->Save Scan (if code scanning was not completed).

Resuming prior disassembly

To resume a prior disassembly session:

  1. File->New->... and select the program file. This should also load any prior DZ and DZH (hints) files.
  2. If scanning was started but not completed, use File->Load->Load Scan and select the scan file.
  3. If more scanning is required, start with the scan steps.
  4. Continue locating un-identified sections and identify them.