asm | ||
build | ||
src | ||
um | ||
.clang-format | ||
.editorconfig | ||
.gitattributes | ||
.gitignore | ||
appveyor.yml | ||
clang-format-all | ||
README.md |
mgs_reversing
This project aims to completely reverse engineer Metal Gear Solid Integral for PlayStation back to C source code which when compiled produces the same assembly code.
At this moment SLPM_862.47
/SLPM_862.48
/SLPM_862.49
main executables are 100% decompiled. However, even though this is a substantial milestone, a significant amount of work
is still left to decompile overlays - making it possible to boot into every game level and clean up already decompiled code.
The repository builds or aims to build the following artifacts:
Main executables
SLPM_862.47 (main executable) |
|
Status | ✔️ 100% decompiled! The next goals for this artifact are to clean up the decompiled code, find cleaner matches and make it shiftable. |
Size | 626 KB |
SHA256 | 4b8252b65953a02021486406cfcdca1c7670d1d1a8f3cf6e750ef6e360dc3a2f |
Building | python build.py |
SLPM_862.48 (main executable) |
|
Status | ✔️ 100% decompiled! Identical to SLPM_862.47 (main executable). |
Size | |
SHA256 | |
Building | |
SLPM_862.49 (main executable) |
|
Status | ✔️ 100% decompiled! This executable is based on SLPM_862.47 (main executable), but with many small changes, especially around chara/snake_vr (a variant of Snake actor). |
Size | 616 KB |
SHA256 | c370f8e41ec8fb78238bfe2ddbfc25a6d37ec8f0972c86ebfde075ecd4ee8dca |
Building | python build.py --variant=vr_exe |
Overlays
Metal Gear Solid Integral dynamically loads additional per-stage executable code that is required to play a particular stage of the game. The main executable contains the game engine, as well as the most common actors used throughout the stages.
Overlays on SLPM-86247 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Status | 🚧 Work in progress.
Individual overlay progress: Click to expand
Click to expand
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Overlays on SLPM-86248 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Status | Identical to SLPM-86247 overlays. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Overlays on SLPM-86249 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Status | ❌ Work not yet started.
Individual overlay progress: Click to expand
Click to expand
|
How to build
dev
variant
dev
variant is a build variant that makes it easy to run the built game from mgs_reversing
and test your own changes. Most notably it embeds some overlay files into the main executable to make it easier to load the game into an emulator.
mgs_reversing also provides a helper script run.py
that starts the built game in PCSX-Redux emulator. Whenever you rebuild a game, this script will relaunch the emulator and you'll be able to see the changes you made.
- Install Python3 if you haven't and make sure it's in your PATH. If you are on Linux, install Wine.
git clone https://github.com/FoxdieTeam/psyq_sdk.git
git clone https://github.com/FoxdieTeam/mgs_reversing.git
cd mgs_reversing/build/
pip3 install -r requirements.txt
python3 build.py --variant=dev_exe
python3 run.py --iso ISO --pcsx-redux PCSX-REDUX-PATH
ISO
is a path to ISO/ECM/BIN file with the original game (SLPM-86247).PCSX-REDUX-PATH
is a path to a directory with downloaded PCSX-Redux emulator.- Download a ZIP file with the emulator into
PCSX-REDUX-PATH
directory. Click here for Windows builds. Click here for Linux builds. You don't have to unzip the file.
- Download a ZIP file with the emulator into
- You should run this command in a separate command prompt. While this command is running, you can rebuild the game (with
python3 build.py --variant=dev_exe
) and the tool will automatically relaunch the emulator with the latest build.
Mac OS
In order to build on Mac OS you need to install wine using brew
brew install --cask --no-quarantine wine-stable
Matching builds (main executable, VR executable)
- Install Python3 if you haven't and make sure it's in your PATH. If you are on Linux, install Wine.
git clone https://github.com/FoxdieTeam/psyq_sdk.git
git clone https://github.com/FoxdieTeam/mgs_reversing.git
cd mgs_reversing/build/
pip3 install -r requirements.txt
python3 build.py
- or
python3 build.py --variant=vr_exe
for VR executable
- or
- At the end you should see a message confirming that the built binary's hash matches the original game's binary's hash. If your code caused the compiler to emit warnings, try to fix them without breaking the match.
How to use the built (matching) executables
Once you have successfully built the executables from the source code, you may want to play it to debug or test the changes you have made. Please keep in mind that if the size of the main executable changes or addresses shift, the original overlays won't work properly. This guide does not describe how to repackage overlays (a packer tool is planned for the future).
For how to use the dev
variant, please see the build instructions above.
PCSX-Redux
PCSX-Redux emulator provides a convenient way to load a modified main executable. Once you have loaded the original image of Metal Gear Solid: Integral you can load a modified executable in "File > Load binary" menu. This repository contains some helper Lua scripts that can be used with PCSX-Redux in build/pcsx-redux_scripts
folder.
Other emulators - rebuilding ISO
To rebuild an ISO with your modified executable, you need a tool called mkpsxiso: download and extract it to a folder of your choice.
Next, you need the original files of Metal Gear Solid: Integral from the CD-ROMs. If you have dumped the discs into .bin/.cue pairs, you need to unpack them into a folder using mkpsxiso. The following commands show how to do this for the first disc, but the same applies to the other two.
Open a terminal, cd
into a folder of your choice and run the following command:
<mkpsxiso_folder_path>\bin\dumpsxiso.exe <path\to\mgsi_d1.bin> -x MGSI_D1 -s mgsi_d1.xml
This will create a folder named MGSI_D1
(containing the files of the first disc of the game), and an additional file, mgsi_d1.xml
.
Open mgsi_d1.xml
and replace
<file name="SLPM_862.47" source="MGSI_D1/MGS/SLPM_862.47" type="data"/>
with
<file name="SLPM_862.47" source="<path/to/_mgsi.exe>" type="data"/>
where _mgsi.exe
is the output of the build process.
Optionally, you can also edit the attributes image_name
and cue_sheet
of the iso_project
element to give them more appropriate values, like mgsi_d1.bin
and mgsi_d1.cue
, which are the output files of the next step.
Finally, run
<mkpsxiso_folder_path>\bin\mkpsxiso.exe mgsi_d1.xml
to re-pack the MGSI_D1
folder into a .bin/.cue pair that now contains the new executable instead of the original one. From now on, this is the only command to be executed every time you want to test a different version of the executable.
Now you are ready to play the game with your favorite emulator by starting the file mgsi_d1.cue
.
How to decompile a function
The asm/overlays
directory contains functions that are not yet decompiled. As a starting point you could try finding a small function (small .s file) and try to decompile that function.
We make extensive use of decomp.me, which has a Metal Gear Solid (overlays) preset, to help match functions.
Before decompiling a new function, we highly recommend playing around with some functions already decompiled - see recent scratches here.
Before working on a function, search for it on the website and if you don't find it, go to the build
folder and run python decompme_asm.py [path to .s file]
to have the assembly instructions in your clipboard ready to paste into a new decomp.me scratch. Since there is a lot of duplication in overlays, make sure that this function was not already decompiled in some other overlay (for example make sure that there is no blastoff.c
file for a function called s11g_blastoff_800D4744
).
When you create a new decomp.me scratch you'll be asked for a context - you can use a context from one of the scratches here. decomp.me will decompile the function into C. Now comes the hard part: make the scratch compile without any errors and implement the function such that it matches the original assembly. This is a highly iterative process.
Help, I am totally stuck?
Join our Discord and ask for help in #metal_gear_dev
.