Alice Averlong🏳️⚧️"Pipeworks bundle v1.30 (little endian)"
It's got the .pvd/.pvm files and everything.
This is 100% the same engine.
THIS IS FUCKING SPIGOT
wait
this giant monster fighting game...
uses MYSQL!?
this giant monster fighting game...
uses MYSQL!?
anyway they remembered to strip the debugging info for the Kaiju game, so that's not as useful to reverse. Still, it's a nice comparison to have: it's an example of the x86 version of the same engine. Maybe I can still make use of this.
also, side note, the list of games on their wikipedia page is missing a few on their games lists, like if you hit it at 2013, you also get "Gremlins Gizmo" and "Plantsville", alongside the other ones we know about and the typo'd GeoStorm (not Geo-Storm)
they're also credited with uDraw Studio, but their own list says they made uDraw Studio AND uDraw Instant Artist.
Started building a wiki page listing all the versions and such.
hey found another game missing from wikipedia!
Plantville, which they made for Siemens, is an edutainment game about factory management from 2011.
Plantville, which they made for Siemens, is an edutainment game about factory management from 2011.
I could also go through all these games and make sure their build info is on TCRF but that's maybe too much work
here's the really fun part:
they clearly were fine with licensing out their spigot engine, given that they licensed it to that kaiju game.
How many other games did they license it to, and it just never was mentioned anywhere?
brb downloading all Wii, PS2, PS3, PSP, Xbox, Xbox 360, and Windows games.
I'm gonna need more floppy disks
So they made a few demos (for the xbox) with Microsoft prior to announcing their "first" Spigot game. I don't think those demos were ever released, they were just shown as promos for the Xbox.
It's possible that's where Spigot came from. Maybe they built the engine for that, then reused it for their Godzilla game.
if I see one more place where this code is like "(if x!=0 && x!=0xFFFFFFFF)"...
LEARN TO USE ONE SENTINEL AND STOP PRETENDING -1 IS A POINTER
interestingly their Wii game "Gremlins: Gizmo" calls itself "GForce" internally, not to be confused with G-Force for the Wii, which they didn't make and doesn't use the Spigot engine.
(yes, I had to check)
okay so you know how I said there was some debug symbols left in, in one of their games?
as far as I can tell, it's not just one of their games.
it's all of their games (at least the wii ones)
as far as I can tell, it's not just one of their games.
it's all of their games (at least the wii ones)
(there's a possibility this is required for how their scripting engine works, but I'm not sure yet)
oh goody.
if a for loop only does like 8 iterations, the compiler unrolls it into something that decompiles as a do-while loop with a bunch of breaks. I hate it
if a for loop only does like 8 iterations, the compiler unrolls it into something that decompiles as a do-while loop with a bunch of breaks. I hate it
why does their implementation of strlwr check every character for being smaller than 256?
that... what?
this is ascii. like, actual 8-bit chars.
that... what?
this is ascii. like, actual 8-bit chars.
so I've got a TON of VTables and in theory I could convince Ghidra how they work and then use the RTTI info to fully extract the class tree, but in reality Ghidra has no idea what the types are and it's going to take longer to assign them than it would to write my own code that just spelunks the running RAM of the program, probably.
and I need to figure out some way to document this class tree that's a step below "starting a full decompilation project".
maybe I need to look into scripting, instead of pressing the "y" button over a thousand times
well I think I've hung ghidra
it turns out trying to get and then print a list of all symbols in a game this fucking debuggered is a bad idea
disassembling and decompiling 11 megabytes of PowerPC binaries: easy
printing a bunch of text to a window: HARD
printing a bunch of text to a window: HARD
okay I got it to clear the window and start responding again.
there are 1244 RTTI structures in this binary, out of the 128 thousand symbols I accidentally tried to print
oh hey this is jython, which does that magical getter eliding thing, where you can do "x.fooBar" instead of "x.getFooBar()"
40 minutes later I have it done once
now to do it 1243 more times
I should have just pushed "y"
now to do it 1243 more times
I should have just pushed "y"
this is the code I finally ran:
symbols=list(getCurrentProgram().getSymbolTable().getDefinedSymbols())
rttis=[s for s in symbols if s.getName().endswith('__RTTI')]
RTTIVTableHeader=getDataTypes("RTTIVTableHeader")[0]
def makeRTTI(symbol):
start=rttis[0].programLocation.address
end=start.add(8)
clearListing(start,end)
createData(start,RTTIVTableHeader)
[makeRTTI(x) for x in rttis]
it didn't work. I'm not sure why. but it didn't.
hmm. it's doing weird things where if I try to do it to ~2400 RTTIs, it fails. but if I pick one out and do it solely, it works.
check out the code: it's saying "rttis[0]" when it means "symbol". I'm a fool
found another game that uses the Spigot engine, that Pipeworks didn't make!
It's Monster High: Ghoul Spirit (2011, Wii)
It's Monster High: Ghoul Spirit (2011, Wii)
did a bit more research, and it turns out Haunted House and Monster High: Ghoul Spirit were both made by ImaginEngine, who later collaborated with Pipeworks on their Wreck-It Ralph game.
They were both part of Foundation 9 Entertainment, so it makes sense they worked together.
why is this game allocating 0 bytes aligned to 16-bytes?
how does that mean
Michael Dwyer@foone
Oh no.
If you malloc 0 bytes twice in a row, do you get two different pointers? What happens when you free them?!
I am fighting going down a rathole of research that is not going to end with me being happy. 😠
Riley S. Faelan
Roger Lipscombe@rogerlipscombe: Yes, self-written mallocs often do that. (Or just assert(size != 0).) I think somebody of the early Unix programmers might have been a bit sloppy about malloc(0) and free(NULL), and so these border cases got specified in a nonsensical, perhaps even harmful, "user-friendly" way.