Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gameboy Color Boot ROM Dumped After 10 Years

Posted by Soulskill on from the what's-a-decade-among-friends dept.

An anonymous reader writes "Costis was able to dump the elusive boot ROM from the Gameboy Color by using various voltage and clock glitching tricks. The boot ROM is what initializes the Gameboy hardware, displays the 'GAMEBOY' logo and animation, and makes the trademarked 'cling!' sound effect. Even decapping the CPU had failed previously, but now the boot image and specifics on how it was dumped (along with many photos) are available for download."

16 of 124 comments (clear)

  1. Cool by dintech · · Score: 5, Interesting

    I really love reading about the lengths enthusiasts go to when trying to do this kind of thing. For some reason I had assumed that this had been done already since there is already emulation for gameboy color, right? Can someone explain the significance of this development?

    1. Re:Cool by Xeon3D · · Score: 5, Informative

      I really love reading about the lengths enthusiasts go to when trying to do this kind of thing. For some reason I had assumed that this had been done already since there is already emulation for gameboy color, right? Can someone explain the significance of this development?

      The gameboy bios was also "emulated" before, so this makes the emulation more "realistic". It happens the same with the GBA. While you can emulate games for the GBA without the need for a BIOS file, if you have one, they'll run better \ more accurately (or in some cases, they run instead of not running).

    2. Re:Cool by noidentity · · Score: 5, Informative

      This allows Game Boy Color emulators to display an authentic intro before running the game, including the palette selection available when running a non-color game. There's otherwise no benefit that I can see. This includes initial register values, since those could already be determined via software. Some of the other initial state, like sound registers set by the boot ROM, is more difficult to determine, so this helped there.

      When reverse-engineering hardware, it's nice to figure out every detail, and this was one of the much harder ones to figure out. Decapping usually reveals all, but even that failed here.

    3. Re:Cool by byuu · · Score: 5, Interesting

      It happens the same with the GBA. While you can emulate games for the GBA without the need for a BIOS file, if you have one, they'll run better \ more accurately (or in some cases, they run instead of not running).

      It really just displays the logo and validates that the Nintendo copyrighted startup logo is present in the ROM. It was a trick to try and prevent third-party publishers from making their own releases. As soon as the Game Boy cartridge is started, the boot ROM is locked out completely and no longer needed. The GBA BIOS is quite different, it has tons of functions like various decompression routines, and without it you tend to have far less accurate timing and you may miss potential edge cases. Think of it as low-level emulation with the BIOS, and high-level emulation (in the vain of N64 graphics emulation) without it.

  2. Re:What the ROM does by Anonymous Coward · · Score: 5, Funny

    Truly a powerful piece of technology if it's resenting CPUs.

    Skynet's not far away now guys!

  3. Re:What the ROM does by CarpetShark · · Score: 4, Funny

    - Resent the CPU

    The ROM resents the CPU? This is astounding. Nintendo have had hard AI in the lowliest of their handhelds for years, and never even told us!

  4. Re:What the ROM does by BadAnalogyGuy · · Score: 5, Funny

    Well, how do you think you would feel if you were dumped after 10 years?

  5. Very short summary of how ROM was dumped by noidentity · · Score: 5, Interesting

    Here's my summary of how he did it, since the linked blog posting is quite long:

    When the Game Boy Color powers up, a small internal boot ROM is enabled inside the CPU. This displays the logo, verifies that the game ROM is "genuine", then starts executing it. Just before it starts executing user code, it disables the boot ROM by writing to an I/O register. Once disabled, there is no way to re-enable it, thus user code can't easily read the ROM.

    Costis found that if he stopped the CPU clock for a few seconds, then restarted it, many of the CPU registers (including the program counter) would take on random values. So he placed NOP instructions in all external memory, along with a small dump routine, then stopped and restarted the clock just before the boot ROM wrote to the I/O location to disable itself. This caused the program counter to take on a value outside the boot ROM, and execute all the NOPs until it hit his small dump routine.

  6. Re:What the ROM does by RuBLed · · Score: 4, Funny

    debugged

  7. Super Gameboy Support and Emulators. by Zombie+Ryushu · · Score: 4, Interesting

    Does this mean that we will be able to colorize Non-Super Gameboy Game Boy Games?

    When a Gameboy Color starts up with a Super Gameboy boy game is put into a Super Game Boy, it uses the Super Gameboy Palette with the border that would normally be used on a TV omitted.

    Examples of this:

    Pokemon Red/Blue/Yellow
    Donkey Kong

    Alot of people thought that Pokemon games were Gameboy Color games, and some are, like Pokemon Crystal, but alot of the games are actually Super Gameboy Games.

    Classic Gameboy games such as Tetris, Super Mario Land, and Metroid II had no colorization, so the Gameboy color and Super Gameboy would color them based on an alogorithm. No emulators exist that can colorize a non-Super Gameboy game. They are displayed in Gray Scale.

    My question is, will the dumping of this Bios lead to a better understanding of how Non-Super Gameboy Games are colorized on the Game Boy Color?

    1. Re:Super Gameboy Support and Emulators. by DuoDreamer · · Score: 4, Informative

      There is a hashtable of GameBoy Mono games which are recognized by the GameBoy Color, and it applies a preset color scheme that Nintendo chose to make the game stand out better. Metroid II is a perfect example of this coloring. All of these GBC colored B&W games are run in plain B&W mode, even if they have Super GameBoy features, as the GBC is not a Super GameBoy and doesn't have the same features. There is a disassembled source file to the GBC Boot ROM linked on the dumper's website, with most of it commented and disassembled. (Except the game recognition hashing part, which is still being analyzed)

  8. I smell double standards by netpixie · · Score: 5, Insightful

    "Copyright 2009. Costis Sideris."

    So copyright law is good enough for you, but not for Nintendo?

    1. Re:I smell double standards by Mr+Z · · Score: 5, Informative

      I assume you refer to the United States. The US was actually late to the party. The Berne Convention got the ridiculous-copyright-term ball rolling... Disney just gave it an extra push. In particular:

      The Berne Convention states that all works except photographic and cinematographic shall be copyrighted for at least 50 years after the author's death

      The Berne Convention is also what gives us the rule that daid303 stated, that you don't need to add a copyright notice to get copyright:

      Under the Convention, copyrights for creative works are automatically in force upon their creation without being asserted or declared. An author need not "register" or "apply for" a copyright in countries adhering to the Convention. As soon as a work is "fixed", that is, written or recorded on some physical medium, its author is automatically entitled to all copyrights in the work and to any derivative works, unless and until the author explicitly disclaims them or until the copyright expires. Foreign authors are given the same rights and privileges to copyrighted material as domestic authors in any country that signed the Convention.

      The US didn't sign on to Berne until 1988. The EU's been on board for awhile, as have many, many other countries. So, yes, you're technically correct that there are some people that are unaffected by the US's copyright protections (or in the case of Nintendo's IP, Japan's). But, a great many places have similar restrictions.

      --
      Program Intellivision!
    2. Re:I smell double standards by JSBiff · · Score: 4, Informative

      This article is a classic example of why you shouldn't take legal advice from slashdot posts.

      Note, I am not a lawyer, but that doesn't mean I can't find credible sources/links which show this guys doesn't know jack nor shit about what he's talking about.

      First, yes, as someone pointed out, copyright laws vary somewhat from country to country. However, thanks to treaties, like the Berne Convention, which has been signed by most of the world's countries (although, not all the countries necessarily enforce it vigorously) they have become fairly standardized.

      For the following statements, I've referenced wikipedia articles (which, I suppose might be wrong, but I have a fair amount of confidence in the accuracy), as well as the US Copyright Office website:

      1) Copyright is longer than 10 years in most countries, and particularly, in the US, Europe and Japan (50 years for Japan, 70 years for US and Europe). So there is no way this is public domain (note: I am, personally of the opinion that copyright on software *should* be about 10 years, maybe renewable for another 10, but want you or I want, and what is law, are two separate things, and you'd do well to remember that).

      2) You don't have to bother to copyright something. In all Berne Convention copyright regimes, copyright is *automatic* at the moment a work is put in a fixed form. So,

      "But technically, is it even copyrighted if he didn't submit it to the Copyright Office, or is it just a banner he put there to scare people?"

      Yes, to the extent that something he claims copyright on is actually his original work, it *is* copyrighted. Whether he'll enforce the copyright or not, is a different question, which I cannot answer.

  9. Re:Who even remembers the GBC? Who cares? by LoonyMike · · Score: 5, Funny

    This is a perfect example of useless, wasted effort.

    I agree, you should have posted on Digg instead.

  10. Re:Why can you not just read the rom?? by noidentity · · Score: 5, Informative

    Why can't you just take the rom chip out of the gameboy, put it in a socket on a computer and just read the rom 1 byte at a time?

    Because the boot ROM is built into the custom CPU. The data bus to this ROM isn't exposed on any of the pins; when enabled, it bypasses whatever is being sent to the external data bus pins on the CPU, so that its contents are never seen by the outside world.

    A close comparison is the L1 cache inside a modern CPU. When the CPU is reading from it, you can't know what is in it, since the data isn't output to the bus.