Of course that's possible. My first idea is simply store all addresses that are in the PC register during run time 
Of course that's possible. My first idea is simply store all addresses that are in the PC register during run time
For mapper nased rom games you'll also need to track mapped pages i suppose
Disassembling a game is not a big issue, the problem is to analyse, statically and dynamically, thousands of lines to understand how the routines work and the game operates. I mean, it is not applying reverse engineering to circumvent a protection; reversing a whole game is more serious and time consuming. Not to mention that the disassembled code would need fixes to compile. Not a trivial task unfortunately. Even with several years of reverse engineering on my back, I would not embark in such a long-distance race.
This was well said. This current discussion kind of forces me to come out with my project although I'm not quite ready for it yet...
Few months ago I started a project that has a goal to become a program that can disassemble MSX games with no user input involved. It started from the "Self aware, self modifying artificial intelligence" routine that has been previously already seen working in porting MSX games successfully to SVI and Memotech computers. It has been also used to patch game ROMs in Sofarun and to crack Nippon telenet Links network hardware keys. I anyway realized that this is not quite enough for this kind of project... Although it forms very good opinions about single problems it fails miserably on this kind of tasks as it lacks the ability to see "the big picture"... With this I mean that it "fails to see a forest because all the trees are blocking the view".
That part of the problem is now pretty much solved with another AI routine that has a workname "Falken". The original AI has improved in the process as well. They simulate thinking by pretty much fighting like husband and wife. Despite of different viewpoints they form a common understanding after enough iterations. Practically this means that the program can separate Z80 code from data with very high accuracy. It actually makes less mistakes than I tend to do my self due to the fact that it can remember lots of more data pointers, labels and variables than I could ever do.
The "funny" thing is that while it solves this part of the problem very well it does not do very well with the stuff I find very easy... I have no problem separating ie. ASCII strings from data tables, but I've had quite a bit problem explaining my thinking process to the computer. Big part of the problem is that it is not ever this simple, but there are always lots and lots of options to consider and my brains do it so automatically that I seem to struggle dividing those thoughts in to code form. I thought the solution was "around the corner" while it turned out I was not yet even in a correct city. I've written the routine now 3 times just to discover that there are lot more things that I do without even noticing it. First I thought I could recognize patterns and use simply some probability math, but that quickly turned out to be completely wrong way. Human thoughts don't work like that, it is much more iterative way. What I've learned in the process is that we don't consider just one complete option at a time, but rather move "toward or away of opinion" and certain thoughts follow each other in similar but not same order depending of previous results. I also should not try to avoid errors. We make huge amount of errors at any given moment. We just choose to ignore them in a quite long process that end up to the point where we actually make our mind... As I'm still struggling it is a bit early to talk about this.
So where I am practically at? Currently if I ie. take Konami Tennis Let the program to think about it, disassemble it and then I change the start address from #4000 to #8000 (32K MSX in mind) and then recompile and run it. The result is that I can see Konami-logo just fine, the menu works as expected and game can be started, but then the graphics get corrupted and the computer hangs due to wrong handled tables. (I know since I've fixed them manually, but that was not the point of this exercise)
I was thinking to tell about this project once I have these issues solved at level it can do correctly at least 1-2 games, but now the project has been idling for a month due to lack of time and I don't even expect to have time to work on it before March. Now I could not resist, since it seems I'm not only one thinking about the problem.
Of course that's possible. My first idea is simply store all addresses that are in the PC register during run time
For mapper nased rom games you'll also need to track mapped pages i suppose
Of course, you'll have to consider the slot and subslot selection and any mapper segment selection.
The only problem is: if you can't get every code part to actually run, you'll get a lot of code marked as data as false positive...
NYYRIKKI: very interesting! Is this a tool running on the MSX, like your AI?
