amiga-bootcamp/05_reversing/ghidra_setup.md

[← Home](../README.md) · [Reverse Engineering](README.md)

# Ghidra Setup for Amiga 68k Binaries

## Requirements

| Component | Version / Notes |
|---|---|
| Ghidra | 10.x+ or 11.x+ recommended |
| Processor module | M68k — included in Ghidra standard install |
| HUNK loader & Amiga extensions | **ghidra-amiga** by BartmanAbyss |

---

## Step 1: Install the Amiga Extension

Ghidra natively supports the M68000 architecture and includes a powerful decompiler for it, but it does not understand the Amiga OS executable format (HUNK) out of the box. 

1. Download the latest release of `ghidra-amiga` from: https://github.com/BartmanAbyss/ghidra-amiga
2. Open Ghidra.
3. Go to `File → Install Extensions...`
4. Click the green `+` (Add extension) button.
5. Select the downloaded `.zip` file (do not extract it).
6. Restart Ghidra.

This essential extension provides:
- A complete Amiga HUNK format loader.
- Custom chipset register definitions mapped to `$DFF000`.
- OS library LVO (Library Vector Offset) definitions.
- Analyzer scripts specifically for resolving Amiga binaries.

---

## Step 2: Importing and Analyzing

1. Create a new project or open an existing one.
2. Select `File → Import File...` and choose your Amiga executable or library.
3. The format should automatically be detected as `Amiga Executable` (thanks to the extension).
4. Double-click the imported file to open it in the CodeBrowser.
5. When prompted to analyze, click **Yes**.
6. Ensure the `Amiga` analyzers (provided by the extension) are enabled in the analysis options list before hitting Analyze.

---

## Step 3: Decompilation and M68k Specifics

Unlike IDA Pro (which lacks Hex-Rays support for M68k), **Ghidra's built-in decompiler fully supports the Motorola 68000 family.**

- The `ghidra-amiga` extension actively assists the decompiler by automatically annotating library calls (like `exec/AllocMem` or `dos/Open`) when it detects jumps to negative offsets on `A6`.
- The decompiler will translate these `JSR` instructions directly into C pseudocode function calls with the correct parameters, making it vastly superior for analyzing C/C++ compiled Amiga software.

---

## Step 4: Custom Hardware Registers ($DFF000)

The `ghidra-amiga` extension automatically creates memory blocks for Amiga custom chips and CIA registers.

1. Go to `Window → Memory Map`. You will see `custom` ($DFF000), `ciaa` ($BFE001), and `ciab` ($BFD000) accurately mapped into the address space.
2. The extension automatically defines the Amiga Custom Chip data types.
3. When analyzing code that bangs the hardware (e.g., `move.w d0, $096(A4)`), if Ghidra knows `A4` is `$DFF000`, it will automatically format it as `custom->dmacon` in the C pseudocode!
4. If it fails to detect the base register automatically, you can manually set the register value by highlighting the start of the function, right-clicking, and selecting `Set Register Values` (or `Ctrl-R`), then defining `A4 = 0xDFF000`.

---

## Step 5: Dynamic Analysis

Ghidra is purely for **static analysis**. 
For dynamic debugging, the workflow is identical to IDA:
1. Do your mapping and decompilation in Ghidra.
2. Note the physical addresses and offsets.
3. Run the binary in WinUAE and drop into the native debugger (`Shift+F12`) to set breakpoints and step through the hardware state live.

---

## References

- [ghidra-amiga by BartmanAbyss](https://github.com/BartmanAbyss/ghidra-amiga) — The definitive Amiga loader and extension suite for Ghidra.
- [Ghidra Official Website](https://ghidra-sre.org/)
- [vscode-amiga-debug](https://github.com/BartmanAbyss/vscode-amiga-debug) — Excellent extension for source-level Amiga debugging if you are writing modern Amiga patches.
More information. Especially about RE and AREXX automation 2026-04-29 21:42:28 -04:00			`[← Home](../README.md) · [Reverse Engineering](README.md)`

			`# Ghidra Setup for Amiga 68k Binaries`

			`## Requirements`

			`\| Component \| Version / Notes \|`
			`\|---\|---\|`
			`\| Ghidra \| 10.x+ or 11.x+ recommended \|`
			`\| Processor module \| M68k — included in Ghidra standard install \|`
			`\| HUNK loader & Amiga extensions \| ghidra-amiga by BartmanAbyss \|`

			`---`

			`## Step 1: Install the Amiga Extension`

			`Ghidra natively supports the M68000 architecture and includes a powerful decompiler for it, but it does not understand the Amiga OS executable format (HUNK) out of the box.`

			1. Download the latest release of `ghidra-amiga` from: https://github.com/BartmanAbyss/ghidra-amiga
			`2. Open Ghidra.`
			3. Go to `File → Install Extensions...`
			4. Click the green `+` (Add extension) button.
			5. Select the downloaded `.zip` file (do not extract it).
			`6. Restart Ghidra.`

			`This essential extension provides:`
			`- A complete Amiga HUNK format loader.`
			- Custom chipset register definitions mapped to `$DFF000`.
			`- OS library LVO (Library Vector Offset) definitions.`
			`- Analyzer scripts specifically for resolving Amiga binaries.`

			`---`

			`## Step 2: Importing and Analyzing`

			`1. Create a new project or open an existing one.`
			2. Select `File → Import File...` and choose your Amiga executable or library.
			3. The format should automatically be detected as `Amiga Executable` (thanks to the extension).
			`4. Double-click the imported file to open it in the CodeBrowser.`
			`5. When prompted to analyze, click Yes.`
			6. Ensure the `Amiga` analyzers (provided by the extension) are enabled in the analysis options list before hitting Analyze.

			`---`

			`## Step 3: Decompilation and M68k Specifics`

			`Unlike IDA Pro (which lacks Hex-Rays support for M68k), Ghidra's built-in decompiler fully supports the Motorola 68000 family.`

			- The `ghidra-amiga` extension actively assists the decompiler by automatically annotating library calls (like `exec/AllocMem` or `dos/Open`) when it detects jumps to negative offsets on `A6`.
			- The decompiler will translate these `JSR` instructions directly into C pseudocode function calls with the correct parameters, making it vastly superior for analyzing C/C++ compiled Amiga software.

			`---`

			`## Step 4: Custom Hardware Registers ($DFF000)`

			The `ghidra-amiga` extension automatically creates memory blocks for Amiga custom chips and CIA registers.

			1. Go to `Window → Memory Map`. You will see `custom` ($DFF000), `ciaa` ($BFE001), and `ciab` ($BFD000) accurately mapped into the address space.
			`2. The extension automatically defines the Amiga Custom Chip data types.`
			3. When analyzing code that bangs the hardware (e.g., `move.w d0, $096(A4)`), if Ghidra knows `A4` is `$DFF000`, it will automatically format it as `custom->dmacon` in the C pseudocode!
			4. If it fails to detect the base register automatically, you can manually set the register value by highlighting the start of the function, right-clicking, and selecting `Set Register Values` (or `Ctrl-R`), then defining `A4 = 0xDFF000`.

			`---`

			`## Step 5: Dynamic Analysis`

			`Ghidra is purely for static analysis.`
			`For dynamic debugging, the workflow is identical to IDA:`
			`1. Do your mapping and decompilation in Ghidra.`
			`2. Note the physical addresses and offsets.`
			3. Run the binary in WinUAE and drop into the native debugger (`Shift+F12`) to set breakpoints and step through the hardware state live.

			`---`

			`## References`

			`- [ghidra-amiga by BartmanAbyss](https://github.com/BartmanAbyss/ghidra-amiga) — The definitive Amiga loader and extension suite for Ghidra.`
			`- [Ghidra Official Website](https://ghidra-sre.org/)`
			`- [vscode-amiga-debug](https://github.com/BartmanAbyss/vscode-amiga-debug) — Excellent extension for source-level Amiga debugging if you are writing modern Amiga patches.`