News: 11 March 2016 - Forum Rules, Mobile Version
Current Moderators - DarkSol, KingMike, MathOnNapkins, Azkadellia

« previous next »
Pages: [1]

Author Topic: newbie snes debugging question  (Read 411 times)

AhmedXyz

  • Newbie
  • *
  • Posts: 2
    • View Profile
newbie snes debugging question
« on: October 23, 2017, 01:25:41 pm »
Hello!

I've been ROM hacking in the past for fun and have used the MAME debugger and wla-dx assembler together successfully in Master System, NES and Genesis ROM hacking.
I just recently tried to tackle SNES hacking the same way, starting with Super Mario World (of course). The problem I quickly encountered was that watchpoints do not seem to work reliably. I can set wp:s for some RAM addresses (16-bit addresses ranging from $00 to $1fff) and find routines reading from or writing to them, but for others I had less success.
For example, bytes at $1f17 and $1f19 correspond to Marios map position and they are updated when moving across the map. I set wp:s on these addresses to find routines that update these values, to no avail. Even though RAM clearly changes when moving Mario, the debugger does not break execution. This happens for some other RAM addresses as well. I assume that this is due to some quirk with how the SNES work that I am unfamiliar with. Could someone clue me in as to what happens here, and what I am doing wrong?

Thanks!
Logged

KingMike

  • Forum Moderator
  • Hero Member
  • *****
  • Posts: 6391
  • *sigh* A changed avatar. Big deal.
    • View Profile
Re: newbie snes debugging question
« Reply #1 on: October 23, 2017, 05:07:28 pm »
Unfortunately I don't think SNES emulators are good about taking mirroring into account with breakpoints (or at least Geiger's, which I have the most experience with).

I'm guessing by using only a 16-bit address, it is assuming $00:0000 to $00:1FFF. That is actually just the first 8KB of RAM ($7E:0000-7F:FFFF). Especially in a LoROM game like SMW, that first 8KB can be accessed from almost any bank. (the other 120KB must be specifically accessed from banks 7E/7F) (the current Data Bank is the DB register)
Meaning that if you set a breakpoint on 001000, it will only break on access to 00:1000, and not 01:1000 (even though it's functionally the same thing), for example.
Logged
Quote
Sir Howard Stringer, chief executive of Sony, on Christmas sales of the PS3:
"It's a little fortuitous that the Wii is running out of hardware."

AhmedXyz

  • Newbie
  • *
  • Posts: 2
    • View Profile
Re: newbie snes debugging question
« Reply #2 on: October 24, 2017, 08:38:13 am »
That must be it! I just assumed that the game would always access the same ram mirror for the first two pages of ram unless explicitly targeting some other mirror with 24-bit addressing.

So you mean that whatever value is in DB determines what mirror is accessed?
How do you work around this when debugging?
Logged
Pages: [1]
« previous next »