Personally, I'd love to see a co-op hack for SMB2 USA, The Lost Levels, and SMB3. With The Lost Levels, I would *think* (but could be very wrong) that a lot (if not all) of the data from the SMB co-op hack could be used. As for SMB3, it's certainly co-op capable with the battle mode code, in theory.
>0F:F56E:AD 00 01 LDA $0100 = #$00 0F:F571:48 PHA 0F:F572:A2 0D LDX #$0D 0F:F574:20 1A CC JSR $CC1A So basically I just need to add a block switch, and possibly just switch to the first bank on the second block. I've duplicated $0F to $1F, so the second block should be good and ready. Now to find the nearest block switch FAQ.
No worries, my life has been busy too. I'm just glad I found the time to finish this almost 5-year project. July 04, 2015, 10:16:32 pm - (Auto Merged - Double Posts are not allowed before 7 days.)So, since FCEUX will not crash on me, I have to test on something else. NesterJ, Nestopia and flash carts all crash at the same place: the dialogue. This happens when Bank #$10 is loaded. Bank #$10 is loaded just like any other bank, with no real modification.
TXA PHA LDX #$10 JSR $CC1A This is all handled in Bank #$0F. So when dialogue is loaded in Nestopia, I get a message in the log.
Emulator: loading "C:\Users\Heath\Desktop\6502\Faxanadu Restoration (T-HudsonUSA) v1.00.nes" Ines: 512k PRG-ROM set Ines: battery set Ines: horizontal mirroring set Ines: NTSC set Ines: mapper 1 set Board: SUROM Board: 512k PRG-ROM Board: 8k W-RAM Board: 8k V-RAM Board: MMC rev. B2 Emulator: battery data file "C:\Users\Heath\Desktop\6502\save\Faxanadu Restoration (T-HudsonUSA) v1.00.sav" not found Cpu: warning, TOP opcode executed Cpu: warning, DCP opcode executed Cpu: warning, SRE opcode executed Cpu: warning, DOP opcode executed Cpu: jammed!
I'm not sure what this is saying, but I made a test ROM. It was made to print dialogue endlessly, and without running code in Bank #$10. Instead, Bank #$10 was only to be loaded for the purpose of the dialogue itself. On FCEUX, the dialogue would print correctly. On NesterJ, it would print random characters from my font. This tells me that only FCEUX is reading Bank #$10, but the bank switch is unsuccessful on NesterJ, Nestopia, and a flash cart.
Okay, so I looked it up. It's saying that I've executed Double and Triple NOPs. Yep, that's true, and easily fixed. Then there's DCP... "Subtract 1 from memory (without borrow)". Wait, I *need* to have carry set when I DEC or SBC? ...Or does it mean simply that it ran an illegal opcode? As far as I know, other than my DOPs and TOPs, I don't really use extended instructions. Then there's SRE... "Shift right one bit in memory, then EOR accumulator with memory." FCEUX doesn't worry about this stuff, so I didn't really pay attention to it. I know I can fix most of this, but... I'm not quite sure what to do about the SRE, if it's necessary.
We're finally ready to release the Faxanadu (J) Restoration Vanilla (T-HudsonUSA) patch. This covers several bug fixes, retains uncensored work, adds SRAM and text speed-up options. There is just one problem. This patch only works on FCEU based emulators, due to doubling the size of the 256k MMC1 to 512k MMC1. We can't get anything else (other emulators and hardware) to read Bank 10. Since this patch is the basis for future patches (Retranslation, Remix, and Literal Faxanadu) we'd like to fix this bug and learn more about accessing Bank 10 on other emulators and hardware, before moving forward.
We doubled the size via King Mike's ROM Expansion utility, and changed the SRAM byte. Other than that, I just used regular bank switching (TXA, PHA, LDX #$10, JSR CC1A). I have no idea which bank is being read in other emulators, but further testing by implementing my dialogue code within bank 0F has shown that only garbage will be loaded when reading bank 10 in other emulators and flash carts, where FCEU will read bank 10 without any problems.
// ...Maybe "bank 10" is just not a good bank to use for this purpose?
// Looks like I need to adjust byte 4, and do more research. Found some pretty neat documentation.
// Nope. Either King Mike's utility or I myself have already adjusted byte 4 from 10 to 20. Byte 6 went from 10 to 12, which only affects battery backed SRAM.
Ah; no, sorry. I was talking about my Retranslation hack. Everything after the edit has nothing to do with the SRAM hack.
Still looking into the crashes. So far I'm thinking of creating a new code in a blank area (before neatly reorganizing all code), and running a check for last letter/line, INY, LDA ($EC),Y [current letter], CMP control codes #$FF [End Dialogue], #$FE [Line Break], #$FA [New Page], and immediately execute their respective routines -- otherwise, continue to run [Page End Routine].
It looks like a graphics table; particularly, this should tell the game how to display and mirror each 8x8 square. It would be strange if the US version did not have the same table, but I can see that happening.
// So it looks like my code messes up the stack somewhere. I'm looking for a PLA without a PHA, I believe. There are no obvious instances of this, which means it will eventually JMP $F44D without a PHA. 0F:F44D begins with a PLA and ends with the RTS that pulls a faulty stack pointer. I will continue to seek this out today.
Which eliminates the crash in that specific instance. It does, however, present a problem everywhere else. I've also narrowed it down to one of two instances; line 4 is full (16 characters) and/or line 5 begins with Control Code: [End Dialogue]
Nice! Maybe... the extra save icon might be misplaced garbage. I know I did a layering effect to cover up garbage (I.E. the save icon is overlapping garbage) If you could figure out how to scoot that junk to the left, you'll be good to go.
Alright, forget that foolishness. So what we have here is a crash. If you talk to the smoker in Eolis, he says "It looks like the end is near."
Here's the interesting part: A normal RTS opcode will send the game to crash, by making it read 00:1100 (from 0F:F44D). I'm guessing this may have something to do with the stack. I'm also guessing that the stack can be thrown off by things like an uneven amount of PLA/PHA opcodes being run in a row. If I'm missing something important in my observations, please let me know.
// Also, as of 2-10-2014 (with the latest update being 2-11-2014), here are most of the dialogue routines across banks 0F, 0C, and 10:
10:BECB JMP Dialogue Routine 10:BECB:EA EA EA NOP 10:BECE:4C 8D BF JMP $BF8D ; JuMP to Dialogue Routine at 10:BF8D 10:BED1:AD 15 02 LDA $0215 = #$04 ; LoaD Page End Countdown to A 10:BED4:F0 2A BEQ $BF00 ; If equal to #$00, branch to PLB Checks at 0F:BF00 10:BED6:60 RTS ----------------------------------------- 10:BED7 Page Post 10:BED7:98 TYA ; Transfer Y to A 10:BED8:E9 1F SBC #$1F ; SuBtract #$1F and Carry Flag from A 10:BEDA:8D 16 02 STA $0216 = #$02 ; STore A to Letter Position 10:BEDD:D0 11 BNE $BEF0 ; Branch if Not Equal to #$00, to Skip PLB at 10:BEF0 10:BEDF:AD 17 02 LDA $0217 = #$00 ; LoaD Line Position to A 10:BEE2:C9 04 CMP #$04 ; Is Line Position #$04? 10:BEE4:90 0A BCC $BEF0 ; If less than #$04, branch to Skip PLB at 10:BEF0 10:BEE6:AD 15 02 LDA $0215 = #$04 ; LoaD Page End Countdown to A 10:BEE9:F0 05 BEQ $BEF0 ; If equal to #$00, branch to Skip PLB at 10:BEF0 10:BEEB:EA EA NOP 10:BEED:20 88 F6 JSR $F688 ; Jump to SubRoutine Page Line Break at 0F:F688 10:BEF0 Skip PLB 10:BEF0:AC 16 02 LDY $0216 = #$02 ; LoaD Letter Position to Y 10:BEF3:98 TYA ; Transfer Y to A 10:BEF4:4C C7 BF JMP $BFC7 ; JuMP to Increase Line Position at 10:BFC7 10:BEF7:20 88 F6 JSR $F688 ; Jump to SubRoutine Page Line Break at 0F:F688 10:BEFA:20 6E F5 JSR $F56E ; Jump to SubRoutine Print Character at 0F:F56E 10:BEFD:4C 45 BF JMP $BF45 ; JuMP to Begin CC Check 10:BF00 PLB Checks 10:BF00:B1 EC LDA ($EC),Y @ $8633 = #$11 ; Load Current Letter to A at $EC+$0214 or $0216 10:BF02:C9 FA CMP #$FA ; Is Current Letter #$FA? 10:BF04:90 05 BCC $BF0B ; If less than #$FA, branch to Begin RC Check at 10:BF0B 10:BF06:E6 EC INC $00EC = #$80 ; INCrease $00EC by #$01 10:BF08:EE 14 02 INC $0214 = #$B4 ; INCrease $0214 by #$01 10:BF0B Begin RC Check 10:BF0B:A2 00 LDX #$00 ; LoaD #$00 to X 10:BF0D Remaining Characters Check 10:BF0D:E8 INX ; INcrease X by #$01 10:BF0E:C8 INY ; INcrease Y by #$01 10:BF0F:B1 EC LDA ($EC),Y @ $8633 = #$11 ; Load Current Letter to A at $EC+$0214 or $0216 10:BF11:C9 FF CMP #$FF ; Is Current Letter #$FF? 10:BF13:D0 F8 BNE $BF0D ; If not, branch to Remaining Characters Check at 10:BF0D 10:BF15:E0 10 CPX #$10 ; Is X #$10? 10:BF17:B0 01 BCS $BF1A ; If greater than or equal to #$10, branch to 10:BF1A 10:BF19:60 RTS ----------------------------------------- 10:BF1A:CE 17 02 DEC $0217 = #$00 ; DECrease Line Position by #$01 10:BF1D:CE 17 02 DEC $0217 = #$00 ; DECrease Line Position by #$01 10:BF20:AC 16 02 LDY $0216 = #$02 ; LoaD Letter Position to Y 10:BF23:C0 02 CPY #$02 ; Is Letter Position #$02? 10:BF25:90 09 BCC $BF30 ; If less than #$02, branch to Letter Position Reset at 10:BF30 10:BF27 DELP 10:BF27:88 DEY ; DEcrease Letter Position by #$01 10:BF28:88 DEY ; DEcrease Letter Position by #$01 10:BF29:C0 02 CPY #$02 ; Is Letter Position #$02? 10:BF2B:B0 FA BCS $BF27 ; If greater than or equal to #$02, branch to DELP at 10:BF27 10:BF2D:8C 16 02 STY $0216 = #$02 ; STore Y to Letter Position 10:BF30 Letter Position Reset 10:BF30:A9 04 LDA #$04 ; LoaD #$04 to A 10:BF32:8D 15 02 STA $0215 = #$04 ; STore A to Page End Countdown 10:BF35:8D 1B 02 STA $021B = #$04 ; STore A to 10:BF38:B1 EC LDA ($EC),Y @ $8633 = #$11 ; Load Current Letter to A at $EC+$0214 or $0216 10:BF3A:20 6E F5 JSR $F56E ; Jump to SubRoutine Print Character at 0F:F56E 10:BF3D:20 88 F6 JSR $F688 ; Jump to SubRoutine Page Line Break at 0F:F688 10:BF40:70 89 BVS $BECB ; Branch on oVerflow flag Set to JMP Dialogue Routine at 10:BECB 10:BF42:4C 93 BF JMP $BF93 ; JuMP to Check PEC at 10:BF93 10:BF45 Begin CC (Character Code) Check 10:BF45:B1 EC LDA ($EC),Y @ $8633 = #$11 ; LoaD Current Letter to A at $EC+$0214 or $0216 10:BF47:C9 FA CMP #$FA ; Is Current Letter #$FA? 10:BF49:D0 14 BNE $BF5F ; If not, branch to Continue CC Check 10:BF4B:A9 00 LDA #$00 ; LoaD #$00 to A 10:BF4D:8D 15 02 STA $0215 = #$04 ; STore A to Page End Countdown 10:BF50:8D 16 02 STA $0216 = #$02 ; STore A to Letter Position 10:BF53:8D 17 02 STA $0217 = #$00 ; STore A to Line Position 10:BF56:8D 1C 02 STA $021C = #$00 ; STore A to 10:BF59:60 RTS ----------------------------------------- 10:BF5A:EA EA EA NOP 10:BF5D:EA EA NOP 10:BF5F Continue CC Check 10:BF5F:C9 FF CMP #$FF ; Is Current Letter #$FF? 10:BF61:F0 7C BEQ $BFDF ; If so, branch to End Message 10:BF63:C9 FE CMP #$FE ; Is Current Letter #$FE? 10:BF65:F0 4D BEQ $BFB4 ; If so, branch to Line Break 10:BF67:C9 FD CMP #$FD ; Is Current Letter #$FD? 10:BF69:F0 3F BEQ $BFAA ; If so, branch to (Print) Space Branch 10:BF6B:C9 FC CMP #$FC ; Is Current Letter #$FC? 10:BF6D:F0 76 BEQ $BFE5 ; If so, branch to Name 10:BF6F:C9 FB CMP #$FB ; Is Current Letter #$FB? 10:BF71:F0 7B BEQ $BFEE ; If so, branch to Title 10:BF73:AE 12 02 LDX $0212 = #$01 ; LoaD $0212 to X 10:BF76:F0 07 BEQ $BF7F ; Is $0212 #$00? If so, branch to $0212=#$00 10:BF78:48 PHA ; PusH A 10:BF79:A9 01 LDA #$01 ; Load #$01 to A 10:BF7B:20 E4 D0 JSR $D0E4 ; Jump to SubRoutine $D0E4 10:BF7E:68 PLA ; PulL A 10:BF7F $0212=#$00 10:BF7F:20 32 F7 JSR $F732 ; Jump to SubRoutine $F732 10:BF82:AD 16 02 LDA $0216 = #$02 ; Load Letter Position to A 10:BF85:D0 05 BNE $BF8C ; Is Letter Position #$00? If not, branch to Resume Routine 10:BF87:AD 17 02 LDA $0217 = #$00 ; Load Line Position to A 10:BF8A:F0 01 BEQ $BF8D ; Is Line Position #$00? If so, branch to Dialogue Routine 10:BF8C Resume Routine 10:BF8C:60 RTS ----------------------------------------- 10:BF8D Dialogue Routine 10:BF8D:EE 16 02 INC $0216 = #$02 ; Increase Letter Position by #$01 10:BF90:EE 16 02 INC $0216 = #$02 ; Increase Letter Position by #$01 10:BF93 Check PEC 10:BF93:AD 15 02 LDA $0215 = #$04 ; Load Page End Countdown to A 10:BF96:F0 F4 BEQ $BF8C ; Is Page End Countdown #$00? If so, branch to Resume Routine at 10:BF8C 10:BF98:AD 13 02 LDA $0213 = #$9F ; Load Message ID to A 10:BF9B:F0 EF BEQ $BF8C ; Is Message ID #$00? If so, branch to Resume Routine at 10:BF8C 10:BF9D:A9 01 LDA #$01 ; Load #$01 to A 10:BF9F:8D 12 02 STA $0212 = #$01 ; STore A to $0212 10:BFA2:20 E4 D0 JSR $D0E4 ; Jump to Dialogue SFX at 0F:D0E4 10:BFA5:A9 00 LDA #$00 ; Load #$00 to A 10:BFA7:20 25 CA JSR $CA25 ; Jump to Pause at 0F:CA25 10:BFAA (Print) Space Branch 10:BFAA:20 6E F5 JSR $F56E ; Jump to SubRoutine Print Character at 0F:F56E 10:BFAD:AD 16 02 LDA $0216 = #$02 ; LoaD Letter Position to A 10:BFB0:C9 1E CMP #$1E ; Is Letter Position #$1E? 10:BFB2:90 D9 BCC $BF8D ; If less than #$1E, branch to Dialogue Routine at 10:BF8D 10:BFB4 Line Break 10:BFB4:AC 16 02 LDY $0216 = #$02 ; Load Letter Position to Y 10:BFB7:C0 1F CPY #$1F ; Is Letter Position #$1F? 10:BFB9:B0 06 BCS $BFC1 ; If greater than or equal to #$1F, branch to Page Countdown at 10:BFC1 10:BFBB Letter Increase 10:BFBB:C8 INY ; INcrease (Y) Letter Position by #$01 10:BFBC:C8 INY ; INcrease (Y) Letter Position by #$01 10:BFBD:C0 1F CPY #$1F ; Is Letter Position #$1F? 10:BFBF:90 FA BCC $BFBB ; If less than #$1F, branch to Letter Increase at 10:BFBB 10:BFC1 Page Countdown 10:BFC1:CE 15 02 DEC $0215 = #$04 ; Decrease Page End Countdown by #$01 10:BFC4:4C D7 BE JMP $BED7 ; JuMP to Page Post at 10:BED7 10:BFC7 Increase Line Position 10:BFC7:EA EA EA NOP 10:BFCA:AD 16 02 LDA $0216 = #$02 ; LoaD Letter Position to A 10:BFCD:D0 C4 BNE $BF93 ; Is Letter Position #$00? If not, branch to Check PEC 10:BFCF:EE 17 02 INC $0217 = #$00 ; INCrease Line Position by #$01 10:BFD2:EE 17 02 INC $0217 = #$00 ; INCrease Line Position by #$01 10:BFD5:AD 17 02 LDA $0217 = #$00 ; LoaD Line Position to A 10:BFD8:C9 04 CMP #$04 ; Is Line Position #$04 10:BFDA:90 B7 BCC $BF93 ; If less than #$04, branch to Check PEC 10:BFDC:4C 85 F6 JMP $F685 ; JuMP to Bank Switch PLB at 0F:F685 10:BFDF End Message 10:BFDF:A9 00 LDA #$00 ; LoaD #$00 to A 10:BFE1:8D 13 02 STA $0213 = #$9F ; STore A to Message ID 10:BFE4:60 RTS ----------------------------------------- 10:BFE5 Name 10:BFE5:AD C2 04 LDA $04C2 = #$46 10:BFE8:EE 1C 02 INC $021C = #$00 10:BFEB:4C F2 F5 JMP $F5F2 10:BFEE Title 10:BFEE:A9 81 LDA #$81 10:BFF0:8D 1C 02 STA $021C = #$00 10:BFF3:AD 37 04 LDA $0437 = #$0D 10:BFF6:0A ASL 10:BFF7:0A ASL 10:BFF8:0A ASL 10:BFF9:AA TAX 10:BFFA:BD 91 F7 LDA $F791,X @ $F7A1 = #$1B 10:BFFD:4C F2 F5 JMP $F5F2
Obviously a lot of this stuff can be consolidated, rewritten in smaller code. I do have this saved on my phone, so I'll take a look. I imagine there is some redundant code, as well. (Due to partial original dialogue code from the JP version)
Unmodified US version, input a valid password, make a save state. Use the trace logger, and set a breakpoint for... gold. Something, anything that would be loaded. If you have further questions, we should discuss this via e-mail or PM.
// Regarding my hack, I plan to disassemble my project and put the disassembly on my phone. I have two hours per work day (generally) between work and home (I'm pretty busy. ) that I can use to look at the code. I'm hoping that I can get dcc6502 running on Windows 7, but will look into dosbox if all else fails.
// SmartRENES... I'll try that.
// So far... no luck. I just want a comprehensive disassembly of my hack, showing each line in ASM (Like FCEUX), in TXT or HTML format.
What I see is that it indeed is loading data, however, certain addresses between the US and JP version are different, so it's trying to branch/jmp/jsr to JP code instead of US code. Look for the death/respawn routine, and look for a jmp or jsr from the end of my load routine. Modify the address to match the US respawn routine.
// Alternatively, look for the end of the US password successful checksum routine.
I believe the check is in the first 4 bytes of SRAM. Look for a line scanning the area, and disable the branch. It's looking for 00 bytes, so we're possibly looking for BEQ. Change the BEQ:XX bytes to NOP.
I'd really love to see SRAM functionality in the US version, have you hacked that ROM too?
I could probably make a US patch by using the US version as a base when creating a patch from the JP version. There would be a bit of the original code copied over, as well.
Umaggot, see if you can find the line of code with the Pendant bug. The Pendant item is supposed to increase your strength but instead it decreases it.
Someone made a hack fixing this issue.
That someone was I, and it has been already fixed for the Retranslation and general bugfix patches. In addition, there were a few armor and shield bugs (items being replaced because the game was checking for amount of shields instead of armor, AND vice-versa! ...also swords!) that I've ironed out.
Hey there, frsj8112. (and everyone) I'm sorry I've been out of the game for so long. My website is currently down (presumably due to inactivity), but I'll be restoring it at some point. I haven't worked on this in ages, but I have every intent of finishing my work and releasing both a retranslation, and a normal "US" version with SRAM and all of my bugfixes (which includes anything that needed fixing as mentioned in this topic -- all of those bugs have been addressed since). I'm sorry for the wait.
So to bring you up to speed, I'm working on an SRAM hack. It's mostly done, but there's a 15-second delay (ouch!) after the game is saved, and the save icon is written over with a garbled Japanese character. I've been trying to use the cheat feature to figure out if it can somehow be fixed by writing to a relevant address in the RAM, but I'm not getting any bites. I've also been using the debugger to step through the code, but it just goes in a big circle and would take a painfully long time to step through until I'd actually find what's causing the icon to be written over. So just for the sake of curiousity, is there an easier way? I've also looked through SP's disassembly and have tried experimenting with the most relevant bytes that I've seen, but I'm not getting any hits.
// If it helps, I set a break point for $61FF -- and it seems that the cursor blinks AND the game saves repeatedly, during all of those 15 seconds. In reality, it only needs to save once. July 03, 2011, 01:13:46 am - (Auto Merged - Double Posts are not allowed before 7 days.)The Faxanadu SRAM (J) Open Beta patch is here!
This patch is for the Japanese version only. It will NOT work on the US/EU versions. This patch will allow you to save the game, when you would've otherwise received a mantra.
If you find any bugs or glitches, *please* let me know! Thank you!
I've already played through it twice, and I've noticed that an armor is replaced at some point in Branch. If I had to take a solid guess, it'll have something to do with obtaining the Battle Suit. I haven't yet tested to see whether or not this is just a bug in my copy of Faxanadu (J), but I am aware that my copy has a bug that prevents a part of the Studded Mail from appearing while climbing a ladder.