Super Mario Bros 2 (FDS): Mario and Luigi codes

[Szemigi]

Hello!

Can anybody tell me where to find Mario's and Luigi's selection and jumping codes in SMB2J?


I'm asking, because YY made an IPS patch 'Luigi Game' for Super Mario Bros. NES and I'm curious how and where to find it in SMB2J in hexadecimally.

[KingMike]

You wouldn't find it just by staring at hex.

Try cheat searching.
Most likely, Mario/Luigi's Y position will decrease as they are further up the screen.
Start a cheat search while the are standing, press the jump button and quickly try to cheat search while they are in the air (if you can pause while they're in the air it might help).

What you want to try to find is RAM addresses affected by jumping. This will probably give you the RAM address of Mario's sprite data (nearly all NES games will allocate a $100 byte page of memory to sprites) and maybe some other bytes. You want to narrow it down to the jumping bytes.
Then when you find them, use the Debugger to set a Write Breakpoint on the RAM addresses. So it will show the code that has updated the positions. Likely it will be code to DECrement or SBC (subtract) some value and then probably CMP (comparing) it to the maximum value (a lower value likely because sprite Y position go from the top of the screen to the bottom)

However, you may want to test on SMB1 first to make sure you have the technique.
SMB2 is a disk game which has an added technical difficulty to being sure you have the actual value.
In SMB1 (a cart game) you can tell in the debugger (when the Trace Logger will appear after the game tries to write to the address specified by the Write Breakpoint) when it reading values from the original game code because ROM addresses will be $8000+.
In FDS games, game code is loaded to RAM and then executed. In an FDS game, if you find it reading data from an address above $6000, it is likely the original code (the "ROM" data) but you can't be certain since that area is RAM and as such games CAN write to it.
And if you do find that it is code, to find it in the ROM, you might have to use a hex search to find it. As FDS games use a file structure which would make hex searching in a hex editor the easiest way to locate code in the ROM, for a beginner. (unlike cartridge games where it is easier to convert a CPU address to a ROM address)

[segwayspeedracer]

The information below is valid and answers the jumping question perfectly. I wish I knew this 8 years ago when I first started hacking this game.

Super Mario Bros

At offset x3434, you will find the following.. these are Mario's physics:

20 20 1e 28 28 0d 04 70 70 60 90 90 0a 09 e4 98 d0

Super Mario Bros 2 (Japan)

At offset x83CD, you will find the following... these are both Mario and then Luigi's physics:

20 20 1e 28 28 0d 04 70 70 60 90 90 0a 09 e4 98 d0
18 18 18 22 22 0d 04 42 42 3e 5d 5d 0a 09 b4 68 a0

You can literally replace the Mario segments of the code with the Luigi segments. That YY patch also had improved jumping off of koopa troopas.. I don't know exactly what the patch does to the ROM to make those adjustments.

This source came from Doppleganger's SMB and SMB2J Disassembly. It's the actual script of SMB. The green notes give you tips as to what the ASM is saying. Use Notepad ++ to view the asm file.