 |
| Register | Login | |||||
 |
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
|
| | ||
|
| Register | Login | |||||
|
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
|
| | ||
1 user currently in Rom Hacking:  hukka |
| Acmlm's Board - I2 Archive - Rom Hacking - Calculating SNES Pointers |
 |  |  |
| Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
| User | Post | ||
|
Kei-kun Level: 9 Posts: 21/27 EXP: 2633 For next: 529 Since: 11-15-04 Since last post: 86 days Last activity: 26 days |
| ||
| I've only worked with pointers for GBC/GBA games as I wasn't very experienced back in the days that I have tried editing SNES roms. Just recently I've been playing Lufia and the Fortress of Doom (amazing game, clean and efficient - only a MB in size; surprisingly long) and I can't help thinking about ways I could edit it. I've been searching around, but I can't seem to find anything on SNES pointers, seeing as a majority of the rom hacking community doesn't even know how to use pointers in general. So, if anyone could post a simple formula or routine for calculating SNES pointers please? |
|||
|
HyperLamer <||bass> and this was the soloution i thought of that was guarinteed to piss off the greatest amount of people Sesshomaru Tamaranian Level: 118 Posts: 6321/8210 EXP: 18171887 For next: 211027 Since: 03-15-04 From: Canada, w00t! LOL FAD Since last post: 2 hours Last activity: 2 hours |
| ||
| SNES pointers are complicated. Best bet is to get Lunar Address. | |||
JLukas Red Paragoomba Level: 13 Posts: 40/51 EXP: 8897 For next: 1370 Since: 03-15-04 From: USA Since last post: 9 hours Last activity: 6 hours |
| ||
| Yes, grab Lunar Address from FuSoYa's site. I had a quick look at Lufia, here's an example: Go to offset $0043DD in a hex editor You see ED C3 reverse it C3 ED In the right side of Lunar Address enter 00:C3ED On the left side appears 00:43ED Go back to the hex editor, look at that offset The pointer from above pointed to that text string "General Items" $0043DD through $0043EC are the pointers to all those text strings you see in that section. That's an example of a 16 bit pointer (2 bytes) Sometimes they are 24 bit, 3 bytes. It works the same way, just reverse the digits and enter in Lunar Address to convert it. Have fun. edit: typos (edited by JLukas on 08-05-05 11:37 PM) |
|||
Gideon Zhi Red Tektite Level: 13  Posts: 45/79 EXP: 10265 For next: 2 Since: 04-02-05 Since last post: 47 days Last activity: 2 days |
| ||
| Okay, basic deal is this. The GBC operates in banks of #$4000 bytes each, as I'm sure you're aware. These are all swapped into memory at address $4000, if I recall correctly, so the pointers all have values of between #$4000-#$7FFF. (A few terminlogical notes - #$ preceeds a constant, whereas $ proceeds an address. Thus, $4000 is an address and #$4000 is two bytes of data. Hope you follow.) SNES stuff isn't that much more complicated. I'll start with hirom, since it's easier. SNES HiROM games have banks 64 kilobytes in size (that is, #$10000 bytes each.) Since one of the great features of the SNES is its capacity for 24-bit addressing, it doesn't need to bankswap; thus, hirom pointers are essentially linear. If you had data at $4567 in an SNES HiROM game, the 16-bit pointer value for that data would simply be #$6745. HiROM banks are _generally_ addressed starting with $C0:0000 as the origin; so file address $4567 would be SNES address $C0:4567 and 24-bit pointer value #$6745C0. File address $012345 would be SNES HiROM $C1:2345; file address $123456 would be SNES HiROM $D2:3456. Simple enough, eh? SNES LoROM behaves generally the same way. It can be addressed in the exact same fashion as HiROM games, but as I've only seen one game that does that I'll go over the more typical way you'll see LoROM pointers done. SNES LoROM games have banks 32 kilobytes in size (that is, #$8000 bytes each.) As such, our range of pointer values will only encompass #$8000 values, and these values are always in excess of #$8000 itself, with the bank value starting at either $00 or $80. So file address $00:0000 as SNES LoROM would either be $00:8000 or $80:8000. File address $00:7FFF becomes $00:FFFF or $80:FFFF, and file address $008000 is either $01:8000 or $81:8000. Pointer values between #$0000-#$7FFF -can- work, but they will address memory in WRAM bank $7E, so don't use 'em unless you know _exactly_ what they'll be reading  That's SNES pointers in a nutshell. Lunar Address is useful for calculating lorom banks, but otherwise I can generally do all file->snes address conversions in my head, and it's a lot faster if you can do it that way. Given what JLukas said, Lufia seems to be LoROM, but whether it uses $00 or $80 for its origin bank I couldn't really say. It doesn't really matter either way though, they're just mirrors of each other and point to exactly the same thing regardless. |
|||
MathOnNapkins Math n' Hacks Level: 67  Posts: 2104/2189 EXP: 2495887 For next: 96985 Since: 03-18-04 From: Base Tourian Since last post: 1 hour Last activity: 32 min. |
| ||
| As I understand it LoRom always starts out in bank $00. However, some games, like Super Metroid, use FastRom and thus have to jump to bank $80 (*) to take advantage of the speed increase. So keep in mind that $0x:xxxx and $8x:xxxx will reference the same locations in the rom, just at a different proecessor speed. * And in fact it does this in the first few lines of code, spending all of its time after that in Fast Rom mode, and executing code in banks $80 and above.. (edited by MathOnNapkins on 08-06-05 01:08 AM) |
|||
|
Kei-kun Level: 9 Posts: 23/27 EXP: 2633 For next: 529 Since: 11-15-04 Since last post: 86 days Last activity: 26 days |
| ||
| Gideon, I'm not really sure if I understand what you're saying. So if the last four digits in the address is less than #$8000, then I add #$8000 to it? And if it is greater than or equal to #$8000, I add 1 to the bank? So file address $29060 as LoROM would be either $03:9060 or $83:9060? It doesn't sound right to me... I am confused here. Could you explain it in different words? =\ |
|||
|
Gideon Zhi Red Tektite Level: 13 Posts: 46/79 EXP: 10265 For next: 2 Since: 04-02-05 Since last post: 47 days Last activity: 2 days |
| ||
| For the 16-bit address, yeah, that's the way it works in lorom. It's hacky that way, but it works. For the 24-bit bank addresses, every #$8000 bytes, you count up one, vis a vis the following table: File SNES ...and so on. |
|||
|
Kei-kun Level: 9 Posts: 24/27 EXP: 2633 For next: 529 Since: 11-15-04 Since last post: 86 days Last activity: 26 days |
| ||
| OH! Now I get it. I was forgetting that each bank was #$8000 bytes. So really, #$29060 as LoROM would be $05:9060. So it's subtract the last four digits from the offset and divide it by #$8000 for the bank; and if the last four digits are less than #$8000, add #$8000 to it. But hmm... after looking around some more, I've found a document that involves subtracting the size of the SNES header ($200 bytes) from the offset to find its pointer. Is that person wrong or must I subtract the header? I took a look at the said program above and when autodetecting the rom type, it automatically subtracts the header from the SNES LoROM. Edit: Duh! Since SNES banks are #$8000 bytes long instead of #$4000 and it's the same idea behind it, all I have to do is change some values in the beautiful formula I've been using for the GBC. Instead of GBC Bank: Address / $4000 GBC Pointer: ByteSwap [(Address mod $4000) + $4000)] I could use SNES Bank: Address / $8000 SNES Pointer: (Address mod $8000) + $8000 That makes things sooo much easier! Two questions, though: Is a byteswap involved with SNES pointers? And does the size of the header need to be subtracted from the address? Thanks a lot. (edited by Kei-kun on 08-06-05 05:25 PM) (edited by Kei-kun on 08-06-05 05:27 PM) (edited by Kei-kun on 08-06-05 05:27 PM) |
|||
|
Gideon Zhi Red Tektite Level: 13 Posts: 47/79 EXP: 10265 For next: 2 Since: 04-02-05 Since last post: 47 days Last activity: 2 days |
| ||
| Byteswap is involved, yes. Endian modes tend to be similar across most consoles :p As far as headers go, they're data used _only_ by console copiers. If your rom has a header, just chop it off when you hack the game. Makes calculation so much easier. |
|||
|
Kei-kun Level: 9 Posts: 25/27 EXP: 2633 For next: 529 Since: 11-15-04 Since last post: 86 days Last activity: 26 days |
| ||
| Okay, you're helping me out a lot here. Thanks. ;P But just one question remains to be answered: Does the size of the header have to be subtracted from the address in order to calculate its pointer? If so, then wouldn't that still have to be done after removing the header? |
|||
|
JLukas Red Paragoomba Level: 13 Posts: 41/51 EXP: 8897 For next: 1370 Since: 03-15-04 From: USA Since last post: 9 hours Last activity: 6 hours |
| ||
| The real SNES carts don't have a header. The example I posted above had no header: $0043DD ED C3 If it had a header, the offset would be $0045DD. But the pointer located there would still be ED C3. It's a good idea to remove the header and add it back later once your changes are complete. |
|||
|
Kei-kun Level: 9 Posts: 26/27 EXP: 2633 For next: 529 Since: 11-15-04 Since last post: 86 days Last activity: 26 days |
| ||
| Well then damn, that's all I really need to know about SNES pointers. I've just been double checking with you because I can't seem to find any pointers for Lufia's text. I've cut off the header and have been calculating them correctly, but there's none to be found. I've even calculated pointers up to five bytes before where I believe the text begins to be sure that I just don't have the right text start location, but still nothing. I guess the way Lufia points to the location of its text is done differently than with standard SNES pointers. | |||
|
JLukas Red Paragoomba Level: 13 Posts: 42/51 EXP: 8897 For next: 1370 Since: 03-15-04 From: USA Since last post: 9 hours Last activity: 6 hours |
| ||
| Oh yeah, sometimes pointers are a value that is added to a base address. For example, at 005800 is the start of a bunch of 2 byte pointers. The first pointer is 4A01. Reverse it: 014A. Now add that to the 005800 = 00594A, the first monster name entry. 005800 through 005949 - Pointers to monster names/data (+5800) 00594A Start of Monster names data 055800 through 0559FF - Pointers to item names (+55800) 055A00 Start of Item names I assume you're trying to find the pointers to the main dialogue. I'm having trouble finding it, too. |
|||
Jigglysaint Red Cheep-cheep Level: 24 Posts: 204/215 EXP: 76907 For next: 1218 Since: 03-17-04 Since last post: 7 days Last activity: 3 days |
| ||
| Lemme see if I can come up with anything.... Hmm, I might have found treasure chest pointers. In fact, it seems to be exactly a pointer that was just mentioned. Edit: I think I was mistaken, but tracking down chest values should be easy. Edit: From the looks of things, the game is like Lufia 2, and uses dictinary compression, which is where words are pre-formed, and then assigned inside the dialouge. Edit: Apparently I had the right bank, but wrong address. In the first town, the item byte value of the Power Potion outside the soilder building is at 1897E. I don't know what else, but my guess is that it's all the chest data for the game. Now to go find pointers... (edited by Jigglysaint on 08-06-05 10:50 PM) (edited by Jigglysaint on 08-06-05 10:58 PM) (edited by Jigglysaint on 08-06-05 11:11 PM) |
|||
|
Kei-kun Level: 9 Posts: 27/27 EXP: 2633 For next: 529 Since: 11-15-04 Since last post: 86 days Last activity: 26 days |
| ||
And you would be correct, Jiggly.  In my opinion, it's probably the most efficient text compression. From all the Lufia games that I have looked through, they all use a dictionary compression.I need to find a way around this text repointing problem, though. I could never settle with coming up with shorter lines or abbreviations. I hate being limited when editing games. |
|||
|
Jigglysaint Red Cheep-cheep Level: 24 Posts: 205/215 EXP: 76907 For next: 1218 Since: 03-17-04 Since last post: 7 days Last activity: 3 days |
| ||
| Ahh, apparently treasure chests themselves are co-ordianate based rather than tile based. FD means that the item is invisible, and FC means the item is in a treasure chest(which appears with the item). OH, and BTW, those chests behind the counters, they are empty. |
|||
|
Gideon Zhi Red Tektite Level: 13 Posts: 48/79 EXP: 10265 For next: 2 Since: 04-02-05 Since last post: 47 days Last activity: 2 days |
| ||
| Maybe I'll help you look for the dialogue pointers in the morning. Exhausted now. They could be relative pointers, which are a whole different bag altogether. |
| Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
| Acmlm's Board - I2 Archive - Rom Hacking - Calculating SNES Pointers |
| | |
