 |
| Register | Login | |||||
 |
Main
| Memberlist
| Active users
| Calendar
| Chat
| Online users Ranks | FAQ | ACS | Stats | Color Chart | Search | Photo album |
|
| | ||
|
| Register | Login | |||||
|
Main
| Memberlist
| Active users
| Calendar
| Chat
| Online users Ranks | FAQ | ACS | Stats | Color Chart | Search | Photo album |
|
| | ||
| Acmlm's Board - I3 Archive - - Posts by 1182 |
| User | Post | ||
|
1182 Newcomer                Since: 03-30-06 Last post: 6219 days Last view: 6219 days |
| ||
| Pardon ahead of time if I don't respond in a timely fashion. Internet access is a bit limitted...
----------------------------------------------------------------- There isn't a table of rom addresses in F-Zero X. The stages are calculated and loaded via ASM. 8007419C: [part of the stage load routine] LUI T9,002B ADDIU T9,T9,D1E0 8007406C is similar and may be an expansion-only routine. If you follow this code you'll find this: 80074198: LW T7,0030 (SP) //T7=800D9690=6 (stage number) LUI T9,002B ADDIU T9,T9,D1E0 //T9=2AD1E0 SLL T8,T7,0x6 //T8=T7*48=180 SUBU T8,T8,T7 //T8=17A SLL T8,T8,0x5 //T8=T8*32=2F40 ADDU A0,T8,T9 //A0=JACK1 + offset=2B0120 OR A1,V0,R0 //A1=10B7B0 JAL 80073FA0 ADDIU A2,R0,07E0 //A2=7E0 -which advances between the various circuits. Track offsetting done later on. Actual stage load is done here: 800C2CC4: LUI T8,A460 SW V0,0000 (T8) //PI_DRAM_ADDR_REG=ram target address LW T9,0030 (SP) //T9=800FB268=800FB450 LW T1,0038 (SP) //T1=800FB270= ROM address LUI AT,1FFF LW T0,000C (T9) //T0=800FB45C=B0000000 ORI AT,AT,FFFF //AT=1FFFFFFF LUI T4,A460 OR T2,T0,T1 //T2=ROM as B0 register (ie: B02B0120) AND T5,T2,AT //T5=ROM as direct (ie: 102B0120) SW T5,0004 (T4) //PI_CART_ADDR_REG=direct ROM address LW S0,0034 (SP) //S0=800FB26C=0 BEQ S0,R0,800C2D0C // ADDIU AT,R0,0001 //AT=1 800C2D0C: LW T7,0040 (SP) //T7=800FB278=length of data (400) LUI T3,A460 ADDIU T6,T7,FFFF //T6=length-1 BEQ R0,R0,800C2D3C SW T6,000C (T3) //PI_WR_LEN_REG=length -at which point your data is instantly uploaded and it throws an exception (80000180) interestingly enough, F-Zero X stages are loaded in two parts: part one (0x400) is the track data proper (points, track type, etc) part two (0x3E0) is made of the boosts, recharge, ramps, etc. It is virtually unheard of for a N64 game to read ROM directly. Usually it accesses ROM via the PI registers as above. For more on this though you might as well rumage through the stuff at: http://sourceforge.net/projects/n64dev since they very nicely outline the various paths used for cart access. --------------------------------- It shouldn't be impossible to get the in-game track editor working. By disabling or redirecting save/load at least the menus could be accessed and the data uploaded via PC utilities. --------------------------------- I'm working on building a gameshark course uploader at the moment - or really rather close to it. I need a handle to replace after the overlays are loaded, but it does swap in a playable level. At the moment it is using the original stage's boost/ice/etc locations. The idea is simply loading the stage or circuit in ahead of time to an area of ram that is empty, then either redirecting pointers or copying over the buffer at 8010B7B0. This won't allow upload at the moment, but this demo will replace the stage number of choice with Jack1: 81074430 8FA6 81074432 0028 81074450 80C9 81074452 0001 81074484 24C5 81074486 0020 81074488 24C3 8107448A 0000 810744D8 80CE 810744DA 0001 81074530 80C9 81074532 0001 810741C0 0C00 810741C2 91FC 810247F0 3402 810247F2 0005 810247F4 1444 810247F6 0003 810247F8 3C02 810247FA 8011 810247FC 2442 810247FE CF50 81024800 AFA2 81024802 0000 81024804 0801 81024806 D10A 81024808 0000 8102480A 1025 The value of 810247F2 00xx is the stage number you want to replace. Final version will likely just be a simple copy routine, as this pointer redirection is just silly. --------------------------------------- This may interest you a little as well: Everyone knows all N64 games and disks have a 4 letter "name", and the name is used as an ID for things like memcart saves. However, despite that DD expansion disks are all labelled Dnnr, internally they use the header Ennr. The complete format list should be: TNNR [t]ype of game, either: [N]64 cartridge only [D]D64 disk only [C]ombo N64 cartridge [E]xpansion disk for cartridge [N]ame of game, being two distinct ASCII subset values [R]egion code, the three most common being: [J]apan - NTSC [E]nglish-speaking North America [P]AL - generic european release The nifty thing is that all Nintendo-produced combo drive code within the game roms is annotated with a rather nice header. Search for the string matching your game header name with the C- changed to an E-. Some 3rd party combo games also annotate their code but leave off the region code, such as Dezeamon 3D. You'll find the string EFZE at 6D0F0 (probable menu items) and 6E6B4 (DD64 error codes). The only known exception to the rule are the non-japanese Zelda: OOT carts which have been stripped of their MQ stuff. However, many others include the code, such as F-Zero X and Mario Party. In fact, I'd wager to guess that by gamesharking the header check routine and fiddling with the region code, you could get the F-Zero expansion to work on a US game. -that would be a real bite to do though. |
|||
|
1182 Newcomer Since: 03-30-06 Last post: 6219 days Last view: 6219 days |
| ||
| I don't have the Turok rom ( though I do have Seeds of Evil) and lets just say you can't get it via a library computer. They don't both use the same compresion, right? Most companies are a bit lax about that...
However, if you can get me a sample of a binary that is compressed and the same decompressed binary after its loaded in ram I'll take a whack at it. (Just try to keep it small - stupid floppies are so annoyingly tiny) Most N64 games use simple RLE, and I'm not just talking about Yaz0, MIO0, and Yay0 (before GC this was in the pokemon stadium games). Other games such as the Custom Robo series uses RLE with a massive header of zeroes. Certain N64 games also used everything from Zip to Zlib. Heck, some games for PC that really should have used better compression also use RLE, like Battlefield 1942. A certain giveaway is to see if there is a table of text names for the stuff in the game. If you're lucky, they might not have removed the extension when they compiled it. (cough... Rare cough...) Cool that you're working on that game. Turok was awfully good. |
| Acmlm's Board - I3 Archive - - Posts by 1182 |
